Skip to main content
TrustRadius
NetWitness Network

NetWitness Network

Overview

What is NetWitness Network?

NetWitness Network is a cybersecurity solution designed to detect and respond to network threats. According to the vendor, it provides real-time visibility into an organization's IT infrastructure, making it suitable for businesses of various sizes. This product is utilized by cybersecurity professionals,...

Read more

Learn from top reviewers

Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is NetWitness Network?

RSA NetWitness Network (formerly RSA Security Analytics) is network detection and response security application from RSA Security company NetWitness.

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

Alternatives Pricing

N/A
Unavailable
What is WatchGuard Network Security?

WatchGuard Network Security is a network security and firewall software. WatchGuard includes secure Wi-Fi, multi-factor authentication, and network intelligence products and services designed for SMB’s.

What is ManageEngine ADAudit Plus?

ADAudit Plus offers real-time monitoring, user and entity behaviour analytics, and change audit reports that helps users keep AD and IT infrastructure secure and compliant.Track all changes to Windows AD objects including users, groups, computers, GPOs, and OUs.Achieve hybrid AD monitoring with a…

Return to navigation

Product Details

What is NetWitness Network?

NetWitness Network is a cybersecurity solution designed to detect and respond to network threats. According to the vendor, it provides real-time visibility into an organization's IT infrastructure, making it suitable for businesses of various sizes. This product is utilized by cybersecurity professionals, IT administrators, security operations centers (SOCs), network administrators, and financial institutions to enhance network security and protect against emerging threats.

Key Features

Comprehensive Threat Detection: According to the vendor, NetWitness Network offers full-packet capture, metadata, and netflow capabilities to detect and monitor emerging, targeted, and unknown threats as they traverse the network.

Enriched Log Data: The vendor claims that NetWitness Network enriches log data with threat intelligence and contextual information, helping to identify high-priority threats and reduce false positives.

Pervasive Visibility: According to the vendor, NetWitness Network provides a centralized platform for managing and monitoring network traffic, making it easier to handle large volumes of data and facilitating the administration and analysis of data across the entire IT environment.

Accelerated Threat Detection and Response: The vendor states that NetWitness Network offers immediate, deep network visibility required to accelerate network threat detection, investigation, and forensics, allowing organizations to respond promptly and minimize the potential impact of attacks.

Intuitive Data Visualizations: NetWitness Network provides intuitive data visualizations and nodal diagrams, according to the vendor, making it easier to understand and analyze network data.

Threat Exposure: The vendor claims that NetWitness Network utilizes patented parsing and indexing technology to dynamically parse and enrich log data at the time of packet capture, helping to expose threats that may be hiding in the network.

Robust Forensics Capabilities: According to the vendor, NetWitness Network combines deep inspection of hundreds of protocols with a powerful, integrated toolkit for forensic investigations, enabling detailed analysis of network traffic and facilitating thorough investigations.

Native Decoding Support: The vendor states that NetWitness Network provides native decoding capabilities, allowing it to handle encoded traffic effectively. It also integrates with third-party solutions to provide additional support for decryption, ensuring comprehensive visibility into network traffic.

Real-time Visibility: According to the vendor, NetWitness Network offers real-time visibility into all network traffic, whether it is on-premises, in the cloud, or across virtual environments. It utilizes behavioral analytics, data science techniques, and threat intelligence to detect known and unknown attacks.

Centralized Monitoring: The vendor claims that NetWitness Network can centrally monitor network traffic for threats, regardless of their source. It can deploy collection components on-premises, virtually, across hybrid architectures, or within public clouds, providing visibility across the digital landscape.

NetWitness Network Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews From Top Reviewers

(1-2 of 2)

RSA SA - Security expert

Rating: 8 out of 10
December 03, 2015
UA
Vetted Review
Verified User
NetWitness Network
1 year of experience
I worked for HCL technologies and was deployed at SBI IT headquarters for implementing their security operations center which involved implementing the tool. They used this tool to manage the security for their entire organizations web gateway . It had a capacity of close to 500000 events per second and had approximately 37000 various security devices linked to the tool .
  • Easy to use and understand
  • Provides extensive details to analyze the threat with more accuracy
  • It is a smart tool with graphical display of data for easier interpretation
Cons
  • The meta part to form the dashboards were a bit complicated
  • The user interface could be made more understandable
It is perfectly suited for large organizations aiming for providing web security to the customers or also if they are interested to setup their own security perations center . It is one of the leading security tools in the market and offers comprehensive capability in dealing with web attacks.
  • Increased efficiency
  • Reduced the number of web attacks and data is more secured
  • Better customer service
It was more advanced and comprehensive . The personalized dashboards and view was the major likeable difference . The correlation could help us analyze better and was more effective , the drill down features gives more information at one go .
SolarWinds Log & Event Manager, IBM Security Network Intrusion Prevention System

RSA Security Analytics (Netwitness)

Rating: 5 out of 10
May 02, 2018
Vetted Review
Verified User
NetWitness Network
2 years of experience
We use RSA Security Analytics (previously Netwitness) as a network DVR for look back at events. It does full packet capture and reconstruction. For forensic analysis this is invaluable. It has some threat detection capability. The new GUI is significantly better and actually makes menus usable and reduces confusion for new users.
  • Full packet capture allows look back on security events
  • Packet reconstruction is essential to make sense of packets captured
  • Threat analysis of captured packets provide additional indicators of compromise
Cons
  • GUI was horrible prior to the current version
  • In our experience, support does not proactively stay in contact. No health checks or roadmap presentation. Only an automated email at renewal time.
  • Updates frequently break the box and require support intervention
Netwitness is an industry leading tool. If you can figure out how to use it, the data is crucial to investigations. The support is improving, but has some distance to cover before they are up to standard for an enterprise level.
  • The tool is great and an important part of my tool box
  • The level of administration needed is a little too high
  • Support relationships have to be customer led and prompted
Return to navigation