Likelihood to Recommend Retina Network Security Scanner is well suited for any environment and infrastructure that would like to expose security deficiencies across their network as well as visualize vulnerabilities as they pertain to assets in their environment. I cannot think of any scenario that would not be appropriate for this product. Since the product carries over to pretty much all assets in your environment, I don't know off the top of y head what it wouldn't be appropriate for.
Read full review Darktrace is a product well suited for the vast majority of infrastructures and helps monitoring and responding to threats based on the network in a very elastic way. This is a product based on on-premise infrastructures that hosts its machines locally, of course it can be technically difficult to monitor an entire On-Cloud infrastructure but even there there's room for sensors and monitoring, not to mention the SaaS and mail integration that completes the product.
Read full review Pros Besides the fact that Retina NSS performs the fundamental task of scanning all my network devices, one of the main strengths is the speed at which it scans. Time is money and I know people tent to wear that cliché out a bit, but when you are as small as we are of a team, every minute counts. We have utilized other network security scanners over the past 21 years and Retina NSS seems to have the smallest footprint with no evidence of scanning degrading performance of the devices scanned. They seem to update their database frequently enough that we notice a correlation of threats to discovery. There is a small learning curve, but overall, a seasoned IT professional can quickly get up and running in a few hours and get usable results quickly. This falls back on the speed at which Retina NSS scans. My previous network security scanners would sometimes take hours to complete a full vulnerability scan of between 250 - 400 devices, now it only takes a fraction of that time. Read full review Uses it Al model UEBA to detect anomalies in the behaviour of not only the users in a corporate network but also the routers, servers, and endpoints in that network. Provides a visualisation of both egress and outbound network traffics flowing in and out of the organisation. Darktrace comes with it autonomous AI model detection and responses capabilities. Darktrace as an AI next generation NDR solution, prevents ,contains and quarantines malicious traffics from and into the corporate network. Read full review Cons I do not have any obvious cons to report at this time. Read full review There are few areas that I would say need to be improved; their customer support portal allows you to log tickets with any suggestions or things you feel the product is missing, and they will generally show you how to achieve what you want, or in some cases, introduce it as a feature in a later update. Read full review Likelihood to Renew It's a powerfull product that help administrators to provide email security to our organization.
Good metrics about received emails that help us to determine in doubt case if the email is a false positive or it's malware.
They're improving the product releasing continuous updates and have mobile phone app to manage it.
Read full review Usability Darktrace comes with a simple usability interface with easy navigation and organisation.
Read full review Support Rating Darktrace support is excellent in my experience. They send a competent engineer on-site to provide on-boarding training. They were also very responsive in responding to questions and concerns. Having an individual point of contact who is a competent network and security engineer is not a common experience, at least for me.
Read full review Alternatives Considered Retina Network Security Scanner is the only product we have used in our enterprise. I have used a product in the past called GFI LanGuard Network Security Scanner and while it did perform the functions of vulnerability testing, etc...it just wasn't nearly as refined as Retina NSS. It was slow and was not as lightweight as Retina as far as end-user detection.
Read full review We did NOT select Darktrace.
OSSIM /AlienVault is a more mature product and it provided better intelligence and reporting. The end user interface is much easier to use - and you can tell built form engineers who have had to do the work. My suggestion for anyone considering Darktrace, is to get the price upfront; do a 30/60 onsite trail; and do the same thing, at the same time, with AlienVault. AlientVault will win every time. I say that because that's exactly what I did.
Read full review Return on Investment The product is extremely easy to deploy, extremely positive. If you take full advantage of this product as I did, you will maximize your ROI quickly as we did. We were able to visualize our vulnerabilities efficiently and effectively and maintain scheduled scans that allowed us to maintain a continuous improvement atmosphere while securing our investments. The ability provide reporting allows our IT department to prioritize issues and remediate as required without chasing down low risk issues over high risk issues that need immediate attention. Read full review One big positive is how it helps us with the security assessments that clients have done on us. They are looking to see if we know how we might have unusual/malicious traffic running on the network. If you have a small network and only need 1 appliance, it can be a good ROI and peace of mind. You could go down a hole in trying to spend time looking at all of your traffic with this software. You need to focus only on what it is showing as potential bad traffic. Read full review ScreenShots