NetWitness Platform
NetWitnessReviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
24 reviews
from
External reviews are not included in the AWS star rating for the product.
RSA token
What do you like best about the product?
1) Easy to use
2) Secure
3) Using RSA you can use your application any where in the word.
4) It has feature to configure at both ANdroid & iOs
5) Good security feature when using specially banking application
6) Access simplifies authentication and credential management, helping to reduce IT support costs. With a conditional-access and risk-based approach, it ensures users are who they say they are and provides the right level of access from any device, across cloud and on-premises applications.
7) Two-Factor Authentication
The RSA token is a physical ‘pen’ that generates a random code every 60 seconds. This code is used, along with the RSA PIN number that you choose, in order to gain authentication for access to an account or server. The RSA token offers a two-factor authentication process that consists of:
‘Something you know’ – A four digit, memorised PIN number.
‘Something you have’ – The physical token, which generates a 6 or 8 digit code every 60 seconds.
8) it does greatly enhance login security. It’s useful for anyone who wants to use two-factor authentication.
9) Deliver convenient, secure access to your extended enterprise with RSA SecurID Access, the leading multi-factor authentication and identity assurance solution. Whether you deploy it as a service in the cloud or on premises, RSA SecurID Access protects both SaaS applications and traditional enterprise resources with a full range of authentication methods and dynamic, risk-driven access policies.
2) Secure
3) Using RSA you can use your application any where in the word.
4) It has feature to configure at both ANdroid & iOs
5) Good security feature when using specially banking application
6) Access simplifies authentication and credential management, helping to reduce IT support costs. With a conditional-access and risk-based approach, it ensures users are who they say they are and provides the right level of access from any device, across cloud and on-premises applications.
7) Two-Factor Authentication
The RSA token is a physical ‘pen’ that generates a random code every 60 seconds. This code is used, along with the RSA PIN number that you choose, in order to gain authentication for access to an account or server. The RSA token offers a two-factor authentication process that consists of:
‘Something you know’ – A four digit, memorised PIN number.
‘Something you have’ – The physical token, which generates a 6 or 8 digit code every 60 seconds.
8) it does greatly enhance login security. It’s useful for anyone who wants to use two-factor authentication.
9) Deliver convenient, secure access to your extended enterprise with RSA SecurID Access, the leading multi-factor authentication and identity assurance solution. Whether you deploy it as a service in the cloud or on premises, RSA SecurID Access protects both SaaS applications and traditional enterprise resources with a full range of authentication methods and dynamic, risk-driven access policies.
What do you dislike about the product?
1) Stolen Seeds?
Every RSA SecurID has a unique 128 bit key hardware coded into it, a 128 bit number is very long number, so it’s very hard to brute-force/guess what it is. This key is often referred to as the seed. RSA keep a copy of the seed unless the customer specifically tells them to remove it, RSA’s storage of SecurID seeds is what is suspected to have been compromised. Each SecurID issued to a customer is associated with a customer based RSA SecurID Server, which stores the seed number. The seed is in essence a private key which must be kept secret, even from the user, and is used to generate the challenge response number on the SecurID token, and is used to match it up on SecurID Server.
In simple terms, if an attacker were to know which SecurID token you had, based on the serial number on the back or from the customer site database; and assuming the attacker had the stolen RSA database of serial numbers and seed numbers, the attacker could generate the SecurID number without having possession of SecurID token, which defeats the purpose of two factor authentication.
2) However they are many factors and ‘ifs’ in play, assuming the attacker had the full RSA SecurID database in their possession, to be fully successful the attacker would need to obtain the username, password, remote gateway details and SecurID serial number. Most of this information would need to be collected from the user or from within the customer site. So phishing attacks, social engineering and network attacks are most likely ways to obtain such information, which is why RSA is providing warnings to be on the guard with such attacks.
Every RSA SecurID has a unique 128 bit key hardware coded into it, a 128 bit number is very long number, so it’s very hard to brute-force/guess what it is. This key is often referred to as the seed. RSA keep a copy of the seed unless the customer specifically tells them to remove it, RSA’s storage of SecurID seeds is what is suspected to have been compromised. Each SecurID issued to a customer is associated with a customer based RSA SecurID Server, which stores the seed number. The seed is in essence a private key which must be kept secret, even from the user, and is used to generate the challenge response number on the SecurID token, and is used to match it up on SecurID Server.
In simple terms, if an attacker were to know which SecurID token you had, based on the serial number on the back or from the customer site database; and assuming the attacker had the stolen RSA database of serial numbers and seed numbers, the attacker could generate the SecurID number without having possession of SecurID token, which defeats the purpose of two factor authentication.
2) However they are many factors and ‘ifs’ in play, assuming the attacker had the full RSA SecurID database in their possession, to be fully successful the attacker would need to obtain the username, password, remote gateway details and SecurID serial number. Most of this information would need to be collected from the user or from within the customer site. So phishing attacks, social engineering and network attacks are most likely ways to obtain such information, which is why RSA is providing warnings to be on the guard with such attacks.
What problems is the product solving and how is that benefiting you?
1) Easy to use
2) Secure
3) Using RSA you can use your application any where in the word.
4) It has feature to configure at both ANdroid & iOs
5) Good security feature when using specially banking application
6) When we forgot the password then need to know the security questions. If we do not know the security questions then there is a long process to reset the PIN.
2) Secure
3) Using RSA you can use your application any where in the word.
4) It has feature to configure at both ANdroid & iOs
5) Good security feature when using specially banking application
6) When we forgot the password then need to know the security questions. If we do not know the security questions then there is a long process to reset the PIN.
Recommendations to others considering the product:
Used two factor authentication so good for banking application
RSA Review
What do you like best about the product?
Calculation, Analytics and Cosmetic view of the application
What do you dislike about the product?
Sometimes it would be slow and you need to be patient
What problems is the product solving and how is that benefiting you?
RSA
Recommendations to others considering the product:
Make sure. Your try this at least once to get best RSA experience
Evolved SIEM
What do you like best about the product?
Overall ecosystem Netwitness create with all solutions which enrich each other and make a not so but perfect solution.
What do you dislike about the product?
Lack of additional apps like Splunk and Qradar
What problems is the product solving and how is that benefiting you?
Centralised log monitoring and log correlation.
Recommendations to others considering the product:
Go for it if you want a evolved SIEM but make sure you give a look to all netwitness products as it can be useful to have right control at place and make single source of truth.
RSA Netwitness SIEM leaves alot to be desired
What do you like best about the product?
I like the birds eye superficial view of the data because its easy to drill in to.
What do you dislike about the product?
Even though all software has its share of bugs the bugs in this SIEM make it basically unusable since I can get different results than another collegue of mines which makes the data unreliable.
What problems is the product solving and how is that benefiting you?
It solves the problem of getting logs from our high value targets to a centralized location for easy consumption and analysis. It also allows us to correlate activity from multiple data sources.
Recommendations to others considering the product:
I would recommend that you go with either Splunk, Securonix or QRader from IBM. These seem to be the top performers in the industry.
showing 21 - 24