Darktrace AI interrupts in-progress cyber-attacks, including ransomware, email phishing, and threats to cloud environments. It's able to detect and establish baselines for your organization so it can make the distinction between what is and what isn't normal network activity for your organization. This allows it to tackle complex cyber-attacks as they happen and prevent future cyber-attacks from happening.
N/A
WatchGuard Network Security
Score 9.2 out of 10
N/A
WatchGuard Network Security is a network security and firewall software. WatchGuard includes secure Wi-Fi, multi-factor authentication, and network intelligence products and services designed for SMB’s.
Several years ago we were searching a solution for a medium company target, with all security features and not too expensive. After several years we renewed the solutions with new appliances.
Darktrace is a product well suited for the vast majority of infrastructures and helps monitoring and responding to threats based on the network in a very elastic way. This is a product based on on-premise infrastructures that hosts its machines locally, of course it can be technically difficult to monitor an entire On-Cloud infrastructure but even there there's room for sensors and monitoring, not to mention the SaaS and mail integration that completes the product.
WatchGuard Network Security products are suitable for most situations. From securing small, low-budget VSEs to large enterprises and SMEs.It's just a pity that the firewalls in the M range (M290/M390) don't come with integrated SFP+ modules as standard. Such integration would enable inter-vlan 10Gbps traffic to be managed without the need for additional modules, and at no extra cost.
Uses it Al model UEBA to detect anomalies in the behaviour of not only the users in a corporate network but also the routers, servers, and endpoints in that network.
Provides a visualisation of both egress and outbound network traffics flowing in and out of the organisation.
Darktrace comes with it autonomous AI model detection and responses capabilities.
Darktrace as an AI next generation NDR solution, prevents ,contains and quarantines malicious traffics from and into the corporate network.
Intrusion Prevention: provides an advanced Intrusion Prevention System (IPS) that uses real-time threat intelligence to detect and block known and unknown threats. The IPS inspects all network traffic, including encrypted traffic, to identify and block any malicious activity before it can enter the network.
Application Control: offers granular application control that enabled us to control which applications can access the network and how they are used.
Web Content Filtering: provides web content filtering capabilities that allow to control and monitor access to websites based on their content. This helps to prevent employees from accessing inappropriate or malicious websites, which can compromise the security of the network.
There are few areas that I would say need to be improved; their customer support portal allows you to log tickets with any suggestions or things you feel the product is missing, and they will generally show you how to achieve what you want, or in some cases, introduce it as a feature in a later update.
For those who would like top level security and deployment of their security and protection, I would recommend easier quicker to use interfaces for users at smaller companies that do not have the experience with the provided services, so they can better utilize and deploy the software/equipment.
Have easy to understand, easy to access tutorials from the web interface to help new users and non IT Professionals to use the services provided.
Streamline the interface more to allow for easier understanding for all users, appealing to others so they feel less intimidated by the interaction with your services goes far, especially with smaller companies who have owners who want to know, have basic understanding of managing it, especially if they do not have an IT Professional or IT Consultant readily on staff. Not every company even knows they need this kind of protection, and trying to explain it to them, with the very technical and unique lexicon of words Information Technology and Security provides does at times prove to be difficult.
I'm giving this note to WatchGuard Network Security due to its ease of daily support (after acquiring necessary knowledge in the solution), which allows agility in configuration changes, its integration of several reliable security features (such as SSL VPN, VPN Virtual Interfaces between companies, and others) and functional and stability in operation, with no downtime in the equipment due to problems or malfunctions
WatchGuard Network Security firewalls have a very convenient way of managing them. Their live logging makes it very easy to quickly monitor traffic and see what's going on and what changes might be needed to be done to get something to work. In most cases, it was the WatchGuard Network Security logging that helped us find an issue when getting the device to work with a competitor's device (i.e. setting up VPN) because the other side lacked easy-to-understand yet detailed debug information.
Darktrace support is excellent in my experience. They send a competent engineer on-site to provide on-boarding training. They were also very responsive in responding to questions and concerns. Having an individual point of contact who is a competent network and security engineer is not a common experience, at least for me.
For something that is considered business critical they should be far more responsive. Security isn't something to take lightly in today's work environment and so long as its working you are happy. But when it doesn't and you need that professional assistance, they weren't always there and I ultimately resolved my issues with the help of Google.
We participate to a in person training and the three days of learning was really useful and complete to gain skill to solve the major part of the problem we encounter during our life. And more the in person training give us the opportunity to create a network with other WatchGuard partner.
I had my key information for setting up the firewall, and they assisted me in finding the settings and appropriate places to enter data. They also helped troubleshoot when I didn't understand some of their feature concepts, and we got it running.
We did NOT select Darktrace. OSSIM/AlienVault is a more mature product and it provided better intelligence and reporting. The end user interface is much easier to use - and you can tell built form engineers who have had to do the work. My suggestion for anyone considering Darktrace, is to get the price upfront; do a 30/60 onsite trail; and do the same thing, at the same time, with AlienVault. AlientVault will win every time. I say that because that's exactly what I did.
We use SonicWall TZ boxes in our small branch offices for their simplicity and low cost and Watchguard in our larger head office due to its scalability, we find both products work well together when configuring WAN's using branch office VPN's.
One big positive is how it helps us with the security assessments that clients have done on us. They are looking to see if we know how we might have unusual/malicious traffic running on the network.
If you have a small network and only need 1 appliance, it can be a good ROI and peace of mind.
You could go down a hole in trying to spend time looking at all of your traffic with this software. You need to focus only on what it is showing as potential bad traffic.