Compare RSA NetWitness Logs and Packets (RSA SIEM) vs. Symantec Advanced Threat Protection

RSA NetWitness Logs and Packets (RSA SIEM) is ranked 4th in Advanced Threat Protection with 13 reviews while Symantec Advanced Threat Protection is ranked 7th in Advanced Threat Protection with 7 reviews. RSA NetWitness Logs and Packets (RSA SIEM) is rated 7.2, while Symantec Advanced Threat Protection is rated 7.6. The top reviewer of RSA NetWitness Logs and Packets (RSA SIEM) writes "Good support, powerful decoders and concentrator, but the dashboard is not reflecting events in real-time ". On the other hand, the top reviewer of Symantec Advanced Threat Protection writes "Good incident management and great integrations but needs to improve its on-premises appliances". RSA NetWitness Logs and Packets (RSA SIEM) is most compared with IBM QRadar, Splunk, ArcSight, LogRhythm NextGen SIEM and McAfee ESM, whereas Symantec Advanced Threat Protection is most compared with FireEye Network Security, Palo Alto Networks WildFire, Check Point SandBlast Network, SonicWall Capture Advanced Threat Protection and Proofpoint Email Protection. See our RSA NetWitness Logs and Packets (RSA SIEM) vs. Symantec Advanced Threat Protection report.
Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about RSA NetWitness Logs and Packets (RSA SIEM) vs. Symantec Advanced Threat Protection and other solutions. Updated: July 2020.
431,081 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder.The most valuable feature is the security that it provides.The most valuable features are the threat prediction and network forensics.Performance and reporting are very good.The most valuable features are the integration and ease of use.The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it.The most valuable features are the packet decoder, log decoder, and concentrator.It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible.

More RSA NetWitness Logs and Packets (RSA SIEM) Pros »

The incident management on the solution is very good. You get a lot of detailed information about an incident. You also get a lot of documentation in connection with the CVI or integration.Endpoint to network protects the line.All of the solution's features are quite valuable for us. We especially like the threat protection it provides.The most valuable feature is Click-time URL protection.They manage to solve detection quite nicely. There is some rather elaborate detection compared to other providers.Technical support is very responsive. You just have to open a ticket. They respond in a timely manner. Their response is good. I'm satisfied.It has certainly helped out our audit efforts because we each stay compliant in terms of various security standards.

More Symantec Advanced Threat Protection Pros »

Cons
Security needs improvement.It is not so easy to customize this product.Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support.The user interface is a little bit difficult for new users and it needs to be improved.The documentation is not as structured as I would like, personally, and I think that it can be improved and made much more user-friendly.The initial setup is very complex and should be simplified.Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance.They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams.

More RSA NetWitness Logs and Packets (RSA SIEM) Cons »

Symantec appliances need improvement. The whole appliance environment is a robust system and it needs a massive amount of storage space. If you have to increase or speed up the background storage it's a pretty complicated process. The scalability and sizing is critical, and if you do it wrong you run into issues pretty quickly.Not ideal for advanced threat protection.The cloud platform needs to have improvement in terms of the user interface and the different capabilities it has available. It needs to match the other leading next-gen EDR products that are available in the market. That's the reason why we are stepping away from Symantec. Their cloud environment is just generally lacking in comparison to others.There are limits with respect to blocking files by hash value or blocking IP addresses, and these limits should be removed.It's a strange situation where the infrastructure of the consumer or customer is behind some kind of firewall and they have always used some kind of customized proxy. In this situation, the ATP has a very tough time to pass the information to the cloud and back. To fix, it requires a more elaborate and complex configuration for that particular case.The administration interface needs a lot of improvement. It should be UI based, and simple. They need to improve it. It's pretty much not that friendly compared to what we were using as Bitdefender before. It's okay but is improving, actually.An improvement could be made on the reporting because then it would be easier to collect information and submit it for compliance.

More Symantec Advanced Threat Protection Cons »

Pricing and Cost Advice
Our license is for one year.Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day.We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment.This is a pricey solution; it's not cheap.The licenses are good but the cost is very expensive.It is cheap.

More RSA NetWitness Logs and Packets (RSA SIEM) Pricing and Cost Advice »

The pricing of this solution is inexpensive and affordable.

More Symantec Advanced Threat Protection Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Advanced Threat Protection solutions are best for your needs.
431,081 professionals have used our research since 2012.
Ranking
Views
6,881
Comparisons
4,539
Reviews
12
Average Words per Review
466
Avg. Rating
7.1
Views
2,749
Comparisons
2,008
Reviews
6
Average Words per Review
494
Avg. Rating
7.7
Popular Comparisons
Also Known As
RSA Security Analytics
Learn
RSA
Broadcom
Overview

If you’re relying on log data to detect and prevent cyber threats, you’re in trouble. Attackers increasingly evade detection of log-centric security and network monitoring tools. But logs combined with full packet, endpoint NetFlow data are proven to provide the essential details for early threat detection. Here’s a closer look at our solution.

Symantec Advanced Threat Protection is a single unified solution that uncovers, prioritizes, and remediates advanced attacks. The product fuses intelligence from endpoint, network, and email control points, as well as Symantec’s massive global sensor network, to stop threats that evade individual security products. It leverages your existing Symantec Endpoint Protection and Symantec Email Security.cloud investments, so it does not require the deployment of any new agents. You can deploy a new installation of Symantec Advanced Threat Protection and start to discover suspicious activity in under an hour. Using the proven technology in Symantec Insight reputation based detection, Symantec SONAR behavioral analysis with the new Symantec Cynic sandbox and file analysis platform, Symantec Advanced Threat Protection provides better detection and prioritization than other vendors, allowing security analysts to “zero in” on just those specific security events of importance.

Offer
Learn more about RSA NetWitness Logs and Packets (RSA SIEM)
Learn more about Symantec Advanced Threat Protection
Sample Customers
Los Angeles World Airports, ReplyECI
Top Industries
REVIEWERS
Comms Service Provider29%
Financial Services Firm29%
Computer Software Company29%
Healthcare Company14%
VISITORS READING REVIEWS
Computer Software Company45%
Comms Service Provider13%
Government6%
Media Company6%
REVIEWERS
Comms Service Provider22%
Insurance Company22%
Financial Services Firm11%
Marketing Services Firm11%
VISITORS READING REVIEWS
Computer Software Company38%
Comms Service Provider11%
Financial Services Firm10%
Media Company8%
Find out what your peers are saying about RSA NetWitness Logs and Packets (RSA SIEM) vs. Symantec Advanced Threat Protection and other solutions. Updated: July 2020.
431,081 professionals have used our research since 2012.

See our list of best Advanced Threat Protection vendors.

We monitor all Advanced Threat Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.