The best security guard your network could have
January 29, 2020
The best security guard your network could have
Score 10 out of 10
Vetted Review
Verified User
Overall Satisfaction with Darktrace
Darktrace is used across almost all of my organisation. It allows constant monitoring across all of our networks, and because it has the ability to learn "normal" behaviour for your network, it triggers alerts when it sees behaviour outside of this range. It's allowed thorough monitoring of our systems, 24/7. You can download packet captures, which can then be loaded in to wireshark, of traffic from devices on the network, and the data for these captures are held for some time as well - the exact time varies depending on the amount of traffic, but I've normally been able to retrieve traffic data from a few weeks previously when needed. There is also a mobile app that you can configure to allow monitoring of alerts on your phone. On a few occasions in the past, when something alerted that was potentially damaging to the network (such as a malware outbreak at one site), a Darktrace employee contacted me directly to let me know that there was something potentially high priority going on.
Pros
- Monitors your network for unusual behaviour; as it learns what is normal for your network, you don't need to worry too much about things that are normal for your organisation, but might be considered odd in other places, triggering as alarms. It can also detect more subtle changes such as a device accessing a server but at an unusual time.
- There are a large number of models that are used to create the alerts, which can all be customised, and you can also create your own from scratch, to allow you to tailor it perfectly to your situation.
Cons
- There are few areas that I would say need to be improved; their customer support portal allows you to log tickets with any suggestions or things you feel the product is missing, and they will generally show you how to achieve what you want, or in some cases, introduce it as a feature in a later update.
- Productivity; Darktrace has allowed us to see a large number of occasions where the company network was being mis-used, particularly out of hours. This has allowed team managers to identify issues within their teams, where people have been say streaming movies instead of working. We've also been able to block more sites and services than we might otherwise have been aware of, that people were using to bypass our restrictions.
- Network security; we have had a few occasions where a user has had a scam email for example and opened the attachment, which has then attempted to traverse the network. Darktrace has detected this almost instantly on each occasion, and allowed us to stop the infection before it has had a chance to do any damage.
Do you think Darktrace delivers good value for the price?
Yes
Are you happy with Darktrace's feature set?
Yes
Did Darktrace live up to sales and marketing promises?
Yes
Did implementation of Darktrace go as expected?
Yes
Would you buy Darktrace again?
Yes
Comments
Please log in to join the conversation