We just raised a $30M Series A: Read our story

What advice do you have for others considering RSA NetWitness Endpoint?


If you were talking to someone whose organization is considering RSA NetWitness Endpoint, what would you say?

How would you rate it and why? Any other tips or advice?

ITCS user
44 Answers

author avatar
Top 5Real User

This is a product that I recommend. My advice for anybody who is implementing it is to make sure that they have somebody who understands it very well. Having somebody who will configure it properly is the right way to have it generate the output that you want. Also, you have to make sure that all of the endpoints are up to date. They have to be online all of the time so that you're able to have visibility on any compromises that may happen. If an endpoint is instead offline, it becomes difficult to investigate or to monitor compromises or malware. I would also suggest deploying a virtual environment. By doing so, it can be cloud-based, and what you need to do is called Event Source Onboarding. This is the process whereby you are providing the consultant with the events that you want to collect data from. In my opinion, this is the best platform, world-wide, and I am happy with it. I would rate this solution a ten out of ten.

author avatar
Top 10Real User

We use the on-premises deployment model. The contamination should be improved. If a new user needs better contamination capabilities, they should use something else. I'd rate the solution seven out of ten. If it offered better triaging of incidents, I'd rate it higher.

author avatar
Top 5Real User

My advice would be to go for it! It's a good solution and you will always have visibility over suspicious compromisers. It's an interesting solution that is very easy to deploy and you won't know there is this endpoint solution in your environment until someone tells you so. I rate this solution a ten out of ten.

author avatar
Real User

I would highly recommend the solution. Just go ahead and get it. It is the best you can get. We chose a solution of RSA endpoint protection because of the value proposition they offered. It became clear that they have the right solution for a serious enterprise and the security operation center (SOC), and they offered the right value. It meets our major requirements and gives you peace of mind.

Find out what your peers are saying about RSA, Carbon Black, CrowdStrike and others in Endpoint Protection for Business (EPP). Updated: October 2021.
541,108 professionals have used our research since 2012.