# Best Enterprise Network Traffic Analysis (NTA) Software *By [Brandon Summers-Miller](https://research.g2.com/insights/author/brandon-summers-miller)* Products classified in the overall Network Traffic Analysis (NTA) category are similar in many regards and help companies of all sizes solve their business problems. However, enterprise business features, pricing, setup, and installation differ from businesses of other sizes, which is why we match buyers to the right Enterprise Business Network Traffic Analysis (NTA) to fit their needs. Compare product ratings based on reviews from enterprise users or connect with one of G2's buying advisors to find the right solutions within the Enterprise Business Network Traffic Analysis (NTA) category. In addition to qualifying for inclusion in the Network Traffic Analysis (NTA) Software category, to qualify for inclusion in the Enterprise Business Network Traffic Analysis (NTA) Software category, a product must have at least 10 reviews left by a reviewer from an enterprise business. ## Category Overview **Total Products under this Category:** 90 ## Trust & Credibility Stats **Why You Can Trust G2's Software Rankings:** - 30 Analysts and Data Experts - 4,200+ Authentic Reviews - 90+ Products - Unbiased Rankings G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category. ## Top-Rated Products (Ranked by G2 Score) ### 1. [IBM QRadar SIEM](https://www.g2.com/products/ibm-ibm-qradar-siem/reviews) IBM Security QRadar SIEM is more than a tool, it is a teammate for SOC analysts - with advanced AI, powerful threat intelligence, and access to the latest detection content. IBM Security QRadar SIEM leverages multiple layers of AI and automation to enhance alert enrichment, threat prioritization, and incident correlation - presenting related alerts cohesively in a unified dashboard, reducing noise and saving time. QRadar SIEM helps maximize security team’s productivity by providing a unified experience across all SOC tools, with advanced AI and automation capabilities. ' IBM QRadar SIEM offers two editions tailored to meet your organization’s needs – Cloud Native and Classic. Whether your organization needs cloud-native architecture built for hybrid scale and speed or a solution to complement your on-premises infrastructure, we have you covered. IBM Security QRadar SIEM is available on AWS Marketplace. **Average Rating:** 4.4/5.0 **Total Reviews:** 280 **User Satisfaction Scores:** - **Anomaly Detection:** 8.6/10 (Category avg: 8.6/10) - **Has the product been a good partner in doing business?:** 8.6/10 (Category avg: 8.8/10) - **Network Visibility:** 8.9/10 (Category avg: 8.9/10) - **Metadata Management:** 8.4/10 (Category avg: 8.4/10) **Seller Details:** - **Seller:** [IBM](https://www.g2.com/sellers/ibm) - **Year Founded:** 1911 - **HQ Location:** Armonk, NY - **Twitter:** @IBM (709,023 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/1009/ (324,553 employees on LinkedIn®) - **Ownership:** SWX:IBM **Reviewer Demographics:** - **Top Industries:** Computer & Network Security - **Company Size:** 53% Enterprise, 29% Mid-Market ### 2. [Check Point Next Generation Firewalls (NGFWs)](https://www.g2.com/products/check-point-next-generation-firewalls-ngfws/reviews) Strengthen Your Security with Check Point Gateways and Firewalls Check Point Hybrid Mesh Network Security is a comprehensive cybersecurity solution designed to protect networks from sophisticated cyber threats while ensuring seamless management across diverse hybrid environments – on-premises, cloud, SaaS, and remote users. This product encompasses advanced threat prevention, real-time global threat intelligence, and unified policy management, making it an essential tool for organizations looking to secure their IT infrastructure, including data centers, hybrid clouds, and remote endpoints. Targeted at enterprises of all sizes, Check Point's solution caters to a wide range of industries that require robust security measures to safeguard sensitive data and maintain operational integrity. The product is particularly beneficial for organizations with complex network architectures, including those utilizing cloud services, Software as a Service (SaaS) applications, and remote workforces. By addressing the unique security challenges posed by these environments, Check Point enables businesses to maintain a secure and resilient IT ecosystem. One of the standout features of Check Point Hybrid Mesh Network Security is its AI-powered threat prevention capabilities. This technology allows for the identification and mitigation of threats in real-time, ensuring that organizations can respond swiftly to potential breaches. Additionally, the solution offers comprehensive security for various aspects of the IT landscape, including network security, cloud security, and workspace security. This multi-faceted approach ensures that users, applications, and data are protected regardless of their location, whether on-premises, in the cloud, or on employee devices. The deployment flexibility of Check Point's solution is another key advantage. Organizations can choose from on-premises, cloud-native, on-device, in-browser, or Secure Access Service Edge (SASE) models, allowing for tailored implementations that meet specific operational needs. This adaptability is complemented by unified security management, which simplifies operations through a single platform that provides visibility, policy enforcement, and posture control across the entire network. Furthermore, Check Point Hybrid Mesh Network Security is designed to optimize performance and cost. With high-speed, prevention-first security and on-device security controls, organizations can achieve effective protection without compromising on efficiency. The consistent application of zero-trust policies across the hybrid mesh network enhances security posture, ensuring that all components of the IT environment are uniformly protected against evolving cyber threats. This comprehensive solution empowers organizations to level up their protection and confidently navigate the complexities of modern cybersecurity challenges. **Average Rating:** 4.5/5.0 **Total Reviews:** 500 **User Satisfaction Scores:** - **Anomaly Detection:** 9.0/10 (Category avg: 8.6/10) - **Has the product been a good partner in doing business?:** 8.9/10 (Category avg: 8.8/10) - **Network Visibility:** 9.1/10 (Category avg: 8.9/10) - **Metadata Management:** 8.8/10 (Category avg: 8.4/10) **Seller Details:** - **Seller:** [Check Point Software Technologies](https://www.g2.com/sellers/check-point-software-technologies) - **Company Website:** https://www.checkpoint.com/ - **Year Founded:** 1993 - **HQ Location:** Redwood City, CA - **Twitter:** @CheckPointSW (70,978 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/check-point-software-technologies/ (8,356 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Network Security Engineer, Network Engineer - **Top Industries:** Computer & Network Security, Information Technology and Services - **Company Size:** 44% Mid-Market, 42% Enterprise #### Pros & Cons **Pros:** - Cybersecurity (101 reviews) - Threat Detection (86 reviews) - Features (80 reviews) - Network Security (76 reviews) - Centralized Management (66 reviews) **Cons:** - Expensive (71 reviews) - Complexity (56 reviews) - Complex Setup (49 reviews) - Slow Performance (45 reviews) - Difficult Learning Curve (43 reviews) ### 3. [SolarWinds Observability](https://www.g2.com/products/solarwinds-worldwide-llc-solarwinds-observability/reviews) SolarWinds® Observability is a comprehensive full-stack observability solution designed to meet the diverse needs of modern organizations, regardless of their size. This solution provides deep visibility into hybrid ecosystems, enabling users to monitor and manage both on-premises and cloud environments effectively. By optimizing performance and ensuring availability across distributed hybrid IT infrastructures, SolarWinds Observability supports organizations in navigating the complexities of their IT environments. Targeted at IT professionals and organizations that require robust monitoring capabilities, SolarWinds Observability caters to a wide range of use cases. It is particularly beneficial for businesses operating in hybrid environments, where the integration of on-premises and cloud resources is essential. The solution allows users to gain a holistic view of their networks, applications, databases, and user experiences, thereby facilitating better decision-making and operational efficiency. This is especially crucial in today’s fast-paced digital landscape, where downtime can significantly impact service reliability and customer satisfaction. One of the standout features of SolarWinds Observability is its built-in intelligence powered by AIOps capabilities. This functionality accelerates issue remediation by enabling users to detect, troubleshoot, and resolve problems more efficiently. The advanced predictive analysis and anomaly-based alerts help organizations proactively address potential issues before they escalate, ultimately reducing downtime and enhancing service reliability. Additionally, the solution's log pattern analysis further streamlines the troubleshooting process, allowing IT teams to focus on strategic initiatives rather than being bogged down by operational challenges. SolarWinds Observability offers flexibility in deployment, providing users with the option to choose between self-hosted and SaaS models. The self-hosted option integrates seamlessly with other SolarWinds services, such as security and storage monitoring, while the SaaS option is tailored for deeper monitoring of custom and cloud-based applications. This adaptability ensures that organizations can select the deployment method that best aligns with their operational needs and infrastructure. Moreover, SolarWinds Observability stands out by consolidating multiple monitoring tools into a single, integrated solution. This not only simplifies the monitoring process but also helps organizations reduce costs associated with managing disparate systems. By offering comprehensive visibility across hybrid IT environments, SolarWinds Observability empowers organizations to optimize their operations and enhance overall performance. **Average Rating:** 4.3/5.0 **Total Reviews:** 787 **User Satisfaction Scores:** - **Anomaly Detection:** 7.6/10 (Category avg: 8.6/10) - **Has the product been a good partner in doing business?:** 8.3/10 (Category avg: 8.8/10) - **Network Visibility:** 9.1/10 (Category avg: 8.9/10) - **Metadata Management:** 7.4/10 (Category avg: 8.4/10) **Seller Details:** - **Seller:** [SolarWinds Worldwide LLC](https://www.g2.com/sellers/solarwinds-worldwide-llc) - **Company Website:** https://www.solarwinds.com - **Year Founded:** 1999 - **HQ Location:** Austin, TX - **Twitter:** @solarwinds (19,618 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/166039/ (2,818 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Network Engineer, Network Administrator - **Top Industries:** Information Technology and Services, Hospital & Health Care - **Company Size:** 45% Enterprise, 36% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (64 reviews) - Monitoring (63 reviews) - Monitoring Performance (55 reviews) - Monitoring Capabilities (51 reviews) - User Interface (41 reviews) **Cons:** - Expensive (35 reviews) - Learning Curve (21 reviews) - Integration Issues (20 reviews) - Complex Setup (19 reviews) - Configuration Difficulty (18 reviews) ### 4. [Datadog](https://www.g2.com/products/datadog/reviews) Datadog is the monitoring, security and analytics platform for developers, IT operations teams, security engineers and business users in the cloud age. The SaaS platform integrates and automates infrastructure monitoring, application performance monitoring and log management to provide unified, real-time observability of our customers' entire technology stack. Datadog is used by organizations of all sizes and across a wide range of industries to enable digital transformation and cloud migration, drive collaboration among development, operations, security and business teams, accelerate time to market for applications, reduce time to problem resolution, secure applications and infrastructure, understand user behavior and track key business metrics. **Average Rating:** 4.4/5.0 **Total Reviews:** 688 **User Satisfaction Scores:** - **Anomaly Detection:** 8.0/10 (Category avg: 8.6/10) - **Has the product been a good partner in doing business?:** 8.5/10 (Category avg: 8.8/10) - **Network Visibility:** 8.0/10 (Category avg: 8.9/10) - **Metadata Management:** 6.7/10 (Category avg: 8.4/10) **Seller Details:** - **Seller:** [Datadog](https://www.g2.com/sellers/datadog) - **Company Website:** https://www.datadoghq.com/ - **Year Founded:** 2010 - **HQ Location:** New York - **Twitter:** @datadoghq (50,931 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/1066442/ (10,625 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Software Engineer, DevOps Engineer - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 47% Mid-Market, 33% Enterprise #### Pros & Cons **Pros:** - Ease of Use (145 reviews) - Monitoring (144 reviews) - Real-time Monitoring (122 reviews) - Features (93 reviews) - Analytics (88 reviews) **Cons:** - Expensive (92 reviews) - Learning Curve (73 reviews) - Pricing Issues (71 reviews) - Cost (65 reviews) - Learning Difficulty (56 reviews) ### 5. [FortiAnalyzer](https://www.g2.com/products/fortianalyzer/reviews) FortiAnalyzer is a comprehensive security operations platform designed to streamline and enhance the efficiency of security teams. By integrating Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) capabilities, it provides centralized logging, reporting, and real-time threat intelligence. This unified approach enables organizations to proactively identify and remediate risks, ensuring complete visibility across the entire attack surface. Key Features and Functionality: - Centralized Logging and Reporting: Aggregates logs from multiple Fortinet devices, offering a consolidated view of network activity. - Advanced Threat Detection: Utilizes AI-driven automation to detect and respond to threats swiftly, reducing the need for extensive personnel or multiple security tools. - Scalable Data Lake: Supports large-scale data ingestion and storage, accommodating the needs of growing organizations. - Real-Time Threat Intelligence: Integrates with global Indicators of Compromise (IOC) feeds to provide actionable analytics and insights into emerging threats. - Automated Incident Response: Employs SOAR capabilities to automate response workflows, minimizing manual intervention and accelerating remediation processes. Primary Value and User Solutions: FortiAnalyzer empowers resource-constrained security teams to operate at the level of large, well-resourced operations without the associated complexity. By consolidating multiple security functions into a single platform, it reduces operational overhead, enhances threat detection and response times, and provides comprehensive visibility into network security. This holistic approach enables organizations to effectively manage hybrid environments, mitigate risks, and maintain compliance with industry standards. **Average Rating:** 4.5/5.0 **Total Reviews:** 28 **User Satisfaction Scores:** - **Anomaly Detection:** 8.4/10 (Category avg: 8.6/10) - **Has the product been a good partner in doing business?:** 8.5/10 (Category avg: 8.8/10) - **Network Visibility:** 9.2/10 (Category avg: 8.9/10) - **Metadata Management:** 8.3/10 (Category avg: 8.4/10) **Seller Details:** - **Seller:** [Fortinet](https://www.g2.com/sellers/fortinet) - **Year Founded:** 2000 - **HQ Location:** Sunnyvale, CA - **Twitter:** @Fortinet (151,464 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/6460/ (16,112 employees on LinkedIn®) - **Ownership:** NASDAQ: FTNT **Reviewer Demographics:** - **Top Industries:** Information Technology and Services - **Company Size:** 47% Enterprise, 37% Mid-Market #### Pros & Cons **Pros:** - Log Management (2 reviews) - Analysis (1 reviews) - Data Visualization (1 reviews) - Easy Integrations (1 reviews) - Network Security (1 reviews) **Cons:** - Complex Interface (1 reviews) - Complexity (1 reviews) - Difficult Learning (1 reviews) - Integration Issues (1 reviews) - UI Design (1 reviews) ### 6. [Faddom](https://www.g2.com/products/faddom/reviews) Faddom provides IT and cyber teams with complete, real-time visibility into their hybrid infrastructure through agentless Application Dependency Mapping (ADM). With automated discovery and continuous mapping, organizations get precise, actionable insights into servers, applications, and interdependencies in under 60 minutes. Accurate, live documentation enables efficient change management, migration planning, stronger cybersecurity, compliance, and cost optimization. Built for speed, accuracy, and security, Faddom reduces complexity and risks while giving IT teams full command of their infrastructure. Deploy fast. Scale effortlessly. Own your topology. **Average Rating:** 4.5/5.0 **Total Reviews:** 104 **User Satisfaction Scores:** - **Anomaly Detection:** 7.7/10 (Category avg: 8.6/10) - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 8.8/10) - **Network Visibility:** 9.3/10 (Category avg: 8.9/10) - **Metadata Management:** 7.2/10 (Category avg: 8.4/10) **Seller Details:** - **Seller:** [Faddom](https://www.g2.com/sellers/faddom) - **Company Website:** https://faddom.com/ - **Year Founded:** 2022 - **HQ Location:** Tel Aviv - **Twitter:** @faddommapping (54 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/getfaddom/ (65 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Hospital & Health Care - **Company Size:** 45% Enterprise, 40% Mid-Market #### Pros & Cons **Pros:** - Features (15 reviews) - Tracking (14 reviews) - Customer Support (13 reviews) - Ease of Use (13 reviews) - Integrations (10 reviews) **Cons:** - Learning Difficulty (4 reviews) - Limited Features (4 reviews) - Cost (3 reviews) - Integration Issues (3 reviews) - Learning Curve (3 reviews) ### 7. [Coralogix](https://www.g2.com/products/coralogix/reviews) Coralogix is a modern, full-stack observability platform transforming how businesses process and understand their data. Our unique architecture powers in-stream analytics without reliance on indexing or hot storage. We specialize in comprehensive monitoring of logs, metrics, trace and security events, enhancing operational efficiency and reducing total cost of ownership by up to 70%. Coralogix stands out for its simple pricing model, based solely on data volume ingested and retained, and offers free, fast customer support with less than 30 second response time and 1 hour resolution time. Our platform covers the entire range of observability with features such as APM, RUM, SIEM, Kubernetes monitoring and more, all streamlined for quick integration and immediate value. Components within the stream store the system state to provide stateful insights and real-time alerting without ever needing to index the data — so there are never any trade-offs to achieve observability. Once ingested, parsed, and enriched, data is written remotely to an archive bucket controlled by the client. The archive can be queried directly at any time, from the platform UI or via CLI, giving users infinite retention with full control over, and access to, their data. View and query your data from any dashboard using any syntax. Coralogix has successfully completed relevant security and privacy compliances by BDO including GDPR, SOC 2, PCI, HIPAA, and ISO 27001/27701. **Average Rating:** 4.6/5.0 **Total Reviews:** 342 **User Satisfaction Scores:** - **Anomaly Detection:** 8.7/10 (Category avg: 8.6/10) - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 8.8/10) - **Network Visibility:** 8.5/10 (Category avg: 8.9/10) - **Metadata Management:** 8.0/10 (Category avg: 8.4/10) **Seller Details:** - **Seller:** [Coralogix](https://www.g2.com/sellers/coralogix) - **Company Website:** https://www.coralogix.com - **Year Founded:** 2014 - **HQ Location:** San Francisco, CA - **Twitter:** @Coralogix (4,076 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/3763125/ (583 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Software Engineer, DevOps Engineer - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 53% Mid-Market, 34% Enterprise #### Pros & Cons **Pros:** - Ease of Use (82 reviews) - Log Management (70 reviews) - Customer Support (65 reviews) - Real-time Monitoring (57 reviews) - User Interface (57 reviews) **Cons:** - Learning Curve (25 reviews) - Missing Features (25 reviews) - Difficult Learning (24 reviews) - Slow Performance (24 reviews) - Learning Difficulty (22 reviews) ### 8. [ExtraHop](https://www.g2.com/products/extrahop/reviews) ExtraHop is the cybersecurity partner enterprises trust to reveal cyber risk and build business resilience. The ExtraHop RevealX platform for network detection and response and network performance management uniquely delivers the instant visibility and unparalleled decryption capabilities organizations need to expose the cyber risks and performance issues that other tools can’t see. When organizations have full network transparency with ExtraHop, they can investigate smarter, stop threats faster, and keep operations running. RevealX deploys on premises or in the cloud. It addresses the following use cases: - Ransomware - Zero trust - Software supply chain attacks - Lateral movement and C2 communication - Security hygiene - Network and Application Performance Management - IDS - Forensics and more A few of our differentiators: Continuous and on-demand PCAP: Full packet processing is superior to NetFlow and yields higher quality detections. Strategic decryption across a variety of protocols, including SSL/TLS, MS-RPC, WinRM, and SMBv3, gives you better visibility into early-stage threats hiding in encrypted traffic as they attempt to move laterally across your network. Protocol coverage: RevealX decodes more than 70 network protocols. Cloud-scale machine learning: Rather than relying on limited "on-box" compute power for analysis and detections, RevealX uses sophisticated cloud-hosted and cloud-scale machine learning workloads to identify suspicious behavior in real time and create high-fidelity alerts. ExtraHop was named a Leader in The Forrester Wave™: Network Analysis and Visibility, Q2 2023. Key Technology Integration and Go-to-Market Partners: CrowdStrike: RevealX integrates with CrowdStrike Falcon® LogScale, Falcon Insight XDR, Falcon Threat Graph, and Falcon Intelligence. Splunk SOAR AWS Google Cloud Security Founded in 2007, ExtraHop is privately held and headquartered in Seattle, Wash. To learn more, visit www.extrahop.com. **Average Rating:** 4.6/5.0 **Total Reviews:** 68 **User Satisfaction Scores:** - **Anomaly Detection:** 9.0/10 (Category avg: 8.6/10) - **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 8.8/10) - **Network Visibility:** 9.3/10 (Category avg: 8.9/10) - **Metadata Management:** 8.0/10 (Category avg: 8.4/10) **Seller Details:** - **Seller:** [ExtraHop Networks](https://www.g2.com/sellers/extrahop-networks) - **Year Founded:** 2007 - **HQ Location:** Seattle, Washington - **Twitter:** @ExtraHop (10,745 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/extrahop-networks/ (800 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Hospital & Health Care, Transportation/Trucking/Railroad - **Company Size:** 69% Enterprise, 26% Mid-Market #### Pros & Cons **Pros:** - All-in-One Solution (1 reviews) - Comprehensive Monitoring (1 reviews) - Easy Deployment (1 reviews) - Responsive Support (1 reviews) ### 9. [Palo Alto Cortex XSIAM](https://www.g2.com/products/palo-alto-cortex-xsiam/reviews) Product Description: Palo Alto Networks' Cortex XSIAM is an AI-driven security operations platform designed to transform traditional Security Operations Centers by integrating and automating key functions such as data centralization, threat detection, and incident response. By leveraging machine learning and automation, it enables organizations to detect and respond to threats more efficiently, reducing manual workloads and improving overall security posture. Key Features and Functionality: - Data Centralization: Aggregates data from various sources into a unified platform, providing comprehensive visibility across the enterprise. - AI-Powered Threat Detection: Utilizes machine learning algorithms to identify anomalies and potential threats in real-time. - Automated Incident Response: Streamlines response processes through automation, enabling rapid mitigation of security incidents. - Integrated SOC Capabilities: Combines functions such as Extended Detection and Response , Security Orchestration, Automation, and Response , Attack Surface Management , and Security Information and Event Management into a cohesive platform, eliminating the need for multiple disparate tools. - Scalability: Designed to handle large volumes of data and adapt to the evolving needs of modern enterprises. Primary Value and Problem Solved: Cortex XSIAM addresses the challenges of disjointed data, weak threat defense, and heavy reliance on manual work in traditional SOCs. By centralizing data and automating security operations, it simplifies processes, enhances threat detection accuracy, and accelerates incident response times. This transformation enables organizations to proactively outpace threats, reduce operational costs, and achieve a more robust security posture. **Average Rating:** 4.4/5.0 **Total Reviews:** 61 **User Satisfaction Scores:** - **Anomaly Detection:** 9.2/10 (Category avg: 8.6/10) - **Has the product been a good partner in doing business?:** 8.4/10 (Category avg: 8.8/10) - **Network Visibility:** 8.9/10 (Category avg: 8.9/10) - **Metadata Management:** 9.2/10 (Category avg: 8.4/10) **Seller Details:** - **Seller:** [Palo Alto Networks](https://www.g2.com/sellers/palo-alto-networks) - **Year Founded:** 2005 - **HQ Location:** Santa Clara, CA - **Twitter:** @PaloAltoNtwks (128,686 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/30086/ (21,355 employees on LinkedIn®) - **Ownership:** NYSE: PANW **Reviewer Demographics:** - **Who Uses This:** Information Security Engineer - **Top Industries:** Computer & Network Security, Information Technology and Services - **Company Size:** 48% Enterprise, 29% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (50 reviews) - Threat Detection (37 reviews) - Integrations (28 reviews) - Cybersecurity (27 reviews) - Features (27 reviews) **Cons:** - Expensive (28 reviews) - Difficult Learning (17 reviews) - Complexity (14 reviews) - Integration Issues (14 reviews) - UX Improvement (12 reviews) ### 10. [Progress WhatsUp Gold](https://www.g2.com/products/progress-whatsup-gold/reviews) WhatsUp Gold is an IT infrastructure monitoring software designed to help users identify and resolve network issues swiftly, often before they impact end users. This solution provides comprehensive visibility into network performance and availability, enabling IT professionals to maintain optimal operations across their infrastructure. With its interactive mapping interface, WhatsUp Gold allows users to visualize the status of all devices connected to their network, making it easier to monitor both on-premise and cloud-based resources. Targeted primarily at IT administrators and network engineers, WhatsUp Gold is particularly beneficial for organizations that rely heavily on network performance for their daily operations. Its user-friendly design caters to both seasoned professionals and those new to network management, offering a range of features that streamline the monitoring process. The software is designed to support various use cases, from small businesses needing basic monitoring capabilities to large enterprises requiring advanced network management solutions. One of the standout features of WhatsUp Gold is its customizable drag-and-drop dashboards, which provide users with the flexibility to tailor their monitoring experience according to specific needs. These dashboards present real-time data on device status and performance, allowing users to quickly assess the health of their network. Additionally, the software’s automatic discovery and mapping capabilities enable users to visualize their entire network topology, ensuring that no device goes unnoticed during monitoring. WhatsUp Gold also emphasizes optimization, helping users manage network traffic and bandwidth utilization effectively. By providing actionable insights and unified views of network performance, the software empowers IT teams to troubleshoot issues efficiently. The ability to identify and resolve network and server problems proactively not only enhances operational efficiency but also improves overall user satisfaction by minimizing downtime. In summary, WhatsUp Gold offers a robust and interactive solution for IT infrastructure monitoring, combining ease of use with powerful features. Its focus on real-time visibility, customization, and proactive troubleshooting makes it a valuable tool for organizations looking to enhance their network management capabilities. **Average Rating:** 4.4/5.0 **Total Reviews:** 381 **User Satisfaction Scores:** - **Anomaly Detection:** 8.2/10 (Category avg: 8.6/10) - **Has the product been a good partner in doing business?:** 8.8/10 (Category avg: 8.8/10) - **Network Visibility:** 8.7/10 (Category avg: 8.9/10) - **Metadata Management:** 8.2/10 (Category avg: 8.4/10) **Seller Details:** - **Seller:** [Progress Software](https://www.g2.com/sellers/progress-software) - **Company Website:** https://www.progress.com/ - **Year Founded:** 1981 - **HQ Location:** Burlington, MA. - **Twitter:** @ProgressSW (48,853 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/progress-software/ (4,205 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Network Engineer, Network Administrator - **Top Industries:** Information Technology and Services, Education Management - **Company Size:** 57% Mid-Market, 26% Enterprise #### Pros & Cons **Pros:** - Ease of Use (47 reviews) - Monitoring (44 reviews) - Monitoring Performance (35 reviews) - Alert Notifications (31 reviews) - User Interface (30 reviews) **Cons:** - Expensive (16 reviews) - Poor Interface Design (15 reviews) - Complex Setup (14 reviews) - Learning Curve (14 reviews) - Outdated Interface (14 reviews) ### 11. [Darktrace / NETWORK](https://www.g2.com/products/darktrace-network/reviews) Darktrace / NETWORK™ is the industry’s most advanced Network Detection and Response (NDR) solution. It learns what normal behavior is for your entire modern network, using Self-Learning AI to detect and autonomously contain any activity that could cause business disruption including known, novel and insider threats. - Sophisticated agentic AI to automate triage and investigation at speed and scale - Recognized as a Leader in the 2025 Gartner® Magic Quadrant™ for NDR - Over 10,000 customers globally **Average Rating:** 4.4/5.0 **Total Reviews:** 43 **User Satisfaction Scores:** - **Anomaly Detection:** 9.2/10 (Category avg: 8.6/10) - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 8.8/10) - **Network Visibility:** 9.6/10 (Category avg: 8.9/10) - **Metadata Management:** 9.2/10 (Category avg: 8.4/10) **Seller Details:** - **Seller:** [Darktrace](https://www.g2.com/sellers/darktrace) - **Company Website:** https://www.darktrace.com - **Year Founded:** 2013 - **HQ Location:** Cambridgeshire, England - **Twitter:** @Darktrace (18,180 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/5013440/ (2,548 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Financial Services, Information Technology and Services - **Company Size:** 59% Mid-Market, 33% Enterprise #### Pros & Cons **Pros:** - Monitoring (5 reviews) - Artificial Intelligence (4 reviews) - Threat Detection (4 reviews) - Customer Support (3 reviews) - Cybersecurity (3 reviews) **Cons:** - Learning Curve (6 reviews) - Expensive (4 reviews) - Alert Issues (2 reviews) - Complex Setup (2 reviews) - False Positives (2 reviews) ### 12. [Wireshark](https://www.g2.com/products/wireshark/reviews) Wireshark is a open-source network protocol analyzer that enables users to capture and interactively examine the traffic traversing a computer network. It provides deep insights into network communications, making it an essential tool for network troubleshooting, analysis, software and protocol development, and educational purposes. Wireshark is cross-platform, running on Windows, macOS, Linux, and various UNIX systems. Key Features and Functionality: - Comprehensive Protocol Support: Wireshark offers deep inspection of hundreds of protocols, with new ones continually being added. - Live Capture and Offline Analysis: Users can capture live network data or analyze previously saved capture files. - Multi-Platform Compatibility: The software operates on multiple platforms, including Windows, Linux, macOS, FreeBSD, and NetBSD. - Advanced Display Filters: Wireshark provides powerful display filters, allowing users to focus on specific traffic patterns. - Rich VoIP Analysis: It includes tools for analyzing Voice over IP (VoIP) communications. - Support for Various Capture File Formats: Wireshark can read and write numerous capture file formats, such as tcpdump (libpcap), Pcap NG, and others. - Decryption Capabilities: The tool supports decryption for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2. - Customizable Coloring Rules: Users can apply coloring rules to the packet list for quick, intuitive analysis. Primary Value and Problem Solving: Wireshark addresses the critical need for in-depth network analysis by providing a detailed view of network traffic at a microscopic level. This capability is invaluable for network professionals, security experts, developers, and educators who require precise insights into network behavior. By facilitating the identification and resolution of network issues, Wireshark enhances network performance, security, and reliability. Its open-source nature ensures continuous improvement and adaptability to emerging networking technologies and protocols. **Average Rating:** 4.7/5.0 **Total Reviews:** 142 **User Satisfaction Scores:** - **Anomaly Detection:** 6.1/10 (Category avg: 8.6/10) - **Has the product been a good partner in doing business?:** 8.2/10 (Category avg: 8.8/10) - **Network Visibility:** 9.2/10 (Category avg: 8.9/10) - **Metadata Management:** 7.2/10 (Category avg: 8.4/10) **Seller Details:** - **Seller:** [Wireshark](https://www.g2.com/sellers/wireshark) - **HQ Location:** San Francisco, CA - **Twitter:** @WiresharkNews (16,178 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/wireshark-foundation/about (15 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Network Engineer, Senior Software Engineer - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 40% Enterprise, 32% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (7 reviews) - Insightful Analysis (5 reviews) - Easy Monitoring (3 reviews) - Monitoring (3 reviews) - Reliability (3 reviews) **Cons:** - Display Issues (3 reviews) - Difficult Learning (2 reviews) - Learning Curve (2 reviews) - Missing Features (2 reviews) - Slow Performance (2 reviews) ### 13. [Trellix Network Detection and Response (NDR)](https://www.g2.com/products/trellix-network-detection-and-response-ndr/reviews) Trellix NDR delivers extended visibility, multi-layered threat detection and accelerated investigation and response into network traffic across each stage of the MITRE ATT&CK framework – spanning data centers, hybrid cloud environments, branch offices, and corporate campuses. **Average Rating:** 4.1/5.0 **Total Reviews:** 64 **User Satisfaction Scores:** - **Anomaly Detection:** 6.7/10 (Category avg: 8.6/10) - **Has the product been a good partner in doing business?:** 8.2/10 (Category avg: 8.8/10) - **Network Visibility:** 6.7/10 (Category avg: 8.9/10) - **Metadata Management:** 8.3/10 (Category avg: 8.4/10) **Seller Details:** - **Seller:** [Trellix](https://www.g2.com/sellers/trellix) - **Year Founded:** 2004 - **HQ Location:** Milpitas, CA - **Twitter:** @Trellix (241,709 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/44195/ (811 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 36% Mid-Market, 33% Small-Business ## Parent Category [Network Security Software](https://www.g2.com/categories/network-security) ## Related Categories - [Network Monitoring Software](https://www.g2.com/categories/network-monitoring) - [Cloud Security Monitoring and Analytics Software](https://www.g2.com/categories/cloud-security-monitoring-and-analytics) - [Network Detection and Response (NDR) Software](https://www.g2.com/categories/network-detection-and-response-ndr)