RSA NetWitness Logs and Packets (RSA SIEM) vs. SonicWall Capture Advanced Threat Protection

As of May 2019, RSA NetWitness Logs and Packets (RSA SIEM) is ranked 7th in Advanced Threat Protection with 6 reviews vs SonicWall Capture Advanced Threat Protection which is ranked 9th in Advanced Threat Protection with 2 reviews. The top reviewer of RSA NetWitness Logs and Packets (RSA SIEM) writes "The Alerting Module provides real-time event processing language on the logs/packets stream". The top reviewer of SonicWall Capture Advanced Threat Protection writes "Enables us to select the file if it's malicious and see what triggered it ". RSA NetWitness Logs and Packets (RSA SIEM) is most compared with Splunk, IBM QRadar and ArcSight. SonicWall Capture Advanced Threat Protection is most compared with Palo Alto Networks WildFire, Fortinet FortiSandbox and Symantec Advanced Threat Protection. See our RSA NetWitness Logs and Packets (RSA SIEM) vs. SonicWall Capture Advanced Threat Protection report.
Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about RSA NetWitness Logs and Packets (RSA SIEM) vs. SonicWall Capture Advanced Threat Protection and other solutions. Updated: May 2019.
339,526 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
The most valuable features are its ingestion of logs and raising of alerts based on those logs.Their technical support responds quickly and are knowledgable.The most valuable feature is the correlation. It can report in real-time and monitor the management.It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before.Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements.

Read more »

The reporting that you get from it is the most valuable feature. You can see it via the appliance itself, and also via the MySonicWall account for the registered device. You are able to select the file if it's malicious, and you can select it in the reporting and see what triggered it, and things like that. I found that to be quite useful.We use it for protection against viruses and ransomware attacks.They have a large database of commonly known things that they can catch automatically, then they have anything which is questionable go to the sandbox and be examined there before going into our network.

Read more »

Cons
I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex.The initial setup was complex because it takes a lot of time to complete the implementation.The implementation needs assistance.We have encountered issues with unresolved crashes.Health monitoring of the event sources and devices.

Read more »

Having an on-premise solution as well would be an option for some people, but they'll want to use a cloud solution for their sandboxing. Certain sites would want to keep all the checks done on an on-premise appliance. All the checking, rather than sending that up into a cloud engine.SonicWall had a recent layoff. This is a concern for us, because now we are missing the local presence from both the engineering and sales side.It does fare well against enterprise products.

Read more »

Pricing and Cost Advice
The licenses are good but the cost is very expensive.It is cheap.The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs).

Read more »

The best deal from SonicWall is to buy the HA pair. When you buy the initial one, you receive the second one at a significant discount. If there is an event and something happens to one firewall, then you have the second firewall to roll into. For the price, it's pretty to tough to beat and not a lot of other firewall vendors offer it. You battle for a discount on both. Where with SonicWall, if you buy one, the second one is at half price. It's pretty straightforward.

Read more »

report
Use our free recommendation engine to learn which Advanced Threat Protection solutions are best for your needs.
339,526 professionals have used our research since 2012.
Ranking
Views
9,761
Comparisons
4,303
Reviews
7
Average Words per Review
369
Avg. Rating
7.0
Views
760
Comparisons
437
Reviews
1
Average Words per Review
909
Avg. Rating
8.0
Top Comparisons
Also Known As
RSA Security Analytics
Learn
RSA
SonicWall
Overview

If you’re relying on log data to detect and prevent cyber threats, you’re in trouble. Attackers increasingly evade detection of log-centric security and network monitoring tools. But logs combined with full packet, endpoint NetFlow data are proven to provide the essential details for early threat detection. Here’s a closer look at our solution.

SonicWall Capture, a cloud based service available with SonicWall firewalls, revolutionizes advanced threat detection and sandboxing with a multi-engine approach to stopping unknown and zero-day attacks at the gateway, and with automated remediation. Customers benefit from high security effectiveness, fast response times and reduced total cost of ownership.

Offer
Learn more about RSA NetWitness Logs and Packets (RSA SIEM)
Learn more about SonicWall Capture Advanced Threat Protection
Sample Customers
Los Angeles World Airports, Reply
Information Not Available
Find out what your peers are saying about RSA NetWitness Logs and Packets (RSA SIEM) vs. SonicWall Capture Advanced Threat Protection and other solutions. Updated: May 2019.
339,526 professionals have used our research since 2012.
We monitor all Advanced Threat Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

Sign Up with Email