My company mostly pushes or proposes LogRhythm NDR to our customers.

I recommend the solution to those who plan to use it. People can buy LogRhythm as a separate component if they have a separate LogRhythm-based setup in their environment.

I rate the overall tool an eight and a half out of ten.

Check your requirements and the infrastructure so that you know the type of license you need to obtain. It's a good, user-friendly tool. If you have a bit of background in security, you'll be able to understand NetMon easily. On a scale from one to ten, I would rate NetMon at eight.

The selling point for LogRhythm is the SIEM solution, SOAR, and competitive pricing against QRadar, Sentinal, Splunk, or any other tool in the market.

We started using LogRhythm started back in 2013. When I joined, we only had six or seven clients, but then, in a span of two and a half years, we increased our client base from seven to 33. We're always happy with the services and the product.

There were no issues. We've integrated LogRhythm with EDR, email security solutions, and DLP. We've not found any specific issues with that.

Overall, I rate the solution an 8 out of 10.

I recommend NetMon to other users and would rate it eight out of ten.

We're Palo Alto for a lot of our Edge stuff. We run Cisco. Palo Alto on endpoints for their traps, McAfee on some others. It's fairly distributed as well. We run all the casinos in British Columbia, they distribute all around the province, and we run all of those and they're all reporting back to us. We also run the lottery point-of-sales systems as well. You go into gas station, there's a lottery terminal there you can buy your ticket off of. We manage all those as well. Those are all wireless. A ton of stuff. Very, very large.

When selecting a vendor, for us the most important thing is the trust of their user base, really. We did a lot of due diligence when we were looking. Everything that we heard from LogRhythm's user base was that they love the product. They were very fanatical about it, that it could do so many things that really were time and effort on our part to implement. That was basically it. Everything was built-in. Really, it was more the user base. It was everything, all SIEMs do all things, and so it was more the support of the product. We knew the product would do what we wanted it to do, we were concerned about support, we were concerned about the way that the community reacted to it.

In terms of a solution being unified end-to-end platform, it's not critical, but definitely important. We are a very small shop. We support a lot of people, but our IT staff is incredibly small. I think there are five of us and two in the security aspect. An end-to-end platform was important to us, simply because it was a single vendor at that point. I could go to a single source, "one throat to choke," as it were. Wasn't critical, but definitely it was high up on the list.

Honestly, that rating of eight out of 10 is because we haven't used it very long.

I would advise anyone looking at this or similar solutions to define your use cases very well. That is what is going to separate a LogRhythm from a QRadar, from a Splunk. Everything can collect data, but pulling the data back out of the system, analyzing that data is the critical component. Definitely define those use cases and present those to the sales reps, and see how they respond.

In general, this is a good product. It is easy to configure and use.

I would rate this solution a seven out of ten.

I would advise someone considering this solution to do the assessments properly before you deploy the solution because it also depends on what kind of products you have to integrate with LogRhythm. Most products do have an integration out-of-the-box. You need to study the product first before you make the decision to go ahead with LogRhythm.

I would rate it a seven out of ten.

LogRhythm provides a freemium version of Netmon, so I would first advise anyone to download it and play with it first.  All features are the same as a full version, and it is the best way for anyone to understand the product capability and how it works. If it works well then consider buying the product

I would rate this product a 9 out of 10.