We performed a comparison between Fortinet FortiSandbox and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Advanced Threat Protection (ATP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Compared to other solutions, it's easy to configure and implement because of the templates. The timing of scanning files is faster."
"What I find most valuable, is that it is easy to use."
"Performance is a valuable feature."
"FortiSandbox analyzes the behavior of processes in a sandbox environment, which is useful for threat hunting. The solution has an excellent standard configuration, and you can prioritize the types of files of VMs you want to analyze. It also integrates seamlessly with other Fortinet solutions, like FortiGate, FortiMail, and FortiEMS."
"You have access to a report as to what behaviors the example file entered in the registry."
"The most valuable features for me when it comes to Fortinet FortiSandbox are the integrity of the Sandbox and the power of the analyzing tool of the solution."
"Fortinet FortiSandbox is scalable."
"Fortinet FortiSandbox is faster than other sandbox solutions."
"The most valuable features are the packet decoder, log decoder, and concentrator."
"Incident management is its most valuable feature."
"Offers a good wireless feature."
"It's quite economical compared to other solutions in the market."
"The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language."
"Performance and reporting are very good."
"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"Setting up NetWitness is straightforward. There are multiple connectors, including standard and specialized connectors. One purpose of the connectors is the enhanced capability integrate the custom applications. NetWitness comes with E6 appliances and application images that we use for the initial configurations and for the OS stack information. From there, you can consider the correlation rules, integrate the different log sources, and easily create correlation rules and backlog reports."
"Fortinet FortiSandbox can improve by decreasing the time of analysis response. Other solutions have a better response time, such as WildFire."
"The reporting tools could be improved in Fortinet FortiSandbox."
"It can be difficult if you need to use the Command Line Interface (CLI). It's much easier if you only have to deal with the GUI."
"I don't know if it is viable to do an improvement like this. When there are passwords in the password-protected files, it can't scan them or do things like this. I don't know if an algorithm or something else could make it better. Nowadays, many legitimate office documents have passwords."
"The use cases in Fortinet FortiSandbox are not good. It is difficult to upload a custom VM for Fortinet FortiSandbox. The integration of Fortinet FortiSandbox with other Fortinet or FortiGate firewalls is not good. VMs are already installed in the hardware and are working fine, but we tried to approve the custom VM many times but did not succeed."
"The product is good but it could be speedier. In addition, it's quite complex."
"For the MSSPs, it would be great if the product could display all the threat chains on a dashboard since it is an area where the tool is currently lacking."
"The main area of concern in Fortinet FortiSandbox is its detection capabilities."
"We have encountered issues with unresolved crashes."
"The initial setup was complex because it takes a lot of time to complete the implementation."
"More customizability is required, which is something that they need to improve on."
"The implementation needs assistance."
"The solution should have more integration capabilities with different platforms."
"If we have the ability to run a dynamic analysis through malware in the same suite, it would be great to have a sandbox solution to analyze malware through dynamic analysis."
"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."
"Health monitoring of the event sources and devices."
Fortinet FortiSandbox is ranked 4th in Advanced Threat Protection (ATP) with 36 reviews while NetWitness Platform is ranked 19th in Log Management with 36 reviews. Fortinet FortiSandbox is rated 8.2, while NetWitness Platform is rated 7.4. The top reviewer of Fortinet FortiSandbox writes "Light and powerful solution design; useful to have". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Fortinet FortiSandbox is most compared with Palo Alto Networks WildFire, Trellix Network Detection and Response, Check Point SandBlast Network, Microsoft Defender for Office 365 and Fortinet FortiEDR, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Microsoft Sentinel. See our Fortinet FortiSandbox vs. NetWitness Platform report.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.