Darktrace AI interrupts in-progress cyber-attacks, including ransomware, email phishing, and threats to cloud environments. It's able to detect and establish baselines for your organization so it can make the distinction between what is and what isn't normal network activity for your organization. This allows it to tackle complex cyber-attacks as they happen and prevent future cyber-attacks from happening.
N/A
Mimecast Cloud Archive
Score 9.4 out of 10
N/A
Mimecast Cloud Archive provides an archive storage solution for data retention, as well as search and retrieval of email, attachments and MS Teams conversations. The cloud archiving solution offers search capabilities for employees and automated tools for administrators that simplify management of mailboxes, e-discovery and litigation support.
Darktrace is a product well suited for the vast majority of infrastructures and helps monitoring and responding to threats based on the network in a very elastic way. This is a product based on on-premise infrastructures that hosts its machines locally, of course it can be technically difficult to monitor an entire On-Cloud infrastructure but even there there's room for sensors and monitoring, not to mention the SaaS and mail integration that completes the product.
This is for any business that needs secure, tamper-resistant, long-term email storage. Mimecast cloud archive is the answer. Easy self-service user interface, Admin interface is generally pretty usable as well with a good level of granular permissions for delegation to support staff. It allows cost savings with email storage by implementing retention policies and offloading the storage to Mimecast.
Uses it Al model UEBA to detect anomalies in the behaviour of not only the users in a corporate network but also the routers, servers, and endpoints in that network.
Provides a visualisation of both egress and outbound network traffics flowing in and out of the organisation.
Darktrace comes with it autonomous AI model detection and responses capabilities.
Darktrace as an AI next generation NDR solution, prevents ,contains and quarantines malicious traffics from and into the corporate network.
Sync and Recover is a great tool for when you need to recover emails quickly or in bulk.
The archive is nested in the mail protection admin portal, so it is easy to navigate between the recent mail in the protection portal (limited window of time) and the archive when searching for emails during investigations or troubleshooting.
The additional protection feature allows scanning of emails that land in the archive. This helps with internal to internal emails that might have been malicious, for instance from a compromised account.
The Mimecast for Outlook add-in is nice, although you can access it from the web as well, for seeing your own archives. If users are missing an email, they can look there on their own without submitting an IT support ticket.
We do not allow end users to restore their own, but that is a feature that exists as well.
There are few areas that I would say need to be improved; their customer support portal allows you to log tickets with any suggestions or things you feel the product is missing, and they will generally show you how to achieve what you want, or in some cases, introduce it as a feature in a later update.
There are so many features, it can be difficult to find exactly how to perform some actions.
Emails are not automatically shown in their native format when searched you must click on the email and then request it be formatted in the proper format (HTML, plaintext, etc.).
The Darktrace toolset is very expansive, allowing it to handle many different tasks, but this leads to a user interface that is sometimes not at all intuitive. Icons don't always make sense visually, and the associated tool tips do not always provide enough detail on what action the button performs
The archive is easy to use and the searching is highly customizable. You can easily search based on timeframe, sender, recipient, words, phrases, and attachments. The ability to search keywords within attachments, body, and subject line is incredibly helpful. We're able to quickly and easily find what we're looking for.
There is never an issue. Everytime I have needed to access my own personal search archive or globally search across the whole business it works each time. I cannot recall a time where the service was down when needed to be used and all our staff use it daily.
The stability of the tool is the biggest factor, it has a fantastic uptime and the loading speed is exceptional. Long gone are the days of waiting for Outlook to open up a traditional PST archive, I can simply click, find what I need and go, usually, before outlook has opened the archive. It is an exceptionally efficient tool.
Darktrace support is excellent in my experience. They send a competent engineer on-site to provide on-boarding training. They were also very responsive in responding to questions and concerns. Having an individual point of contact who is a competent network and security engineer is not a common experience, at least for me.
It does a good job. The support team of the product was good and responsive and was also able to fix the issues I was experiencing at the time. It isn't perfect and takes some time to set up properly in the environment but once set up the product does what it is supposed to do which is what you are paying for.
We used Mimecast professional services for the implementation and it was flawless as we were migrating from a competitor's product. The only downside was the amount of time required to ingest all the data as this was coming from a few different sources and in some cases it took months to migrate and index all the content. Apart from that the process was very well guided, with plenty of communication all throughout and without any major issues or downtime.
We did NOT select Darktrace. OSSIM/AlienVault is a more mature product and it provided better intelligence and reporting. The end user interface is much easier to use - and you can tell built form engineers who have had to do the work. My suggestion for anyone considering Darktrace, is to get the price upfront; do a 30/60 onsite trail; and do the same thing, at the same time, with AlienVault. AlientVault will win every time. I say that because that's exactly what I did.
One of the big features of Mimecast is the ability to send large files. We used to use CItrix Sharefile for this but switched over to Mimecast's LFS for one large reason...since we are archiving all of our mail in Mimeast anyway we would have wanted these attachments, even if large, also available to if we go back to look at old emails. However just for usability sake I think Citrix Sharefile's large file send is more polished and probably works a little better. We just choose to use the Mimecast so we had a one stop shop when it came to email archiving
One big positive is how it helps us with the security assessments that clients have done on us. They are looking to see if we know how we might have unusual/malicious traffic running on the network.
If you have a small network and only need 1 appliance, it can be a good ROI and peace of mind.
You could go down a hole in trying to spend time looking at all of your traffic with this software. You need to focus only on what it is showing as potential bad traffic.
