Try our new research platform with insights from 80,000+ expert users
NetWitness Platform Logo

NetWitness Platform pros and cons

Vendor: NetWitness
3.7 out of 5
2,208 followers
Post review

Pros & Cons summary

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

NetWitness Platform features valuable tools such as packet decoder, log decoder, and concentrator for enhanced network analysis and threat prediction.
It offers capabilities for creating custom connectors, allowing integration with any application supported by training and tool provision.
Incident response teams benefit significantly from its ability to correlate logs and capture packets, aiding in the identification and analysis of security incidents.
Scalability is a core strength of NetWitness Platform, accommodating the needs of high-end power, enterprise customers efficiently.
Its alert and correlation tools significantly aid in incident detection and response, improving overall enterprise security.

CONS

Log aggregation is an issue with NetWitness Platform due to a huge number of alerts in a single instance.
The initial setup is very complex and should be simplified.
Technical support could be improved.
NetWitness Platform should have more integration capabilities with different platforms.
Its licensing models are complex to understand, which needs improvement.
 

NetWitness Platform Pros review quotes

reviewer2256927 - PeerSpot reviewer
Aug 21, 2023
NetWitness Platform is valuable for creating rules that the solution must detect.
MS
Sep 1, 2021
It's quite economical compared to other solutions in the market.
RD
Jan 9, 2020
The most valuable features are the packet decoder, log decoder, and concentrator.
Learn what your peers think about NetWitness Platform. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
HL
Aug 25, 2019
It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible.
Salah Sabouni - PeerSpot reviewer
Apr 8, 2023
In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing.
it_user619134 - PeerSpot reviewer
May 7, 2017
Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network
VG
Jan 19, 2020
The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it.
reviewer1926666 - PeerSpot reviewer
Jul 27, 2022
I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution.
Rafał Popielski - PeerSpot reviewer
Feb 7, 2024
NetWitness can be highly beneficial for incident detection and response.
MH
May 22, 2019
The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that.
 

NetWitness Platform Cons review quotes

reviewer2256927 - PeerSpot reviewer
Aug 21, 2023
There is no support for this product in this country, so problems have to be resolved through global technical teams.
MS
Sep 1, 2021
The initial setup is complex. There are other solutions that are easier to implement.
RD
Jan 9, 2020
Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance.
Learn what your peers think about NetWitness Platform. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
HL
Aug 25, 2019
They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams.
Salah Sabouni - PeerSpot reviewer
Apr 8, 2023
I believe that integrating the solution with other products such as Oracle would be beneficial.
it_user619134 - PeerSpot reviewer
May 7, 2017
The system architecture is complex and sometimes it’s hard to troubleshoot potential problems.
VG
Jan 19, 2020
The initial setup is very complex and should be simplified.
reviewer1926666 - PeerSpot reviewer
Jul 27, 2022
Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine.
Rafał Popielski - PeerSpot reviewer
Feb 7, 2024
The product's licensing models are complex to understand. This particular area needs improvement.
MH
May 22, 2019
The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together.