Darktrace AI interrupts in-progress cyber-attacks, including ransomware, email phishing, and threats to cloud environments. It's able to detect and establish baselines for your organization so it can make the distinction between what is and what isn't normal network activity for your organization. This allows it to tackle complex cyber-attacks as they happen and prevent future cyber-attacks from happening.
N/A
PRTG
Score 8.5 out of 10
N/A
PRTG Network Monitor is the flagship offering from German software company Paessler, for monitoring local and wide area networks (LANs & WANs), servers, websites, apps, and more.
The native iOS apps and desktop apps for alerts and easy visibility set PRTG Network Monitor apart from others. Websites are available with the others and Checkmk has connections to telegram or splunk to get push notifications, but not as easy to see the whole organization at …
Darktrace is a product well suited for the vast majority of infrastructures and helps monitoring and responding to threats based on the network in a very elastic way. This is a product based on on-premise infrastructures that hosts its machines locally, of course it can be technically difficult to monitor an entire On-Cloud infrastructure but even there there's room for sensors and monitoring, not to mention the SaaS and mail integration that completes the product.
integrates seamlessly with Windows servers via WMI and PowerShell, providing deep insights into resource usage, performance metrics, and system health. It's excellent at tracking CPU, memory, disk space, and event logs, enabling rapid troubleshooting and proactive maintenance. PRTG Network Monitor also effectively monitors Fortigate devices, providing detailed data on firewall health, traffic patterns, bandwidth utilization, VPN status, and security alerts. This visibility helps detect and resolve network security issues promptly.
Uses it Al model UEBA to detect anomalies in the behaviour of not only the users in a corporate network but also the routers, servers, and endpoints in that network.
Provides a visualisation of both egress and outbound network traffics flowing in and out of the organisation.
Darktrace comes with it autonomous AI model detection and responses capabilities.
Darktrace as an AI next generation NDR solution, prevents ,contains and quarantines malicious traffics from and into the corporate network.
There are few areas that I would say need to be improved; their customer support portal allows you to log tickets with any suggestions or things you feel the product is missing, and they will generally show you how to achieve what you want, or in some cases, introduce it as a feature in a later update.
Licensing on a per entity basis can be cumbersome for devices which have a ton of monitoring points like network switches\routers. Each sensor may count against a license, which could be a lot of you were monitoring every TX\RX of an SFP for example
A better method to easily template\copy monitors across devices
The navigation in the web GUI could be a little more straightforward in terms of the hierarchy
I would renew it because the platform has brought us many technical and economic benefits that make the cost-benefit ratio very good. Additionally, to do so does not require large investments in training, licensing or infrastructure, and at the administration level, extensive knowledge is not required to be able to bear it.
The Darktrace toolset is very expansive, allowing it to handle many different tasks, but this leads to a user interface that is sometimes not at all intuitive. Icons don't always make sense visually, and the associated tool tips do not always provide enough detail on what action the button performs
The tool is very intuitive to use and it is Windows-based (everybody knows how to use Windows) so it's easy to get into. Every time is setup in a hierarchy so if you have a good initial hierarchy design, it will really reduce administrative effort down the road.
Darktrace support is excellent in my experience. They send a competent engineer on-site to provide on-boarding training. They were also very responsive in responding to questions and concerns. Having an individual point of contact who is a competent network and security engineer is not a common experience, at least for me.
PRTG does everything we need it to do and more. Ease of use, ease of management and maintenance and clarity of monitoring of hundreds of different types of device and service gives this a large advantage over other products on the market that I have tried. I would definitely recommend it to anyone who needs a network monitoring product in their environment and even to people who don't know they need a solution yet!
It's very important that de project's teams have different member of the TI. We have learned too late the importa of Security Analyst at the design architecture moment. We have to rebuild part of the implementation for made this big mistake.
We did NOT select Darktrace. OSSIM/AlienVault is a more mature product and it provided better intelligence and reporting. The end user interface is much easier to use - and you can tell built form engineers who have had to do the work. My suggestion for anyone considering Darktrace, is to get the price upfront; do a 30/60 onsite trail; and do the same thing, at the same time, with AlienVault. AlientVault will win every time. I say that because that's exactly what I did.
PRTG offers more versatility in monitoring when compared to the other solutions we tested. The other solutions were also limited as far as customization options, which made them less adaptable to our networks. When compared to Auvik, for instance, we prefer PRTG as it offers immediate notifications through the desktop client - not limited to email notifications as with Auvik. We also appreciate the fact that PRTG can be self/on-prem hosted vs Auvik's cloud model. This makes for an easier deployment and less firewall adjustments to allow traffic to cloud-hosted solutions.
One big positive is how it helps us with the security assessments that clients have done on us. They are looking to see if we know how we might have unusual/malicious traffic running on the network.
If you have a small network and only need 1 appliance, it can be a good ROI and peace of mind.
You could go down a hole in trying to spend time looking at all of your traffic with this software. You need to focus only on what it is showing as potential bad traffic.
The ability to analyze multiple pieces of information in one place, especially with historical data, has saved our IT department time and headaches. It would be so much more difficult to trace an issue without PRTG, just relying on event logs and an open task manager window.
The cost is not cheap, so it's an expense that hits the bottom line like everything else. Figure in hardware costs as well, ideally a server outside of your main environment.
I keep saying this, but the historical data piece is worth so much. There's really no good way to collect all of that information in one place without something like PRTG. And that definitely saves time and money in the long run.
