Sign in
Categories
Your Saved List Partners Sell in AWS Marketplace Amazon Web Services Home Help

Reveal(x) 8200v (BYOL)

ExtraHop | 8.6.0.1428

Linux/Unix, Other 7.6.0-r2 - 64-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

26 reviews
from G2

External reviews are not included in the AWS star rating for the product.


    Arron S.

Able to see the data now

  • May 03, 2021
  • Review verified by G2

What do you like best?
One of the things that I love about ExtraHop is the ability to go back in time to identify issues. We've all gotten that email where someone asks for help: "There was an issue on server2 last night, but it is working now. What happened?" Usually, there is a very slim chance of answering that question unless the issue happens again. With ExtraHop, I can go back to the exact time and see that the server started taking 2 seconds to return a response when it usually takes 10ms. Oh, and this happens every Tuesday night at the same time, is there a backup scheduled? When brought in to help troubleshoot an issue, I often feel like I understand an application better than the application owners because of all the visibility that I have at my fingers.
What do you dislike?
We had to get professional services to get us started with building out dashboards. Once built, we just copy-paste other applications using the same template. If there were some pre-canned dashboards to help get us started, we could have started using them much sooner.
What problems are you solving with the product? What benefits have you realized?
Performance troubleshooting was the driving force behind the purchase, but the Reveal(x) platform has boosted our security team due to the historical lookback capability and real-time alerting of potential security issues. While all security products require tuning, ExtraHop seems to do a better job of filtering out the noise, which allows us to spend our time chasing down actual issues instead of using yet another tool.


    Clay H.

Great potential that has already shown value

  • April 14, 2021
  • Review verified by G2

What do you like best?
The machine learning capabilities, baselining, and other automatic detections are the most vital features of Extrahop. The ability to group devices based on functionality automatically and create a baseline to detect anomalies make extra hop an essential tool in network detection. There are quite a few other features that we are not using to our fullest capability at the moment. However, we do plan to use these features once we feel we have mastered the detections within extrahop.
What do you dislike?
From my experience, it seems as if extra hop is in a learning phase when it comes to its cloud management capabilities. I see improvement, but it still has some growing to accomplish before it is near perfect. There are some features we would like to see improved upon within the cloud environment. For example, the ability to upgrade the sensors though the management cloud console instead of each device would be a great benefit for all customers. Along with simple settings changes through the cloud console such as API integrations, or rebooting. We imagine the cloud console being a true central point of management. Currently we feel it is not quite there.
What problems are you solving with the product? What benefits have you realized?
Extrahop has brought our attention to our immature vulnerability management program. Our vulnerability scanner was missing some areas, and extrahop pinpointed the address spaces the vulnerability scanner was omitting. Other issues such as passwords in plaintext have been detected by extrahop and used to resolve the issue. Extrahop has been a great tool to enrich data in combination with other tools such as SIEM, EDR/XDR, Vulnerability scanner, firewalls, etc.
Recommendations to others considering the product:
I would still recommend extrahop, even with the minor flaws it has. When the cloud management is fundamentally changed, I would have no issue recommending extrahop to anyone.


    Nemi G.

Network Detection & Response - Essential for Cyber Security Defense

  • April 13, 2021
  • Review verified by G2

What do you like best?
Truly offers a single pane of glass for IT and CyberSecurity monitoring, performance & response.
What do you dislike?
Heavy investment in infrastructure is required to support a large-scale distributed enterprise.
What problems are you solving with the product? What benefits have you realized?
ExtraHop offers clear visibility into network traffic at the enterprise and branch level, including encrypted traffic. The speed and efficacy of NDR solutions such as ExtraHop is key for offering near wirespeed detections and response. It is an essential tool for the Operations team.


    John C.

Our experience with ExtraHop has been very positive

  • March 23, 2021
  • Review provided by G2

What do you like best?
ExtraHop provides a wealth of information that can be leveraged by not only our security teams, but also other areas of our Organization. Server teams, Database teams, Networking, AD admins and more can all find benefit in the information presented.
What do you dislike?
We have had a few bug issues and a slow adoption but ExtraHop support has been very receptive and quick to help resolve issues. We are also going to be taking part in EH training which should help speed up the adoption by our SOC
What problems are you solving with the product? What benefits have you realized?
The first issue we found once EH was deployed was the holes in our tapping infrastructure. EH can only tell you about things it sees. In our case, we were not feeding all of the traffic from certain enclaves in our networks. This will allow us to increase our visibility throughout the environment.


    Richard S.

Two time customer

  • February 18, 2021
  • Review provided by G2

What do you like best?
Probably the most revealing aspect of ExtraHop's ability is the confidence they display by putting a proof of concept in without any fanfare, heavy lift or over selling. It goes in and starts working. The results are almost immediate as the network gets mapped and you can start seeing your whole environment on a single pane of glass. We were quickly able to discover things about our networks that heretofore had been lost between personnel turnover. It has readily become a centerpiece to our security and troubleshooting tool kit. This is my second time purchasing ExtraHop, first being as the CTO for a large hospital system and now as the CIO for a regional radiology group.
What do you dislike?
Tuning and filtering out the noise requires networking expertise and time. It is easy to get lost in drill down to drill down as the discovery can go much deeper than we might really need. I expect that it will take time to hone the pathways to the most relevant information.
What problems are you solving with the product? What benefits have you realized?
Key one right now is discovery. What do we have, how is it configured, is it optimal, is it secure, what is the user experience, are our applications operating as they should and many more questions that deep visibility into the network and attached devices can offer.


    Hospital & Health Care

Great visibility into network traffic

  • February 05, 2021
  • Review verified by G2

What do you like best?
I most like the granularity with which we can see and identify traffic patterns. It allows us visibility into the types of traffic on our network and where the traffic is going.
What do you dislike?
There is a bit of a learning curve when trying to do some more complex filtering, using scripting to aid in that.
What problems are you solving with the product? What benefits have you realized?
We recently replaced our previous network traffic analysis vendor for ExtraHop because of the additional insight into East-West traffic, helping to understand the "soft underbelly" a bit better.


    Telecommunications

Powerful analytics

  • February 05, 2021
  • Review verified by G2

What do you like best?
- Well designed/Intuitive/responsive GUI
- Can be used right out of the box
- Auto discover features
-Security detections
What do you dislike?
In general, I think it is an amazing tool, but the pricing is high
What problems are you solving with the product? What benefits have you realized?
-The tool speeds up troubleshooting process, which is very useful in our daily operations
-Also the security detections allow us to improve our security posture


    Telecommunications

It's an awesome platform, easy out of the box usage

  • February 02, 2021
  • Review verified by G2

What do you like best?
EAsy to use, intuitive platform, drill downs
What do you dislike?
Need more possibilities for the price models
What problems are you solving with the product? What benefits have you realized?
Baseline our network,analyse our traffic, alerting
Recommendations to others considering the product:
Easy out of the box platform, learning curve is smooth. Drill downs makes troubleshooting very easy.


    Shane G.

Network Detection Response with RevealX

  • January 27, 2021
  • Review provided by G2

What do you like best?
Good use of network data to provide info on a given IP. Is it a AD server or endpoint, what protocols is it using.

A strong set of "out of the box" Security alerts with little to no configuration. Machine learning or deviation from normal alerts + threat specific alerts like "cobalt-strike"

Realtime analysis of network data such as DNS requests without storing all the DNS data
What do you dislike?
RevealX security detections are usually correct but still point to some legitimate network traffic. There high threat detections like "DNS C2 channel" are effective but there is still work to be done. Especially at the lower end of there threat score modeling.

These low threat alerts are more like "notable behavior" and they provide great info when investigating an end point but there not worth the analyst time to investigate each one individually. I would like to see more intelligence in there detection algorithms, whereby and endpoint with 4 or 5 suspicious behaviors would score higher then an endpoint with 2. Extrahop needs to work on presenting there alert data in a more meaningful way and reduce the signal to noise ratio.
What problems are you solving with the product? What benefits have you realized?
Visibility is always a good thing of course but from a security point of view RevealX fills in the gaps that our EDR cannot. If our EDR is bypassed or compromised which is often the case in dev environments we still catch threats like "connection's to an internet DB" or "inbound RDP connections from the internet"


    Dewayne C.

Taking a peak behind the curtain

  • December 16, 2020
  • Review verified by G2

What do you like best?
- Network insight and threat intelligence analysis. With all the threats that can and will occur in your datacenter, ExtraHop give you extra auditing and insight into traffic within your datacenter (or cloud) walls.
- The GUI and it's interfacing is fairly intuitive. I am constantly impressed with the search functions and capabilities. Beyond just searching IPs, you can drill down by AD accounts, ports/protocols, or even services. That is all out of the box and does not include the customizable nature of your data sets to allow for more granular insight into your high priority apps.
- In addressing my second dislike below: ExtraHop has done a great job of addressing this by providing a ton of hands on training, on-line training, personal email responses, and a growing youtube channel to help users understand and grow the tool.
What do you dislike?
Set up the initial ExtraHop installation early in 2020. It was not a simple task to get up and running, but well worth it once everything is collecting data and providing insight.

There is also a learning curve in using ExtraHop. It is not like your typical tools that see traffic on the wire.
What problems are you solving with the product? What benefits have you realized?
I use ExtraHop in my day-to-day business. From finding the break down in new installation to identifying choke-points in your compute stack to threat hunting and analysis, this is a multi-discipline tool that can be used for anything you need insight on.
Recommendations to others considering the product:
I was a bit skeptical in my initial POC for ExtraHop as I was familiar with and comfortable using some of their near competitors tools and capabilities. The support that I received during the POC and their ability to help me start to put a clearer picture of our network and its performance I become more comfortable with the tool.