Compare RSA NetWitness Logs and Packets (RSA SIEM) vs. SonicWall Capture Advanced Threat Protection

RSA NetWitness Logs and Packets (RSA SIEM) is ranked 6th in Advanced Threat Protection with 9 reviews while SonicWall Capture Advanced Threat Protection is ranked 7th in Advanced Threat Protection with 8 reviews. RSA NetWitness Logs and Packets (RSA SIEM) is rated 6.8, while SonicWall Capture Advanced Threat Protection is rated 7.8. The top reviewer of RSA NetWitness Logs and Packets (RSA SIEM) writes "Good support, powerful decoders and concentrator, but the dashboard is not reflecting events in real-time ". On the other hand, the top reviewer of SonicWall Capture Advanced Threat Protection writes "Enables us to select the file if it's malicious and see what triggered it ". RSA NetWitness Logs and Packets (RSA SIEM) is most compared with Splunk, IBM QRadar and ArcSight, whereas SonicWall Capture Advanced Threat Protection is most compared with Palo Alto Networks WildFire, Fortinet FortiSandbox and Symantec Advanced Threat Protection. See our RSA NetWitness Logs and Packets (RSA SIEM) vs. SonicWall Capture Advanced Threat Protection report.
Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about RSA NetWitness Logs and Packets (RSA SIEM) vs. SonicWall Capture Advanced Threat Protection and other solutions. Updated: January 2020.
399,230 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
The most valuable features are the integration and ease of use.The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it.The most valuable features are the packet decoder, log decoder, and concentrator.It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible.The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that.The most valuable features are its ingestion of logs and raising of alerts based on those logs.Their technical support responds quickly and are knowledgable.The most valuable feature is the correlation. It can report in real-time and monitor the management.

Read more »

It also has an easy configuration. The feedback that we get from our customers is that it's a good product.Provides good protection and security.The ATP (Advanced Threat Protection) on scanning is the most valuable feature.We get alert messages whenever there is a new threat. We are notified at the firewall level that things are blocked, which keeps us in our comfort zone.The stability of the solution is good. We haven't had any breaches or crashes. It's been very stable for us.I like this setup for a firewall. You can set things up very easily and you can automate items as well. It's a very robust firewall solution for enterprise as well as small businesses.The reporting that you get from it is the most valuable feature. You can see it via the appliance itself, and also via the MySonicWall account for the registered device. You are able to select the file if it's malicious, and you can select it in the reporting and see what triggered it, and things like that. I found that to be quite useful.We use it for protection against viruses and ransomware attacks.

Read more »

Cons
The documentation is not as structured as I would like, personally, and I think that it can be improved and made much more user-friendly.The initial setup is very complex and should be simplified.Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance.They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams.The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together.I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex.The initial setup was complex because it takes a lot of time to complete the implementation.The implementation needs assistance.

Read more »

I would like to have better documentation before starting with deployment because the deployment is a bit complex.Could provide online training to allow customers to learn more about the product.The setup needs improvement. It needs to be made more user-friendly.SonicWall should promote their roadmap and improve their marketing to customers.We would like to get immediate alerts from the alerting system without using third-parties.If anything at all, it would be some very minor updates that need to be done, but in terms of changes, nothing comes to mind.I would say the solution needs a much simpler user interface, but the functionality of the firewall is quite extensive. You need the user interface to be that way. However, if there was a way to make the user interface a little easier, that would be great.Having an on-premise solution as well would be an option for some people, but they'll want to use a cloud solution for their sandboxing. Certain sites would want to keep all the checks done on an on-premise appliance. All the checking, rather than sending that up into a cloud engine.

Read more »

Pricing and Cost Advice
Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day.We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment.This is a pricey solution; it's not cheap.The licenses are good but the cost is very expensive.It is cheap.

Read more »

It's thirty dollars per user and we have 30 users.When you compare it with other solutions, they are cheaper and more economical.We get our value for our money.The best deal from SonicWall is to buy the HA pair. When you buy the initial one, you receive the second one at a significant discount. If there is an event and something happens to one firewall, then you have the second firewall to roll into. For the price, it's pretty to tough to beat and not a lot of other firewall vendors offer it. You battle for a discount on both. Where with SonicWall, if you buy one, the second one is at half price. It's pretty straightforward.

Read more »

report
Use our free recommendation engine to learn which Advanced Threat Protection solutions are best for your needs.
399,230 professionals have used our research since 2012.
Ranking
Views
6,772
Comparisons
4,461
Reviews
9
Average Words per Review
474
Avg. Rating
6.8
Views
1,174
Comparisons
614
Reviews
7
Average Words per Review
473
Avg. Rating
7.9
Top Comparisons
Also Known As
RSA Security Analytics
Learn
RSA
SonicWall
Overview

If you’re relying on log data to detect and prevent cyber threats, you’re in trouble. Attackers increasingly evade detection of log-centric security and network monitoring tools. But logs combined with full packet, endpoint NetFlow data are proven to provide the essential details for early threat detection. Here’s a closer look at our solution.

SonicWall Capture, a cloud based service available with SonicWall firewalls, revolutionizes advanced threat detection and sandboxing with a multi-engine approach to stopping unknown and zero-day attacks at the gateway, and with automated remediation. Customers benefit from high security effectiveness, fast response times and reduced total cost of ownership.

Offer
Learn more about RSA NetWitness Logs and Packets (RSA SIEM)
Learn more about SonicWall Capture Advanced Threat Protection
Sample Customers
Los Angeles World Airports, Reply
Information Not Available
Top Industries
VISITORS READING REVIEWS
Software R&D Company30%
Comms Service Provider17%
Financial Services Firm10%
Government6%
No Data Available
Find out what your peers are saying about RSA NetWitness Logs and Packets (RSA SIEM) vs. SonicWall Capture Advanced Threat Protection and other solutions. Updated: January 2020.
399,230 professionals have used our research since 2012.
We monitor all Advanced Threat Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.