Sign in
Categories
Your Saved List Partners Sell in AWS Marketplace Amazon Web Services Home Help

Reveal(x) 8200v (BYOL)

ExtraHop | 9.1.1.1825

Linux/Unix, Other 7.6.0-r2 - 64-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

61 reviews
from G2

External reviews are not included in the AWS star rating for the product.


    Transportation/Trucking/Railroad

key to success in monitoring and response

  • August 05, 2021
  • Review provided by G2

What do you like best?
this tool gives me key insight into my network and helps me identify unknown assets and compromises in real time where i have gaps in my edr coverage. it also provides more data when pivoting from my edr tool. i deploy this tool at every company i work at.
What do you dislike?
i love everything about this tool, great alerts, easy to tune and great interface.
What problems is the product solving and how is that benefiting you?
unknown assets, provide extra network data when investigating any alerts.


    Travis S.

One of the Best Tools in the Network Visibility Space

  • August 05, 2021
  • Review verified by G2

What do you like best?
Extrahop does exactly what it says it will do - analyze traffic live on the wire and present that traffic in easily digested formats, broken down by various metrics. The addition of Reveal(X) to capture potentially risky traffic helps our security incident teams correlate and track down quicker.
What do you dislike?
Extrahop has an avenue it needs to deep dive into immediately, and that's inspecting, categorizing, risk scoring, and using external database data for a deep dive into IIoT/IoT devices. Currently, it can see the traffic on the wire, but the behaviors and risks behind IoT devices will overtake the standard known IT hardware in a few years. Given that these devices are already presenting significant risks to enterprises, they could become indispensable by becoming the masters of IoT devices.
Not necessarily Extrahop's fault as it is a problem with any of these solutions, but aggregating traffic in a large enterprise is not only challenging but an expensive endeavor. There are plenty of networks we want to see but cannot afford to increase the number of EDAs. As a work-around, we use packet brokers to decrease the traffic flows to those we care about to ensure we don't massively oversubscribe the devices.
What problems is the product solving and how is that benefiting you?
We are using ExtraHop for both performance and security purposes. The developers and networking teams use ExtraHop to detect and remediate performance issues. Security teams use ExtraHop as both a correlation/evidence source and for detecting odd, insecure behaviors before they become problems. Using ExtraHop as the primary source, we have detected devices behaving badly that would never have been seen before.


    Translation and Localization

NIDS like no other

  • August 04, 2021
  • Review provided by G2

What do you like best?
ExtraHop gives you insight into your network like no other. This tool provides you with actionable information without the noise. The threat briefs allow you to see if your exposure to current significant threats quickly.
What do you dislike?
Not much that I do not like about the tool, the issues that I have experienced with it were dealing with engineers deploying the tool and not the tool itself.
What problems is the product solving and how is that benefiting you?
Significantly enhanced network visibility, asset inventory.


    François G.

A complete NDR solution for an outstanding network visibility

  • June 27, 2021
  • Review verified by G2

What do you like best?
Pretty easy to setup once you know the basics of spanning your traffic correctly and even easier since it has dedup engine, It has a user friendly interface which present clearly the security detection and network amalyticsf for the security and network team. In addition of providing a lot of detection as an IDS do, it also monitor host behavior to prevent privilege escalation or larfe data transfer per example. As a network specialist i specially enjoy the monitoring of our network health through advanced tcp analysis and protocol errors. Extrahop 360 have a powerful engine that let us do fast searches and that keeps a large amount of metadataso we can go back in time.
What do you dislike?
All our detection are sent to our Log Rhythm SIEM to centralize all of our device traps, but since there's no official integration with it, it's not parse correctly sand it seems like it'll need a lot work to integrate it. Depending on how you do your ssl decryption, it could need some custom integration with their dev team to intergrate it. QOS monitoring is a must for most network having an increased demand for voice and videotraffic, but Extrahop has some gaps regarding that compare to some other product like Corvil. I wouldn't go back to Corvil thought...
What problems is the product solving and how is that benefiting you?
We were able to identify unanutorized access to some servers, rogue acces point and it facilitate user tracking. It also helps us identify unsecured protocol like servers using tls1.1 and smb v1 per exemple. Finally, helping us sanitizing our network traffic just by looking in different dashboard like which workstation and servers are causing errors and what kind it is, there's one of the greatest advantage of the product.


    Insurance

Amazing product!

  • May 19, 2021
  • Review verified by G2

What do you like best?
The amount of data captured, analyzed and presented.
What do you dislike?
Overall, there is not much to dislike. My only feedback would be to ensure you do training as this is a tool where you get out of it what effort you put in.
What problems is the product solving and how is that benefiting you?
Full visibility into network traffic allowing us to identify endpoints which might not be in inventory.


    Arron S.

Able to see the data now

  • May 04, 2021
  • Review verified by G2

What do you like best?
One of the things that I love about ExtraHop is the ability to go back in time to identify issues. We've all gotten that email where someone asks for help: "There was an issue on server2 last night, but it is working now. What happened?" Usually, there is a very slim chance of answering that question unless the issue happens again. With ExtraHop, I can go back to the exact time and see that the server started taking 2 seconds to return a response when it usually takes 10ms. Oh, and this happens every Tuesday night at the same time, is there a backup scheduled? When brought in to help troubleshoot an issue, I often feel like I understand an application better than the application owners because of all the visibility that I have at my fingers.
What do you dislike?
We had to get professional services to get us started with building out dashboards. Once built, we just copy-paste other applications using the same template. If there were some pre-canned dashboards to help get us started, we could have started using them much sooner.
What problems is the product solving and how is that benefiting you?
Performance troubleshooting was the driving force behind the purchase, but the Reveal(x) platform has boosted our security team due to the historical lookback capability and real-time alerting of potential security issues. While all security products require tuning, ExtraHop seems to do a better job of filtering out the noise, which allows us to spend our time chasing down actual issues instead of using yet another tool.


    Clay H.

Great potential that has already shown value

  • April 14, 2021
  • Review verified by G2

What do you like best?
The machine learning capabilities, baselining, and other automatic detections are the most vital features of Extrahop. The ability to group devices based on functionality automatically and create a baseline to detect anomalies make extra hop an essential tool in network detection. There are quite a few other features that we are not using to our fullest capability at the moment. However, we do plan to use these features once we feel we have mastered the detections within extrahop.
What do you dislike?
From my experience, it seems as if extra hop is in a learning phase when it comes to its cloud management capabilities. I see improvement, but it still has some growing to accomplish before it is near perfect. There are some features we would like to see improved upon within the cloud environment. For example, the ability to upgrade the sensors though the management cloud console instead of each device would be a great benefit for all customers. Along with simple settings changes through the cloud console such as API integrations, or rebooting. We imagine the cloud console being a true central point of management. Currently we feel it is not quite there.
What problems is the product solving and how is that benefiting you?
Extrahop has brought our attention to our immature vulnerability management program. Our vulnerability scanner was missing some areas, and extrahop pinpointed the address spaces the vulnerability scanner was omitting. Other issues such as passwords in plaintext have been detected by extrahop and used to resolve the issue. Extrahop has been a great tool to enrich data in combination with other tools such as SIEM, EDR/XDR, Vulnerability scanner, firewalls, etc.
Recommendations to others considering the product:
I would still recommend extrahop, even with the minor flaws it has. When the cloud management is fundamentally changed, I would have no issue recommending extrahop to anyone.


    Nemi G.

Network Detection & Response - Essential for Cyber Security Defense

  • April 13, 2021
  • Review verified by G2

What do you like best?
Truly offers a single pane of glass for IT and CyberSecurity monitoring, performance & response.
What do you dislike?
Heavy investment in infrastructure is required to support a large-scale distributed enterprise.
What problems is the product solving and how is that benefiting you?
ExtraHop offers clear visibility into network traffic at the enterprise and branch level, including encrypted traffic. The speed and efficacy of NDR solutions such as ExtraHop is key for offering near wirespeed detections and response. It is an essential tool for the Operations team.


    John C.

Our experience with ExtraHop has been very positive

  • March 23, 2021
  • Review provided by G2

What do you like best?
ExtraHop provides a wealth of information that can be leveraged by not only our security teams, but also other areas of our Organization. Server teams, Database teams, Networking, AD admins and more can all find benefit in the information presented.
What do you dislike?
We have had a few bug issues and a slow adoption but ExtraHop support has been very receptive and quick to help resolve issues. We are also going to be taking part in EH training which should help speed up the adoption by our SOC
What problems is the product solving and how is that benefiting you?
The first issue we found once EH was deployed was the holes in our tapping infrastructure. EH can only tell you about things it sees. In our case, we were not feeding all of the traffic from certain enclaves in our networks. This will allow us to increase our visibility throughout the environment.


    Richard S.

Two time customer

  • February 19, 2021
  • Review provided by G2

What do you like best?
Probably the most revealing aspect of ExtraHop's ability is the confidence they display by putting a proof of concept in without any fanfare, heavy lift or over selling. It goes in and starts working. The results are almost immediate as the network gets mapped and you can start seeing your whole environment on a single pane of glass. We were quickly able to discover things about our networks that heretofore had been lost between personnel turnover. It has readily become a centerpiece to our security and troubleshooting tool kit. This is my second time purchasing ExtraHop, first being as the CTO for a large hospital system and now as the CIO for a regional radiology group.
What do you dislike?
Tuning and filtering out the noise requires networking expertise and time. It is easy to get lost in drill down to drill down as the discovery can go much deeper than we might really need. I expect that it will take time to hone the pathways to the most relevant information.
What problems is the product solving and how is that benefiting you?
Key one right now is discovery. What do we have, how is it configured, is it optimal, is it secure, what is the user experience, are our applications operating as they should and many more questions that deep visibility into the network and attached devices can offer.