Likelihood to Recommend Darktrace is a product well suited for the vast majority of infrastructures and helps monitoring and responding to threats based on the network in a very elastic way. This is a product based on on-premise infrastructures that hosts its machines locally, of course it can be technically difficult to monitor an entire On-Cloud infrastructure but even there there's room for sensors and monitoring, not to mention the SaaS and mail integration that completes the product.
Read full review Palo Alto Networks Wildfire is well suited for pretty much anywhere that you need the latest and greatest network security. It is extremely good at protecting you from the latest malware threats that might pose a potential problem for your network/endpoints. We've been very please since we installed it and I would say cost of the Palo Altos is the only drawback. If money were no object I'd go with a Palo Alto with Wildfire every time. But unfortunately in some smaller branches it just doesn't make financial sense.
Read full review Pros Uses it Al model UEBA to detect anomalies in the behaviour of not only the users in a corporate network but also the routers, servers, and endpoints in that network. Provides a visualisation of both egress and outbound network traffics flowing in and out of the organisation. Darktrace comes with it autonomous AI model detection and responses capabilities. Darktrace as an AI next generation NDR solution, prevents ,contains and quarantines malicious traffics from and into the corporate network. Read full review This is could base and easily manageable for our collocation. While working within the could can review in live time potential treats that it has reported from other devices. Worked very well with existing Palo Alto devices. Another huge plus is the simplicity of managing and ease of scalability. Its cost is competitive with similar/like products available. Read full review Cons There are few areas that I would say need to be improved; their customer support portal allows you to log tickets with any suggestions or things you feel the product is missing, and they will generally show you how to achieve what you want, or in some cases, introduce it as a feature in a later update. Read full review WildFire, like other sandboxes, has to stay up with malware sandbox evasion techniques, which necessitates larger file size limits. More file formats should be able to be submitted and scanned by WildFire, which needs improved initial administration and setup. It's quite pricey, and there's no warning choice for performance on the cloud. Read full review Likelihood to Renew It's a powerfull product that help administrators to provide email security to our organization.
Good metrics about received emails that help us to determine in doubt case if the email is a false positive or it's malware.
They're improving the product releasing continuous updates and have mobile phone app to manage it.
Read full review It works very well and takes care of protecting us from threats new and well-known. It's been a game changer in terms of threat detection & prevention.
Read full review Usability Darktrace comes with a simple usability interface with easy navigation and organisation.
Read full review Easy to use and works well. For the most part it's set it and forget it, but there's also some flexibility for high security environments and those with extra privacy concerns.
Read full review Support Rating Darktrace support is excellent in my experience. They send a competent engineer on-site to provide on-boarding training. They were also very responsive in responding to questions and concerns. Having an individual point of contact who is a competent network and security engineer is not a common experience, at least for me.
Read full review PAN support is very good. You can get the reasonable and timely support on any conditions. When the product is already integrated with the PAN firewalls, you can choose the severity levels based on the effect. The customer service/TAC is very helpful, they even have additional recommendations of advises for product usability. Local partners are also assisting the cases and give their expertise.
Read full review Alternatives Considered We did NOT select Darktrace.
OSSIM /AlienVault is a more mature product and it provided better intelligence and reporting. The end user interface is much easier to use - and you can tell built form engineers who have had to do the work. My suggestion for anyone considering Darktrace, is to get the price upfront; do a 30/60 onsite trail; and do the same thing, at the same time, with AlienVault. AlientVault will win every time. I say that because that's exactly what I did.
Read full review We wanted a single device to handle numerous jobs, such as antivirus, antimalware, vulnerability detection, url filtering, etc. Palo Alto provides this, while
TippingPoint IPS is a more dedicated product. Caveat: I used
TippingPoint over 5 years ago, so things may have changed.
Read full review Return on Investment One big positive is how it helps us with the security assessments that clients have done on us. They are looking to see if we know how we might have unusual/malicious traffic running on the network. If you have a small network and only need 1 appliance, it can be a good ROI and peace of mind. You could go down a hole in trying to spend time looking at all of your traffic with this software. You need to focus only on what it is showing as potential bad traffic. Read full review As we all know the product of Palo Alto is little bit expensive but its performance is far better than any of its competitors. So as I previously mentioned, Palo Alto should not sell WildFire Licence seperately. If the firewall is internet facing then only we should buy WildFire Licence. WildFire Licence is not necessary for internal firewall. If you are planning to buy a firewall for internal network where your traffic is not going towards internet so no need to buy WildFire Licence. Read full review ScreenShots