Loading product reviews...
3.0 out of 5.0 (6 ratings)

Reviews Distribution

5 Stars
4 Stars
3 Stars
2 Stars
1 Star
We don't have any qualitative reviews for this vendor yet


View other vendors in this market
We have aggregated ratings data on NetIQ but all of our reviewers have opted out of sharing their qualitative review feedback. In certain cases we allow reviewers to withhold their qualitative review feedback from public view, in order to protect their confidentiality.
  • 5 out of 5.0, Reviewed

    Product(s): Sentinel

    Implementation's an easy soft-appliance;connects large variety of sources; great analytics

    Overall Comment

    Scales extremely well under heay-load scenarios without affecting search performance. Excellent integration with AD or an Identity Management solution's feed to map permutations of usernames across disparate systems such that they all roll-up as the same logical user's activity, "Advisor" service maps Vulnerability Scan data to IPS/IDS alerts so that you know even if the attack had been allowed if it would have been successful or not. Our team aggressively applies upgrades as they release -- with major releases containing enhancements generally occuring twice a year -- so that we constantly deliver new value on existing investment.

    What one piece of advice would you give other prospective customers?

    Consider purchasing high-IOPS SSD or Flash storage for the smaller "primary" partition vs commodity storage for your much larger "secondary" storage, as defined in Sentinel. The primary partition is generally where 90% of your searches are hitting, as well as all of the new event streams are initially rolling in, as well as all of the dashboard, anomaly detection, and correlations are churning against.

    What do you like most about the product or service?

    - High-quality software that is very stable. - Flexibility to choose to go agentless or agent-based on variety of monitored platforms, including NetFlow. - Very easy query syntax based on Apache Lucene - Alerting based on Anomaly detection (trend deviations) and Correlation rules (known thresholds)

    What do you dislike most about the product?

    Most of the administration is performed through a Web console, but some of it must be done through a Java applet console. Fortunately, they've been slowly migrating aspects of the Java applet console to the Web Console in recent releases. All aspects of that Java console should be replaced within the next couple major releases.

    What one thing do you wish the vendor did differently?

    Improve marketing and self-promotion. Seems to be their only weakness compared to the players currently leading them in the Gartner MQ.

    If you could start over, what would your organization do differently?

    Nothing comes to mind.

    Product capabilities - overall comment

    UI is intuitive and easy to pick up on,

    Service & support - overall comment

    NetIQ engages us regularly -- from the support organization to the actual Product Manager over Sentinel. We provide constant feedback on desired enhancements and many of them show up in the next iterations of the product. Support issues are agressively pursued and always lead to resolution (whether that's educating us on self-corrective action or providing bugfixes).

    Integration & Deployment - Overall comment

    Deployment is painless and with so many event sources being able to be connected in an agentless fashion, integration is as simple as it gets for most of our platforms.


  • 1 out of 5.0, Reviewed

    Product(s): Sentinel

    Find another option

    Overall Comment

    Overall support is lacking with NetIQ. Lack of knowledgeable partners. Not easy to configure and administer.

    What one piece of advice would you give other prospective customers?

    Find a good vendor to help with implementation and support. NetIQ will not suffice.

    What do you like most about the product or service?

    Integration with NetIQ IDM solution

    What do you dislike most about the product?

    Most everything.

    What one thing do you wish the vendor did differently?

    Not buy the software.

    If you could start over, what would your organization do differently?

    Chose a different product. We only chose this because it integrated with our NetIQ IDM deployment. We are now only using it to forward to HP ArcSight our IDM security events.


  • 3 out of 5.0, Reviewed

    Product(s): NetIQ Secure Configuration Manager

    Tool would have been more useful if it were more user friendly.

    Overall Comment

    Tool was not easy to configure for end user.

    What one piece of advice would you give other prospective customers?

    Attend or set training upon install

    What do you like most about the product or service?

    Ease of Deployment

    What do you dislike most about the product?

    Not end user friendly

    What one thing do you wish the vendor did differently?

    Crash course upon install

    If you could start over, what would your organization do differently?

    Training class

    Service & support - overall comment

    Good customer service, but were not able to fix issue.

    Integration & Deployment - Overall comment

    Easy to deploy on windows platform. Had major issues on Linux and Unix systems.


  • 2 out of 5.0, Reviewed

    Product(s): Sentinel

    Product did not meet our needs

    Overall Comment

    N/a

    What one piece of advice would you give other prospective customers?

    Avoid this product

    What do you like most about the product or service?

    N/a

    What do you dislike most about the product?

    It was not enterprise class and did not meet our needs

    What one thing do you wish the vendor did differently?

    N/a

    If you could start over, what would your organization do differently?

    The product was not enterprise class and could not keep up with the feeds and queries on the system

    Product capabilities - overall comment

    Product did not meet needs and would break frequently

    Service & support - overall comment

    Cases were constantly escalated and in some casesw took weeks to resolve

    Integration & Deployment - Overall comment

    N/a


  • 3 out of 5.0, Reviewed

    Product(s): NetIQ Security Manager

    Test out prior to purchase

    Overall Comment

    Ok

    What one piece of advice would you give other prospective customers?

    Always consider your environment and ensure application can meet all requirements

    What do you like most about the product or service?

    Reporting feature

    What do you dislike most about the product?

    Inability to remove clients from software

    What one thing do you wish the vendor did differently?

    Flexible schedule, one dedicated support technician

    If you could start over, what would your organization do differently?

    Test out prior to purchase


  • 4 out of 5.0, Reviewed

    Product(s): Sentinel Log manager

    The product was what we need for our necesity

    Overall Comment

    Very good

    What one piece of advice would you give other prospective customers?

    Carefully identify their needs before product selection

    What do you like most about the product or service?

    It's simplicity

    What do you dislike most about the product?

    It isn't local support

    What one thing do you wish the vendor did differently?

    To provide local support

    If you could start over, what would your organization do differently?

    No, we would follow the same strategy


Ratings Overview

1 2 3 4 5
Section
1

Evaluation & Contracting

Overall rating of product evaluation and contract negotiation

(4)
3.3

Ability to understand your organization's needs

(3)
3.3

Timely and complete response to product questions

(5)
3.4

Pricing and contract flexibility (pricing and terms)

(3)
3.3
1 2 3 4 5
Section
1

Integration & Deployment

Overall rating of integration and deployment

(6)
3.3

How long did your deployment take?

0 - 3 months (<3)

12 months or more

3 - 6 months (<6)


Availability of quality 3rd-party resources (integrators, service providers, etc.)

(4)
2.5

Ease of integration using standard APIs and tools

(5)
3.6

Quality and availability of end-user training

(6)
2.8

Ease of deployment

(6)
3.3
1 2 3 4 5
Section
1

Service & Support

Overall rating of service and support

(6)
3.2

Did you purchase a support package from vendor?

Yes


Timeliness of vendor's response

(6)
3.0

Quality of technical support

(6)
2.7

Quality of peer user community

(5)
2.8
1 2 3 4 5
Section
1

Product Capabilities

Overall rating of product capabilities

(6)
3.2

Real-Time Monitoring

(6)
3.5

Threat Intelligence

(6)
2.8

Behavior Profiling

(6)
2.8

Data and User Monitoring

(6)
3.5

Application Monitoring

(4)
3.0

Analytics

(6)
3.2

Log Management and Reporting

(6)
3.3

Deployment/Support Simplicity

(6)
3.0
1 2 3 4 5
Section
1

Additional Context

What was the nature of your involvement?

Application Lead

Functional Assessment

Maintenance and Support

Vendor/Product Selection

Technical Assessment


Why did you purchase a Security Information Event Management solution?

Enable/improve security event alerting, investigation

Enable/improve log collection, reporting and retention capabilities

Meet regulatory or commercial compliance requirements

Enable/improve tracking access to and activities related to databases, applications

Reduce costs for meeting compliance mandates

Enable/improve behavioral analysis of users and other entities

Enable/improve security incident workflow and reporting

Meet customer or business partner expectations about your security monitoring program


What other vendors were considered? Multiple responses allowed.

Hewlett Packard Enterprise

Splunk

IBM

SolarWinds

LogStorm Security (dba BlackStratus)


What were the key factors that drove your decision for selecting the vendor?

Pre-existing relationships

Product roadmap and future vision

Strong customer focus

Overall cost

Product functionality and performance

Strong technical/product support


In which region(s) did your deployment take place? Multiple responses allowed.

North America