4.1 out of 5 (46 Ratings)

44 Verified Reviews

RSA NetWitness Logs and Packets

User level review

Though I am just a user of the program, the installation and implementation process has been grueling. It rarely works and seems to have visibility holes.

RSA NetWitness Logs and Packets

RSA should be better

Much of the issues are the inability to find traffic at specific times. Engineers have been working with RSA techs for last 2 months, with very little improvement seen.

RSA NetWitness Logs and Packets

Great overall product that combines both log and packet, to give much greater insight

Great customer focused team that goes out of their way to help us at every turn.

RSA NetWitness Logs and Packets

Good product for proactive response

Good SIEM tool with excellent active hunting capibilities if using both logs and packets. Fairly complicated operations so requires a large amount of training before being able to run alone with limited resources.

RSA NetWitness Logs and Packets

The people standing behind their products are the basis for why we chose them over others

Fantastic support in all regards from all levels of the organization. Customer engagement and focus to enable and empower our own organizational success above and beyond what is seen with similar but perhaps larger organizations in a similar vertical remains the highlight of the relationship with RSA. Product maturity is perpetually increasing and provides a stable platform for a maturing SOC with plenty of potential for future continuous improvement.

RSA NetWitness Logs and Packets

Product has evolved with more functionalities and it gets easier to implement.

Netwitness/Security Analytics has many moving components, to get to accurate, complete traffic flows, we often has to examine where we want to span/tap the network segment. We have been using this product for over 8 years, we have see the implementation getting easier.

RSA NetWitness Logs and Packets

Easy to use and good dashboards

PNB was looking to integrate all devices along with critical business applications for the security monitoring purpose. We were looking for a platform which can provide visibility through different data sources like logs, packets, and endpoints. RSA Netwitness platform provides us the capabilities to have comprehensive visibility by capturing log, packets, and endpoint. we have started with logs and looking to integrate packets also with SOC for better visibility and IR capabilities. RSA Netwintess platform allows flexibility to start with logs and add the packet and endpoint capabilities as we mature towards our journey for building an advanced SOC.

Other...

RSA Archer v6 is a vast improvement over v4

RSA Archer seemed to have it together for the product

RSA NetWitness Logs and Packets

Admin-friendly SIEM... but a minimum training and guidance is mandatory.

As other SIEM, it's not a plug and play tool. But with some training and guidance, it's a relatively easy tool to master. There's some helpful free online trainings. Friendly GUI. Support team is very competent and they always try hard to help you. Nice work people!

RSA NetWitness Logs and Packets

RSA worked through any and all problems that came up during Implementation

RSA was on-site several weeks off and on for the POC and then came in to help implement. RSA was professional and courteous, they were also respectful of our time.