We performed a comparison between Fortinet FortiSandbox and NetWitness Platform based on real PeerSpot user reviews.
Find out in this report how the two Advanced Threat Protection (ATP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."You have access to a report as to what behaviors the example file entered in the registry."
"The initial setup is straightforward."
"The most valuable features for me when it comes to Fortinet FortiSandbox are the integrity of the Sandbox and the power of the analyzing tool of the solution."
"One of the valuable features is its ability to detect new threats."
"The technical support is very good."
"The most valuable feature of the solution is that the performance it offers to users is good, making it useful for us in our company."
"The most valuable feature was the EDR, endpoint detection and response."
"The most valuable features of Fortinet FortiSandbox are the analysis options, artificial intelligence, and the many interfaces it provides."
"The product has a user-friendly interface and a valuable feature for threat intelligence integration."
"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."
"The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language."
"The most valuable features are the integration and ease of use."
"The most valuable feature is the security that it provides."
"The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."
"The most valuable feature is the hunting ability to work in a CERT."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"The licensing can be very confusing. It needs to be simplified."
"It should be easier to import custom virtual machines. Some of the VMs that are in FortiSandbox don't have the applications that we have in our environment. We need to import a VM with specific applications that we use in our environment. Have all the licenses because this is a real environment. You need a license for the Windows client you run on it. It's possible to import custom VMs, but it's a pain to do it. I would like a tool that simplifies the process."
"The main area of concern in Fortinet FortiSandbox is its detection capabilities."
"I would like to have machine learning added to the solution in a future release."
"For additional features, maybe a form of execution pain files in a non-virtual environment because it has threats that identify when it is being run in a virtual machine."
"The reporting tools could be improved in Fortinet FortiSandbox."
"The integration is limited. The solution needs to offer better integration with multiple vendors."
"The use cases in Fortinet FortiSandbox are not good. It is difficult to upload a custom VM for Fortinet FortiSandbox. The integration of Fortinet FortiSandbox with other Fortinet or FortiGate firewalls is not good. VMs are already installed in the hardware and are working fine, but we tried to approve the custom VM many times but did not succeed."
"The log system is a bit complex and has room for improvement."
"Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance."
"The product's licensing models are complex to understand. This particular area needs improvement."
"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
"I believe that integrating the solution with other products such as Oracle would be beneficial."
"The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together."
"Health monitoring of the event sources and devices."
"Its technical support could be better."
Fortinet FortiSandbox is ranked 5th in Advanced Threat Protection (ATP) with 36 reviews while NetWitness Platform is ranked 18th in Log Management with 36 reviews. Fortinet FortiSandbox is rated 8.2, while NetWitness Platform is rated 7.4. The top reviewer of Fortinet FortiSandbox writes "Light and powerful solution design; useful to have". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Fortinet FortiSandbox is most compared with Palo Alto Networks WildFire, Trellix Network Detection and Response, Check Point SandBlast Network, Microsoft Defender for Office 365 and Fortinet FortiEDR, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Cisco Secure Network Analytics and Microsoft Sentinel. See our Fortinet FortiSandbox vs. NetWitness Platform report.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
