Try our new research platform with insights from 80,000+ expert users

Netsurion pros and cons

Vendor: Netsurion

4.2 out of 5

24 reviews
92% willing to recommend

273 followers

Pros & Cons summary

Netsurion offers robust security with features such as weekly threat reports and real-time alerts for critical events, enhancing detection and response. Managed Threat Protection aligns with MITRE ATT&CK, supporting industry standards. The solution scales efficiently; however, deployment challenges and manual interventions hinder some agents. Search and report generation can be slow, with passive threat detection needing clearer actionable options. Continuous 24/7 monitoring from the Security Operations Center boosts company security.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Weekly security reports summarize daily network events, highlighting potential threats and advising on remediation strategies.

Real-time alerts for user lockouts and invalid password attempts enhance IT department responsiveness.

Netsurion satisfies compliance requirements by centralizing the storage of all security event data, which is essential for auditing.

The Managed Threat Protection includes the MITRE ATT&CK Framework, recognized as an industry standard for evaluating threats.

Netsurion's 24/7 monitoring provides actionable threat intelligence, enhancing company security by detecting and preventing malicious activities.

CONS

The deployment of agents poses challenges, often leading to agents quitting or requiring redeployment.

There are issues with long search times, especially when looking back beyond 30 days, even with improvements in version 9 requiring a solid-state hard drive.

Too many domain controllers complicate updates and firewall management.

Agents on endpoints frequently fail, needing manual intervention from local administrators.

System requirements are high, demanding powerful servers that impact on-premise components.

Netsurion Pros review quotes

JB

Chief Information Security Officer at Samford University

Jun 28, 2021

The real-time alerting for things such as people getting dropped into a VPN group or the domain admin group — things like that which really shouldn't happen without proper change management, but we all know the reality, they do from time to time — gives me real-time visibility into what's going on.

Read full review

RT

Richard Teegarden

Network Manager at a energy/utilities company with 51-200 employees

Sep 10, 2019

I really appreciate the fact that the dashboard breaks everything down into a pretty easy view for me... It shows what changes are happening to privileged user accounts, access and identity, what's cropping up. It shows application activity and whether we've got system resources that aren't online and being found anymore. It's a pretty simple, easy, quick hit and there are the supporting logs behind it. If I need to drill down further, I can do that quickly. It's very effective.

Read full review

RC

VP of IT Systems at Carteret-Craven Electric Cooperative

Nov 16, 2021

When I looked last week, we probably averaged about 20 million log entries a day. So, we certainly can't individually manage that. Just looking at the reports, then trying to go back and find anything that was questionable, was a challenge. Therefore, the managed service has been invaluable to us in terms of being able to narrow the scope of what really needs to be looked at and bringing those things to our attention to be dealt with.

Read full review

Free Report: Netsurion Reviews and More

Learn what your peers think about Netsurion. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.

815,854 professionals have used our research since 2012.

Head of IT at a venture capital & private equity firm with 11-50 employees

Aug 22, 2023

The most valuable feature is definitely real-time alerting, especially in situations where someone might attempt to exploit or hack into our network.

Read full review

MO

Senior Director, Information Security at a pharma/biotech company with 1,001-5,000 employees

Dec 23, 2019

I like the UI, overall. I like the main page and there are aspects of the search page that I like. When you bring it up on the left-hand side of the page, as you look at the events, the ability to simply hit and click the plus/minus to pull events in and out of the overall view is well done and is very effective from a threat-hunting and an analysis perspective. I like the detail it shows.

Read full review

BS

IT Director at Global Connections Inc

Dec 7, 2021

Netsurion was easy to deploy. I have worked with other systems that were a little less complex, but they weren't quite as easy to deploy.

Read full review

ML

Chief Information Officer at ECRMC

Oct 1, 2020

There are a host of things that are most valuable. Obviously monitoring our environment and reporting out different events is important. They perform a suite of services. They monitor all of our servers, all of our key infrastructure, like our DNS, our switches, all that stuff. They aggregate and correlate that quarterly. They'll tell us if we're getting a lot of login failures and something is going on or if something's weird.

Read full review

JH

Director of Application Development and Architecture at South Central Power Company

Dec 23, 2019

I like EventTracker's dashboard. I see it every time I log in because it's the first thing you get to. We have our own widgets that we use. For the sake of transparency, there are a few widgets that we look at there and then we move out from there... Among the particularly helpful widgets, the not-reporting widget is a big one. The number-of-logs-processed is also a good one.

Read full review

reviewer1154436

Sr. Information Technology Security Engineer at a university with 1,001-5,000 employees

Nov 28, 2019

If I were to look at logs manually, there's no way I could do that. As an example, they are 48 million logs processed a day. There is no way I could look at all 48 million of those. So, it gives me a good structure to be able to look at the different incidents which are created and do different searches.

Read full review

reviewer1717125

Cyber Security Specialist at a financial services firm with 11-50 employees

Nov 16, 2021

I think Netsurion scales well. We've gone from a small number of agents up to thousands. So I would imagine that it would continue to scale. I don't see any issue with that.

Read full review

Show 10 more reviews (out of 24)

Netsurion Cons review quotes

JB

Chief Information Security Officer at Samford University

Jun 28, 2021

With version 8, there are quite a few things. The query tool was one of the big ones, and the query speed was one of the big ones, but they've made some great strides between versions 8 and 9. There were also issues in version 8 around the ability to get the data back out. It's one thing to collect data, but it's a whole other thing to be able to present it or run it in a timely manner. The old tool, depending on how far back I was looking, might even time out and I would have to run it again.

Read full review

RT

Richard Teegarden

Network Manager at a energy/utilities company with 51-200 employees

Sep 10, 2019

Probably the biggest thing is just: Can I search for this and what's the best way to do it? If I'm looking for two events versus a singular event, I just throw it back at them. They're the experts on it.

Read full review

RC

VP of IT Systems at Carteret-Craven Electric Cooperative

Nov 16, 2021

I would like to see a faster response when we see things like 15,000 lockouts. I really wished that I had known that on Friday afternoon rather than waiting until I got the weekly report today. By the same token, they are looking at it from the point of view that this is a system or software malfunction. This is not a bad actor repeating the exact same password three times a second. Therefore, they can tell that this is not a bad thing. However, it's not a security event but it is an operational event for me. Knowing this sort of thing would help my team and me out more because then we would be able to clear out a lot of network traffic that we didn't know was going on. So, we would like quicker updates on non-high security events.

Read full review

Free Report: Netsurion Reviews and More

Learn what your peers think about Netsurion. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.

815,854 professionals have used our research since 2012.

Head of IT at a venture capital & private equity firm with 11-50 employees

Aug 22, 2023

I would also like to have a dashboard that I can access anytime to review the real-time data from their website.

Read full review

MO

Senior Director, Information Security at a pharma/biotech company with 1,001-5,000 employees

Dec 23, 2019

Where there is an opportunity for improvement is in the interface used for performing the searches. You have to understand Elasticsearch search too well for the security team to be able to take really full advantage of that part of the product. It's not as intuitive as I would like it to be for new staff coming in. The general query capability is a little bit challenging.

Read full review

BS

IT Director at Global Connections Inc

Dec 7, 2021

We get a report generated on a particular day of the week and we go through it, trying to mitigate problems and make sure we're seeing everything that's happening. It would be helpful if the SOC spent a little more time with us going through some of those reports.

Read full review

ML

Chief Information Officer at ECRMC

Oct 1, 2020

Communication is always something that can be improved, but I feel that any time we've had a communication issue, it's quickly addressed when we bring those up at the monthly meetings. Usually, it's an individual that wasn't clear in the communication, it's not the process per se. You always have to be able to segregate if the process didn't work or an individual either didn't say the right thing or my people didn't understand what they were being told.

Read full review

JH

Director of Application Development and Architecture at South Central Power Company

Dec 23, 2019

It would be great if they had a client for phones by which they could push a notification to us, as opposed to via email.

Read full review

reviewer1154436

Sr. Information Technology Security Engineer at a university with 1,001-5,000 employees

Nov 28, 2019

The solution's dashboard is okay. The one thing that we ran into are issues when we upgraded to the newer version. It uses Elasticsearch for the different dashboard entries. So, we were running on spinning disks, and Elasticsearch didn't work that well. A number of the different dashboards, like my dashboard or different things like that, pull from Elasticsearch. Since Elasticsearch really wasn't working, we were having some issues with that, but we just migrated.

Read full review

reviewer1717125

Cyber Security Specialist at a financial services firm with 11-50 employees

Nov 16, 2021

The agents on the endpoints seem to fail quite a bit, requiring manual involvement from the local administrators. I would like to see their product be much more ad hoc and update automatically.

Read full review

Show 10 more reviews (out of 24)

Product Categories

Product Categories

Managed Security Services Providers (MSSP)

Security Information and Event Management (SIEM)

SOC as a Service

Managed Detection and Response (MDR)

Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons

Wazuh vs Netsurion

Microsoft Sentinel vs Netsurion

IBM Security QRadar vs Netsurion

LogRhythm SIEM vs Netsurion

Sumo Logic Security vs Netsurion

Fortinet FortiSIEM vs Netsurion

Arctic Wolf Managed Detection and Response vs Netsurion

Devo vs Netsurion

AlienVault OSSIM vs Netsurion

Fortra's Alert Logic MDR vs Netsurion

CyberHat CYREBRO vs Netsurion

OP5 Log Analytics vs Netsurion

See all alternatives

Product Categories

Product Categories

Managed Security Services Providers (MSSP)

Security Information and Event Management (SIEM)

SOC as a Service

Managed Detection and Response (MDR)

Extended Detection and Response (XDR)

Popular Comparisons

Popular Comparisons

Wazuh vs Netsurion

Microsoft Sentinel vs Netsurion

IBM Security QRadar vs Netsurion

LogRhythm SIEM vs Netsurion

Sumo Logic Security vs Netsurion

Fortinet FortiSIEM vs Netsurion

Arctic Wolf Managed Detection and Response vs Netsurion

Devo vs Netsurion

AlienVault OSSIM vs Netsurion

Fortra's Alert Logic MDR vs Netsurion

CyberHat CYREBRO vs Netsurion

OP5 Log Analytics vs Netsurion

See all alternatives

Related questions

945

Do we need to use both EDR and Antivirus (AV) solutions for better protection of IT assets?

187

What types of Security Operations Center (SOC) deployment models do exist?

1

When evaluating Managed Security Services, what aspect do you think is the most important to look for?

31

How Managed Security Services (MSS) secure your organization?

1

Why is Managed Security Services important for companies?