NetWitness Platform vs SonicWall Capture Advanced Threat Protection comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between NetWitness Platform and SonicWall Capture Advanced Threat Protection based on real PeerSpot user reviews.

Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management.
To learn more, read our detailed Log Management Report (Updated: March 2024).
765,234 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network""The most valuable feature is the correlation. It can report in real-time and monitor the management.""What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder.""Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports.""Performance and reporting are very good.""The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language.""Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements.""The most valuable features are the packet inspection and the automated incident response."

More NetWitness Platform Pros →

"The reporting that you get from it is the most valuable feature. You can see it via the appliance itself, and also via the MySonicWall account for the registered device. You are able to select the file if it's malicious, and you can select it in the reporting and see what triggered it, and things like that. I found that to be quite useful.""We get alert messages whenever there is a new threat. We are notified at the firewall level that things are blocked, which keeps us in our comfort zone.""The stability of the solution is good. We haven't had any breaches or crashes. It's been very stable for us.""It also has an easy configuration. The feedback that we get from our customers is that it's a good product.""Provides good protection and security.""They have a large database of commonly known things that they can catch automatically, then they have anything which is questionable go to the sandbox and be examined there before going into our network.""We use it for protection against viruses and ransomware attacks.""I like this setup for a firewall. You can set things up very easily and you can automate items as well. It's a very robust firewall solution for enterprise as well as small businesses."

More SonicWall Capture Advanced Threat Protection Pros →

Cons
"The documentation is not as structured as I would like, personally, and I think that it can be improved and made much more user-friendly.""Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance.""The initial setup was complex because it takes a lot of time to complete the implementation.""I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex.""The implementation needs assistance.""Security needs improvement.""The system architecture is complex and sometimes it’s hard to troubleshoot potential problems.""RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."

More NetWitness Platform Cons →

"I would like to have better documentation before starting with deployment because the deployment is a bit complex.""It does fare well against enterprise products.""SonicWall should promote their roadmap and improve their marketing to customers.""I would say the solution needs a much simpler user interface, but the functionality of the firewall is quite extensive. You need the user interface to be that way. However, if there was a way to make the user interface a little easier, that would be great.""Having an on-premise solution as well would be an option for some people, but they'll want to use a cloud solution for their sandboxing. Certain sites would want to keep all the checks done on an on-premise appliance. All the checking, rather than sending that up into a cloud engine.""The setup needs improvement. It needs to be made more user-friendly.""SonicWall had a recent layoff. This is a concern for us, because now we are missing the local presence from both the engineering and sales side.""Could provide online training to allow customers to learn more about the product."

More SonicWall Capture Advanced Threat Protection Cons →

Pricing and Cost Advice
  • "It’s cheaper to run virtual machines in a VMware environment."
  • "The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs)."
  • "It is cheap."
  • "The licenses are good but the cost is very expensive."
  • "This is a pricey solution; it's not cheap."
  • "We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment."
  • "Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day."
  • "Our license is for one year."
  • More NetWitness Platform Pricing and Cost Advice →

  • "The best deal from SonicWall is to buy the HA pair. When you buy the initial one, you receive the second one at a significant discount. If there is an event and something happens to one firewall, then you have the second firewall to roll into. For the price, it's pretty to tough to beat and not a lot of other firewall vendors offer it. You battle for a discount on both. Where with SonicWall, if you buy one, the second one is at half price. It's pretty straightforward."
  • "When you compare it with other solutions, they are cheaper and more economical."
  • "We get our value for our money."
  • "It's thirty dollars per user and we have 30 users."
  • More SonicWall Capture Advanced Threat Protection Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Log Management solutions are best for your needs.
    765,234 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    Questions from the Community
    Top Answer:The product has a user-friendly interface and a valuable feature for threat intelligence integration.
    Top Answer:The product is expensive. I rate its pricing a seven out of ten.
    Top Answer:It is quite tedious to make changes in the playbooks. There could be an option to integrate or adapt AI and machine learning for our threat-hunting solution. It should have a monitoring feature. It… more »
    Ask a question

    Earn 20 points

    Ranking
    30th
    out of 94 in Log Management
    Views
    1,261
    Comparisons
    770
    Reviews
    9
    Average Words per Review
    451
    Rating
    7.2
    Views
    325
    Comparisons
    269
    Reviews
    0
    Average Words per Review
    0
    Rating
    N/A
    Comparisons
    Also Known As
    RSA Security Analytics
    Learn More
    NetWitness
    Video Not Available
    Overview

    NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

    SonicWall Capture, a cloud based service available with SonicWall firewalls, revolutionizes advanced threat detection and sandboxing with a multi-engine approach to stopping unknown and zero-day attacks at the gateway, and with automated remediation. Customers benefit from high security effectiveness, fast response times and reduced total cost of ownership.

    Sample Customers
    Los Angeles World Airports, Reply
    Wonder Cement, Foster Clark Products
    Top Industries
    REVIEWERS
    Comms Service Provider24%
    Financial Services Firm24%
    Computer Software Company24%
    Manufacturing Company10%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company15%
    Government10%
    Insurance Company6%
    VISITORS READING REVIEWS
    Real Estate/Law Firm16%
    Financial Services Firm12%
    Comms Service Provider10%
    Computer Software Company9%
    Company Size
    REVIEWERS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise10%
    Large Enterprise68%
    REVIEWERS
    Small Business71%
    Midsize Enterprise29%
    VISITORS READING REVIEWS
    Small Business31%
    Midsize Enterprise13%
    Large Enterprise56%
    Buyer's Guide
    Log Management
    March 2024
    Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management. Updated: March 2024.
    765,234 professionals have used our research since 2012.

    NetWitness Platform is ranked 30th in Log Management with 35 reviews while SonicWall Capture Advanced Threat Protection is ranked 26th in ATP (Advanced Threat Protection). NetWitness Platform is rated 7.4, while SonicWall Capture Advanced Threat Protection is rated 7.8. The top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". On the other hand, the top reviewer of SonicWall Capture Advanced Threat Protection writes "When compared to other solutions, it is cheaper and more economical". NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Cisco Secure Network Analytics, whereas SonicWall Capture Advanced Threat Protection is most compared with Palo Alto Networks WildFire, Fortinet FortiSandbox and Microsoft Defender for Office 365.

    We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.