RSA NetWitness Logs and Packets (RSA SIEM) Reviews

Filter by:Reset all filters
industry
Filter Unavailable
Company Size
Filter Unavailable
Job Level
Filter Unavailable
rating
Filter Unavailable
reviewer619134
Real User
Direct Sales Director at a tech services company with 501-1,000 employees
May 11 2017

What is most valuable?

Full packet capture: A must in an SOC Possibility to investigate incidents based on logs and raw packets, such as... more»

How has it helped my organization?

We can monitor all traffic to/from our company. It is possible to track end user behaviour. With RSA NetWitness... more»

What needs improvement?

Integration with external tools should be built-in, such as an external sandbox for files. We can import data using... more»

What's my experience with pricing, setup cost, and licensing?

Prepare use cases, i.e., what to do and how. Collect information about EPS for logs and total bandwidth for packets.... more»

Which solutions did we use previously?

For full packet capture, we had Blue Coat Security Analytics. We switched because in NetWitness, we have everything... more»

What other advice do I have?

* Don’t rush. Prepare use cases for packets and logs as it is a very important part of deployment and future use. * Use... more»
muntaser bdair
Real User
Founder & CEO at a tech services company with 11-50 employees
May 24 2017

What is most valuable?

RSA NetWitness is a SIEM and real-time network traffic solution. It collects logs/packets and applies a set of alerting, reporting and analysis... more»

How has it helped my organization?

As mentioned elsewhere, this product provides full visibility for the activities in the networks and systems. For example, it provides detection... more»

What needs improvement?

* Out-of-the-box alerts and investigation rules * Health monitoring of the event sources and devices * Threat intelligence for data accuracy

What's my experience with pricing, setup cost, and licensing?

The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs).

What other advice do I have?

The only thing I advise others is to spend enough time for fine-tuning and the initial rule development. You should also develop a plan for the... more»
Find out what your peers are saying about RSA, Splunk, IBM and others in Security Information and Event Management (SIEM).
301,499 professionals have used our research since 2012.
Elias Lefate Tebele
Consultant
ACD - Level 3 Analyst at a tech services company with 10,001+ employees
Aug 28 2017

What is most valuable?

* Packet Solution: Allows analyst proactive hunting and alerting on daily sophisticated APTs. * Broker service:... more»

How has it helped my organization?

Reliable in terms of no data loss. Plays a huge role in device health checks (Event Source Monitor). Provides FSEs... more»

What needs improvement?

Advance monitoring and alerting feature is not stable (Event Stream Analysis). Does not allow certain use cases running... more»

What's my experience with pricing, setup cost, and licensing?

RSA licensing ranges per core devices and services. An additional Designated Support Engineer can be acquired at quite... more»

Which solutions did we use previously?

None in production other than RSA. However, I will be using IBM QRadar towards the end of this year.

What other advice do I have?

Either operating this solution in-house or reselling. First, outline all your data sources. Give more priority to the... more»
Maor Hojberg
Real User
Team Leader & Head of MSSP with 51-200 employees
Nov 07 2018

What do you think of RSA NetWitness Logs and Packets (RSA SIEM)?

What is our primary use case?: We use it as a network tool to alert any anomalies on the network. • What is most valuable?: It gives the ability to investigate into network traffic in the Net and the organization what we couldn't do before. • For how long have I used the solution?: One to three years. • What do I think about the stability of the solution?: The product continues to crash. Even with tech support help, it does not resolve itself. • How is customer service and technical support?: Yes, we have had extensive use of tech support and they have not been as helpful as we would have liked. We had the crashing issue, and we had special sessions with tech support. The UAE representative and the IR response team were both on our site, and they could not understand...

Articles

User Assessments By Topic About RSA NetWitness Logs and Packets (RSA SIEM)

Find out what your peers are saying about RSA, Splunk, IBM and others in Security Information and Event Management (SIEM).
301,499 professionals have used our research since 2012.

RSA NetWitness Logs and Packets (RSA SIEM) Questions

RSA NetWitness Logs and Packets (RSA SIEM) Projects By Members

RSA NetWitness Logs and Packets (RSA SIEM) Consultants

What is RSA NetWitness Logs and Packets (RSA SIEM)?

If you’re relying on log data to detect and prevent cyber threats, you’re in trouble. Attackers increasingly evade detection of log-centric security and network monitoring tools. But logs combined with full packet, endpoint NetFlow data are proven to provide the essential details for early threat detection. Here’s a closer look at our solution.

Also known as
RSA Security Analytics
RSA NetWitness Logs and Packets (RSA SIEM) customers

Los Angeles World Airports, Reply

BUYER'S GUIDE
Not sure which Security Information and Event Management (SIEM) solution is right for you?

Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about RSA, Splunk, IBM, and more!

Sign Up with Email