We performed a comparison between NetWitness Platform and SonicWall Capture Advanced Threat Protection based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management."The solution is really scalable for the high-end power, enterprise customer."
"The most valuable features are the packet inspection and the automated incident response."
"The product has a user-friendly interface and a valuable feature for threat intelligence integration."
"Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."
"It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"Offers a good wireless feature."
"The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it."
"The stability of the solution is good. We haven't had any breaches or crashes. It's been very stable for us."
"Provides good protection and security."
"I like this setup for a firewall. You can set things up very easily and you can automate items as well. It's a very robust firewall solution for enterprise as well as small businesses."
"It also has an easy configuration. The feedback that we get from our customers is that it's a good product."
"The reporting that you get from it is the most valuable feature. You can see it via the appliance itself, and also via the MySonicWall account for the registered device. You are able to select the file if it's malicious, and you can select it in the reporting and see what triggered it, and things like that. I found that to be quite useful."
"We get alert messages whenever there is a new threat. We are notified at the firewall level that things are blocked, which keeps us in our comfort zone."
"They have a large database of commonly known things that they can catch automatically, then they have anything which is questionable go to the sandbox and be examined there before going into our network."
"The ATP (Advanced Threat Protection) on scanning is the most valuable feature."
"The implementation needs assistance."
"The multi-tenant capabilities are lagging compared to IBM QRadar."
"The product's licensing models are complex to understand. This particular area needs improvement."
"The tool's integration capability isn't so great."
"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."
"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support."
"There is no support for this product in this country, so problems have to be resolved through global technical teams."
"We have encountered issues with unresolved crashes."
"Having an on-premise solution as well would be an option for some people, but they'll want to use a cloud solution for their sandboxing. Certain sites would want to keep all the checks done on an on-premise appliance. All the checking, rather than sending that up into a cloud engine."
"I would say the solution needs a much simpler user interface, but the functionality of the firewall is quite extensive. You need the user interface to be that way. However, if there was a way to make the user interface a little easier, that would be great."
"SonicWall had a recent layoff. This is a concern for us, because now we are missing the local presence from both the engineering and sales side."
"It does fare well against enterprise products."
"Could provide online training to allow customers to learn more about the product."
"If anything at all, it would be some very minor updates that need to be done, but in terms of changes, nothing comes to mind."
"We would like to get immediate alerts from the alerting system without using third-parties."
"I would like to have better documentation before starting with deployment because the deployment is a bit complex."
More SonicWall Capture Advanced Threat Protection Pricing and Cost Advice →
Earn 20 points
NetWitness Platform is ranked 20th in Log Management with 36 reviews while SonicWall Capture Advanced Threat Protection is ranked 26th in Advanced Threat Protection (ATP). NetWitness Platform is rated 7.4, while SonicWall Capture Advanced Threat Protection is rated 7.8. The top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". On the other hand, the top reviewer of SonicWall Capture Advanced Threat Protection writes "When compared to other solutions, it is cheaper and more economical". NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Cisco Secure Network Analytics, whereas SonicWall Capture Advanced Threat Protection is most compared with Palo Alto Networks WildFire, Fortinet FortiSandbox and Microsoft Defender for Office 365.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
