Name: NetWitness Network
Rating: 6 (7 reviews)
Author: RSA Security

Help Desk

Web and Video Conferencing

Customer Support

Batch Management Software

Product Lifecycle Management (PLM)

Development

Business Intelligence (BI)

Collaboration

Digital Rights Management (DRM)

Enhanced 911 (E911)

Facility Management

IP PBX

Operational Analytics

Policy Management

Enterprise

Accounting

Invoicing

Nonprofit Accounting

Subscription Management

Finance and Accounting

Applicant Tracking

Corporate Learning Management

Employee Recognition

Employee Scheduling

HR Management

Payroll

Stock Option Plan Administration

Talent Intelligence

Talent Management

Workforce Analytics

Workforce Management

Human Resources

Application Performance Management (APM)

Archiving

Build Automation

Cloud Cost Management

Cloud Storage

Code Review

Configuration Management Databases

Data Mapping

Density-Optimized Servers

Email Encryption

Firewall Security Management

Fraud Detection

IP Address Management (IPAM)

IT Service Providers

Integration Platform as a Service (iPaaS)

Log Management

Managed DNS

Network Performance Monitoring

Software-Defined WAN

System Monitoring

Web Scraping

WiFi Hotspot

Workload Automation

Information Technology

A/B Testing

Ad Serving & Retargeting

All-in-One Marketing

Audio Editing

Content Management

Email Deliverability

Email Marketing

Marketing Automation

Online Proofing

Search Engine Marketing (SEM)

Social Media Management

Social Media Marketing

Survey & Forms Building

Web Analytics

Marketing

Job Site Management

Project Management

Waste Management

Writing and Proofreading Tools

Professional Services

Customer Relationship Management (CRM)

Product Configuration

Social Commerce

Sales

Laboratory Information Management

Membership Management

Roofing

Vertical-Specific

Find top rated software and services based on in-depth reviews from verified users. 400+ software categories including PaaS, NoSQL, BI, HR, and more.

Darktrace

Plixer Scrutinizer

Plixer International

FireMon

Symantec Advanced Threat Protection

Broadcom

Tripwire Enterprise

Fortra

Cisco Secure Network Analytics

Cisco

Qualys TruRisk Platform

Qualys

Akamai Guardicore Segmentation

Akamai

Speedify VPN

Connectify, Inc.

NetWitness Network is a cybersecurity solution designed to detect and respond to network threats. According to the vendor, it provides real-time visibility into an organization's IT infrastructure, making it suitable for businesses of various sizes. This product is utilized by cybersecurity professionals, IT administrators, security operations centers (SOCs), network administrators, and financial institutions to enhance network security and protect against emerging threats.

## Key Features

**Comprehensive Threat Detection**: According to the vendor, NetWitness Network offers full-packet capture, metadata, and netflow capabilities to detect and monitor emerging, targeted, and unknown threats as they traverse the network.

**Enriched Log Data**: The vendor claims that NetWitness Network enriches log data with threat intelligence and contextual information, helping to identify high-priority threats and reduce false positives.

**Pervasive Visibility**: According to the vendor, NetWitness Network provides a centralized platform for managing and monitoring network traffic, making it easier to handle large volumes of data and facilitating the administration and analysis of data across the entire IT environment.

**Accelerated Threat Detection and Response**: The vendor states that NetWitness Network offers immediate, deep network visibility required to accelerate network threat detection, investigation, and forensics, allowing organizations to respond promptly and minimize the potential impact of attacks.

**Intuitive Data Visualizations**: NetWitness Network provides intuitive data visualizations and nodal diagrams, according to the vendor, making it easier to understand and analyze network data.

**Threat Exposure**: The vendor claims that NetWitness Network utilizes patented parsing and indexing technology to dynamically parse and enrich log data at the time of packet capture, helping to expose threats that may be hiding in the network.

**Robust Forensics Capabilities**: According to the vendor, NetWitness Network combines deep inspection of hundreds of protocols with a powerful, integrated toolkit for forensic investigations, enabling detailed analysis of network traffic and facilitating thorough investigations.

**Native Decoding Support**: The vendor states that NetWitness Network provides native decoding capabilities, allowing it to handle encoded traffic effectively. It also integrates with third-party solutions to provide additional support for decryption, ensuring comprehensive visibility into network traffic.

**Real-time Visibility**: According to the vendor, NetWitness Network offers real-time visibility into all network traffic, whether it is on-premises, in the cloud, or across virtual environments. It utilizes behavioral analytics, data science techniques, and threat intelligence to detect known and unknown attacks.

**Centralized Monitoring**: The vendor claims that NetWitness Network can centrally monitor network traffic for threats, regardless of their source. It can deploy collection components on-premises, virtually, across hybrid architectures, or within public clouds, providing visibility across the digital landscape.

RSA NetWitness Network (formerly RSA Security Analytics) is network detection and response security application from RSA Security company NetWitness.

Cisco Meraki MX Firewalls is a combined UTM and Software-Defined WAN solution. Meraki is managed via the cloud, and provides core firewall services, including site-to-site VPN, plus network monitoring.

MX64

MX67

MX68

MX84

MX100

MX250

MX450

Cisco Meraki MX

Premium

Essential

GoodAccess

NetWitness Network

Network Security Software is dedicated to prevention / pre-empting and locating / containing an Advanced Persistent Threat (APT) through the study of recent behaviors and behavioral change of malicious entities and locating or anticipating, and reacting to, a similar pattern in an enterprise's own networks. The goal is to minimize exposure to APTs while also minimizing, to the extent desired, false positives (i.e. erroneously flagging benign behaviors as malicious).

Network Security

Likelihood to Recommend

RSA Security

IBM Security Network Intrusion Prevention System

Arcsight by OpenText

SolarWinds Security Event Manager (SEM)

NetWitness Cloud SIEM

Skyhigh Secure Web Gateway

Digital Defense SecurED, acquired by HelpSystems

Graduate Engineer trainee

RSA Security Analytics 2015-12-03 01:49:34

RSA Security Analytics 2018-04-30 10:34:53

TrustRadius is a technology and business research firm based in Austin, Texas. The company is known as a review platform for verified B2B technology and software reviews through a proprietary algorithm and human verification.

TrustRadius

User interface

Current version

Health checks

Automated email

Bit complicated

Easy to use

Packet capture

Security events

Home

Network Security Software

I worked for HCL technologies and was deployed at SBI IT headquarters for implementing their security operations center which involved implementing the tool. They used this tool to manage the security for their entire organizations web gateway . It had a capacity of close to 500000 events per second and had approximately 37000 various security devices linked to the tool .

Easy to use and understand
Provides extensive details to analyze the threat with more accuracy
It is a smart tool with graphical display of data for easier interpretation

The meta part to form the dashboards were a bit complicated
The user interface could be made more understandable

Increased efficiency
Reduced the number of web attacks and data is more secured
Better customer service

SolarWinds Log & Event Manager, IBM Security Network Intrusion Prevention System

We use RSA Security Analytics (previously Netwitness) as a network DVR for look back at events. It does full packet capture and reconstruction. For forensic analysis this is invaluable. It has some threat detection capability. The new GUI is significantly better and actually makes menus usable and reduces confusion for new users.

Full packet capture allows look back on security events
Packet reconstruction is essential to make sense of packets captured
Threat analysis of captured packets provide additional indicators of compromise

GUI was horrible prior to the current version
In our experience, support does not proactively stay in contact. No health checks or roadmap presentation. Only an automated email at renewal time.
Updates frequently break the box and require support intervention

The tool is great and an important part of my tool box
The level of administration needed is a little too high
Support relationships have to be customer led and prompted

NetWitness Network

Overview

What is NetWitness Network?