4.1 out of 5 (25 Ratings)

23 Verified Reviews

RSA NetWitness Logs and Packets

Tool has alot of great functionality, but documentation is beyond lacking.

The documentation for how to maintain the tool is lacking. Alot of answers need to be found through google rather than going to the product support site. The documentation on how to do something only goes into the basic where it is located within the tool, no examples. This makes every task daunting to start with, RSA seems to try and push for more PS engagement hours by not fully documenting how to maintain content on their tool. Even when I do talk to professional services I find that they have scattered documentation and alot of tribal knowledge for how to do basic things, like deploying parsers and customizing syslog output templates.

RSA NetWitness Logs and Packets

Great support and technical knowledgebase

From initiation to closing the support provided by the RSA sales, engineering and support teams was phenomenal. They are extremely responsive with regards to all inquiries from technical integration questions to questions on pricing and options. The level of support continued after the project was closed and moved into operations.

RSA NetWitness Logs and Packets

RSA management and engineering staff were

We've experienced a true partnership with the RSA Netwitness technical staff. Rolling the product out in a true multi-tenant environment was no easy task. RSA management and engineering staff were "all-in" in getting the product stood up and adapting to our specific needs. First class engineers willing to help solve problems making it a truly collaborative team effort.

RSA NetWitness Logs and Packets

Service is exceptional

SA engineers are very competent and responsive to customer issues

RSA NetWitness Logs and Packets

Powerful, Flexible, Friendly and yet affordable

Excellent support from Sales, TAC and Consulting team. Moreover the product very capable from SIEM perspective and scalable to advanced threat detection functionalities with little amount of extra investment

RSA NetWitness Logs and Packets, Other...

Advanced features with extended customization options available

Looking at the Organization requirements, security and non-security device integration was the primary goal, RSA NW has all of it which could address in that space covering the most. Packet analysis & regeneration through the flows has added extra capabilities for forensics which is what we exactly needed other than just the conventional log analysis.

RSA NetWitness Logs and Packets

Great SIEM with powerful capabilities

Very powerful tool but it requires a lot of work for implementation, posterior configuration and maintenance. Is extremelly useful for a security analyst but it could require a lot of effords in the administrators side. To take advantage of all posibilities you will need a team of dedicated people to maintain and getting the entire project straigh forward. RSA team are continuously working to aim clients necessities to improve the product.

RSA NetWitness Logs and Packets

Log-based analysis lacking, heavy focus on full packet capture.

Initially RSA was very supportive and accomodating, however, as we stretched the use of the logging portion of the product beyond their expectations it was discovered that they could not support our needs. RSA made every reasonable effort to accomodate us, but in the end we had to move to Splunk for the flexibility we needed.

RSA NetWitness Logs and Packets

Standing up an Incident Response Team, and new logging capabilities

It has been great working with this vendor. Great communication, and support.


RSA Authentication Manager - Expensive, but worth it!

Stable solution that has met all of our needs from a dual factor authentication perspective. A little pricey, but worth the money spent.