Network Consultant at a non-profit with 201-500 employees
Consultant
Top 20
2024-10-31T14:08:00Z
Oct 31, 2024
We expect regular firmware patches for upgrades and maintenance. Currently, we have to check manually as we do not receive any notifications about new patches, maintenance, or firmware releases. It would be beneficial if they could send us notifications for new releases and maintenance trials.
Account Manager at a tech services company with 11-50 employees
Reseller
Top 10
2023-10-31T05:45:28Z
Oct 31, 2023
The solution's reporting part and GUI are areas with certain shortcomings where improvements are required. Response time is an area where the product's technical support team must make improvements. The product's price could be more flexible.
Information Security Assurance Engineer at School District of Lee County
Real User
2022-09-07T16:15:13Z
Sep 7, 2022
There is a little training online, but it'd be cool if ExtraHop provided certifications. CrowdStrike does elective training that gives you a certification as a Falcon administrator. It'd be nice to see ExtraHop have something like that
I can't think of anything right now. They meet all of my customers' requirements. Additional integration partners would be beneficial. I would like to see more cloud capability.
Agent management could certainly use some focus. It should also be a little bit easier to work with collections. We should be able to nest collections within collections. There should be better nesting. The beautiful thing about the company that runs ExtraHop is that when we go to them with feature requests or with things that we would like to see, they're really good at getting them added. The most recent one that we're looking for is being able to limit the packets that users can download. So, if you're an administrator, you should be able to download a full packet capture with the full packet, but if you're just an engineer or an application person just looking at your application header traffic, you don't need to see any payload data. We want to be able to limit that traffic. We want to limit who can see the payload, and we can do that. The vendor is putting that into the tool for us. It's going to be done before the end of the year.
Sales Engineer | Technical Sales | Pre-Sales at SUSE
Vendor
2020-08-12T08:50:00Z
Aug 12, 2020
Netflow - Processing Netflow can be cumbersome as it requires triggers to truly gain value and insight. This in turn can add a bit of load to the hardware. The focus of ExtraHop Reveal (x) is live packet data. Triggers - While the triggers are great for specific use cases, it can add load to the hardware and requires some development skill, which can be costly. VoIP - While we can view SIP and RTP (quality, MOS, etc.) it is not the best solution for VoIP itself. There are better solutions for more detailed VoIP monitoring. It can solve some problems, but not all problems.
At this point, there aren't any features that are lacking, from our perspective. The solution is pretty complete. The solution is expensive and gets more expensive if a company needs to scale it.
ExtraHop Reveal(x) is a highly effective network traffic analysis (NTA) solution that leverages a cloud-native architecture to empower organizations to overcome a world filled with increasingly sophisticated threats. It identifies 25% more threats than its competitors. Additionally, organizations that employ Reveal(x) say they resolve issues 77% percent faster than they would if they were using other similar solutions.
ExtraHop Reveal(x) Benefits
Some of the ways that organizations can...
We expect regular firmware patches for upgrades and maintenance. Currently, we have to check manually as we do not receive any notifications about new patches, maintenance, or firmware releases. It would be beneficial if they could send us notifications for new releases and maintenance trials.
I think the tuning capabilities could be improved. We're working on minimizing false positives. Apart from that, everything seems fine to me.
The solution's reporting part and GUI are areas with certain shortcomings where improvements are required. Response time is an area where the product's technical support team must make improvements. The product's price could be more flexible.
The solution’s pricing could be improved.
They should integrate the solution with more security vendors.
The solution should include more support protocols. The solution should be less expensive.
There is a little training online, but it'd be cool if ExtraHop provided certifications. CrowdStrike does elective training that gives you a certification as a Falcon administrator. It'd be nice to see ExtraHop have something like that
I can't think of anything right now. They meet all of my customers' requirements. Additional integration partners would be beneficial. I would like to see more cloud capability.
Agent management could certainly use some focus. It should also be a little bit easier to work with collections. We should be able to nest collections within collections. There should be better nesting. The beautiful thing about the company that runs ExtraHop is that when we go to them with feature requests or with things that we would like to see, they're really good at getting them added. The most recent one that we're looking for is being able to limit the packets that users can download. So, if you're an administrator, you should be able to download a full packet capture with the full packet, but if you're just an engineer or an application person just looking at your application header traffic, you don't need to see any payload data. We want to be able to limit that traffic. We want to limit who can see the payload, and we can do that. The vendor is putting that into the tool for us. It's going to be done before the end of the year.
Netflow - Processing Netflow can be cumbersome as it requires triggers to truly gain value and insight. This in turn can add a bit of load to the hardware. The focus of ExtraHop Reveal (x) is live packet data. Triggers - While the triggers are great for specific use cases, it can add load to the hardware and requires some development skill, which can be costly. VoIP - While we can view SIP and RTP (quality, MOS, etc.) it is not the best solution for VoIP itself. There are better solutions for more detailed VoIP monitoring. It can solve some problems, but not all problems.
At this point, there aren't any features that are lacking, from our perspective. The solution is pretty complete. The solution is expensive and gets more expensive if a company needs to scale it.