I would rate Netsurion nine out of ten. They're not perfect but they're as close as I would consider any other company in the market to be.

The maintenance is minimal. Netsurion provides me with a list of things they notice that could cause security issues. This is no more maintenance than I would typically do. In fact, it is a little easier because I do not have to go out and look for these problems. They notify me of the issues, and then I take action to remediate them.

Our experience with Netsurion has been excellent. We have had a positive relationship with them because they are easy to work with, responsive, and helpful.

I would rate Netsurion a ten out of ten. I have been managing networks and IT departments for 25 years, and there are a few services that I find both wonderful and absolutely essential. Among these, Netsurion Managed XDR holds the highest importance for me. Without it, I wouldn't be able to gain the insights into our network that I currently can. There's no economically or technically viable way to achieve this. Despite being a relatively small company with a workforce of 42 individuals, I essentially possess my own security team consisting of five or six people and the array of tools they have at their disposal. Outsourcing this function or hiring personnel for it isn't feasible. While I am a security professional myself, the value brought by this service is unmatched even if I were to engage a consultant. The level of value it provides is truly remarkable. For example, we allocate approximately $65,000 dollars annually for this service, and I firmly believe that the investment is completely justified for us.

We make use of Netsurion SIEM services to collate logs from all our devices. These logs are forwarded and integrated into a local system. Netsurion also offers managed security services, including protection against malware. Although they do provide such services, I personally do not utilize them. My usage of Netsurion focuses on their SIEM package, specifically Netsurion Managed XDR. I also use their vulnerability assessment service.

On the flip side, we've worked with Netsurion to meet compliance requirements. Given our small team of only three people, adhering to strict duty segregation, as larger companies might, is challenging. To address this, we've established a practice where I request logs. For instance, when my team handles administrative tasks like unlocking users or managing access permissions, these activities are logged by a third-party system called Netsurion Managed XDR. I receive daily and weekly reports summarizing these activities. Netsurion has demonstrated impressive flexibility in accommodating our needs. They are open to tailoring their services based on our unique requirements. In cases where certain actions are less critical, they consolidate alerts into monthly or weekly reports instead of inundating us with numerous daily emails. This practical approach is highly valued. Our experience with Netsurion is unlike other monitoring software we've used, even after my extensive career, including the use of SolarWinds. At present, we are self-monitoring. The complexity of configuring these tools is significant. However, working with Netsurion feels like an extension of our team. It's far more efficient than purchasing software and struggling to configure it. Interacting with them is seamless. I can simply request tasks, like generating administrator activity reports. After a few questions and adjustments, they delivered the final report. This approach is in stark contrast to grappling with software configurations, where flexibility is often lacking. We've successfully fine-tuned Netsurion's services to suit our needs. I recently scheduled a monthly review meeting, which previously took an hour or more. Now, with Netsurion's support, the meeting takes about twenty minutes. They present data through Power BI, allowing for detailed analysis. They provide this along with supplementary Excel documentation. With their expertise, we've transitioned from red or orange indicators to green, or in some cases, even removed certain issues entirely. I am genuinely pleased with their assistance. I've worked with Netsurion in previous roles and introduced them to our current network. I secured budgets for their services upon joining this company due to the significant value they add. Considering our circumstances, I can't envision an alternative approach that would be as effective. Even hiring additional security personnel wouldn't provide the same economies of scale and expertise as Netsurion does.

Netsurion Managed XDR now offers an expanded range of services. Among these is a vulnerability assessment service that is now available. The quality of their recording has significantly improved, becoming more standardized and polished. It seems that their scope of reporting has also broadened. This expansion is facilitated by the advantages of being part of a larger company like Netsurion, which provides access to a greater array of tools. These tools can be integrated into their products and subsequently shared with customers. In terms of the core services, such as daily reporting, alerting, weekly observation reports, and monthly meetings, there hasn't been a substantial change; these aspects remain largely similar to what they were. The notable addition is the availability of the vulnerability assessment service, which was not part of the service package previously.

One aspect of Netsurion Managed XDR that I appreciate is the tenacity of its people. This becomes evident because, at times, my team serves as the bottleneck in accomplishing tasks. For example, concerning the integration, we've been attempting to integrate with our email system. The individuals from Netsurion Managed XDR persistently inquire about the progress of this integration. However, due to the substantial workload we have, we continuously postpone it. Consequently, it is difficult for me to think of an area of improvement. This sentiment holds particularly true following the acquisition of the vulnerability assessment service, which has proven to be highly beneficial for us.

In a former organization, we attempted a task akin to what Netsurion does using Syslogs and SolarWinds, but the results were incomparable to what we achieve with Netsurion.

I'd rate Netsurion six out of 10. I'm only going above the five because there aren't a lot of other products in that niche for a decentralized SIEM product. To anyone skeptical about the need for managed security services, I would say that they need to look at whether they have the resources to provide the service themselves. I think most don't, and I believe that the cost of hiring even temporary personnel to provide that function doesn't make business sense compared to bringing in a third party like Netsurion. Cost savings, management, and 24/7 monitoring — you can't get all that for the same price.

It doesn't matter whether a solution is outside or inside the US. When we look at our firewall logs, most of our spam and ransomware attacks are coming from inside the US. That is where the majority of that traffic is coming from. We shut down everything from the outside that shouldn't have access. We determine who gets on our server and when they get on it. We control it as well from the outside as we would from inside the country. There doesn't seem to be any national barriers that seem to have anything to do with whether you are really secure or not anymore. Certainly, there is a lot of risk from certain rogue countries, but vendors are vendors, you just have to vet the vendor as well.

Everything in life is a risk. You need to determine what your risk tolerance is. In our case, we take the risk of not logging every single device on our network. We don't log the laptops of the guys who work in the field all day, then come in just to do payroll. We don't care what goes on their PCs, but we do care once it touches another server somewhere. Therefore, we log those servers. It is all about risk tolerance. At the end of the day, you need to balance your budget one way or another.

They are a fantastic team. I would stack them up against anybody. If anybody asks us what we're using for a SIEM, I'd say that this is what we're using. I highly recommend them.

Stack it up against some of the other products out there. At the very least, know what you're looking for. Or, if you don't, throw it back at EventTracker and say, "We're looking to do this, can your product do it?" Let them know what you're looking to gain from this.

We started out in the same boat: "Well, why would we use you guys versus somebody else?" We had a defined requirement, that we wanted to have centralized event and incident management, and that's exactly what we got.

You need to find out if it's going to match all of the various appliances and the OS you have. Is it going to be able to pull in the syslogs? What type of products do you have in your environment? Are you pulling in Cisco devices? Whatever your firewalls are, make sure that they're matching up. I had no doubt in my mind that they were going to match up to everything in our environment, right upfront, as we gave them the list and we did that self-discovery. I think that's part of it was the workbook process. What are your devices? How many are there? What are you using for mail? What are you using for backend storage? What do you have for databases? What are the products on your network? Make sure it matches up.

I have no doubt that they'll match up well with everything out there but make sure that whatever is on your network that you want to monitor, that those specific vendors and those devices match what they can track and log events against.

Every month, when we do an assessment they ask what more they can do. Until something crops up that leaves us a little bit blind or unsure, I really don't know what they're not giving us at this point. We haven't started looking at any other products to fill any gap. I don't have a laundry list of anything I'm waiting for them to come back with, whether it's a fix or a feature.

I'll do a lot of event searches myself, more out of curiosity than anything. I might chase something down if we get a flag or notification and look for what else is taking place around that event, to get a clear picture of why it was flagged. Was this something that we brought into the environment? Were we installing something at the same time that something was flagged? What was going on? So I tend to go into the event searches a lot and the managed devices, looking for non-reportings. Those are probably my two biggest hits.

When it went from version 8 to 9, the UI changed up a little bit, so it took a little bit of getting used to. They did provide not only some on-call support to walk through things as I was asking them questions: "Nope, that's here," or, "Give this a try." They also had some pretty easy tutorials to walk through. I've done that a couple of times just to refresh myself as far as where things are. But, like I said, because we tend to lean on them for a lot of the managed side, I don't dig into it as much as I used to when we first got started with it. It's been huge just to have them a phone call away or at arm's length to say, "Can you guys take a look at this, or do this, or verify this for me?"

Typically it's just on my desktop at work. If I'm taking a look at the dashboard, I might pull up user devices - what's not reporting in. That's a biggie for us, especially as we roll out new devices and we're getting agents out on those devices. I want to make sure that they're being pulled in correctly and that I'm seeing logs. I may take a look through some of the threats, but again, their support does such a great job of combing through all the threats and kicking out any notifications to me that I don't spend a lot of time in there.

In terms of integrating it, we haven't tied EventTracker back into anybody else. At this stage, we're tying everybody into EventTracker. As we start to move into more of the cloud space, there may be some of those cloud-authority services that this may tie into. We haven't gotten to that point yet.

The biggest lesson I've learned from using it is that I think we'd take a huge step backward if we ended up losing EventTracker; whether it's EventTracker or a SIEM product of that caliber. We're part of critical infrastructure and the threats against that infrastructure have increased a tremendous amount over the last five to seven years, whether it's on the network side or the OT side.

Having the eyes and ears to be able to manage and monitor those types of events against us, in our industry, is massive. Being under a constant threat, like everybody else out there, we want to know what we have, what's in our system; we want to know where the abnormalities are. We want to see the events on a daily basis. You have to track them. You have to be proactive. You have to take some action on those things on a daily basis. Having this in place gives us the ability to see what's going on, on a daily basis, on all of our systems across the enterprise. That's massive to me.

I would absolutely rate EventTracker a ten out of ten. I love it.

At this time, I do not use the additional data source integrations offered to help protect our environment.

I'd rate the solution eight out of ten. It's one of my favorite products. 

They should be well-known. I've had zero issues with them. It's expensive, yet you get what you pay for. 

New users need to understand that it is kind of hands-off. You aren't going to have to put much into it once it is up and running. The time savings and the peace of mind make it worth it at the end of the day. 

Depending on your organization, the type of organization that you are, and the level of risk tolerance your organization has, but say that you don't need threat protection, then you probably don't understand the situation fully.

Excluding false positives, the accuracy of remediation is pretty straightforward. Things like Exchange Server security vulnerabilities, which came out last year, had all the details included. That came out very well.

Right now, with Netsurion, a number of their staff are based in India, and there are no concerns with it. They are signing the appropriate NDAs and going through the appropriate certifications for data security and data privacy. As long as they are doing those types of things, there are no concerns on my part as long as they are able to monitor things in our time zones.

I would rate the solution as seven out of 10. They are definitely areas for improvement. I know for sure that all the areas of improvement aren't solely with the SOC and the product. A lot of it is probably implementation issues and issues within our organization, as this is our first crack at using a threat management protection system and dedicating the appropriate amount of time, attention, and thought to it. Some of that is probably on us. However, we have had struggles. At times, we have needed to think, "Is that because of you or because of us?"

I'd rate Netsurion nine out of 10. It's not a fancy product, and I don't mean to say that it's not comprehensive or it doesn't do what it needs to do. I guess what I'm trying to say is it's like driving an old Chevy Nova. It's easy to work on. If something goes wrong, it's easy to fix, and it gets you down the road. Netsurion does a good job, and it's reliable. I haven't known it to ever go out on us. 

If someone is wondering why they should implement Netsurion, I would say, you don't know what you don't know. That's what it comes down to, and it's a matter of whether you want to sleep easy at night thinking you've done enough. You know how bad it is out there and that these attacks never stop. We get thousands of attacks daily, and we're not a big company. We're a US-based company that isn't in a volatile field. Our significant lines of business are restaurants, health clubs, and travel. You wouldn't think that is a huge target, but we had almost a quarter of a billion attacks against us last week.

A lot is happening out there, and it's nice to get some affirmation from the executives that everything you've done is working and keeping you safe. It's also giving you some benefits you may not be thinking about, so you know where you might have to apply some of these new things or come up with some new best practices that will work out better for you going forward.

Your SIM is only as effective as the reports you get out of it and the actual items you can get from it. While you can spend a lot of time and energy doing this yourself, it helps to have a professional team on your side walking through this. Maybe after three years, we won't need the entire SOC, but I can't see that happening. It's better to have them generating these reports for me than one of my teammates having to go through this and spend all week doing this as their job. We have to wear too many hats here to be able to commit to a person like that.

My advice is to get your PO out and make a purchase. I have referred several other companies. I'm involved in several security organizations and it really is one of these diamonds in the rough. I know they have US sales but I think they're a lot stronger over in Europe. I think they're a little-known, hidden secret in the U.S. I know they're in the industry review reports, but I don't think they get the press and the prestige that they should, because they have a really excellent product.

Of course, certain government organizations can't do business with support overseas; there can be limitations. But I'm definitely an evangelist for them. We really like their product and plan to keep it for a long time, provided, pricing-wise, it doesn't get out of hand. But I think we've reached a good agreement that we can all live with. We definitely feel like we're getting value for it. We have no problem writing the check every year.

This is the first time I've really worked, on a regular basis, with an overseas-support vendor. The biggest thing was getting our support hours lined up. I don't want to sound like I'm dissing them, that if we were in a world of hurt and had something that really had to be taken care of that they wouldn't respond to that. But we had to adjust our workflows knowing that, if we really need to get them on the phone, our morning is the best time to do that.

Other than that, the convenience of it, being able to think of how else we can use it and what other kinds of data we could send to Netsurion to help us out, has been instructive. For example, we have a mail product called Proofpoint that actually front ends our email and pulls out spam emails and those sorts of things. We were able to send the over the logs from that and look for any emails that were going to more than a hundred recipients. And Netsurion could give us real-time alerts and that would often tell us if an account was compromised. So there are unique ways like that to think about using it. What are some of the data of things we're trying to track down that we could send over to Netsurion and have them alert us in real-time so we don't have to run a rapport or figure out, three days later, that something went on? We can find out right in the heat of the battle what we need to do.

Netsurion's dashboard is probably good. I don't log into the console every day and I don't use it operationally, in the way some people would if they didn't have those managed services. So dashboard-wise, I don't use it as much. I do use their intrusions worldwide map from time-to-time, but beyond that, because I don't get into the console on a regular basis, it's not as useful to me. But I feel like the console would be very powerful with the widgets they can add to it. They've demoed it for me but it's just not the way my workflow is.

I usually view Netsurion on just a single, 23-inch Windows screen. I don't have any real-time thing running all the time. I strictly use it on a desktop.

In terms of deployment and maintenance of the solution, we don't have anybody additional here. There was a CISO that I replaced and everything else was from the managed service side. We do have one system engineer here who maintains the box, the virtual server that it runs on. But that is a part-time responsibility. He really hasn't had to get involved since I've been here. So there has really been no additional staff. It was just an additional tool that was put into the environment and one that is a tremendous asset for us. There are four individuals besides me who use it and they're all in the server admin group.

Version 9 was a tremendous step forward for them. I don't know how long they developed that one, but they really took the right direction with the product. 

Overall, we're really thrilled with them. If I didn't have the managed services — and it wouldn't be the product's fault — I wouldn't be as thrilled with them. But that service really takes a lot off my plate and frees me up to be able to do the other things I need to do in the organization.

The biggest lesson really isn't an EventTracker lesson, it's more of a SIEM lesson. And that lesson is: It's a lot of data. When you have a lot of data, it's going to take a while to study and learn that data, so you can react appropriately. Not all data is actionable.

Be prepared for the data. Be prepared to know what you didn't know before. And be prepared to weed out the noise from the actual data. That's where EventTracker's SIEMphonic becomes very helpful. My advice would be, if you're going to go with EventTracker, to go with the SIEMphonic service and leverage their support team to get your knowledge up to speed. So far, our experience with their support has been top-notch.

In terms of how we view EventTracker, we're typically just in a browser, so it's on whatever our standard is. I've got a couple of 20-inch monitors on my desk. It's sleek enough that it will work on a normal 15-inch laptop screen too. I have not looked at it on mobile yet, given the fact that it's an on-premise service. If I'm in the building, getting VPN'ed in across my phone is a little tough. But that would be the next iteration of the product, if we would decide to push up towards the cloud instead of being on-prem. We would definitely be looking for some sort of a mobile or a tablet-based mobile interface.

We have not integrated EventTracker with other products. Our service-desk tool is a tool called Samanage, which was recently acquired by SolarWinds and has been renamed Solar Winds Service Desk. We have not integrated anything with that since SolarWinds acquired it, because we wanted to see what SolarWinds was going to do with it. Integrating it into EventTracker is on the list. We'll do it if it makes sense.

I never rate anything a 10 out of 10, because nothing is ever perfect. But this solution would be at the upper end of that range. This partnership with EventTracker has been one of our better ones.

I would rate the product as a seven (out of 10). 

We don't use the dashboard widgets, but we are planning on it.

If you want a team that is pretty devoted to making sure your environment is secure, you should go for Netsurion. They have been on top of a lot of things. We have constant emails coming in. They jump on things. Their support team has been pretty good to work with for working through issues. However, on the software side, they are just okay. They need to work on some of their tools. They need some work on that side, but if you are looking for a pretty devoted team to watch your environment, they are pretty good.

Overall, I would rate Netsurion an eight out of ten.

If you are not going to go for their managed service, then you will need to hire a SOC team, and if you are not going to hire a SOC team, then you are messing up.

I am sure that other companies have their own SOC teams instead of having a SOC-managed service, but this solution makes it cost effective for us.

I would rate it as a six out of 10.

The biggest lesson I have learned is that the outsourcing of this service has a dramatic impact on the organization. We can't just keep throwing bodies at it internally, we have to leverage somebody else's knowledge.

Some people don't trust outsourcing. I'm not a big outsourcing guy. But I really don't treat them as an outsource, I treat them more as a partner. You're going to have to do this one way or the other, or are you going to get nailed at some point. That's just the way it is. If you're not following these things, you're going to get nailed. If you trust them and you realize that they're doing things that you should be doing or are doing, you're going to save a lot of money out. It's going to be cost-effective for you. It won't just save money, it will be cost-effective.

I would rate EventTracker a ten out of ten. 

Having dealt with a lot of vendors and their sales, they are probably one of the more low-keyed. They're not out there constantly trying to sell me stuff. I don't know if it's because we have everything so there's nothing left to sell or not, but they've been very easy to deal with. Their leadership and their sales organization have been very easy to deal with.

It's a simple product. It's a lot easier to implement and deploy than the other SIEMs I've used throughout my career. The advice would be that using it is a good decision. There's no reason to shy away from the product.

From an event-alert perspective, we haven't used them for that purpose yet. That's largely because the current security services we have in place from our vendors, CrowdStrike in particular, provide us a managed event system from the AV side. They proactively manage our antivirus that's on all of our machines and they also proactively remediate the machines. So we haven't felt the need, yet, to take part in EventTracker's alerting of detected cross-events. That will come in this upcoming calendar year. Our program here is only two years old. The security program itself was only in existence for about nine months before we started to engage with EventTracker, and deployment was earlier this year. We're still really in deployment mode.

We haven't integrated EventTracker with any other solutions. We use ServiceNow but we have not made any effort to integrate it. Our roadmap for ServiceNow is to do exactly that and take advantage of that integration capability and have it issue either alert tickets or work requests into ServiceNow for us, so that we don't have to do those manual steps. We are probably a year away from that.

There are two others besides me using it in our organization. They're both security analysts. There really isn't any maintenance. We've occasionally had servers that stopped talking for whatever reason but a reboot took care of that. Generally, what we're finding is it's due to an application memory leak on that server. But it's just working. There is no effort there.

I would rate it a 10 out of 10. The ease of deployment, the support that we receive from them, the dashboard console which I find to be very helpful, are all part of that rating. I would like to see some more assistance in the way that searches are built, but as I've learned how to search, it's getting easier and easier. Overall, it's a well-priced and functionally appropriate SIEM.

As for someone being concerned that the solution's SOC is outside of the US, it hasn't been a concern for us. It's 24/7. If the concern is more national or regulatory, you have to follow what your rules are. But if you don't have any regulations or laws restricting you, I wouldn't hesitate just because the SOC isn't in the US.

If a colleague at another company said he's not sure that they need managed services, part of that conversation would be about what kind of staffing levels they already have and if they already have 24/7 in-house security monitoring. If not, do they think the bad guys only work from 8:00 to 5:00 Eastern?

It's reliable. It works. With the managed component, we get that personal attention and that consistent team to deal with. To some extent, it's like they're part of our IT team. They're not in our buildings or working with us directly day-to-day, but in some respects, it's close to that.

I would rate Netsurion eight out of 10. While there is room for improvement and maturity, I have no complaints about their services. To anyone thinking about adopting Netsurion, I would advise them to research and get references. You should also do a cost-benefit analysis of a managed solution. Doing this work in-house is extremely expensive compared to offshoring it to someone already established who can do the work you need. 

If someone is concerned about Netsurion's SOC being outside the United States, I would say that this hasn't been a problem for us, given the compliance spectrum we're working with. Some companies may have another view of that, but I work with that team and trust them. They meet all my expectations. I'm pretty satisfied with their service and how it was managed during implementation.

If you're concerned about Netsurion's SOC being located outside of the US, I would say that location of the SOC is irrelevant. Rather, you should evaluate the skills of the SOC and the SOC management.

And if someone at another company said they are not sure that they need managed services, I would say to them that they had better make sure they have enough money to have their own internal team.

My other advice would be to make sure that Netsurion gives you a good deal compared to the other vendors.

The solution has been everything that I've asked for from a service standpoint, software standpoint, and support. I have no complaints.

My advice would be to engage them to do the installation. The managed service is great value which saves you a full-time employee on your staff by being able to outsource it to EventTracker to review all the logs and cull through the data to make recommendations and identify threats, then how to remediate them. They provide it to you in your weekly or daily report, depending on how frequently you want to have them do it, which is based on your compliance. If you have compliance requirements for HIPAA, PCI, etc., it is a great benefit to help an organization meet their compliance requirements.

We have internal staff resources for internal incident management. We leverage the EventTracker SOC team. When we detected the virus, we kept in contact with the EventTracker SOC team and sent them emails, and they would call me and say that they see it on this server or that desktop, and we'd go and take it off of the network and clean it. Then, we would put it back on and they'd watch to see if they saw any traffic that was not supposed to be coming from that server. For the whole remediation process, they were sort of part of the team.

Data is all configured to automatically go in. We deployed their agents, and those agents just send the log data directly to the SIEM. We don't manually upload anything.

We did not integrate it with any other solutions.

If it's your first SIEM event-correlation system, be prepared for a long process. That's not just because it's EventTracker. That seems like that's what that process takes. Again, it really depends on what data you want to capture and how much data you want to capture and how you want to review that data. That configuration process can be very time-consuming.

We're on EventTracker 8, but we're getting ready to upgrade to the most recent version of nine, but we have not upgraded yet.

I don't typically use the dashboard widgets. I have everything configured in daily, weekly, and monthly reports. We have real-time alerts configured as well. So I'm not really utilizing the dashboard widgets. I know it has a lot of features and options but I manage the system from the reports and real-time alerts. In terms of the screens we use to view the solution, we mostly use the Excel reports that are generated daily and weekly. I access them, as well as the real-time alerts, from all devices. You can view them and see the details from any type of device. But I'm looking at the alerts through my email client on whatever device I'm on.

We have logs coming from our firewall configured to auto import log data, but we are not manually importing any log data.

Currently there are only two users in EventTracker: myself, as the information security officer and another gentleman here at the bank who is the backup information security officer. He functions more as a backup, but he's never had to step into that role and use the system. He received the training, but I handle the whole system. I'm the only one deploying and maintaining the system.

We have internal staff resources for internal incident management but we do not use the EventTracker SOC team. We handle the incidents internally, leveraging the reports and alerts.

We don't have any plans to increase usage, unless we add one or two offices as we do naturally in our mortgage division.

The difficulty with the language barrier at times with their training and technical support staff is a problem. That's why I'd rate it an eight out of ten.

Go through some training to know the ins and outs of the application. It has changed quite a bit in the seven years I've worked with it, and it would be a good idea to do some more training to learn all the new features and to make sure you can utilize all the capabilities.

The UI is okay. As I said, we're probably underutilizing the product compared to what we should be using it for. We don't view the information from it on screens. We more go off of the reports that we get daily out of the system.

In our company there are only three people using the system. We're all IT managers. We're only monitoring about 30 systems and we don't have plans to increase usage. Total time for deployment and maintenance would be a part-time IT manager, ten hours a year. In terms of internal staff resources for internal incident management, it's the same three IT specialists.

 I would give the solution an eight out of ten. I'm not giving it a ten because of a lack of understanding of the system and some of the kludginess in the generating of reports.

Overall, it's very straightforward.

Get the preferred support. This is for the guy who uses and maintains the back-end of the system. Because if you don't have your firewall configurations configured correctly, you will need to have that support.

All of our domain controller event logs are consolidated and stored on the server. Right now, we are sitting at 101 domain controllers, which is way too many. However, this was one of the main reasons why we purchased it, and it is performing well. The product version that we are on right now is much faster than the version that we were previously on.