Loading product reviews...

security-information-event-management dell-rsa All Markets > Security Information and Event Management

Dell (RSA)

3.8 out of 5.0 (16 ratings)

Reviews Distribution

5 Stars
4 Stars
3 Stars
2 Stars
1 Star
We don't have any qualitative reviews for this vendor yet


View other vendors in this market
We have aggregated ratings data on Dell (RSA) but all of our reviewers have opted out of sharing their qualitative review feedback. In certain cases we allow reviewers to withhold their qualitative review feedback from public view, in order to protect their confidentiality.
  • 4 out of 5.0, Reviewed

    Product(s): RSA Security Analytics

    Powerful tool that requires decent level of customization to be valuable.

    Overall Comment

    Account and support teams are very responsive and adaptable to arising issues. Product development has been traditionally slow, but still steady. Platform upgrades tend to be rocky.

    What one piece of advice would you give other prospective customers?

    Expect a fairly pricey TCO for the hardware, licensing, training and ongoing support.

    What do you like most about the product or service?

    The complete visibility into network traffic, and automated analysis and alerting on anomalies.

    What do you dislike most about the product?

    Overall costs.

    What one thing do you wish the vendor did differently?

    Sped up the development and improvement of enterprise-grade features (backups & restores, high-availability capability, upgrade process and integration with other tools)

    If you could start over, what would your organization do differently?

    Plan for 100% coverage of sites to get a complete picture of the targeted traffic, as well as redundancy.


  • 3 out of 5.0, Reviewed

    Product(s): RSA Adaptive Authentication

    Requires new features

    Overall Comment

    Still progressive

    What one piece of advice would you give other prospective customers?

    Analyse the use cases

    What do you like most about the product or service?

    Established vendor and service

    If you could start over, what would your organization do differently?

    Different use cases and requirements


  • 4 out of 5.0, Reviewed

    Product(s): RSA Security Analytics

    Implementation was very complex but the vendor was on field from the beginning

    Overall Comment

    The vendor give us all the support we nedeed

    What one piece of advice would you give other prospective customers?

    consider the real amount of storage you need

    What do you like most about the product or service?

    The presale technical support

    What do you dislike most about the product?

    first level of customer support

    What one thing do you wish the vendor did differently?

    the license program

    If you could start over, what would your organization do differently?

    nothing


  • 5 out of 5.0, Reviewed

    Product(s): RSA Security Analytics

    Geared towards hunters. More complicated to operate, but also more powerful.

    Overall Comment

    We were leaning towards LogRhythm because we had in-house skills with that platform. We invited RSA to compete as a courtesy, really, since we have a strong EMC relationship. It suprised us all when Security Analytics whupped LogRhythm in pretty much every area, and they were very competitive on price. LogRhythm, like many of the players in this space, is like an iPhone - your get lots of shiny bells and whistles, but you can't really go outside the box they have defined for you. Security Analytics was like an Android phone in comparison - has basic features out of the box, but really comes alive when you start tweaking it to your liking. Very extendable, and even our CSIRT team, which used LogRhythm prior, appreciate the extendable parsing and alerting engines.

    What do you like most about the product or service?

    Built for hunting. Easily tunable and extendable. Fast. Packets engine is second-to-none, and brings another level of intelligence to the operation.

    What do you dislike most about the product?

    Not quite a fully-integrated solution. Their endpoint analysis tool, eCat, still runs independently, and has a separate management interface. But the data is accessible within the Security Analytics console for investigations. This should be fixed in the next major release.

    Product capabilities - overall comment

    While Security Analytics does the basic alerting and reports, the product is really built for hunting. If you are looking for something to give you shiny dashboards and lots of blinking lights, you might be better served with one of RSA's competitors. This is a tool for hunters, to enable them to identify and research anomalous behavior. It does well in log analysis, but really shines in packets. The ability to perform actions on emails that the Packets engine sees is game-changing. You don't need to have parsers for everything if you can just see another system's alert fly by on the wire, and act on that. The tool has also been refreshingly fast in searches, which is amazing given our volume of logs (millions a day), and packets (terabytes per day)

    Service & support - overall comment

    Security Analytics is a completely different beast than the prior Envision product from 3 years ago, and our local SE had to escalate a lot of questions to the engineering team back at RSA's headquarters. But RSA's commitment to us during the POC and initial implementation phases has been great.

    Integration & Deployment - Overall comment

    Since RSA had installed and configured the POC for us, there was little work for us to do to convert it to Production. Just moved the hardware from lab to datacenter, and re-IP'd it. RSA flew an engineer out to assist, and the solution was moved on Day 1 and we spent the rest of the week further tuning.


  • 5 out of 5.0, Reviewed

    Product(s): RSA Security Analytics

    Security Analytics is a highly customizable solution that blew me away

    Overall Comment

    After we go over the initial hurdles with implementation we discovered Security Analytics to be extremely full-featured and highly customizable. We were able to quickly get the return on investment, when we started having use cases and visibility into areas we were previously blinded to, and provided support to groups for troubleshooting major applications.

    What one piece of advice would you give other prospective customers?

    Take the time to understand the architecture of the application and how each of the data points work together. Look for unique ways to construct dash lets and views into data you care about.

    What do you like most about the product or service?

    The customization and control of the data is great! Blew away other similar products. Netwitness is still the 800 lb gorilla in this space. Nothing else compares.

    What do you dislike most about the product?

    Reporting still has some room to grow.

    What one thing do you wish the vendor did differently?

    Initial training was a bit rough but once getting through it everything was awesome!

    Product capabilities - overall comment

    Very functional and very customizable!


  • 4 out of 5.0, Reviewed

    Product(s): RSA Security Analytics

    Solid choice for PCAP Analytics

    Overall Comment

    A conservative choice for PCAP at the border with a solid user community and road support. Good analytics and reliable capture. Very expensive to get enough storage to meet retention needs for large enterprises though, and writing rules can require very specialized skills.

    What one thing do you wish the vendor did differently?

    Tiered storage to help manage retention costs.

    Service & support - overall comment

    RSA provides good support if you ask them the right questions, but they aren't proactive.


  • 2 out of 5.0, Reviewed

    Product(s): RSA Security Analytics

    RSA Security Analytics in name only.

    Overall Comment

    Released prematurely while not focusing well on log collection.

    What one piece of advice would you give other prospective customers?

    Wait until the product is more mature.

    What do you like most about the product or service?

    Potential of the integration of Esper and data warehouse with the product is intriguing.

    What do you dislike most about the product?

    Released too soon, with too many bugs and features/functionality missing.

    What one thing do you wish the vendor did differently?

    Wait to release a more stable product.

    If you could start over, what would your organization do differently?

    Ensure the product is more mature and company has a history of hitting deadlines.

    Service & support - overall comment

    Support wasn't fully trained on product.


  • 4 out of 5.0, Reviewed

    Product(s): RSA Security Analytics

    Flashy for execs, but not for the day to day engineer.

    Overall Comment

    It was hard for every day engineers to use.

    If you could start over, what would your organization do differently?

    Look more at the operational needs

    Product capabilities - overall comment

    Good for analytics, and we tried to use for everyday use.

    Service & support - overall comment

    N/A

    Integration & Deployment - Overall comment

    Configuration was easy, but the integration was a long process


  • 5 out of 5.0, Reviewed

    Product(s): RSA Security Analytics

    Took longer to implement than originally thought

    Overall Comment

    The local RSA engineer spent a lot of time with my team and help get past a number of implementation hurdles

    What one piece of advice would you give other prospective customers?

    Choosing to go with a managed service to manage our SIEM allowed us to implement RSA's product much faster than we could ever do it ourselves. I highly recommend a managed solution for this type of solution.

    What do you like most about the product or service?

    RSA's Security Analytics is able to collect network data and correlelate that into the log feeds.

    What do you dislike most about the product?

    User interface is a bit ugly

    What one thing do you wish the vendor did differently?

    Vendor (RSA) was really good to work with so no changes wished for here.

    If you could start over, what would your organization do differently?

    Would not change anything


  • 3 out of 5.0, Reviewed

    Product(s): Other...

    It can be a great tool, just needs to be heavily customized and support needs to be readily available

    Overall Comment

    The application is great, just requires much customization. the vendor needs to do a much better job representing the product.

    What one piece of advice would you give other prospective customers?

    Dont listen to the salesman and do your research

    What do you like most about the product or service?

    Very adaptable to what you want, but it takes time and a lot of effort.

    What do you dislike most about the product?

    N/A

    What one thing do you wish the vendor did differently?

    Provide better engineers to make the application perform better quicker.

    If you could start over, what would your organization do differently?

    do more indepth research on the product from an out of box perspective

    Service & support - overall comment

    It tooks weeks to get advanced support for final implementation, which shouldn't have taken more than 24 hours.

    Integration & Deployment - Overall comment

    We were able to deploy Archer within 4 months, but now we have to customize the product to the way we need it.


Show More Reviews

Ratings Overview

1 2 3 4 5
Section
1

Evaluation & Contracting

Overall rating of product evaluation and contract negotiation

(12)
3.8

Ability to understand your organization's needs

(14)
4.1

Timely and complete response to product questions

(13)
3.5

Pricing and contract flexibility (pricing and terms)

(11)
3.5
1 2 3 4 5
Section
1

Integration & Deployment

Overall rating of integration and deployment

(15)
3.8

How long did your deployment take?

3 - 6 months (<6)

0 - 3 months (<3)

12 months or more

6 - 9 months (<9)

3-6 months

9 - 12 months (<12)

I don't know


Availability of quality 3rd-party resources (integrators, service providers, etc.)

(11)
3.5

Ease of integration using standard APIs and tools

(12)
3.5

Quality and availability of end-user training

(15)
3.4

Ease of deployment

(13)
3.2
1 2 3 4 5
Section
1

Service & Support

Overall rating of service and support

(14)
3.6

Did you purchase a support package from the vendor?

Yes

No


Timeliness of vendor's response

(13)
3.7

Quality of technical support

(14)
3.8

Quality of peer user community

(7)
3.1
1 2 3 4 5
Section
1

Product Capabilities

Overall rating of product capabilities

(15)
3.9

Real-Time Monitoring

(12)
4.2

Threat Intelligence

(10)
4.0

Behavior Profiling

(11)
3.6

Data and User Monitoring

(13)
3.8

Application Monitoring

(12)
3.5

Analytics

(12)
4.3

Log Management and Reporting

(12)
4.2

Deployment/Support Simplicity

(12)
3.3
1 2 3 4 5
Section
1

Additional Context

What was the nature of your involvement?

Vendor/Product Selection

Rollout and Install

Technical Assessment

Application Lead

Executive Sponsor

Maintenance and Support

Vendor Management

Development/Integration

User Training

Other...


Why did you purchase a Security Information Event Management solution?

Enable/improve security event alerting, investigation

Enable/improve log collection, reporting and retention capabilities

Enable/improve behavioral analysis of users and other entities

Meet regulatory or commercial compliance requirements

Enable/improve tracking access to and activities related to databases, applications

Meet customer or business partner expectations about your security monitoring program

Enable/improve security incident workflow and reporting

Enable/improve security incident workflow and reporting

Reduce costs for threat management operations


What other vendors were considered?

LogRhythm

IBM

Intel Security (McAfee)

Splunk

Hewlett Packard Enterprise

SolarWinds

AlienVault

CyberArk

Fortinet

NetIQ

RSA, The Security Division of EMC

Security Onion

Symantec

TIBCO Software

Other...


What were the key factors that drove your decision for selecting the vendor?

Product functionality and performance

Product roadmap and future vision

Pre-existing relationships

Strong technical/product support

Strong customer focus

Availability of managed services

Overall cost

Financial/organizational viability

Strong consulting partnership

Strong user community

Other...


In which region(s) did your deployment take place?

North America

Europe, Middle East and Africa

Latin America

North Amerca

APAC

EMEA