ExtraHop offer comprehensive Network Detection and Response (NDR) solutions with strong cloud security offerings. Their extensive product range offers services such as Internet of Things (IoT) security and SIEM services.
Author: Netify Research Team
If you have questions about ExtraHop and how their capability is aligned to your needs, email the Netify research team. UK: uk@netify.co.uk North America: northamerica@netify.com
(Please use the UK email for ROW - Rest of the World - questions or inquiries)
Request the very latest ExtraHop cybersecurity sales PDF directly from your local account team. Please check your junk folder if not received.
Complete your details to arrange a demo of ExtraHop cybersecurity. You will receive contact requesting available dates and times - please check your junk folder if not received.
Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.
ExtraHop offer a comprehensive Network Detection and Response (NDR) solution with cloud capabilities. The solution has options for cloud-security (AWS, Azure, Google Cloud) and security for remote users, along with MDR solutions and managed services provided by one of ExtraHop’s authorized managed services provider partners. ExtraHop is recommended for companies looking for granular NDR and cloud security services.
However, offerings such as firewalls, Next Generation Firewalls (NGFW), Managed Detection and Response (MDR), Extended Detection and Response (XDR), and managed services are all offered via partnerships with third-party companies. This allows ExtraHop to provide granular and featured services due to collaboration with expertise from other companies. Although this could have the potential to create a complex solution due to the high number of third-party companies that are involved.
Take our 90 second assessment quiz to find out which top 3 vendors or managed providers are a match for your answers.
ExtraHop were founded in 2007, and have their Global Headquarters in Seattle, Washington, North America. Their EMEA Headquarters located in London, United Kingdom and their APAC Headquarters can be found in Singapore. Their Primary focus is on Network Detection and Response. ExtraHop were named as Leaders in the 2019 Gartner Magic Quadrant for Network Performance Monitoring and Diagnostics and in 2020 they are a Representative Vendor in the Gartner Market Guide for Network Detection and Response.
Netify have listed the technology partners used by ExtraHop.
Filter by tag, location, and service type:
(Select any number of tags)
List of the pros and cons associated with ExtraHop Cybersecurity.
Consider the points below to compare ExtraHop vs Darktrace cybersecurity.
Click the vendor logo to find out more about each respective cybersecurity solution.
NDR/MDR:
Cybersecurity Products & Services:
ExtraHop do not offer a SASE solution. However, they offer real-time network and endpoint threat detection in partnership with CrowdStrike. The solution integrates ExtraHop Reveal(x), and CrowdStrike Falcon Insight to offer clients a combination of endpoint security, network visibility, remediation, and machine learning behavioral threat detection. ExtraHop SASE works as Reveal(x) detects threats that are only visible on the network and automatically notifies CrowdStrike, where compromised devices will be contained. Analysts will use endpoint data collected from CrowdStrike and network data collected from ExtraHop to investigate, validate and appropriately respond to threats.
ExtraHop do not offer a ZTNA solution, however their Reveal(x) 360 NDR solution enables the visibility required to support the roll out of ZTNA to the network at any phase. The risks and lead time of ZTNA deployment can be reduced when working in tangent with Reveal(x) 360, as the single management pane provides real time insights into users, assets, cloud workloads and across the network.
ExtraHop do not offer a CASB solution, however, Reveal(x) 360 extends NDR to the cloud, offering multi-cloud security solutions for AWS, Azure and Google Cloud (see, How does ExtraHop Networks deliver cloud security?).
ExtraHop do not offer a SWG solution, however this may be available from a third-party company.
ExtraHop offer their partnership with Palo Alto to provide a bundle service which allows users to quarantine compromised devices in Panorama or on a client’s pre-existing Palo Alto firewall. This is carried out in real-time as the ExtraHop Discover appliance identifies alerts. Included in the bundle are two triggers, one for alerts and one for detections. Clients can choose which alerts and detections that they wish to be monitored, as well as the address group where they will be quarantined. The bundle comes with a dashboard that shows clients how many detection and alert events have been sent to the firewall, as well as the IP address of related devices. The bundle also supports Panorama, which is a centralized management system that supports global visibility and allows clients to control multiple Palo Alto Next Generation Firewalls (NGFW) via their web-based interface. The bundle includes:
In order to use this bundle, clients must ensure that they reach the following requirements:
Installation advice is available on the ExtraHop website.
ExtraHop do not offer MDR directly. However, they are one of MDR provider Datashield’s premier partners. The partnership combines the ExtraHop Reveal(x) NDR platform with Datashield’s MDR services, leveraging Datashield’s Security Operations Center (SOC). The solution also integrates with ExtraHop Reveal(x) 360, to bring MDR to the cloud, and offer scalability for client’s looking to move to the cloud. Datashield keep an up-to-date record of all devices that are inside a corporate network. This is augmented by the ExtraHop Network Discovery feature, which learns the behavior of devices within the network to help to identify them. Datashield also offers constant monitoring via their SOC, which is combined with ExtraHop NDR for Threat Detection capabilities.
Reveal(x) Enterprise is a self-managed NDR solution for hybrid network architectures, cloud and containerized applications. The solution helps companies to detect advanced threats, analyze breaches and deliver improved responses through automation and network visibility. This enables network security improvements such as critical asset discovery, hygiene and compliance and automated responses via SOAR as well as performance improvements including real time application analytics, machine learning anomaly detection and more. Please see below for a features breakdown for the ExtraHop NDR solution:
The ExtraHop NDR solution is available in various different tiers dependent on enterprise size and cloud capabilities:
ExtraHop Networks do not currently offer a full XDR solution, however their Reveal(x) NDR platform can be integrated with Exabeam Fusion XDR or Exabeam Fusion SIEM to provide faster threat response and develop a more rounded XDR solution. ExtraHop is the only NDR vendor within the XDR Alliance, an open cybersecurity ecosystem of vendors.
ExtraHop deliver multi-cloud security solutions for Amazon Web Services (AWS), Microsoft Azure and Google Cloud through their Reveal(x) 360 solution, which extends NDR services to the cloud. The solution features deep visibility into SSL/TLS encrypted traffic, and offers intelligence across multi-cloud, remote work, IoT and hybrid environments. Cloud-based machine learning detects anomalous behavior and malicious activity to protect APIs and misconfigurations, accelerating threat hunting. Clients can deploy ExtraHop sensors in the cloud, data centers and remote sites to decrypt and process network data. The data is extracted and is sent to Reveal(x) 350 for analysis, investigation and real-time threat detection. This data can be accessed via the Reveal(x) 360 user interface.
ExtraHop offer remote access security, which allows clients to monitor usage, maintain uptime and defend their distributed workforce against cyberattacks. The offering is part of the Reveal(x) NDR solution, creating visibility across on-premises, hybrid and cloud infrastructures. This includes:
ExtraHop offer managed services via their service provider partners (See, Which service providers and partners do ExtraHop Networks support?). ExtraHop offer two forms of authorized managed services provider partners: ExtraHop Managed Services provider partners and ExtraHop MSP resale partners.
Managed Services provider partners leverage SOCs, and regularly inspect integrations with ExtraHop. Typically these partners provide EDR and SIEM services, and often partner with SOAR vendors for managed remediation services. ExtraHop MSP Resale Partners differ because they typically do not have their own SOC. Instead, they are able to partner with High Wire Networks via ExtraHop to provide clients with ExtraHop Managed Service via SYNNEX - this is only available in North America.
The ExtraHop Customer Portal allows clients to report issues with their solution. There are two tiers of maintenance and support plans offered which are accessible via the Customer Portal: Gold, which offers support services that are active from Monday - Friday from 6am until 6pm local time; and Platinum, which offers constant support services, every day of the week for 24 hours a day. The portal also allows clients to deploy services such as the ExtraHop Trace Appliance in Azure and offers system notices.
Below is a table displaying the main focus points of the ExtraHop Networks Service Level Agreement (SLA).
Hardware Appliance Lifecycle and End-of-Life Policy:
Product Model | End of Sale Date | End of Firmware Upgrades | End of Support | Final Supported Firmware |
EDA 1100 | January 31, 2020 | January 31, 2023 | January 31, 2024 | TBD |
EXA 5100 | December 31, 2018 | December 31, 2021 | December 31, 2022 | 8.7 (Q4 2021) |
EDA 9100 | September 30, 2018 | September 30, 2021 | September 30, 2022 | 8.7 (Q4 2021) |
EDA 8100 | September 30, 2018 | September 30, 2021 | September 30, 2022 | 8.7 (Q4 2021) |
ETA 6150 | September 30, 2018 | September 30, 2021 | June 30, 2023 | 8.7 (Q4 2021) |
EDA 6100 | July 26, 2018 | September 30, 2021 | September 30, 2022 | 8.7 (Q4 2021) |
EDA 3100 | June 30, 2018 | June 30, 2021 | June 30, 2022 | 8.7 (Q4 2021) |
EH 3000 | October 1, 2016 | December 18, 2019 | October 1, 2020 | 7.9 |
EH 8000 | September 30, 2015 | March 31, 2019 | September 30, 2019 | 7.6 |
EH 6000 | September 30, 2015 | March 31, 2019 | September 30, 2019 | 7.6 |
EH 5000 | April 1, 2013 | November 3, 2015 | December 31, 2016 | 4.1 |
EH 2000 | April 1, 2013 | November 3, 2015 | May 3, 2016 | 4.1 |
EH 2000 (1G) | December 31, 2010 | June 30, 2014 | September 30, 2015 | 3.1 |
EH 5000 (10G) | March 31, 2010 | June 30, 2014 | September 30, 2015 | 4.1 |
(ExtraHop Networks, 2021) Find out more at: https://www.extrahop.com/support/policies/
ExtraHop Support Plans:
Support | Platinum | Gold | |
Software Maintenance and Upgrade Assurance | 24x7x365 | Monday-Friday Standard business days 6AM-6PM local time | |
Initial Response Times (coverage hours) Initial response time is the time between ExtraHop creating a support case and first contacting the client. | |||
Severity 1 | Phone or Web | 1 | 3 |
4 | 12 | ||
Severity 2 | Phone or Web | 2 | 3 |
4 | 12 | ||
Severity 3/4 | Phone or Web | 4 | 8 |
12 | Next coverage day | ||
Communication Cadence (coverage hours) Communication cadence and priority levels are mutually established by client and ExtraHop on a case-by-case basis. | |||
Priority 1 | Critical | 4 | 12 |
Priority 2 | High | 24 | Next coverage day |
Priority 3 | Medium | 72 | 3 coverage days |
Priority 4 | Low | 120 | 5 coverage days |
Hardware Replacement | Subject to ExtraHop authorization and ExtraHop’s End-of-Life Policy, replacements will be shipped same day if authorized by 12PM PST, otherwise next business day PST | Subject to ExtraHop authorization and ExtraHop’s End-of-Life Policy, replacements will be shipped within 3 coverage days |
(ExtraHop Networks, 2021) Find out more at: https://www.extrahop.com/support/
ExtraHop Networks offer specialized solutions for the following industry verticals:
ExtraHop’s Channel partners are part of the Panorama Partner Programme and can be Authorized, Gold or Platinum partners. Partnership opportunities include: MSP Resale Partners, Global Alliance Partners, Managed Services Providers (MSPs) and Value Added Reseller (VAR) Partners.
Featured Integrations:
Application Analytics:
Cloud-native Security:
Network Performance:
Security Operations:
The most comprehensive top 10 guide we have ever created.
List your business with Netify Learn More →
Please complete the form to ask a question or send a message directly to ExtraHop. Netify have carefully curated global sales contacts based on your IP location. If you do not receive contact, please check your junk folder.
Book a demo of the ExtraHop SD WAN and SASE security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.
A Netify Vendor Briefing is a 30 minute Zoom research session for IT decision makers, and an opportunity to learn about the vendors products, services and business strategies specifically or a related technology or market. We'll also discuss their competitors and which other solutions your business should consider. If you do not receive contact, please check your junk folder.