Sign in
Sign in
or
Create a new account
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

ExtraHop Packet Basics (Free)

ExtraHop | 8.5.50.1561

Linux/Unix, Other 7.6.0-r2 - 64-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

67 reviews
from G2

External reviews are not included in the AWS star rating for the product.

    Telecommunications

RevealX from a daily user perspective

  • February 28, 2024
  • Review verified by G2

What do you like best about the product?
Overall, RevealX is easy to use and provides great visibility into the network. ExtraHop has very thorough documentation and if you can't find what you're looking for the support and training teams are always willing to help. I've experienced a quick turnaround for questions around the product. The training team is excellent at maintain user engagement in a virtual setting. The product is also super customizable which is great for unique use and abuse cases.
I use RevealX almost daily, my top three pros from a technical perspective are the increased visibility of the network, customizing doesn't mean learning a new language, and low barrier to entry for analysts who are new to networking and security.
What do you dislike about the product?
My top three cons for the product are that when adjusting baseline metrics, the baseline completely resets and there is a 3-4 week period before the baseline is calculated. Going off the above, it does not perform "lookback" searches for detections, meaning I can't craft a detection today and then see if the logic matches any stored data in the tool. Some of the customization areas need a bit of work so that they tie into the other features of the product.
What problems is the product solving and how is that benefiting you?
ExtraHop enables us to have better visibility. This has resulted in us making configuration changes on hardware and network devices to decrease our attack surface.

    Higher Education

ExtraHOP provides visibility to quickly resolve performance and security issues

  • February 21, 2024
  • Review verified by G2

What do you like best about the product?
ExtraHOP provides great visibility for performance and security issues in our environment. Many of the detections, dashboards, and device groups provide easy starting points for learning to use extraHOP. Then, building custom dashboards and detections is very simple. We use extraHOP every day to assist us resolving problemes. The customer support and partnership we have with extraHOP has been key to our success.
What do you dislike about the product?
You need to really understand your environment from the network layer to the application layers. extraHOP provides many options, but you need to determine what works best for your environment. It does take some time for planning the implementation properly but the planning and design time is worth it.
What problems is the product solving and how is that benefiting you?
extraHOP has helped us solve authentication issues, storage issues, server issues, network performance issues, security problems and other application problems. We had many blind spots and extraHOP has helped us gain visibility to many of our services.

    Internet

you get what you pay for

  • February 14, 2024
  • Review verified by G2

What do you like best about the product?
We've tested the product using reputable 3rd party pentesters manual and automated. And we've compared it with other products. The difference between seeing that you are being compromised and not seeing it is huge. How do you choose a competitive product that is cheaper if it doesn't see that you are being compromised? Or how do you rest at night knowing that you've done everything you can to safeguard your network? Extrahop's visibility is far above the rest.
What do you dislike about the product?
It is pricey. So if you are Misinformed and think that backups, firewalls, and anti-virus solutions are going to save you then you aren't going to understand the price of this product.
What problems is the product solving and how is that benefiting you?
Mainly keeping our company from experiencing a ransomware event. We have staff dedicated to keeping their eye on the product and chasing down alerts 24/7/365.

    Jeff H.

One stop shop for network detections and notifications Easy to use and easy to understand.

  • February 05, 2024
  • Review verified by G2

What do you like best about the product?
I like that ExtraHop identifies the alert in a mannert that is easy to follow. It gives the risk level of the alert, shows the metrics, breaks down the records for the incident, shows the packets involved, and even includes a pcap of the packets that can be used in WireShark to analyze further. It also gives the Mitre techniques as well as mitigation options to mitigate the attack.
What do you dislike about the product?
I haven't found to many things I dislike about ExtraHop. It is not an automated system that will block an attack as it is happening, but it does e-mail out alerts so that I have the ability to begin investigating the incident as soon as possible leading to a faster mitigation scenario.
What problems is the product solving and how is that benefiting you?
As an ISP our network security is very important. ExtraHop is a tool to help ensure we are seeing any attack in realtime, giving us the ability to troubleshoot and mitigate the issue in a speedy manner. We have the abilty to isolate traffic quickly when an issue arises.

    Khaja Ahmed M.

Overall good product but needs more flexibility.

  • January 30, 2024
  • Review verified by G2

What do you like best about the product?
1. Seamless monitoring.
2. Simple and straightforward rule tuning.
3. Dashboard capabilities
What do you dislike about the product?
1. Lot of false positives.
2. Machine learning model is not flexible to the requirements.
3. Sometimes performance issues.
What problems is the product solving and how is that benefiting you?
Its providing detections that are required to ensure all the permiters are covered.

    Computer Software

ExtraHop - Executive Network monitoring tool

  • January 03, 2024
  • Review provided by G2

What do you like best about the product?
With ExtraHop deployed in our network we now have real-time visibiltity and insights into network traffice and performance. Helps us troubleshoot, optimize and secure the network. ExtraHop platform is very easy to use, and has an intuitive easy to follow layout helping us review detections quickly. ExtraHop delivered on promises and provided excelent customer service. This is a tool that I use everyday to keep on eye on the network security. Deploying the devices in the infrastructure can be as simple as connecting to the network and mirroing all traffic to the device. This allows quick visability on the overall network performance and health.
What do you dislike about the product?
It can be expensive to deploy, can generate many false positives and has limited integrations into other tools and platforms.
What problems is the product solving and how is that benefiting you?
ExtraHop is helping us monitor network security, identify bottlenecks and improve overal performance and security related to overall network hygine.

    Emmanuel D.

Incomparable NDR in the Market

  • December 08, 2022
  • Review verified by G2

What do you like best about the product?
Using extrahop help us monitor our network to anything malicious or suspicious from the network level.
What do you dislike about the product?
So far i dont see any downside with regards to this Solution since it helps us monitor anything suspicious when it comes to our network (e.g file transfer bandwidth etc)
What problems is the product solving and how is that benefiting you?
Using this NDR solution help us cover anything that into networks. This solution resolve our issue that our EDR cannot detect.

    Insurance

Great network insights.

  • November 17, 2022
  • Review verified by G2

What do you like best about the product?
Discovery, performance information, and threat intelligence.
What do you dislike about the product?
Defining custom devices and searching through the myriad of options to find the attribute needed.
What problems is the product solving and how is that benefiting you?
Ability to diagnose and identify network performance issues and security threats.

    Rajiv T.

Single Pane Visibility into the unknown parts of the network

  • November 17, 2022
  • Review verified by G2

What do you like best about the product?
Extrahop looks at both on-prem and cloud traffic. It analyzes packets for security anomalies at a scale that I have not seen happen before. It also does application performance at a level that gives a very detailed visibility
What do you dislike about the product?
I do hope they would come up with their proprietary agents for the cloud nodes instead of using rpcapd, which I find can be a bit unstable especially in high-traffic scenarios
What problems is the product solving and how is that benefiting you?
Extrahop was able to show us some east -west traffic that should not have been happening. We also had a constant stream of complaints about the datawarehouse being slow and always having the network blamed. But once we had Extrahop we were able to pin-point and prove that the delay was happening at the database level not at the network layer. We could never have seen this without Extrahop

    Hospital & Health Care

One Customer's Opinion

  • November 17, 2022
  • Review provided by G2

What do you like best about the product?
I like that it does detection very well. I can customize the detections and tune them as well
What do you dislike about the product?
Kludgy process to ingest threat intelligence
What problems is the product solving and how is that benefiting you?
Increased network traffic and incident visibilty

showing 1 - 10