We performed a comparison between Pico Corvil Analytics and Vectra AI based on real PeerSpot user reviews.
Find out what your peers are saying about Zabbix, Datadog, Auvik and others in Network Monitoring Software."The single dashboard is a valuable feature."
"We can manage the entire system across the network and troubleshoot the pain points."
"With the Corvil Stored Data Analyzer module, we can use it for test data or a set of production data to set up the configuration for latency setup, so we can use the fields to correlate messages."
"We're able to quickly drill down and find answers to events that are happening in real-time, using Corvil's analytics tools. That's the feature which is most in the spotlight..."
"The performance metrics are pretty good. We've got everything from the network layer to the actual application layer. We can see what's going on with things like sending time and batching."
"It has all the decoders so it's capturing every network packet and it's decoding in real-time and it's giving us latency information in real-time... It's the real-time decoding and getting the latency information statistics that we find the most useful."
"As part of my role in monitoring multiple client connections, I would use Pico Corvil Analytics to set up alerts for performance issues, such as TCP resends and dropped packets. These alerts would trigger when the volume was low and performance was poor, allowing me to work with our trading partners to find a resolution. I would present them with the statistics I had and together, we would identify the source of the issue. This collaboration resulted in the client often reconfiguring their systems. For example, we may find that a network connection needed to be made. Overall, this proactive approach helped to maintain strong connections with our clients and minimize disruptions to trading revenue."
"We like the dashboards because they essentially organize all the sessions into one viewpoint."
"We can use CLI with the UI for configuring the new monitoring system, which is good."
"Time-series graphs are very good for performance analysis. We can do comparisons... We can say this is the latency in the last 24 hours, and this was the same 24-hour period a week ago and overlay the two time-series graphs on top of each other, so we can see the difference. That's a really powerful tool for us."
"The fact that we get the visualization of what's happening on our network, which is a way of improving our security in-depth is most valuable."
"Scalability wise, we have many sensors, and Vectra AI seems to handle them all very well."
"The core product provides excellent visibility, but my favorite feature is Vectra Recall."
"The automatic filtering that they provide is valuable. The logic inside that makes some detections instead of us is very useful. We are confident that if we are just looking into it and there is nothing, nothing could happen."
"Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an advantage. This is very helpful on a day-to-day basis."
"The key feature for me for Detect for Office 365 is that it can also concentrate all the information and detection at one point, the same as the network solution does. This is the key feature for me because, while accessing data from Office 365 is possible using Microsoft interfaces, they are not really user-friendly and are quite confusing to use. But Detect for Office 365 is aggregating all the info, and it's only the interesting stuff."
"Vectra AI generates relevant information."
"It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra."
"The Wi-Fi side needs improvement."
"The technical support needs improvement."
"The creation of charts and real-time windows was somewhat cumbersome. The vendor's website had an application called App Agent that required improvement. This API was designed to track message rates between microservers ingested into a microservice memory map. It allowed users to monitor the number of transactions that occurred at specific points within the application, and it was quite impressive. However, it had some limitations, and it mainly served as a tool for basic tracking. The protocols it employed could reveal the type of server-to-server communication and the specific order types, but it was not able to provide a more in-depth analysis of the application. The vendor has the potential to integrate application metrics more extensively into their product suite."
"The analytics feature is very nice, but it's mostly software. We are hoping that it could be embedded in ASICs, so it could be faster."
"In terms of performance analysis, if you really want to dig down into the minutiae and get statistics on the important things... that would be the only piece lacking because, in our environment, we have thousands and thousands of symbols. With the architecture that Corvil is built on, it's cumbersome."
"For FIX protocol, maybe we could have built-in configurations for signatures and decoders. Also, for certain protocols, which are newer, we would like to just add the signatures within the decoders itself."
"While the product is scalable, it's not easy to scale. It needs investment hardware and network bandwidth consideration. It's not something you can just do overnight."
"I have seen errors where the CNE and the CMC haven't synced because of something missing in the CMC, which was there in the CNE. We would get some type of error, but it doesn't actually say what exactly was missing in the CNE."
"It's quite difficult to see, sometimes, how hard your Corvil is working. When we had a very busy feed that chucked out a lot of data it wasn't working very well on Corvil. We had to raise a case for it. It turned out to be that, in fact, we were overloading Corvil."
"Before I got the Corvil training... one thing that was not very efficient was that every time you had to create a new stream or a new session from within Corvil... you had to tell it what protocol the message is going to come through and how to correlate messages, etc... After I went for the training, they had already added these nice features in the 9.4 version where it could do auto-discovery... Based on the traffic that it has already seen, it could create sessions on the fly."
"We had another product with Vectra AI and used the MDR solution as an add-on. Initially, it wasn't fully appropriately configured, so we didn't get the expected results. Even once configured correctly, we weren't fully satisfied with its response. The issue was both with their service response and the product's capabilities."
"We are using SMB 3.0, which is an encrypted protocol. When we get some alerts or something, we cannot go deep into the protocol to see what's wrong because it's encrypted. We need to decrypt the protocol in another way, which is quite difficult. We might go back to SMB 2.0 just for this reason, but that's not a good solution."
"One area where there's room for improvement is the absence of a comprehensive TCP recording and replay feature."
"A blind spot that I have is around the ease with which you can automate threat intervention."
"You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks."
"I would like more integrations with IOCs and threats currently on the Internet. I would also like to know which threats are based on zero-day attacks, current botnets, etc. Therefore, I would like more information on external threats."
"One of the things I am not so happy about when it comes to Vectra is the scoring board."
"We have a lot of system solutions and integrations with system solutions. Vectra is a type of black box. It implements AI-informed detection mechanisms, but we cannot create system detections. I understand that the product is designed this way, but it would be great if we could create our own detections as well."
More Juniper Mist Premium Analytics Pricing and Cost Advice →
Pico Corvil Analytics is ranked 51st in Network Monitoring Software with 9 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 42 reviews. Pico Corvil Analytics is rated 9.0, while Vectra AI is rated 8.6. The top reviewer of Pico Corvil Analytics writes "Helpful support agents, beneficial issue detection, and high availability". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Pico Corvil Analytics is most compared with NETSCOUT nGeniusONE, ITRS Geneos, Gigamon Deep Observability Pipeline and ThousandEyes, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Corelight.
We monitor all Network Monitoring Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
