Darktrace AI interrupts in-progress cyber-attacks, including ransomware, email phishing, and threats to cloud environments. It's able to detect and establish baselines for your organization so it can make the distinction between what is and what isn't normal network activity for your organization. This allows it to tackle complex cyber-attacks as they happen and prevent future cyber-attacks from happening.
N/A
NETSCOUT nGeniusONE
Score 8.7 out of 10
N/A
NETSCOUT’s nGeniousONE is a platform designed to monitor enterprise-level networks. It includes standard monitoring capabilities, as well as advanced inspection and analytics features.
Darktrace is a product well suited for the vast majority of infrastructures and helps monitoring and responding to threats based on the network in a very elastic way. This is a product based on on-premise infrastructures that hosts its machines locally, of course it can be technically difficult to monitor an entire On-Cloud infrastructure but even there there's room for sensors and monitoring, not to mention the SaaS and mail integration that completes the product.
NETSCOUT nGeniusONE is a great network performance monitoring tool as it helps to trace the path of packet and to identify the exact place where the packet is loss. It is well suited in scenarios where the organization have large network and they need continuous monitoring because loss of connectivity may lead to serious financial loss in sectors like banking, hospitals. The network performance and connectivity needs to be stable for proper execution of transactions, bookings, data transfer and other critical task. Performance monitoring of large enterprise is a big task and doing that manually requires very much effort, but with NETSCOUT nGeniusONE it becomes easy. It is not well suited in scenarios where there is small network and they can survive if any link flaps for small duration of time.
Uses it Al model UEBA to detect anomalies in the behaviour of not only the users in a corporate network but also the routers, servers, and endpoints in that network.
Provides a visualisation of both egress and outbound network traffics flowing in and out of the organisation.
Darktrace comes with it autonomous AI model detection and responses capabilities.
Darktrace as an AI next generation NDR solution, prevents ,contains and quarantines malicious traffics from and into the corporate network.
NetScout nGeniusONE can help to deep dive into the packet layer, help to identify the real network and service performance problems in the protocol layer. We have been using NetScout nGeniusONE as the main monitoring solution for the mobile network for many years.
I have recently use NetScout nGeniusONE to support problem troubleshooting for a customer issue complaining of slow application connection into our Datacenter services. it was easy to use NetScout nGeniusONE to capture the problematic connection sessions by using various type of filters and export a pcap file for further analysis.
I‘ve also use NetScout nGeniusONE to investigate an NBN connection issue which was intermittent and hard to capture, however, by using NetScout nGeniusONE it was easy to go back to the history capture and logs, so we won't miss any important leads.
There are few areas that I would say need to be improved; their customer support portal allows you to log tickets with any suggestions or things you feel the product is missing, and they will generally show you how to achieve what you want, or in some cases, introduce it as a feature in a later update.
Requires quite a bit of training not only for config but to use. Highly recommend having a SME come in from Netscout to help initially for these. Once you learn the UI, it’s much better to use but is not intuitive.
Darktrace support is excellent in my experience. They send a competent engineer on-site to provide on-boarding training. They were also very responsive in responding to questions and concerns. Having an individual point of contact who is a competent network and security engineer is not a common experience, at least for me.
If you spend the right amount of money with them they work very close to you to support your needs. I ignore how they work in companies with lower expenses on their products. NetScout is not a very dynamic introducing platform with enhancements that their customers need. We contract their professional services so support level is good, although too pricey from my perspective.
We did NOT select Darktrace. OSSIM/AlienVault is a more mature product and it provided better intelligence and reporting. The end user interface is much easier to use - and you can tell built form engineers who have had to do the work. My suggestion for anyone considering Darktrace, is to get the price upfront; do a 30/60 onsite trail; and do the same thing, at the same time, with AlienVault. AlientVault will win every time. I say that because that's exactly what I did.
Wireshark has been around for years and has been used primarily for packet analyzing. NetScout does this and goes above and beyond with the graphics interface analyzes and customer filtering for packet analyzes. You can go straight to the packet analyze within NetScout but you will find that to be more work, this would be like starting with Wireshark. Instead, begin with the graphical interface to narrow down the traffic, a visual effect. Then go to the packet analyzer, time saver. As for PRTG, it's a NetFlow/SNMP collector with a quick and dirty look at traffic but lacks the tools to dig into the information it provides.
One big positive is how it helps us with the security assessments that clients have done on us. They are looking to see if we know how we might have unusual/malicious traffic running on the network.
If you have a small network and only need 1 appliance, it can be a good ROI and peace of mind.
You could go down a hole in trying to spend time looking at all of your traffic with this software. You need to focus only on what it is showing as potential bad traffic.
NETSCOUT nGeniusONE is the best tool and very profitable for our organization as it helped in to reduce the manual effort of engineers to track the Network flaps and connectivity issue.
Return on investment for this product is quiet good as of now and we have achieved 80% ROI till now and we are very much confident that we will achieve the full ROI.
It has helped in cost cutting as we need only few network admin and engineers to track the discovery, behavior and connectivity. Earlier we need a lot of employee to do that due to which the organization may suffer some financial loss.
