We performed a comparison between NetWitness Platform and SonicWall Capture Advanced Threat Protection based on real PeerSpot user reviews.
Find out what your peers are saying about Splunk, Datadog, Wazuh and others in Log Management."Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder."
"Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."
"Performance and reporting are very good."
"The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language."
"Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements."
"The most valuable features are the packet inspection and the automated incident response."
"The reporting that you get from it is the most valuable feature. You can see it via the appliance itself, and also via the MySonicWall account for the registered device. You are able to select the file if it's malicious, and you can select it in the reporting and see what triggered it, and things like that. I found that to be quite useful."
"We get alert messages whenever there is a new threat. We are notified at the firewall level that things are blocked, which keeps us in our comfort zone."
"The stability of the solution is good. We haven't had any breaches or crashes. It's been very stable for us."
"It also has an easy configuration. The feedback that we get from our customers is that it's a good product."
"Provides good protection and security."
"They have a large database of commonly known things that they can catch automatically, then they have anything which is questionable go to the sandbox and be examined there before going into our network."
"We use it for protection against viruses and ransomware attacks."
"I like this setup for a firewall. You can set things up very easily and you can automate items as well. It's a very robust firewall solution for enterprise as well as small businesses."
"The documentation is not as structured as I would like, personally, and I think that it can be improved and made much more user-friendly."
"Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance."
"The initial setup was complex because it takes a lot of time to complete the implementation."
"I'd like to see improvement in its ease of use. It's basically unusable. It's overly complex."
"The implementation needs assistance."
"Security needs improvement."
"The system architecture is complex and sometimes it’s hard to troubleshoot potential problems."
"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."
"I would like to have better documentation before starting with deployment because the deployment is a bit complex."
"It does fare well against enterprise products."
"SonicWall should promote their roadmap and improve their marketing to customers."
"I would say the solution needs a much simpler user interface, but the functionality of the firewall is quite extensive. You need the user interface to be that way. However, if there was a way to make the user interface a little easier, that would be great."
"Having an on-premise solution as well would be an option for some people, but they'll want to use a cloud solution for their sandboxing. Certain sites would want to keep all the checks done on an on-premise appliance. All the checking, rather than sending that up into a cloud engine."
"The setup needs improvement. It needs to be made more user-friendly."
"SonicWall had a recent layoff. This is a concern for us, because now we are missing the local presence from both the engineering and sales side."
"Could provide online training to allow customers to learn more about the product."
More SonicWall Capture Advanced Threat Protection Pricing and Cost Advice →
Earn 20 points
NetWitness Platform is ranked 30th in Log Management with 35 reviews while SonicWall Capture Advanced Threat Protection is ranked 26th in ATP (Advanced Threat Protection). NetWitness Platform is rated 7.4, while SonicWall Capture Advanced Threat Protection is rated 7.8. The top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". On the other hand, the top reviewer of SonicWall Capture Advanced Threat Protection writes "When compared to other solutions, it is cheaper and more economical". NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Cisco Secure Network Analytics, whereas SonicWall Capture Advanced Threat Protection is most compared with Palo Alto Networks WildFire, Fortinet FortiSandbox and Microsoft Defender for Office 365.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.