My advice to those wanting to implement RSA NetWitness Network is they have to first do a little due diligence, such as the exact requirement based on their needs. That will give them a direction for their investment because otherwise, the bill of material or bill of quantity (BOQ) may be higher side. It is important to do good due intelligence on the environment, see the exact requirement, and then go ahead with the solution. The solution is perfectly stable.

I rate RSA NetWitness Network a nine out of ten.

I would give NetWitness Endpoint a rating of seven out of ten because it's missing the features of modern EDR solutions.

Those looking to implement RSA NetWitness Endpoint should do a comprehensive assessment of their environment to check whether they really need the solution. Sometimes you buy the solution and you do not have the right people to use it. Ensure that you invest in the right expertise to use it because after you invest in people, then you invest also in the processes and technologies. If you have the technology but and you do not have the expertise to operate the solution it will not be useful.

I rate RSA NetWitness Endpoint a ten out of ten.

I'd rate the solution a six out of ten.

I recommend RSA NetWitness Endpoint and would give it a rating of eight on a scale from one to ten.

I would recommend others to use RSA NetWitness Endpoint at this time because they have evolved from an MD to an EDR solution to an XDR solution. They have a single solution in which they can pivot from the NetWitness to the endpoint. Everything is combined in a single pane of glass.

Earlier, they used to have distinct solutions. The NetWitness EDI used another pane of glass and then the EDR used a different one. Now the EDR and MDR have been combined into a single solution. That is an advantage from the security perspective. They can use a lateral movement and see all aspects in a single pane of glass. It's an easy investigation for everyone. I would definitely recommend this solution.

I rate RSA NetWitness Endpoint an eight out of ten.

This is a product that I recommend. My advice for anybody who is implementing it is to make sure that they have somebody who understands it very well. Having somebody who will configure it properly is the right way to have it generate the output that you want.

Also, you have to make sure that all of the endpoints are up to date. They have to be online all of the time so that you're able to have visibility on any compromises that may happen. If an endpoint is instead offline, it becomes difficult to investigate or to monitor compromises or malware.

I would also suggest deploying a virtual environment. By doing so, it can be cloud-based, and what you need to do is called Event Source Onboarding. This is the process whereby you are providing the consultant with the events that you want to collect data from.

In my opinion, this is the best platform, world-wide, and I am happy with it.

I would rate this solution a ten out of ten.

I would rate this solution a nine out of ten.

I would rate this solution 4 out of 10. I would not suggest that someone use this solution because support is a main issue. I would prefer to go with IBM QRadar or some other new AI-based tools.

I rate this solution eight out of 10. 

We use the on-premises deployment model.

The contamination should be improved. If a new user needs better contamination capabilities, they should use something else.

I'd rate the solution seven out of ten. If it offered better triaging of incidents, I'd rate it higher.

I would rate RSA NetWitness Network a ten out of ten.

I would highly recommend the solution. Just go ahead and get it. It is the best you can get.

We chose a solution of RSA endpoint protection because of the value proposition they offered. It became clear that they have the right solution for a serious enterprise and the security operation center (SOC), and they offered the right value.

It meets our major requirements and gives you peace of mind.

Architects love to use this tool, but the analysis is very complex, which is the point of NetWitness Network.

It's not the best, but it's good. The analytics is probably a ten but because it is complex, but overall, I would rate this solution an eight out of ten.