We just raised a $30M Series A: Read our story

LogRhythm NetMon OverviewUNIXBusinessApplication

LogRhythm NetMon is #40 ranked solution in best Network Monitoring Tools. IT Central Station users give LogRhythm NetMon an average rating of 8 out of 10. LogRhythm NetMon is most commonly compared to SolarWinds NPM:LogRhythm NetMon vs SolarWinds NPM. The top industry researching this solution are professionals from a computer software company, accounting for 37% of all views.
What is LogRhythm NetMon?

Identify Emerging Threats on Your Network in Real Time

Transform your physical or virtual system into a network forensics sensor in a matter of minutes for free with LogRhythm's NetMon Freemium. Your investigations will come together effortlessly with extensive corresponding metadata, full packet capture, and customizable advanced correlation.. Detect network-based threats with real-time network monitoring and big data analytics

Get the visibility you need with NetMon.

LogRhythm NetMon was previously known as LogRhythm Network Monitor .

Buyer's Guide

Download the Network Monitoring Software Buyer's Guide including reviews and more. Updated: November 2021

LogRhythm NetMon Customers

Sera-Brynn

LogRhythm NetMon Video

Pricing Advice

What users are saying about LogRhythm NetMon pricing:
  • "The price of this solution is too high, so it should be made more practical and more valuable for the customer."

LogRhythm NetMon Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
SH
Product Technical Manager at a tech company with 1-10 employees
Real User
Top 5
Provides very good lateral visibility for easy detection of irregular traffic and attacks

Pros and Cons

  • "Visibility is a valuable feature, the ability to see even if the traffic is not going into the firewall"
  • "Could use a topology diagram which would help get an exact visual."

What is our primary use case?


Our primary use case is trying to monitor irregular network traffic - identifying the type of traffic within our network, its origin, and destination IP. It could be HTTP, HTTPS, FTP, or OBDC. Once we recognize the traffic, we then correlate it, determining whether it's normal or abnormal. The data is also send via Syslog to LogRhythm SIEM to further correlate with logs from other devices to look at threats from a holistic view


How has it helped my organization?

We simply enabled the out of the box DPA rules within network monitor to look for Ransomware via SMB traffic and other types of attacks such as DNS hijacking where external DNS is being used instead of internal, and it was happening in our network environment



What is most valuable?


I think visibility is the most valuable feature - the ability to see what's going on with the network traffic even if it is not passing the firewall. It provides the lateral traffic visibility, which most can't see it in firewall and networking switch/routers with limited logs. In an internal environment, we have a customer with several database servers, and they want to know who is connecting to these critical servers, this solution enables that. In terms of attacks or any abnormal traffic, we can quickly detect it. Visibility to network lateral movement is significant.



What needs improvement?


Our customers would always like to see additional features. Ideally, they want one solution to do everything, particularly with networking products. Often customer request features that are related to their day-to-day operation such as traffic congestion and network usage at a specific endpoint. Adding operational flavor into the existing network threat detection product would allow more customers to use a single platform to satisfy all their networking visibility needs. I'd like to see more of these types of visualization or dashboard geared toward this kind of usage is built out of the box and ready to use.


Also, having network topology visuals from a specific endpoint can be a great feature that would help correlate and investigate faster.

For how long have I used the solution?

I've been using this product for four years. 

What do I think about the stability of the solution?

It's an excellent & stable solution, it's based on ELK and is a proprietary solution. It provides you with an ISO file that you can install in minutes.

How are customer service and technical support?


The technical support is excellent. You can find many pre-built rules, visualization dashboards, or the Kibana dashboard within the community portal. 90% of users can just use it right out of the box and use the many built-in deep packet analytics rules and dashboard or download from the community. If you like to build your own rules, it will require some learning on the rule syntax. Any more advanced integration with an external system can request to Logrhythm support. They will be willing to answer any questions you have.



How was the initial setup?

The initial setup is very straightforward and simple. It takes about half a day to get it all done. 

What's my experience with pricing, setup cost, and licensing?


Compared to many other products in the market, I think LogRhythm has the highest cost to performance ratio in terms of its value. Many customers compared us to a lot of other network tools that focused more on traffic flow and data flow, which often lack threat detections, visibility, and Deep packet analytics. However, LogRhythm NetworkNDR provides excellent visibility and threat detections because it identifies 3000 plus applications, built-in Deep packet rules, and provide SOAR capability at the same time.



What other advice do I have?

LogRhythm provides a freemium version of Netmon, so I would first advise anyone to download it and play with it first.  All features are the same as a full version, and it is the best way for anyone to understand the product capability and how it works. If it works well then consider buying the product

I would rate this product a 9 out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner - Taiwan
Monsur Ahmed
Software Management at Midland Bank
Real User
Top 5
Good reporting and logging capability, but the training should be improved and the price lowered

Pros and Cons

  • "The most valuable feature is the log, which can be analyzed by our SIEM solution."
  • "The training for this product is not very good and needs to be improved."

What is our primary use case?

We use this product for network monitoring, to assist with our network security and performance.

What is most valuable?

The most valuable feature is the log, which can be analyzed by our SIEM solution.

The reporting capability is good.

What needs improvement?

The training for this product is not very good and needs to be improved. For example, the instructor came with a specific outline and does not like to go outside of the box.

There should be documentation the describes more use cases and how to implement them.

For how long have I used the solution?

We began working with LogRhythm NetMon less than a year ago. Our second phase of implementation was completed about three months ago.

What do I think about the scalability of the solution?

This is a scalable solution. 

How are customer service and technical support?

We have consulted with the technical support team on a couple of things. I would say that they are ok.

How was the initial setup?

The initial setup for us was complex because we did not have much knowledge about this type of product.  

What's my experience with pricing, setup cost, and licensing?

The price of this solution is too high, so it should be made more practical and more valuable for the customer.

What other advice do I have?

In general, this is a good product. It is easy to configure and use.

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Product Categories
Network Monitoring Software
Buyer's Guide
Download our free Network Monitoring Software Report and find out what your peers are saying about LogRhythm, SolarWinds, Cisco, and more!