Splunk User Behavior Analytics and KerioControl compete in network security, with Splunk focusing on detecting insider threats and KerioControl on network management. Splunk has an edge in user behavior analytics, while KerioControl is more comprehensive for network management.
Features: Splunk User Behavior Analytics includes advanced anomaly detection, machine learning, and threat hunting tools for effective insider threat identification. KerioControl offers reliable firewall protection, VPN support, and bandwidth management for enhanced network safety and performance.
Room for Improvement: Splunk could improve by simplifying its deployment process and offering more accessible pricing options. Additionally, increasing the availability of training resources would benefit users. KerioControl could enhance its threat detection capabilities, provide more intuitive interfaces, and expand integration with third-party solutions to improve functionality.
Ease of Deployment and Customer Service: KerioControl provides flexible deployment options, including hardware, software, or virtual appliances, making it adaptable across environments. Its customer service is noted for being responsive and helpful. Splunk's deployment is highly customizable, which can make it more complex, but its support is comprehensive.
Pricing and ROI: Splunk User Behavior Analytics requires a higher setup cost with substantial hardware and training investments, but it offers significant ROI through enhanced security insights. KerioControl is more cost-effective initially, with licensing fees that rapidly enhance network security and performance, providing a quicker ROI.
The solution can save costs by improving incident resolution times and reducing security incident costs.
I have never needed to contact customer support as the product is easy to use.
Mission-critical offering a dedicated team, proactive monitoring, and fast resolution.
From the responsiveness perspective, Splunk is very responsive with SLA-bound support for premium tiers.
I would rate their technical support as 8.5 out of 10.
KerioControl has met some of the network infrastructure needs yet could improve in terms of scalability.
Splunk User Behavior Analytics is highly scalable, designed for enterprise scalability, allowing expansion of data ingestion, indexing, and search capabilities as log volumes grow.
With built-in redundancy across zones and regions, 99.9% uptime is achievable.
Splunk User Behavior Analytics is highly stable and reliable, even in large-scale enterprise environments with high log injection rates.
Splunk User Behavior Analytics is a one hundred percent stable solution.
Global reach allows deployment of apps and services closer to users worldwide, but data sovereignty concerns exist and region selection must align with compliance requirements.
I encountered several issues while trying to create solutions for this advanced version, which seem unrelated to query or data issues.
High data ingestion costs can be an issue, especially for large enterprises, as Splunk charges based on the amount of data processed.
The price for the product is rated as ten out of ten.
Compared to all other products in the market, it is the most expensive one in all aspects including professional service and licenses, even the cloud version.
Reserved instances with one or three-year commitments offer lower rates, providing up to 70% savings.
The pricing is based on the amount of data processed, and it is considered a high-level investment for enterprises.
The most valuable features include geo-tagging, which blocks all other IPs except for the specified accounts, and web filtering.
I also utilize it for anomaly detection and behavior analysis, particularly using Splunk's machine learning environment.
The dashboards themselves are nice, very good, and very helpful, but the accuracy of the data or the information that will be presented on the dashboard is something that needs to be questioned.
Features like alerts and auto report generation are valuable.
| Product | Market Share (%) |
|---|---|
| Splunk User Behavior Analytics | 1.9% |
| KerioControl | 3.1% |
| Other | 95.0% |
| Company Size | Count |
|---|---|
| Small Business | 44 |
| Midsize Enterprise | 9 |
| Large Enterprise | 3 |
| Company Size | Count |
|---|---|
| Small Business | 7 |
| Midsize Enterprise | 5 |
| Large Enterprise | 12 |
Kerio Control is a popular security product for small and medium-sized businesses. It is a next-generation firewall that provides unified threat management without complexity. Kerio Control provides advanced anti-virus protection and industry-leading web and content application filtering, and has a secure VPN.
With Kerio Control you can:
Kerio Control Features
Some of Kerio Control’s most valuable features include:
High availability, deployment flexibility, deep packet inspection, advanced routing, usage reporting, quick administering, intrusion detection and prevention (IPS), gateway anti-virus, VPN, web and content application filtering, and centralized administration with MyKerio.
Kerio Control Benefits
Reviews from Real Users
Here is some feedback from some of our users who are currently using the solution:
PeerSpot user Brian C., Senior Technology Specialist, VP at Unified Technology Solutions, writes "It is very comprehensive and simple. It has all the active protections. It's updated. We love that you can set how often it is updated so you can work on what is right for you. A large company with a lot of bandwidth can update the virus definitions and security definitions hourly, if they want. A smaller site that's remote, where maybe updating the definitions will eat into the bandwidth, we can schedule those more to go later at night. It's very flexible and works for us in all types of situations. This is great because then we don't have to learn seven different products to be able to work with seven different scenarios."
Andy D., IT Manager at Flare Technologies, praises how easy it is to use and says, "One thing we use quite a lot, as well, is the DHCP Server, because we do a lot of work where all our devices need to have static IP addresses. Rather than going around and configuring every box, we do it all through DHCP reservations. It's easier. We've got a record of it. We can manipulate it if we need to change something or change some hardware. It's all easy. Even guys who are not used to using it can pick it up quite quickly."
Splunk User Behavior Analytics is a behavior-based threat detection is based on machine learning methodologies that require no signatures or human analysis, enabling multi-entity behavior profiling and peer group analytics for users, devices, service accounts and applications. It detects insider threats and external attacks using out-of-the-box purpose-built that helps organizations find known, unknown and hidden threats, but extensible unsupervised machine learning (ML) algorithms, provides context around the threat via ML driven anomaly correlation and visual mapping of stitched anomalies over various phases of the attack lifecycle (Kill-Chain View). It uses a data science driven approach that produces actionable results with risk ratings and supporting evidence that increases SOC efficiency and supports bi-directional integration with Splunk Enterprise for data ingestion and correlation and with Splunk Enterprise Security for incident scoping, workflow management and automated response. The result is automated, accurate threat and anomaly detection.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
