Loading product reviews...

security-information-event-management rsa-security All Markets > Security Information and Event Management

RSA, The Security Division of EMC

3.7 out of 5.0 (12 ratings)

Reviews Distribution

5 Stars
4 Stars
3 Stars
2 Stars
1 Star
We don't have any qualitative reviews for this vendor yet


View other vendors in this market
We have aggregated ratings data on RSA, The Security Division of EMC but all of our reviewers have opted out of sharing their qualitative review feedback. In certain cases we allow reviewers to withhold their qualitative review feedback from public view, in order to protect their confidentiality.
  • 5 out of 5.0, Reviewed

    Product(s): RSA Security Analytics

    Geared towards hunters. More complicated to operate, but also more powerful.

    Overall Comment

    We were leaning towards LogRhythm because we had in-house skills with that platform. We invited RSA to compete as a courtesy, really, since we have a strong EMC relationship. It suprised us all when Security Analytics whupped LogRhythm in pretty much every area, and they were very competitive on price. LogRhythm, like many of the players in this space, is like an iPhone - your get lots of shiny bells and whistles, but you can't really go outside the box they have defined for you. Security Analytics was like an Android phone in comparison - has basic features out of the box, but really comes alive when you start tweaking it to your liking. Very extendable, and even our CSIRT team, which used LogRhythm prior, appreciate the extendable parsing and alerting engines.

    What do you like most about the product or service?

    Built for hunting. Easily tunable and extendable. Fast. Packets engine is second-to-none, and brings another level of intelligence to the operation.

    What do you dislike most about the product?

    Not quite a fully-integrated solution. Their endpoint analysis tool, eCat, still runs independently, and has a separate management interface. But the data is accessible within the Security Analytics console for investigations. This should be fixed in the next major release.

    Product capabilities - overall comment

    While Security Analytics does the basic alerting and reports, the product is really built for hunting. If you are looking for something to give you shiny dashboards and lots of blinking lights, you might be better served with one of RSA's competitors. This is a tool for hunters, to enable them to identify and research anomalous behavior. It does well in log analysis, but really shines in packets. The ability to perform actions on emails that the Packets engine sees is game-changing. You don't need to have parsers for everything if you can just see another system's alert fly by on the wire, and act on that. The tool has also been refreshingly fast in searches, which is amazing given our volume of logs (millions a day), and packets (terabytes per day)

    Service & support - overall comment

    Security Analytics is a completely different beast than the prior Envision product from 3 years ago, and our local SE had to escalate a lot of questions to the engineering team back at RSA's headquarters. But RSA's commitment to us during the POC and initial implementation phases has been great.

    Integration & Deployment - Overall comment

    Since RSA had installed and configured the POC for us, there was little work for us to do to convert it to Production. Just moved the hardware from lab to datacenter, and re-IP'd it. RSA flew an engineer out to assist, and the solution was moved on Day 1 and we spent the rest of the week further tuning.


  • 5 out of 5.0, Reviewed

    Product(s): RSA Security Analytics

    Security Analytics is a highly customizable solution that blew me away

    Overall Comment

    After we go over the initial hurdles with implementation we discovered Security Analytics to be extremely full-featured and highly customizable. We were able to quickly get the return on investment, when we started having use cases and visibility into areas we were previously blinded to, and provided support to groups for troubleshooting major applications.

    What one piece of advice would you give other prospective customers?

    Take the time to understand the architecture of the application and how each of the data points work together. Look for unique ways to construct dash lets and views into data you care about.

    What do you like most about the product or service?

    The customization and control of the data is great! Blew away other similar products. Netwitness is still the 800 lb gorilla in this space. Nothing else compares.

    What do you dislike most about the product?

    Reporting still has some room to grow.

    What one thing do you wish the vendor did differently?

    Initial training was a bit rough but once getting through it everything was awesome!

    Product capabilities - overall comment

    Very functional and very customizable!


  • 4 out of 5.0, Reviewed

    Product(s): RSA Security Analytics

    Solid choice for PCAP Analytics

    Overall Comment

    A conservative choice for PCAP at the border with a solid user community and road support. Good analytics and reliable capture. Very expensive to get enough storage to meet retention needs for large enterprises though, and writing rules can require very specialized skills.

    What one thing do you wish the vendor did differently?

    Tiered storage to help manage retention costs.

    Service & support - overall comment

    RSA provides good support if you ask them the right questions, but they aren't proactive.


  • 2 out of 5.0, Reviewed

    Product(s): RSA Security Analytics

    RSA Security Analytics in name only.

    Overall Comment

    Released prematurely while not focusing well on log collection.

    What one piece of advice would you give other prospective customers?

    Wait until the product is more mature.

    What do you like most about the product or service?

    Potential of the integration of Esper and data warehouse with the product is intriguing.

    What do you dislike most about the product?

    Released too soon, with too many bugs and features/functionality missing.

    What one thing do you wish the vendor did differently?

    Wait to release a more stable product.

    If you could start over, what would your organization do differently?

    Ensure the product is more mature and company has a history of hitting deadlines.

    Service & support - overall comment

    Support wasn't fully trained on product.


  • 4 out of 5.0, Reviewed

    Product(s): RSA Security Analytics

    Flashy for execs, but not for the day to day engineer.

    Overall Comment

    It was hard for every day engineers to use.

    If you could start over, what would your organization do differently?

    Look more at the operational needs

    Product capabilities - overall comment

    Good for analytics, and we tried to use for everyday use.

    Service & support - overall comment

    N/A

    Integration & Deployment - Overall comment

    Configuration was easy, but the integration was a long process


  • 5 out of 5.0, Reviewed

    Product(s): RSA Security Analytics

    Took longer to implement than originally thought

    Overall Comment

    The local RSA engineer spent a lot of time with my team and help get past a number of implementation hurdles

    What one piece of advice would you give other prospective customers?

    Choosing to go with a managed service to manage our SIEM allowed us to implement RSA's product much faster than we could ever do it ourselves. I highly recommend a managed solution for this type of solution.

    What do you like most about the product or service?

    RSA's Security Analytics is able to collect network data and correlelate that into the log feeds.

    What do you dislike most about the product?

    User interface is a bit ugly

    What one thing do you wish the vendor did differently?

    Vendor (RSA) was really good to work with so no changes wished for here.

    If you could start over, what would your organization do differently?

    Would not change anything


  • 3 out of 5.0, Reviewed

    Product(s): Other...

    It can be a great tool, just needs to be heavily customized and support needs to be readily available

    Overall Comment

    The application is great, just requires much customization. the vendor needs to do a much better job representing the product.

    What one piece of advice would you give other prospective customers?

    Dont listen to the salesman and do your research

    What do you like most about the product or service?

    Very adaptable to what you want, but it takes time and a lot of effort.

    What do you dislike most about the product?

    N/A

    What one thing do you wish the vendor did differently?

    Provide better engineers to make the application perform better quicker.

    If you could start over, what would your organization do differently?

    do more indepth research on the product from an out of box perspective

    Service & support - overall comment

    It tooks weeks to get advanced support for final implementation, which shouldn't have taken more than 24 hours.

    Integration & Deployment - Overall comment

    We were able to deploy Archer within 4 months, but now we have to customize the product to the way we need it.


  • 3 out of 5.0, Reviewed

    Product(s): RSA Security Analytics

    Have a better understanding to the USMC security requirements.

    Overall Comment

    N/a

    What one piece of advice would you give other prospective customers?

    Monster tool. Take your time to know the product.

    What do you like most about the product or service?

    Easy navigation and user friendly

    What do you dislike most about the product?

    N/A

    What one thing do you wish the vendor did differently?

    N/A

    If you could start over, what would your organization do differently?

    Give ourselves more time to implement.

    Service & support - overall comment

    Product vendor onsight

    Integration & Deployment - Overall comment

    Have a better understanding to the USMC security requirements.


  • 4 out of 5.0, Reviewed

    Product(s): RSA Adaptive Authentication

    Something good to look into.

    Overall Comment

    Still evaluating and getting used to using it.

    What one piece of advice would you give other prospective customers?

    Make sure to include all stakeholders.

    What do you like most about the product or service?

    Gets rid or certs in the future.

    What do you dislike most about the product?

    Still early.

    What one thing do you wish the vendor did differently?

    Make sure a roadmap is available.

    If you could start over, what would your organization do differently?

    Include stakeholders more.

    Product capabilities - overall comment

    Still learning the product

    Integration & Deployment - Overall comment

    Involved very little


  • 2 out of 5.0, Reviewed

    Product(s): Other...

    Needs work.

    Overall Comment

    The product does what is intended but the support and implementation has been a difficult process.

    What one piece of advice would you give other prospective customers?

    Understand the product and its capabilites.

    What do you like most about the product or service?

    The interactive control panel.

    What do you dislike most about the product?

    Installment on endpoints.

    What one thing do you wish the vendor did differently?

    Communicated better with its clients.

    If you could start over, what would your organization do differently?

    Be better aware of the capabilites of the product.


Show More Reviews

Ratings Overview

1 2 3 4 5
Section
1

Evaluation & Contracting

Overall rating of product evaluation and contract negotiation

(9)
3.9

Ability to understand your organization's needs

(10)
4.0

Timely and complete response to product questions

(9)
3.3

Pricing and contract flexibility (pricing and terms)

(8)
3.6
1 2 3 4 5
Section
1

Integration & Deployment

Overall rating of integration and deployment

(11)
3.7

How long did your deployment take?

3 - 6 months (<6)

0 - 3 months (<3)

12 months or more

6 - 9 months (<9)

3-6 months


Availability of quality 3rd-party resources (integrators, service providers, etc.)

(7)
3.3

Ease of integration using standard APIs and tools

(8)
3.4

Quality and availability of end-user training

(11)
3.4

Ease of deployment

(10)
3.3
1 2 3 4 5
Section
1

Service & Support

Overall rating of service and support

(10)
3.5

Did you purchase a support package from vendor?

Yes


Timeliness of vendor's response

(9)
3.6

Quality of technical support

(10)
3.8

Quality of peer user community

(5)
3.0
1 2 3 4 5
Section
1

Product Capabilities

Overall rating of product capabilities

(11)
4.0

Real-Time Monitoring

(9)
4.1

Threat Intelligence

(7)
3.9

Behavior Profiling

(7)
3.7

Data and User Monitoring

(9)
4.0

Application Monitoring

(8)
3.5

Analytics

(8)
4.5

Log Management and Reporting

(9)
4.4

Deployment/Support Simplicity

(8)
3.4
1 2 3 4 5
Section
1

Additional Context

What was the nature of your involvement?

Vendor/Product Selection

Executive Sponsor

Application Lead

Maintenance and Support

Rollout and Install

Technical Assessment

Vendor Management

Development/Integration

User Training

Other...


Why did you purchase a Security Information Event Management solution?

Enable/improve security event alerting, investigation

Enable/improve log collection, reporting and retention capabilities

Enable/improve behavioral analysis of users and other entities

Enable/improve tracking access to and activities related to databases, applications

Meet regulatory or commercial compliance requirements

Meet customer or business partner expectations about your security monitoring program

Enable/improve security incident workflow and reporting

Enable/improve security incident workflow and reporting

Reduce costs for threat management operations


What other vendors were considered? Multiple responses allowed.

LogRhythm

IBM

Intel Security (McAfee)

SolarWinds

Splunk

AlienVault

Hewlett Packard Enterprise

NetIQ

RSA, The Security Division of EMC

Security Onion

Other...


What were the key factors that drove your decision for selecting the vendor?

Product functionality and performance

Product roadmap and future vision

Pre-existing relationships

Strong technical/product support

Availability of managed services

Strong customer focus

Financial/organizational viability

Overall cost

Strong consulting partnership

Strong user community

Other...


In which region(s) did your deployment take place? Multiple responses allowed.

North Amerca

North America

APAC

EMEA

Latin America