Compare RSA NetWitness Logs and Packets (RSA SIEM) vs. Symantec Advanced Threat Protection

RSA NetWitness Logs and Packets (RSA SIEM) is ranked 9th in Advanced Threat Protection with 6 reviews while Symantec Advanced Threat Protection is ranked 6th in Advanced Threat Protection with 5 reviews. RSA NetWitness Logs and Packets (RSA SIEM) is rated 6.6, while Symantec Advanced Threat Protection is rated 8.2. The top reviewer of RSA NetWitness Logs and Packets (RSA SIEM) writes "Provides accurate information, quick analysis from the endpoint perspective, and quick identification of any potential malware". On the other hand, the top reviewer of Symantec Advanced Threat Protection writes "Offers elaborate detection features and provides information linked to each of the attacked computers". RSA NetWitness Logs and Packets (RSA SIEM) is most compared with Splunk, IBM QRadar and ArcSight, whereas Symantec Advanced Threat Protection is most compared with FireEye Network Security, Palo Alto Networks WildFire and Check Point SandBlast. See our RSA NetWitness Logs and Packets (RSA SIEM) vs. Symantec Advanced Threat Protection report.
Cancel
You must select at least 2 products to compare!
Most Helpful Review
Hubert Luberek
Find out what your peers are saying about RSA NetWitness Logs and Packets (RSA SIEM) vs. Symantec Advanced Threat Protection and other solutions. Updated: November 2019.
383,444 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible.The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that.The most valuable features are its ingestion of logs and raising of alerts based on those logs.Their technical support responds quickly and are knowledgable.The most valuable feature is the correlation. It can report in real-time and monitor the management.It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before.

Read more »

The most valuable feature is Click-time URL protection.They manage to solve detection quite nicely. There is some rather elaborate detection compared to other providers.Technical support is very responsive. You just have to open a ticket. They respond in a timely manner. Their response is good. I'm satisfied.It has certainly helped out our audit efforts because we each stay compliant in terms of various security standards.Real-time threat analysis is quick and takes action on threats immediately.The great advantage in using this product is it creates multiple services.Currently we have 800-plus nodes connected with this solution, without any issues. The solution is scalable.

Read more »

Cons
They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams.The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together.I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex.The initial setup was complex because it takes a lot of time to complete the implementation.The implementation needs assistance.We have encountered issues with unresolved crashes.

Read more »

There are limits with respect to blocking files by hash value or blocking IP addresses, and these limits should be removed.It's a strange situation where the infrastructure of the consumer or customer is behind some kind of firewall and they have always used some kind of customized proxy. In this situation, the ATP has a very tough time to pass the information to the cloud and back. To fix, it requires a more elaborate and complex configuration for that particular case.The administration interface needs a lot of improvement. It should be UI based, and simple. They need to improve it. It's pretty much not that friendly compared to what we were using as Bitdefender before. It's okay but is improving, actually.An improvement could be made on the reporting because then it would be easier to collect information and submit it for compliance.There are some ‎features that would add value to this product. One of them would be a graphical presentation of threats that the system has encountered.It should be able to collect information if the agent is disabled.It also needs network-based threat protection for shared folders and files.

Read more »

Pricing and Cost Advice
We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment.This is a pricey solution; it's not cheap.The licenses are good but the cost is very expensive.It is cheap.

Read more »

The pricing of this solution is inexpensive and affordable.Pricing is good. It is nice to have a great product at a fair price.

Read more »

report
Use our free recommendation engine to learn which Advanced Threat Protection solutions are best for your needs.
383,444 professionals have used our research since 2012.
Ranking
Views
6,647
Comparisons
4,415
Reviews
6
Average Words per Review
391
Avg. Rating
6.5
Views
3,274
Comparisons
2,463
Reviews
5
Average Words per Review
509
Avg. Rating
8.2
Top Comparisons
Also Known As
RSA Security Analytics
Learn
RSA
Symantec
Overview

If you’re relying on log data to detect and prevent cyber threats, you’re in trouble. Attackers increasingly evade detection of log-centric security and network monitoring tools. But logs combined with full packet, endpoint NetFlow data are proven to provide the essential details for early threat detection. Here’s a closer look at our solution.

Symantec Advanced Threat Protection is a single unified solution that uncovers, prioritizes, and remediates advanced attacks. The product fuses intelligence from endpoint, network, and email control points, as well as Symantec’s massive global sensor network, to stop threats that evade individual security products. It leverages your existing Symantec Endpoint Protection and Symantec Email Security.cloud investments, so it does not require the deployment of any new agents. You can deploy a new installation of Symantec Advanced Threat Protection and start to discover suspicious activity in under an hour. Using the proven technology in Symantec Insight reputation based detection, Symantec SONAR behavioral analysis with the new Symantec Cynic sandbox and file analysis platform, Symantec Advanced Threat Protection provides better detection and prioritization than other vendors, allowing security analysts to “zero in” on just those specific security events of importance.

Offer
Learn more about RSA NetWitness Logs and Packets (RSA SIEM)
Learn more about Symantec Advanced Threat Protection
Sample Customers
Los Angeles World Airports, ReplyECI
Top Industries
VISITORS READING REVIEWS
Software R&D Company31%
Comms Service Provider19%
Financial Services Firm13%
Energy/Utilities Company6%
No Data Available
Find out what your peers are saying about RSA NetWitness Logs and Packets (RSA SIEM) vs. Symantec Advanced Threat Protection and other solutions. Updated: November 2019.
383,444 professionals have used our research since 2012.
We monitor all Advanced Threat Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Sign Up with Email