We performed a comparison between Trellix Advanced Threat Defense and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Advanced Threat Protection (ATP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features are the administration console and its detection and response module."
"It stops in excess of twenty-five malware events per month, all of which could be critical to the business."
"It is very scalable."
"It is stable and reliable."
"I recommend this solution because of its ease of use."
"Provides good exfiltration, and is an all-in-one product."
"Its greatest strength is the DXL client which can rapidly disseminate attack information to all clients via the McAfee Agent instead of going through the ePO server."
"Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities."
"We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement and that nothing else was infected. It helped us correlate the events and feel confident in our containment."
"The most valuable feature of the solution stems from how it allows users to do the investigation part. Another important part of the product that is valuable is associated with how it gives information to users in the form of a storyline."
"Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser."
"The server appliance is good."
"The installation phase was easy."
"Support is very helpful and responsive."
"We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up."
"There could be a tool that automatically updates all-new Microsoft IPs, which are available for free to connect to the client."
"The initial setup was industry standard complex. It takes awhile and has a lot of planning involved. It could be simplified with product redesign."
"This solution needs to be made "cloud ready"."
"I would like to see future versions of the solution incorporate artificial intelligence technology."
"Lacks remote capabilities not dependent on the internet."
"Make the ATD system a part of the whole product and take the whole thing onto the cloud. While it is there already, it is not to the same level as the on-premise version."
"We'd like them to be better at dealing with script threats."
"Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier."
"I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."
"Technical packaging could be improved."
"It would be great if we could create granular reports based on the protocols, types of attacks, regions of attack, etc. Also we would like to easily be able to add exceptions to rules in cases of false positives."
"I would love to see better reporting. Because you can't export some of the reports in proper formats, it is hard to extract the data from reports."
"The product's integration capabilities are an area of concern where improvements are required."
"FireEye Network Security should have better integration with other vendors' firewalls or proxies, such as Palo Alto and Fortinet. Files that are being submitted should happen through the API or automatically."
"If you want to search the hashes in the environment, you need to put in IOCs one by one, making it a very hectic job."
More Trellix Advanced Threat Defense Pricing and Cost Advice →
More Trellix Network Detection and Response Pricing and Cost Advice →
Trellix Advanced Threat Defense is ranked 21st in Advanced Threat Protection (ATP) with 8 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 37 reviews. Trellix Advanced Threat Defense is rated 7.8, while Trellix Network Detection and Response is rated 8.4. The top reviewer of Trellix Advanced Threat Defense writes "Easy to set up and use with a nice interface". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Offers in-depth investigation capabilities, integrates well and smoothly transitioned from a lower-capacity appliance to a higher one". Trellix Advanced Threat Defense is most compared with Microsoft Defender for Office 365, Fortinet FortiSandbox, Microsoft Defender for Identity and Palo Alto Networks WildFire, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Fortinet FortiGate and Vectra AI. See our Trellix Advanced Threat Defense vs. Trellix Network Detection and Response report.
See our list of best Advanced Threat Protection (ATP) vendors.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
