We changed our name from IT Central Station: Here's why

Auvik vs SolarWinds NetFlow Traffic Analyzer comparison

Cancel
You must select at least 2 products to compare!
Vectra AI Logo
14,012 views|6,562 comparisons
Auvik Logo
Read 21 Auvik reviews.
2,812 views|1,370 comparisons
Featured Review
Find out what your peers are saying about Auvik vs. SolarWinds NetFlow Traffic Analyzer and other solutions. Updated: January 2022.
564,599 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"One of the most valuable features of the platform is its ability to provide you with aggregated risk scores based on impact and certainty of threats being detected. This is both applied to individual and host detections. This is important because it enables us to use this platform to prioritize the most likely imminent threats. So, it reduces alert fatigue follow ups for security operation center analysts. It also provides us with an ability to prioritize limited resources.""It has helped us to organize our security. We get a better overview on what is happening on the network, which has helped us get quicker responses to users. If we see malicious activity, then we can quickly take action on it. Previously, we weren't getting an overview as fast as we are now, so we can now provide a quicker response.""One of the core features is that Vectra AI triages threats and correlates them with compromised host devices. From a visibility perspective, we can better track the threat across the network. Instead of us potentially finding one device that has been impacted without Vectra AI, it will give us the visibility of everywhere that threat went. Therefore, visibility has increased for us.""The most valuable feature for Cognito Detect, the main solution, is that external IDS's create a lot of alerts. When I say a lot of alerts I really mean a lot of alerts. Vectra, on the other hand, contextualizes everything, reducing the number of alerts and pinpointing only the things of interest. This is a key feature for me. Because of this, a non-trained analyst can use it almost right away.""The solution provide visibility into behaviors across the full lifecycle of an attack in our network, beyond just the Internet gateway. It makes our security operations much more effective because we are now looking not just at traffic on the border, but we're looking at east-west internal traffic. Now, not only will we see if an exploit kit is being downloaded, but we would be able to see then if that exploit kit was then laterally distributed into our environment.""The key feature for me for Detect for Office 365 is that it can also concentrate all the information and detection at one point, the same as the network solution does. This is the key feature for me because, while accessing data from Office 365 is possible using Microsoft interfaces, they are not really user-friendly and are quite confusing to use. But Detect for Office 365 is aggregating all the info, and it's only the interesting stuff.""It gives you access, with Recall, to instant visibility into your network through something like a SIEM solution. For us, being able to correlate all of this network data without having to manage it, has provided immediate value. It gives us the ability to really work on the stuff where I and my team have expertise, instead of having to manage a SIEM solution...""It has reduced the time it takes to respond to attacks. That comes back to the proactive point. It makes us able to lower down in the kill chain, we can react now, rather than reacting to incidents that happened, we can see an instant, in some cases, as it's being implemented, or as it's being launched."

More Vectra AI Pros →

"One of the great things about Auvik is the shared collector mode, which is useful in an environment that has more than one physical location. We have 15 different locations, and I can have all of those locations pointing to one collector. So, all these locations are sharing this one collector, and I can get a map, which is way out on top of the map that you would see in Google maps, to see all my locations. I can see alerts on that map for any of those 15 locations. I can zoom in right there to the location, and from there, click on it. It is really handy.""The traffic insights feature shows us our network bandwidth usage without the need for expensive inline traffic decryption. It's very important to us. Knowing exactly what's going on, what traffic is flowing over my network is very much an important thing for me to know. We know that policies and procedures are being followed. And so we know that nobody is doing anything that they shouldn't be doing on a company network.""The automation of the network mapping enables junior network specialists to resolve issues directly, freeing up senior-level team members to perform higher-value tasks. They can see if it is something as simple as a power issue in a wing of a building. This lets them pick the low hanging fruit. Then, if a configuration needs a more skilled person, they can easily escalate it.""The other element that it's helped us with is in predicting the future. And another thing that it allows us to do very easily is to track our bandwidth usage that's going in and out of each of the data centers. We've been able to use that information to trend and predict when we need to get upgrades in place. Funny enough, we have an order now where we're increasing our connectivity at one of our data centers tenfold and that's being driven because Auvik's enabled us to understand that we're rapidly approaching our threshold.""Its network discovery capabilities are very impressive. The discovery piece is amazing. I don't know if they have an AI or some type of advanced intelligence inside of their program that helps with the discovery piece. I haven't seen anything that discovers products that well and is able to label them, tag them, and pull as much information about them. I don't know what drives that engine, but I'm just absolutely blown away by it. It is cool.""One of the best things about Auvik, and it's why it's one of my go-to products, are the remote access capabilities. Without a VPN and without any other way in, I'm able to get in and work on and troubleshoot my devices through the remote access console. It has multiple options for that and has been very useful and a huge time-saver. That's one of the killer features. It's one of my must-haves and that's why I like it so much.""Auvik is easy to use. The first thing you see when you open it up is a map of the United States or wherever you are, and it shows the locations of all of your network endpoints. For discovery, you set credentials and manage the credentials and it tells you when it needs a new credential. So you just click the "Manage Credentials" button and it takes you to the right spot. You enter in a new credential and then it starts looking closer at the device. It can give you all kinds of information from inside the device's log. We use it for CIS logs and we use it for just regular logging. The CIS log was something I was looking for in the other products, just so we have a place for the CIS logs to congregate so we can look them up.""Remote accessibility of the network devices is the most valuable feature. I often have to log into switches and routers to make changes, and I can do so from any computer as long as I have an Internet connection. I don't need to have my laptop or a VPN. Auvik is faster."

More Auvik Pros →

"The monitoring is perfect, showing you the details for the utilization of resources and network bandwidth.""The most valuable feature is the alarm that is set up to trigger based on bandwidth utilization.""The most valuable feature is the ability to look for any increases in bandwidth over time so that we can plan before it becomes critical.""The most valuable features are the bandwidth analyzer, the monitoring, the network analyzer, it has overall good performance, and an easy deployment.""The integration with other SolarWinds products is good.""What I like the most is the bandwidth assessment.""They have instructional videos and other information available on the site to assist you with learning it.""For managing the traffic, it provides you a response about whether the traffic is down, up, or heavy, which is a very powerful feature. It has a good response time. We have been using this solution for many years, and we don't have any problem with this solution."

More SolarWinds NetFlow Traffic Analyzer Pros →

Cons
"If you hit a certain number of rules, triage filters, or groups, the UX responds more slowly. However, we have a complex network and a lot of rules. So, our setup might not be a typical implementation example. We even had UX engineers onsite, and they looked at issues, improvements, and user feedback. Since then, it has gotten a lot better, they even built in features that we specifically requested for our company.""Vectra is still limited to packet management. It's only monitoring packet exchanges. While it can see a lot of things, it can't see everything, depending on where it's deployed. It has its limits and that's why I still have my SIEM.""It does a little bit of packet capture on alert so you can look at the packet capture activity going on, but it doesn't collect a whole lot of data. Sometimes it's only one or two frames, sometimes it does collect more. That's why they have the addition of their Recall platform, because that really does help expand the capability.""Integration with other security components needs improvement. It should have true integration as opposed to just being a separate pane of glass.""I would like more integrations with IOCs and threats currently on the Internet. I would also like to know which threats are based on zero-day attacks, current botnets, etc. Therefore, I would like more information on external threats.""You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks.""I would like to see a bit more strategic metrics instead of technical data. Information that I could show to my executive management team or board would be valuable.""They use a proprietary logging format that is probably 90% similar to Bro Logs. Their biggest area of improvement is finishing out the remaining 10%. That 10% might not be beneficial to their ML engine, but that's fine. The industry standard is Zeek Logs or Bro Logs, or Bro or Zeek, depending on how old you are. While they have 90% of those fields, they're still missing some fields. In very rare instances, some community rules do not have the fields that they need, and we had to modify community rules for our logs. So, their biggest area of improvement would be to just finish their matching of the Zeek standard."

More Vectra AI Cons →

"Auvik could have better compatibility with more devices. The devices that we're using are essential within our network infrastructure. It would be great to access the full range of features that some of the other ones do, such as the device configuration backups and the configuration change alert.""They need to improve the reporting system. They still don't have a proper reporting system in Auvik. They have built a dashboard in Power BI using APIs, but they should build some sort of report within Auvik itself. If Auvik fixes the reporting or comes up with a good reporting module, it will change the game.""It's missing the license checker feature. We are using Salesforce and the license is a really crucial part of the development, and we have to monitor it. Now, I have to write a script and then run it on a random Linux box and get a notification if it's expiring. It's a really specific feature. I'm not sure Auvik will develop it.""Some of the automation pieces for discovery still need a little bit more improvement. I wouldn't mind seeing some more security features as that's the world we're driving into. I know Auvik probably wants to try to keep itself separate because that's its brand, but even if they brought on board another brand that was able to plug into them, it would benefit us. It would lower some more network security costs if as a company, they are a one-stop shop. They have already got the network piece going. If they improved in that area and focused a lot on that, they would gain me as a customer, and they would probably gain a lot of others.""If I am an administrator, then I have to maintain, clean, and label that environment. Auvik's utility in that regard is cumbersome. It is hard to find where certain things are configured. Also, it is sometimes hard to figure out why Auvik is doing what it is doing.""The map would be the first thing I would like to see improved because sometimes the maps get really odd-looking and the automated placement of things on the map, devices on the map is sometimes not right. In fact, I was just looking at the map and something got moved. I'm sure it didn't get moved, it's just that Auvik realized it was supposed to go somewhere else. So the map could be better if there was a little bit of manual manipulation that you could do.""It uses SNMP in its discovery process and how it pulls in data. But today it doesn't have an SNMP trap facility so you can't have your infrastructure devices push alerts into Auvik. And that for us would be a big feature that we would like to see.""Currently, with Auvik's support, I'm troubleshooting some of the information gathered on Cisco devices through SNMP V3. Auvik is not able to pull some of the important information that it uses to draw the map, which is kind of shocking because it is Auvik. So, it is their platform, and it is monitoring Cisco devices, which are obviously very prevalent in the world. Auvik is having a hard time gathering such important information over SNMP V3, which is a networking standard, and on super popular device brand and model. They're actively working with me on that piece. It seems that network device management using SNMP V3 could use a little tuning."

More Auvik Cons →

"I would like to see better customization capabilities.""Technical support could be improved with quicker response times.""This solution does not do a very good job when I am trying to look deeper into my internal network, in particular with respect to individual ports.""The Atlas module that is used for building the network map is very bad.""It's not a cheap product, so the pricing could be improved.""It's scalable, but it could be simplified because it's not completely easy.""The pricing is expensive.""If your network is on SolarWinds, and you notice that the traffic is bad because it says "user downloading a heavy file," it doesn't indicate which endpoint is downloading those heavy files. SolarWinds doesn't have the tools to be able to handle this kind of situation. You can just notice through your network device that the traffic is becoming overwhelming or heavy, but you cannot go inside and get more details related to the endpoint where it is happening. We would like SolarWinds to be able to handle this kind of situation and even manage the traffic inside a network from the endpoint to the network device. These would be good enhancements. It is mostly stable. The problem comes only when we want to add another SolarWinds model. SolarWinds has so many models, and sometimes when we want to add other models on the platforms that are reserved for our firm, it freezes. When this happens, we have to create a new VM for that model."

More SolarWinds NetFlow Traffic Analyzer Cons →

Pricing and Cost Advice
  • "We have a desire to increase our use. However, it all comes down to budget. It's a very expensive tool that is very difficult to prove business support for. We would like to have two separate networks. We have our corporate network and PCI network, which is segregated due to payment processing. We don't have it for deployed in the PCI network. It would be good to have it fully deployed there to provide us with additional monitoring and control, but the cost associated with their licensing model makes it prohibitively expensive to deploy."
  • "At the time of purchase, we found the pricing acceptable. We had an urgency to get something in place because we had a minor breach that occurred at the tail end of 2016 to the beginning of 2017. This indicated we had a lack of ability to detect things on the network. Hence, why we moved quickly to get into the tool in place. We found things like Bitcoin mining and botnets which we closed quickly. In that regard, it was worth the money."
  • "The pricing is very good. It's less expensive than many of the tools out there."
  • "The pricing is high."
  • "Their licensing model is antiquated. I'm not a fan of their licensing model. We have to pay for licensing based on four different things. You have to pay based on the number of unique IPs, the number of logs that we send through Recall and Stream, and the size of our environment. They need to simplify their licensing down to just one thing. It should be based on the amount of data, the number of devices, or something else, but there should be just one thing for everything. That's what they need to base their licensing on. Cost-wise, they're not cheap. They were definitely the most expensive option, but you get what you pay for. They're not the cheapest option."
  • "From a pricing perspective, they are very commercially competitive. From a licensing perspective, just be conscious that some of their future cloud solutions come with additional subscriptions. Also, if you're outside of the US, you will get charged freight for the device back to your country."
  • "Cost is a big factor, as always. However, I think we have a very good price–performance ratio."
  • "Vectra's licensing model could scale to our research network, which has multiple, 100-gigabit links."
  • More Vectra AI Pricing and Cost Advice →

  • "Compared to other products, Auvik's pricing is more feasible since you get all its features. You pay for licenses on a per network device basis. It monitors hypervisors, but does not bill for that. There are no additional costs, which is something that I like."
  • "The pricing is fair for the value and time saved that you get out of it. The larger you go, the more sense it makes per device, because as you hit different pricing tiers, it becomes much more affordable per device."
  • "Its pricing is a little on the high end. There are no costs in addition to the standard licensing fees. It is more expensive than other solutions, but their per-device model is very fair. Anything other than the networking gear is monitored by Auvik at no charge."
  • "The value is there. It's not that expensive per device and it's licensed per device. Unlike some of the other tools that I use, it's not real expensive. It's a good value for the price."
  • "It's great for small businesses, but when you start reviewing the pricing model, depending on how many devices, and what sub-devices you decide to pull in, it can get tricky as far as the pricing goes."
  • "As an individual IP company, Auvik is a little bit pricey. It is a little expensive, but as an MSP owner, I have a small side business. So, I'm an Auvik customer in that sense too. In that, I think it's reasonable to pay $10 to $15 a device or less depending on the endpoint. For the amount of capability that it has, it is very reasonably priced."
  • "Its pricing is very reasonable. We had looked at other solutions where you pay based on the amount of traffic that was filtered through and analyzed. With Auvik, we pay by a billable device. We're not paying based on every single device we have. For one of the locations I have, one network element would likely be a billable device. So, every billable device has a network element, but not every network element is a billable device. If I have a location that has 50 network elements, then maybe 30 of them are billable devices. PCs, VoIP phones, and access points are monitored at no charge."
  • "The cost for all the devices that we were billed at in my last job was about $2500 annually. It wasn't much. It has the most reasonable pricing as compared to any product out there. I can't complain. It is amazing. It allows me to bundle inside the package what I charge customers per user per month. I don't charge them per device anymore. That's not how we do things in the industry. It is per user per month. The way Auvik is charging us allows me to do it. For example, if they charge $250 for a certain number of seats, I'm just going to write the costs onto per user per month. I have a few leftover licenses to use, which allows me to go out and make some more sales and give some freebies at some shows. So, it makes me very flexible. I am very happy with it. It is billed by network devices. You could choose which billable device you want. What is really nice is that if you don't want one switch to be billable and the other one to be billable, you can do that. You just won't have the features that the billable switch has, which isn't horrible. Sometimes, you don't need that. What I'm really happy about is that Auvik doesn't force things on you and doesn't say, "You have to have all of this," and that's a great business model."
  • More Auvik Pricing and Cost Advice →

  • "The price of this solution is exceptional."
  • "While the pricing is fair, it could be better."
  • "The pricing is reasonable."
  • "We pay yearly, and we are happy with its price."
  • More SolarWinds NetFlow Traffic Analyzer Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Network Traffic Analysis (NTA) solutions are best for your needs.
    564,599 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: 
    Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a… more »
    Top Answer: 
    Cost is a big factor, as always. However, I think we have a very good price–performance ratio.
    Top Answer: 
    If you hit a certain number of rules, triage filters, or groups, the UX responds more slowly. However, we have a complex… more »
    Top Answer: 
    One of the best things about Auvik, and it's why it's one of my go-to products, are the remote access capabilities… more »
    Top Answer: 
    The pricing is fair for the value and time saved that you get out of it. The larger you go, the more sense it makes per… more »
    Top Answer: 
    The logging features could be a little bit better polished, although that aspect is relatively new. It comes in as raw… more »
    Top Answer: 
    I have worked from 1973 with all kind of systems in large enterprises across the world. And have experience with all… more »
    Top Answer: 
    I'd like to see some additional security and more efficient support for the solution.
    Comparisons
    Also Known As
    Vectra Networks, Vectra AI NDR
    Netflow Traffic Analyzer
    Learn More
    Overview

    Vectra threat detection and response is a complete cybersecurity platform that collects, detects, and prioritizes security alerts. The Cognito platform for Network Detection and Response (NDR) detects and responds to attacks inside cloud, data center, Internet of Things, and enterprise networks. The platform also provides automated response capabilities for low-level threats and escalates more severe anomalies to security personnel.

    Cognito captures data for multiple relevant sources and enriches it with context and security insights. It starts by deploying sensors across different networks in datacenters, IoT, or enterprise networks. The algorithm extracts relevant metadata from network and cloud traffic. The information can also be non-security information that can help investigation. 

    The data is enriched with security context to support critical use cases, such as threat detection, investigation, hunting and compliance. The platform is machine learning-based, which enables it to adapt to any new and current threat scenario. It detects, clusters, prioritizes, and anticipates attacks by using identity and host-level enforcement. 

    With the Vectra platform, a person can investigate 50 threats in just two hours. By prioritizing alerts and leveraging threat intelligence, it provides faster results.Vectra solves today’s security challenges for network detection and response. 

    One of Vectra’s best features is the emphasis they put in pairing research and data science for security insights. It offers behavior codification with unsupervised, supervised, and deep learning models. 

    The pricing is according to a subscription model with a free trial available.Vectra is available for Office 365, Azure AD and AWS Brain.

    Features of Vectra AI

    • AI-based threat detection and response. 
    • Detects attacks in real time with behavior-based threat detection. 
    • Consolidates and correlates thousands of events, detecting threats. 
    • Enriches threat investigation with a chain of evidence and data science security insights. 
    • Machine learning techniques, including deep learning and neural networks. 
    • Gives visibility into cyberattackers and analyzes all network traffic. 
    • Continuous updates with new threat detection algorithms. 
    • Provides encryption at rest and in transit. For the AWS version, it offers AES-256 encryption via AWS Key Management Service. 
    • Guaranteed availability according to the SLA of the service selected. 
    • Does not connect to public sector networks. 

    Benefits of Vectra AI

    • Behavioral models use AI to find unknown attackers. 
    • Context increases the accuracy of threat hunting. 
    • Allows for proactive action by prioritizing the most relevant information. 
    • Provides a clear picture and extensive context for investigations. 
    • Aids decision-making in the incident response process. 
    • Helps working with large datasets by capturing metadata at scale. 
    • Automates time-consuming analysis. 
    • Reduces the security analysts’ workloads on threat investigations. 

    Other advantages of Vectra services include that they can be deployed in the public, private, or hybrid cloud. Support is available via email or online ticketing with an average of 4 hours of response. Phone support is available 24/7. 

    Vectra provides full on-site and online training and documentation. Regarding the user interface, it supports several types of web browsers, such as Internet Explorer, Microsoft Edge, Firefox, Chrome, Safari and Opera. However, it is not available for mobile devices.

    Reviews from Real Users

    Here’s what PeerSpot users of Vectra AI have to say about it:

    "One of the core features is that Vectra AI triages threats and correlates them with compromised host devices. From a visibility perspective, we can better track the threat across the network. Instead of us potentially finding one device that has been impacted without Vectra AI, it will give us the visibility of everywhere that threat went. Therefore, visibility has increased for us." - Dave W., Operations Manager at a healthcare company

    "It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low.” - T.S., Senior Security Engineer at a manufacturing company

    Auvik is cloud-based software that simplifies and automates network monitoring and management to give you complete network visibility and control.

    Designed to deploy in minutes, you’ll resolve problems faster than ever with real-time network mapping and inventory, powerful troubleshooting features, deep network traffic insights, automated config backups and restore, and more. https://www.auvik.com/get-free-trial

    SolarWinds Netflow Traffic Analyzer enables you to capture data from continuous streams of network traffic and convert those raw numbers into easy-to-interpret charts and tables that quantify exactly how the corporate network is being used, by whom, and for what purpose.
    Offer
    Learn more about Vectra AI
    Learn more about Auvik
    Learn more about SolarWinds NetFlow Traffic Analyzer
    Sample Customers
    Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
    Information Not Available
    Oceaneering International, Asia Pacific Network Information Centre, 335th Signal Command, Immofori
    Top Industries
    REVIEWERS
    Financial Services Firm19%
    Retailer19%
    Manufacturing Company13%
    Mining And Metals Company13%
    VISITORS READING REVIEWS
    Comms Service Provider26%
    Computer Software Company24%
    Government6%
    Financial Services Firm6%
    REVIEWERS
    Manufacturing Company13%
    Computer Software Company13%
    Energy/Utilities Company13%
    Healthcare Company13%
    VISITORS READING REVIEWS
    Computer Software Company30%
    Comms Service Provider15%
    Government9%
    Financial Services Firm7%
    REVIEWERS
    Manufacturing Company30%
    Financial Services Firm20%
    Real Estate/Law Firm10%
    Non Tech Company10%
    VISITORS READING REVIEWS
    Comms Service Provider27%
    Computer Software Company23%
    Government8%
    Financial Services Firm4%
    Company Size
    REVIEWERS
    Small Business18%
    Midsize Enterprise6%
    Large Enterprise76%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise23%
    Large Enterprise52%
    REVIEWERS
    Small Business53%
    Midsize Enterprise26%
    Large Enterprise21%
    VISITORS READING REVIEWS
    Small Business54%
    Midsize Enterprise14%
    Large Enterprise32%
    REVIEWERS
    Small Business35%
    Midsize Enterprise5%
    Large Enterprise60%
    Find out what your peers are saying about Auvik vs. SolarWinds NetFlow Traffic Analyzer and other solutions. Updated: January 2022.
    564,599 professionals have used our research since 2012.

    Auvik is ranked 3rd in Network Traffic Analysis (NTA) with 21 reviews while SolarWinds NetFlow Traffic Analyzer is ranked 6th in Network Traffic Analysis (NTA) with 9 reviews. Auvik is rated 9.0, while SolarWinds NetFlow Traffic Analyzer is rated 7.8. The top reviewer of Auvik writes "Incredibly easy to use, cuts our resolution time, and automatically takes care of configuration management and backups". On the other hand, the top reviewer of SolarWinds NetFlow Traffic Analyzer writes "Good reporting allows us to proactively deal with bandwidth-related issues". Auvik is most compared with LogicMonitor, Meraki Dashboard, BMC TrueSight Operations Management, PRTG Network Monitor and Zenoss Service Dynamics, whereas SolarWinds NetFlow Traffic Analyzer is most compared with Cisco Stealthwatch, Zabbix, Centreon and Plixer Scrutinizer. See our Auvik vs. SolarWinds NetFlow Traffic Analyzer report.

    See our list of best Network Traffic Analysis (NTA) vendors.

    We monitor all Network Traffic Analysis (NTA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.