We performed a comparison between Bitdefender Sandbox Analyzer and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Fortinet and others in Advanced Threat Protection (ATP)."Sandbox Analyzer is easy to use. It's simple to drill down into the data. In a lot of the competing products, an extremely informed end-user can do battle with the tools provided, but in today's market, end-users have less and less time to try and keep up. The CSAW alerts come out every day, and they're huge. Adobe did a master patch last Thursday and another one a few days later."
"It is easy to use, and there is a lot of automation. So, users don't need to worry about that."
"The solution is useful in the event of a gray file or grayware, as there are certain files users may download of which we know little about."
"I like the fact that it works pretty well. It can be a little aggressive at times, but I'd rather have it be a little bit aggressive than not catch what it's supposed to catch. We've been running that platform for about five years, and we've not really had any viruses or malware get through. It's also easy to set up, and it's easy to manage."
"The server appliance is good."
"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."
"Improved our systems and our customers' by providing better malware protection, defense against zero-day threats, and improved network security."
"The most valuable feature is the view into the application."
"We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up."
"The most valuable feature of the solution stems from how it allows users to do the investigation part. Another important part of the product that is valuable is associated with how it gives information to users in the form of a storyline."
"The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks."
"Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening."
"It does everything we need. We haven't been able to throw anything at it that it couldn't handle."
"It would be better if there were real-time alerts. The whole suite, unlike most anti-virus consoles that just ping you when there's an infection or something, for some inexplicable reason, Bitdefender doesn't do that. The most you could do is get an hourly email, or maybe if there's an outbreak that affects 30% of our machines, it sends me an email. There's no real-time alert to say, "Hey, so-and-so literally 30 seconds ago just had this happen on their machine." Real-time reporting would be a huge improvement. All in all, it's a pretty nice product, generally speaking. They do a pretty good job. They can pretty much go toe to toe with just about anybody. But it's that kind of real-time nature. I've not had occasion to use the EDR portion to actually try and do any kind of custom scripting to drill into things that are going on at the endpoints. But my understanding from reading comments of others is that it's not particularly flexible in that regard to be able to do things like that."
"It should be more secure. There should be more protection, especially for non-signature-based malware. It works fine for non-signature-based malware, but I expect it to become a bit more advanced to be able to cope with future or upcoming environments."
"We propose the on-premises solution to most of our customers, for which we must provide a license, although no such request accompanies customers who want a cloud-based solution."
"We would like to see the time it takes for the sandbox to analyze a file reduced from its ten or fifteen minute duration to five."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
"Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard."
"Technical support could be improved."
"If you want to search the hashes in the environment, you need to put in IOCs one by one, making it a very hectic job."
"It is very expensive, the price could be better."
"It is an expensive solution."
"Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official distributor and partner of FireEye, and we have access to complete documentation about how to configure or implement this technology, but for customers, very limited documentation is available openly. This is the area in which FireEye should evolve. All documents should be easily available for everyone."
"The initial setup was complex because of the nature of our environment. When it comes to the type of applications and functions which we were looking at in terms of identifying malicious threats, there would be some level of complexity, if we were doing it right."
More Trellix Network Detection and Response Pricing and Cost Advice →
Bitdefender Sandbox Analyzer is ranked 18th in Advanced Threat Protection (ATP) with 4 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 37 reviews. Bitdefender Sandbox Analyzer is rated 9.0, while Trellix Network Detection and Response is rated 8.4. The top reviewer of Bitdefender Sandbox Analyzer writes "You can create time-sensitive policies, apply them, and push reconfiguration, so that engine is functioning, tuned, and safe". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Offers in-depth investigation capabilities, integrates well and smoothly transitioned from a lower-capacity appliance to a higher one". Bitdefender Sandbox Analyzer is most compared with Microsoft Defender for Office 365, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Fortinet FortiGate and Vectra AI.
See our list of best Advanced Threat Protection (ATP) vendors.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
