We just raised a $30M Series A: Read our story

ExtraHop Reveal(x) OverviewUNIXBusinessApplication

ExtraHop Reveal(x) is #5 ranked solution in top Network Detection and Response (NDR) tools and #8 ranked solution in Network Traffic Analysis tools. IT Central Station users give ExtraHop Reveal(x) an average rating of 10 out of 10. ExtraHop Reveal(x) is most commonly compared to Darktrace:ExtraHop Reveal(x) vs Darktrace. The top industry researching this solution are professionals from a computer software company, accounting for 24% of all views.
What is ExtraHop Reveal(x)?

Reveal(x) provides the visibility, insights, and answers that security analysts need to respond quickly and confidently to the highest priority threats against their organization's critical assets. It starts by automatically discovering and classifying every device communicating across the network, and using machine-learning driven behavioral analysis to detect anomalous and malicious activity.

ExtraHop Reveal(x) is also known as Reveal(x), Revealx.

Buyer's Guide

Download the Network Traffic Analysis (NTA) Buyer's Guide including reviews and more. Updated: November 2021

ExtraHop Reveal(x) Customers

Wood County Hospital

ExtraHop Reveal(x) Video

ExtraHop Reveal(x) Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Dawid Van Der Merwe
Sales Engineer | Technical Sales | Pre-Sales at SUSE
Reseller
Top 5Leaderboard
Enables users to make an informed decision to mitigate performance or security incidents

Pros and Cons

  • "We had useful information within the hour of deployment. The ability to trace back for historical analysis, as well as the behavioral analysis done with the security information, puts the user in a position to make an informed decision to mitigate the performance or security incidents. Regarding the security incidents, Reveal (x) is able to create incident cards that guide your teams through the incidents and gives you the option to delve into the transaction detail to potentially view payloads as well."
  • "Netflow - Processing Netflow can be cumbersome as it requires triggers to truly gain value and insight. This in turn can add a bit of load to the hardware. The focus of ExtraHop Reveal (x) is live packet data."

What is our primary use case?

We have implemented the ExtraHop Reveal(x) solution at multiple clients. They range from government, retail to financial. We collect north-south and east-west traffic via a visibility layer (packet brokers, taps, spans) and then feed that traffic to the ExtraHop Reveal (x) solution. The volume ranges from 1 GB solutions up to 40 GB solutions with 100 GB in the pipeline. Initially, we approached them for application performance analysis, but we now use it to assist the security teams as well. The behavioral analytics and ability to go back in history is proving extremely valuable.

How has it helped my organization?

The analytic views (L2 to L7), with a vast amount of enterprise protocols, standard dashboards, as well as various applications or security dashboards that can be added, gave a very quick ROI. The technical teams are able to gain views of their networks, servers, applications, etc. and the management level is able to gain overview dashboards to assist them as well. Security teams are able to gain insight into the behavior of security elements, which enables them to track the event back in time to see exactly what happened and what elements were involved with the incident. It is also very useful to have the AI/ML element with Reveal (x). The ability to decrypt at the line rate proved invaluable. Various triggers and integration options are available to continually add value to the clients' specific environment.

What is most valuable?

We had useful information within the hour of deployment. The ability to trace back for historical analysis, as well as the behavioral analysis done with the security information, puts the user in a position to make an informed decision to mitigate the performance or security incidents. Regarding the security incidents, Reveal (x) is able to create incident cards that guide your teams through the incidents and gives you the option to delve into the transaction detail to potentially view payloads as well. The ability to integrate with various other solutions enables improvement in existing processes.

What needs improvement?

Netflow - Processing Netflow can be cumbersome as it requires triggers to truly gain value and insight. This in turn can add a bit of load to the hardware. The focus of ExtraHop Reveal (x) is live packet data.

Triggers - While the triggers are great for specific use cases, it can add load to the hardware and requires some development skill, which can be costly.

VoIP - While we can view SIP and RTP (quality, MOS, etc.) it is not the best solution for VoIP itself. There are better solutions for more detailed VoIP monitoring. It can solve some problems, but not all problems.

For how long have I used the solution?

We have been using ExtraHop for quite a few years and we have been using their Reveal (x) platform since it went to market.

What do I think about the stability of the solution?

It is very stable. Have not had any issues.

What do I think about the scalability of the solution?

The solution can scale up to 100GB and it works.

How are customer service and technical support?

99% of the time it was great. Only had one incident that took some time, but it was resolved eventually with a positive outcome.

Which solution did I use previously and why did I switch?

We have used other solutions from other vendors like NetScout, Sinefa, etc. where the client budget, requirement and focus changed. Some clients prefer certain vendors since they might have a standing relationship with them.

How was the initial setup?

Design can take some time, the visibility layer can be quite intricate, but the actual ExtraHop Reveal (x) solution is extremely easy to deploy.

What about the implementation team?

Initially, we depended on the vendor team, but later we deployed mostly ourselves with some input from the vendor team. They were always very helpful and professional.

What was our ROI?

The ROI is fairly immediate, if you attach a service or dedicated resource. That determines how much you win.

What's my experience with pricing, setup cost, and licensing?

It is important to understand the data you feed any of these solutions. We always recommend a visibility layer (packet brokers, taps, etc.), but that incurs a new cost that can delay the project. So work on a strategy that delivers visibility and a solution that enables your teams. All of this will add to the project and cost. What you put in is what you will get out.

Which other solutions did I evaluate?

NetScout - TruView, nGeniusOne, Sinefa, nTopNG, Sintrex Flow.

What other advice do I have?

Generally, I enjoy working with this solution and the teams from ExtraHop. Just be sure that you always attache a service or a dedicated resource to any such solution to get the most value out of it.

Which deployment model are you using for this solution?

On-premises

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: My company has a business relationship with this vendor other than being a customer: We are partners with ExtraHop as well as NetScout and resell their solutions and services.
RB
Head of Network Services at a tech services company with 10,001+ employees
Real User
Top 5
An easy initial setup with extensive documentation and good stability

Pros and Cons

  • "Setting up the solution is relatively easy."
  • "The solution is expensive and gets more expensive if a company needs to scale it."

What is our primary use case?

We primarily use the solution for three main aspects: security, visibility, and application performance.

What is most valuable?

The most valuable aspect of the solution is the depth of information that's available. With all the documentation and details, it's a very good solution to work with.

Setting up the solution is relatively easy.

What needs improvement?

At this point, there aren't any features that are lacking, from our perspective. The solution is pretty complete.

The solution is expensive and gets more expensive if a company needs to scale it.

For how long have I used the solution?

I've been using the solution for about a year now.

What do I think about the stability of the solution?

The stability of the solution is excellent. We don't have any issues with bugs or glitches. It doesn't crash or freeze. I would say it's quite reliable from a performance standpoint.

What do I think about the scalability of the solution?

We have about a dozen or so people who regularly interact with the solution. They are predominantly project and operational network engineers. We're using the product on a daily basis.

Scalability is probably limited, mainly due to the expenses involved in expanding the solution. Due to costs, companies may be turned off by scaling in any meaningful way.

How are customer service and technical support?

We've never had to contact technical support. We haven't had any major issues. Therefore, I wouldn't be able to rate the level of their service. From a product perspective, it's been very good so far.

Which solution did I use previously and why did I switch?

We didn't previously use a different product. This is the first solution that we've used for security and application performance purposes.

How was the initial setup?

The initial setup was not complex. We found the implementation process to be quite simple and straightforward.

It took approximately three weeks to deploy the solution and to have everything up and running.

The great part about the solution is that maintenance is minimal. It's mainly just software upgrades when they're released. When upgrades are needed, our network team is able to handle everything in house.

What about the implementation team?

Our company with our own in-house team plus the vendor handled the setup together.

What's my experience with pricing, setup cost, and licensing?

I don't have any insights into the pricing of the solution. I'm not sure what they are, exactly, however, it is my understanding that the solution itself is costly. There are also additional charges for additional devices to collect the traffic from the network. If you need to scale, the pricing grows too. Everything can add up.

What other advice do I have?

We have a relationship with the vendor, and we're also a customer.

For those considering implementing the solution, I would advise organizations to engage early with their sales managers and sales engineers, in order to understand these cases.

I'd rate the solution nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner