Sign in
Sign in
or
Create a new account
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

ExtraHop Packet Basics (Free)

ExtraHop | 8.5.50.1561

Linux/Unix, Other 7.6.0-r2 - 64-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

67 reviews
from G2

External reviews are not included in the AWS star rating for the product.

    Matthew R.

This is the way

  • September 22, 2021
  • Review verified by G2

What do you like best about the product?
The insight provided by the appliance and Trigger capabilities
What do you dislike about the product?
The Bundles provided by ExtraHop have not been updated with new content recently.
What problems is the product solving and how is that benefiting you?
Ransomware awareness/prevention, better grasp on IoT and OT devices in our environment, device isolation based on configured triggers, and developers are using the appliance to troubleshoot, too.
Recommendations to others considering the product:
Don't take my word for it, give it a test drive. Or better yet, do a bake-off with a competitor and see the difference for yourself.

    Defense & Space

Visibility into network activities that we've never had before

  • September 16, 2021
  • Review provided by G2

What do you like best about the product?
Network mapping and notification of anomolous/potentially harmful traffic
What do you dislike about the product?
Our network is constantly changing, so constant reconfiguration of nTAPs and aggregators to achieve most comprehensive visibility is time consuming.
What problems is the product solving and how is that benefiting you?
ExtraHop allows our Authorizing Official to feel more comfortable accepting some risk when temporarily hosting systems that we do not own/manage.

    Hospital & Health Care

Great network analysis tool

  • August 19, 2021
  • Review verified by G2

What do you like best about the product?
The most helpful thing about ExtraHop is the user interface and the comprehensive search bar.
What do you dislike about the product?
The Reveal(x) needs a lot of fine-tuning
What problems is the product solving and how is that benefiting you?
We are looking into network flows and network traffic statistics as our primary use case. The dashboards have been great for giving us this information.

    Hospital & Health Care

Chief Information Security Officer

  • August 05, 2021
  • Review provided by G2

What do you like best about the product?
RevealX's ability to clear out the white noise and correlate events to pinpoint threat activities on my networks.
What do you dislike about the product?
The need for multiple taps to help data correlation activities. Unfortunately, I do not see a way around this currently.
What problems is the product solving and how is that benefiting you?
Identification and correlation activities.
Recommendations to others considering the product:
Ensure that you scope your environments appropriately and size your appliance accordingly.

    Financial Services

Visibility you didn't know you needed

  • August 05, 2021
  • Review provided by G2

What do you like best about the product?
It provides a clear indication of what is going on; on the wire, the network, app dev and security teams can see the same unbiased point of view
What do you dislike about the product?
It takes additional infrastructure to get the most value out of the tool.
What problems is the product solving and how is that benefiting you?
Application performance problems to time to resolution decreased by 40%, since everyone can agree on what it is not. Less finger-pointing about where the problem lies.

    Travis S.

One of the Best Tools in the Network Visibility Space

  • August 04, 2021
  • Review verified by G2

What do you like best about the product?
Extrahop does exactly what it says it will do - analyze traffic live on the wire and present that traffic in easily digested formats, broken down by various metrics. The addition of Reveal(X) to capture potentially risky traffic helps our security incident teams correlate and track down quicker.
What do you dislike about the product?
Extrahop has an avenue it needs to deep dive into immediately, and that's inspecting, categorizing, risk scoring, and using external database data for a deep dive into IIoT/IoT devices. Currently, it can see the traffic on the wire, but the behaviors and risks behind IoT devices will overtake the standard known IT hardware in a few years. Given that these devices are already presenting significant risks to enterprises, they could become indispensable by becoming the masters of IoT devices.
Not necessarily Extrahop's fault as it is a problem with any of these solutions, but aggregating traffic in a large enterprise is not only challenging but an expensive endeavor. There are plenty of networks we want to see but cannot afford to increase the number of EDAs. As a work-around, we use packet brokers to decrease the traffic flows to those we care about to ensure we don't massively oversubscribe the devices.
What problems is the product solving and how is that benefiting you?
We are using ExtraHop for both performance and security purposes. The developers and networking teams use ExtraHop to detect and remediate performance issues. Security teams use ExtraHop as both a correlation/evidence source and for detecting odd, insecure behaviors before they become problems. Using ExtraHop as the primary source, we have detected devices behaving badly that would never have been seen before.

    Translation and Localization

NIDS like no other

  • August 04, 2021
  • Review provided by G2

What do you like best about the product?
ExtraHop gives you insight into your network like no other. This tool provides you with actionable information without the noise. The threat briefs allow you to see if your exposure to current significant threats quickly.
What do you dislike about the product?
Not much that I do not like about the tool, the issues that I have experienced with it were dealing with engineers deploying the tool and not the tool itself.
What problems is the product solving and how is that benefiting you?
Significantly enhanced network visibility, asset inventory.

    Transportation/Trucking/Railroad

key to success in monitoring and response

  • August 04, 2021
  • Review provided by G2

What do you like best about the product?
this tool gives me key insight into my network and helps me identify unknown assets and compromises in real time where i have gaps in my edr coverage. it also provides more data when pivoting from my edr tool. i deploy this tool at every company i work at.
What do you dislike about the product?
i love everything about this tool, great alerts, easy to tune and great interface.
What problems is the product solving and how is that benefiting you?
unknown assets, provide extra network data when investigating any alerts.

    Education Management

Security Analyst

  • August 04, 2021
  • Review provided by G2

What do you like best about the product?
Simplicity. It was very easy and fast to get Reveal(x) and trace up and running. All you need to get right is the feed. Dashboards are easy to use and follow up on alerts.
What do you dislike about the product?
false positives are sometimes hard to filter out.
What problems is the product solving and how is that benefiting you?
Visibility into network activity and forensics.

    François G.

A complete NDR solution for an outstanding network visibility

  • June 23, 2021
  • Review verified by G2

What do you like best about the product?
Pretty easy to setup once you know the basics of spanning your traffic correctly and even easier since it has dedup engine, It has a user friendly interface which present clearly the security detection and network amalyticsf for the security and network team. In addition of providing a lot of detection as an IDS do, it also monitor host behavior to prevent privilege escalation or larfe data transfer per example. As a network specialist i specially enjoy the monitoring of our network health through advanced tcp analysis and protocol errors. Extrahop 360 have a powerful engine that let us do fast searches and that keeps a large amount of metadataso we can go back in time.
What do you dislike about the product?
All our detection are sent to our Log Rhythm SIEM to centralize all of our device traps, but since there's no official integration with it, it's not parse correctly sand it seems like it'll need a lot work to integrate it. Depending on how you do your ssl decryption, it could need some custom integration with their dev team to intergrate it. QOS monitoring is a must for most network having an increased demand for voice and videotraffic, but Extrahop has some gaps regarding that compare to some other product like Corvil. I wouldn't go back to Corvil thought...
What problems is the product solving and how is that benefiting you?
We were able to identify unanutorized access to some servers, rogue acces point and it facilitate user tracking. It also helps us identify unsecured protocol like servers using tls1.1 and smb v1 per exemple. Finally, helping us sanitizing our network traffic just by looking in different dashboard like which workstation and servers are causing errors and what kind it is, there's one of the greatest advantage of the product.

showing 41 - 50