Try our new research platform with insights from 80,000+ expert users

NetWitness Platform pros and cons

Vendor: NetWitness

3.7 out of 5

36 reviews
74% willing to recommend

2,208 followers

Pros & Cons summary

NetWitness Platform features packet and log decoders, concentrator, and automated incident response, enhancing security and network forensics. It offers scalability, flexibility, and cloud integration. Performance and reporting are praised, despite issues with log aggregation, complex setup, and documentation. Custom connectors, training, and tools support customization. Incident detection and response are advanced with correlation tools. Integration with products like Oracle is desirable.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

NetWitness Platform features valuable tools such as packet decoder, log decoder, and concentrator for enhanced network analysis and threat prediction.

It offers capabilities for creating custom connectors, allowing integration with any application supported by training and tool provision.

Incident response teams benefit significantly from its ability to correlate logs and capture packets, aiding in the identification and analysis of security incidents.

Scalability is a core strength of NetWitness Platform, accommodating the needs of high-end power, enterprise customers efficiently.

Its alert and correlation tools significantly aid in incident detection and response, improving overall enterprise security.

CONS

Log aggregation is an issue with NetWitness Platform due to a huge number of alerts in a single instance.

The initial setup is very complex and should be simplified.

Technical support could be improved.

NetWitness Platform should have more integration capabilities with different platforms.

Its licensing models are complex to understand, which needs improvement.

NetWitness Platform Pros review quotes

AR

reviewer2256927

Head of Information Security, Cyber Defense and IT Risk Management at HCT. at a transportation company with 201-500 employees

Aug 21, 2023

NetWitness Platform is valuable for creating rules that the solution must detect.

Read full review

MS

Mahesh Suryawanshi

Program Manager at EGYANAM TECH

Sep 1, 2021

It's quite economical compared to other solutions in the market.

Read full review

RD

Senior Cyber Security Specialist at HCL Technologies

Jan 9, 2020

The most valuable features are the packet decoder, log decoder, and concentrator.

Read full review

NetWitness Platform

Free Report: NetWitness Platform Reviews and More

Learn what your peers think about NetWitness Platform. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.

814,649 professionals have used our research since 2012.

HL

Information Technology Security Architect at a financial services firm with 5,001-10,000 employees

Aug 25, 2019

It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible.

Read full review

Director at ST

Apr 8, 2023

In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing.

Read full review

Direct Sales Director at a tech services company with 501-1,000 employees

May 7, 2017

Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network

Read full review

VG

IT Security Head with 1,001-5,000 employees

Jan 19, 2020

The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it.

Read full review

MR

reviewer1926666

Senior Assistant Vice President at a financial services firm with 1,001-5,000 employees

Jul 27, 2022

I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution.

Read full review

Rafał Popielski

Solution Architect at NASK

Feb 7, 2024

NetWitness can be highly beneficial for incident detection and response.

Read full review

MH

Team Leader & Head of MSSP at We Ankor

May 22, 2019

The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that.

Read full review

Show 10 more reviews (out of 34)

NetWitness Platform Cons review quotes

AR

reviewer2256927

Head of Information Security, Cyber Defense and IT Risk Management at HCT. at a transportation company with 201-500 employees

Aug 21, 2023

There is no support for this product in this country, so problems have to be resolved through global technical teams.

Read full review

MS

Mahesh Suryawanshi

Program Manager at EGYANAM TECH

Sep 1, 2021

The initial setup is complex. There are other solutions that are easier to implement.

Read full review

RD

Senior Cyber Security Specialist at HCL Technologies

Jan 9, 2020

Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance.

Read full review

NetWitness Platform

Free Report: NetWitness Platform Reviews and More

Learn what your peers think about NetWitness Platform. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.

814,649 professionals have used our research since 2012.

HL

Information Technology Security Architect at a financial services firm with 5,001-10,000 employees

Aug 25, 2019

They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams.

Read full review

Director at ST

Apr 8, 2023

I believe that integrating the solution with other products such as Oracle would be beneficial.

Read full review

Direct Sales Director at a tech services company with 501-1,000 employees

May 7, 2017

The system architecture is complex and sometimes it’s hard to troubleshoot potential problems.

Read full review

VG

IT Security Head with 1,001-5,000 employees

Jan 19, 2020

The initial setup is very complex and should be simplified.

Read full review

MR

reviewer1926666

Senior Assistant Vice President at a financial services firm with 1,001-5,000 employees

Jul 27, 2022

Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine.

Read full review

Rafał Popielski

Solution Architect at NASK

Feb 7, 2024

The product's licensing models are complex to understand. This particular area needs improvement.

Read full review

MH

Team Leader & Head of MSSP at We Ankor

May 22, 2019

The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together.

Read full review

Show 10 more reviews (out of 34)

Product Categories

Product Categories

Security Information and Event Management (SIEM)

Popular Comparisons

Popular Comparisons

Netgate pfSense vs NetWitness Platform

Splunk Enterprise Security vs NetWitness Platform

Microsoft Sentinel vs NetWitness Platform

Zabbix vs NetWitness Platform

CyberArk Privileged Access Manager vs NetWitness Platform

IBM Security QRadar vs NetWitness Platform

Elastic Security vs NetWitness Platform

Palo Alto Networks WildFire vs NetWitness Platform

AWS Security Hub vs NetWitness Platform

LogRhythm SIEM vs NetWitness Platform

Cisco Secure Network Analytics vs NetWitness Platform

Rapid7 InsightIDR vs NetWitness Platform

Microsoft Defender for Identity vs NetWitness Platform

Arbor DDoS vs NetWitness Platform

Fortinet FortiSIEM vs NetWitness Platform

See all alternatives

Product Categories

Product Categories

Security Information and Event Management (SIEM)

Popular Comparisons

Popular Comparisons

Netgate pfSense vs NetWitness Platform

Splunk Enterprise Security vs NetWitness Platform

Microsoft Sentinel vs NetWitness Platform

Zabbix vs NetWitness Platform

CyberArk Privileged Access Manager vs NetWitness Platform

IBM Security QRadar vs NetWitness Platform

Elastic Security vs NetWitness Platform

Palo Alto Networks WildFire vs NetWitness Platform

AWS Security Hub vs NetWitness Platform

LogRhythm SIEM vs NetWitness Platform

Cisco Secure Network Analytics vs NetWitness Platform

Rapid7 InsightIDR vs NetWitness Platform

Microsoft Defender for Identity vs NetWitness Platform

Arbor DDoS vs NetWitness Platform

Fortinet FortiSIEM vs NetWitness Platform

See all alternatives

Related questions

41

When evaluating Log Management tools and software, what aspect do you think is the most important to look for?

4,875

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

185

Which Windows event log monitoring tool do you recommend?

449

What is the difference between log management and SIEM?

49

Splunk vs. Elastic Stack

91

How can Cloudtrail logs be used effectively to improve log monitoring?

473

Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?

33

When evaluating Log Management solutions, what aspect do you think is the most important to look for?

13

When evaluating Log Management solutions, what aspects do you think are the most important to look for?

15

Why are Log Management tools important for companies?