Compare RSA NetWitness Logs and Packets (RSA SIEM) vs. SonicWall Capture Advanced Threat Protection

RSA NetWitness Logs and Packets (RSA SIEM) is ranked 6th in Advanced Threat Protection with 6 reviews while SonicWall Capture Advanced Threat Protection is ranked 9th in Advanced Threat Protection with 6 reviews. RSA NetWitness Logs and Packets (RSA SIEM) is rated 6.6, while SonicWall Capture Advanced Threat Protection is rated 8.0. The top reviewer of RSA NetWitness Logs and Packets (RSA SIEM) writes "Provides accurate information, quick analysis from the endpoint perspective, and quick identification of any potential malware". On the other hand, the top reviewer of SonicWall Capture Advanced Threat Protection writes "Enables us to select the file if it's malicious and see what triggered it ". RSA NetWitness Logs and Packets (RSA SIEM) is most compared with Splunk, IBM QRadar and ArcSight, whereas SonicWall Capture Advanced Threat Protection is most compared with Palo Alto Networks WildFire, Fortinet FortiSandbox and Symantec Advanced Threat Protection. See our RSA NetWitness Logs and Packets (RSA SIEM) vs. SonicWall Capture Advanced Threat Protection report.
Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about RSA NetWitness Logs and Packets (RSA SIEM) vs. SonicWall Capture Advanced Threat Protection and other solutions. Updated: September 2019.
372,185 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible.The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that.The most valuable features are its ingestion of logs and raising of alerts based on those logs.Their technical support responds quickly and are knowledgable.The most valuable feature is the correlation. It can report in real-time and monitor the management.It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before.

Read more »

The ATP (Advanced Threat Protection) on scanning is the most valuable feature.We get alert messages whenever there is a new threat. We are notified at the firewall level that things are blocked, which keeps us in our comfort zone.The stability of the solution is good. We haven't had any breaches or crashes. It's been very stable for us.I like this setup for a firewall. You can set things up very easily and you can automate items as well. It's a very robust firewall solution for enterprise as well as small businesses.The reporting that you get from it is the most valuable feature. You can see it via the appliance itself, and also via the MySonicWall account for the registered device. You are able to select the file if it's malicious, and you can select it in the reporting and see what triggered it, and things like that. I found that to be quite useful.We use it for protection against viruses and ransomware attacks.They have a large database of commonly known things that they can catch automatically, then they have anything which is questionable go to the sandbox and be examined there before going into our network.

Read more »

Cons
They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams.The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together.I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex.The initial setup was complex because it takes a lot of time to complete the implementation.The implementation needs assistance.We have encountered issues with unresolved crashes.

Read more »

The setup needs improvement. It needs to be made more user-friendly.SonicWall should promote their roadmap and improve their marketing to customers.We would like to get immediate alerts from the alerting system without using third-parties.If anything at all, it would be some very minor updates that need to be done, but in terms of changes, nothing comes to mind.I would say the solution needs a much simpler user interface, but the functionality of the firewall is quite extensive. You need the user interface to be that way. However, if there was a way to make the user interface a little easier, that would be great.Having an on-premise solution as well would be an option for some people, but they'll want to use a cloud solution for their sandboxing. Certain sites would want to keep all the checks done on an on-premise appliance. All the checking, rather than sending that up into a cloud engine.SonicWall had a recent layoff. This is a concern for us, because now we are missing the local presence from both the engineering and sales side.It does fare well against enterprise products.

Read more »

Pricing and Cost Advice
We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment.This is a pricey solution; it's not cheap.The licenses are good but the cost is very expensive.It is cheap.

Read more »

When you compare it with other solutions, they are cheaper and more economical.We get our value for our money.The best deal from SonicWall is to buy the HA pair. When you buy the initial one, you receive the second one at a significant discount. If there is an event and something happens to one firewall, then you have the second firewall to roll into. For the price, it's pretty to tough to beat and not a lot of other firewall vendors offer it. You battle for a discount on both. Where with SonicWall, if you buy one, the second one is at half price. It's pretty straightforward.

Read more »

report
Use our free recommendation engine to learn which Advanced Threat Protection solutions are best for your needs.
372,185 professionals have used our research since 2012.
Ranking
Views
6,554
Comparisons
4,363
Reviews
6
Average Words per Review
392
Avg. Rating
6.5
Views
1,010
Comparisons
549
Reviews
4
Average Words per Review
588
Avg. Rating
8.0
Top Comparisons
Also Known As
RSA Security Analytics
Learn
RSA
SonicWall
Overview

If you’re relying on log data to detect and prevent cyber threats, you’re in trouble. Attackers increasingly evade detection of log-centric security and network monitoring tools. But logs combined with full packet, endpoint NetFlow data are proven to provide the essential details for early threat detection. Here’s a closer look at our solution.

SonicWall Capture, a cloud based service available with SonicWall firewalls, revolutionizes advanced threat detection and sandboxing with a multi-engine approach to stopping unknown and zero-day attacks at the gateway, and with automated remediation. Customers benefit from high security effectiveness, fast response times and reduced total cost of ownership.

Offer
Learn more about RSA NetWitness Logs and Packets (RSA SIEM)
Learn more about SonicWall Capture Advanced Threat Protection
Sample Customers
Los Angeles World Airports, Reply
Information Not Available
Top Industries
VISITORS READING REVIEWS
Software R&D Company27%
Comms Service Provider15%
Financial Services Firm15%
Energy/Utilities Company8%
No Data Available
Find out what your peers are saying about RSA NetWitness Logs and Packets (RSA SIEM) vs. SonicWall Capture Advanced Threat Protection and other solutions. Updated: September 2019.
372,185 professionals have used our research since 2012.
We monitor all Advanced Threat Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Sign Up with Email