Try our new research platform with insights from 80,000+ expert users

Change Tracker Gen7 R2 vs KerioControl vs Trellix Intrusion Prevention System comparison

Netwrix and GFI are both solutions in the Intrusion Detection and Prevention Software (IDPS) category. Netwrix is ranked #21 with an average rating of 10.0, while GFI is ranked #18 with an average rating of 8.8. Netwrix holds a 0.7% mindshare in ID, compared to GFI’s 1.9% mindshare. Additionally, 66% of Netwrix users are willing to recommend the solution, compared to 88% of GFI users who would recommend it.
Change Tracker Gen7 R2
Read 2 Change Tracker Gen7 R2 reviews
  • 239 Views
  • 208 Comparison Views
66% willing to recommend
KerioControl
Read 58 KerioControl reviews
  • 4,970 Views
  • 497 Comparison Views
88% willing to recommend
Trellix Intrusion Preventio...
Read 15 Trellix Intrusion Prevention System reviews
  • 1,067 Views
  • 928 Comparison Views
94% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Change Tracker Gen7 R2, KerioControl, and Trellix Intrusion Prevention System based on real PeerSpot user reviews.

Find out what your peers are saying about Darktrace, Check Point Software Technologies, Fortinet and others in Intrusion Detection and Prevention Software (IDPS).

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Intrusion Detection and Prevention Software (IDPS) Report (Updated: August 2025).
Buyer's Guide
Intrusion Detection and Prevention Software (IDPS)
August 2025
Download the complete report
Helped 866,956 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Mindshare comparison

As of September 2025, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Change Tracker Gen7 R2 is 0.7%, up from 0.4% compared to the previous year. The mindshare of KerioControl is 1.9%, up from 1.6% compared to the previous year. The mindshare of Trellix Intrusion Prevention System is 3.5%, up from 2.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Intrusion Detection and Prevention Software (IDPS) Market Share Distribution
ProductMarket Share (%)
Trellix Intrusion Prevention System3.5%
KerioControl1.9%
Change Tracker Gen7 R20.7%
Other93.9%
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

SL
Reliable, good technical support, and simple installation
Change Tracker Gen7 R2 can be used in the health sector for compliance. It can secure the patient's information The solution could improve by being more secure and have better integration. I have been using Change Tracker Gen7 R2 for a couple of weeks. The solution is stable. My team is using…
Read full review
Constantnos Achilleos - PeerSpot reviewer
Leveraging geo-tagging and web filtering for enhanced network security
The solution is used for site-to-site VPN connections and it is valued for its cost efficiency and easy connectivity. It is especially beneficial for multi-site VPNs and is used in about fifteen different components KerioControl has provided a financial benefit as it allows purchasing one license…
Read full review
Daniel_Martins - PeerSpot reviewer
Decade of experience empowers seamless problem resolution and support
I haven't seen threat intelligence and machine learning for predictive threat analysis in the Trellix Intrusion Prevention System yet. For Trellix IPS, AI improvements are an area where it can improve. It's a significant feature. Regarding the Trellix Intrusion Prevention System's flexibility for catering to our organization's specific infrastructure requirements, we have only on-premises and virtual appliances, but it's acceptable. The access and platform could potentially integrate with SaaS. Similar to when you put the EPO in mode integration with SaaS, you can connect with a local credential and with an X Console credential. Another possibility would be to connect with an integration login with the X Console. We have this with EPO on-premise, but with IPS, we don't have it.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Whitelisting services are the most valuable feature of Change Tracker Gen7 R2."
"I have contacted the support once and the experience was good, I was satisfied."
"​It helps us better control internal and external communications.​"
"The solution is easy to manage. Kerio Control is unique compared to other firewalls because it has been around since 2000 when we switched and the name it started with was WinRoute, and then later became Kerio Control. It evolved over time and it is more of a proprietary firewall on its own and has been developed through open source."
"The firewall and the content filtering options are valuable."
"It has saved a lot of time and it was a secure way of doing it too. We had a whole contact center that worked from home for a period of time and that's a 21 hour a day contact center that we moved, that was spread out across the greater Brisbane region and working on home internet connections. Surprisingly, we didn't have a lot of stability issues anyway on those connections, but Kerio didn't blink, so that was good."
"The product is affordable."
"The flexibility of the system, the capacity to provide the right level of security, and the ability to be integrated into different kinds of infrastructures are the most valuable features."
"Kerio Control can be scaled easily."
"When one of the employees of my customers is using the VPN Client, I have created for them that they will always get a message. When the VPN Client connects to Kerio Control from the outside, they will get an email so they know when they are connected and when they are disconnected what is happening to their network."
More KerioControl pros
"The threat intelligence updates are very accurate."
"The solution can scale."
"There's a good dashboard you can drill down into. It helps you easily locate intrusions and the source of attacks."
"Overall the solution is very good. It offers great protection and gives us a good overview of what is on the network."
"It has a lot of functions, such as firewall. We are administrators, and we create some rules to protect our network. We also monitor the traffic in and out and have disk encryption on-premises. When we detect malware, we scan for the virus on the PC. We can then delete or block the malware."
"The most valuable features are the customization of the signature and the unlimited amount of signatures in IPS."
"The ability to centrally manage all the IPS sensors, track the different security events generated by it, and customize the different policies, depending on their location."
"Great monitoring feature."
More Trellix Intrusion Prevention System pros
 

Cons

"The solution could improve by being more secure and have better integration."
"The solution could include more integrations."
"They should improve the remote connectivity feature for users."
"One area that confused me a bit when I was building my current network. I use VLANs to have separate functionality on the network, and the appliance I got was the WiFi model, but I discovered that you can't assign WiFi channels to the VLAN. So, you can have WiFi, but its own subnet. You can't run that over the VLAN. Effectively, I can't use the WiFi facility in the appliance and had to purchase a separate web that supports VLANs. In the end, I had to go to GFI support. They confirmed this is just a limited functionality of that device, as it is a low-end device. I don't know if any of their high-end models have a better facility or not."
"KerioControl has met some of the network infrastructure needs yet could improve in terms of scalability, which I rate four out of ten."
"When it comes to dealing with updates, there are often bugs on the solution. They should do a lot more testing before they release new versions."
"The overall speed needs improvement. Internet connectivity speed needs to be improved somehow."
"The logs could be improved for better clarity."
"If you have to dive deeper into the firewall or any other features, then you really have to read up a bit about how to set it up properly. Some of my colleagues, in the beginning, jumped in and made a bunch of rules but then it got really messy. If Kerio had a template or guidelines for best practices, at the beginning, that would really help. With Kerio Control it's basically 'find out for yourself.'"
"Improvements are needed to the Next Generation Firewall Protection, specifically with user-level protection."
More KerioControl cons
"The platform’s GUI could be the latest."
"Some of the documentation is not as straightforward as it could be."
"The technical support must be improved."
"The area of concern where the tool needs improvement is how the product prompts users at a network level that helps prevent any wireless network attacks through alerts and notifications."
"We would like to have a simpler version. Some settings and functions on the McAfee console are complex and complicated. I want the management console to be simpler."
"The solution could improve some aspects of detection."
"Integration with Global Thereat Intelligence could be better. Also, I think management solutions are end of life now at McAfee. Network threat analyzer may be used for endpoint quarantines. Integration between these sides, as well as endpoint APO, will help you quarantine the risky endpoints."
"The management console needs to be less complex and easier to navigate."
More Trellix Intrusion Prevention System cons
 

Pricing and Cost Advice

"There is a license required for this solution."
"KerioControl's pricing is good."
"There's a one-time fee. For KerioConnect, it's just a server. With KerioControl, you have an option. You can virtualize it on a VMware system or have the hardware. I think mid-range or desktop KerioControl hardware could cost around 2000 dollars for a 25 user client. You need annual renewal for additional features like antivirus."
"Its price is fair. There are no additional costs."
"KerioControl's pricing is reasonable. The license for KerioControl is annual. It's difficult to specify an exact cost since it varies depending on the number of users and additional software combined with it. For example, a basic box might cover 25 users, but licenses can be purchased starting from 10 users."
"The price of the solution is reasonable. For additional costs, you can add on more features such as antivirus."
"The price is fine."
"It's very affordable."
"We have to pay approximately EUR 175 for the product."
More KerioControl pricing and cost advice
"I rate the product’s pricing an eight out of ten."
"The tool is competitively priced."
report
See which vendors are best for you
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
See recommendations
866,956 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
No data available
Computer Software Company
21%
Comms Service Provider
8%
Media Company
7%
Government
6%
Manufacturing Company
12%
Computer Software Company
10%
Financial Services Firm
8%
Comms Service Provider
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business44
Midsize Enterprise9
Large Enterprise3
By reviewers
Company SizeCount
Small Business6
Midsize Enterprise6
Large Enterprise5
 

Questions from the Community

What do you like most about Change Tracker Gen7 R2?
Whitelisting services are the most valuable feature of Change Tracker Gen7 R2.
See all answers
What needs improvement with Change Tracker Gen7 R2?
The solution could include more integrations.
See all answers
What is your primary use case for Change Tracker Gen7 R2?
We use Change Tracker Gen7 R2 for secure configuration management and file integrity monitoring.
See all answers
What do you like most about KerioControl?
The solution provides feasibility regarding cyber privacy.
See all answers
What is your experience regarding pricing and costs for KerioControl?
KerioControl offers good pricing as one license covers all features needed without extra payment. The price for the p...
See all answers
What needs improvement with KerioControl?
Regarding KerioControl's application awareness and control feature, I have not used it much.
See all answers
What do you like most about McAfee Network Security Platform?
The threat intelligence updates are very accurate.
See all answers
What is your experience regarding pricing and costs for McAfee Network Security Platform?
The tool is competitively priced. I rate the pricing a six out of ten.
See all answers
What needs improvement with McAfee Network Security Platform?
I haven't seen threat intelligence and machine learning for predictive threat analysis in the Trellix Intrusion Preve...
See all answers
 

Comparisons

Fortra's Tripwire Enterprise vs Change Tracker Gen7 R2 Logo
Fortra's Tripwire Enterprise vs Change Tracker Gen7 R2
Compared 100% of the time
More Change Tracker Gen7 R2 Competitors
Netgate pfSense vs KerioControl Logo
Netgate pfSense vs KerioControl
Compared 25% of the time
Fortinet FortiGate vs KerioControl Logo
Fortinet FortiGate vs KerioControl
Compared 18% of the time
OPNsense vs KerioControl Logo
OPNsense vs KerioControl
Compared 15% of the time
Sophos XG vs KerioControl Logo
Sophos XG vs KerioControl
Compared 9% of the time
Sophos UTM vs KerioControl Logo
Sophos UTM vs KerioControl
Compared 8% of the time
More KerioControl Competitors
Trend Micro TippingPoint Threat Protection System vs Trellix Intrusion Prevention System Logo
Trend Micro TippingPoint Threat Protection System vs Trellix Intrusion Prevention System
Compared 32% of the time
Cisco Secure IPS (NGIPS) vs Trellix Intrusion Prevention System Logo
Cisco Secure IPS (NGIPS) vs Trellix Intrusion Prevention System
Compared 20% of the time
Palo Alto Networks Advanced Threat Prevention vs Trellix Intrusion Prevention System Logo
Palo Alto Networks Advanced Threat Prevention vs Trellix Intrusion Prevention System
Compared 18% of the time
Fortinet FortiGate IPS vs Trellix Intrusion Prevention System Logo
Fortinet FortiGate IPS vs Trellix Intrusion Prevention System
Compared 13% of the time
Check Point IPS vs Trellix Intrusion Prevention System Logo
Check Point IPS vs Trellix Intrusion Prevention System
Compared 9% of the time
More Trellix Intrusion Prevention System Competitors
 

Product Reports

Buyer's Guide
Intrusion Detection and Prevention Software (IDPS)
August 2025
Change Tracker Gen7 R2 reportDownload Change Tracker Gen7 R2 product report
Buyer's Guide
KerioControl
August 2025
KerioControl reportDownload KerioControl product report
Buyer's Guide
Trellix Intrusion Prevention System
August 2025
Trellix Intrusion Prevention System reportDownload Trellix Intrusion Prevention System product report
 

Also Known As

NNT Change Tracker Enterprise
No data available
McAfee Network Security Platform, McAfee NSP, IntruShield Network Intrusion Prevention System, IntruShield Network IPS
 

Overview

Change Tracker Gen7R2 solves IT Security and the problems that plague all organizations – the overwhelming noise of change control and ensuring the integrity of IT systems. Completely redesigned with both security and IT operations in mind, Change Tracker Gen7 R2 is the only solution designed to reduce change noise and the complexity of integrity monitoring and policy management all while allowing for unprecedented scalability and management that meets the most demanding enterprise environments.

Gen7R2 enables organizations to:

- Define the systems that need protection

- Ensure those systems are secured, compliant and fit for purpose at all times

- Provide intelligent change control to ensure systems remain in a ‘known secure and compliant state’

- Enable organizations to move projects securely from Development to Operations

Gen7 R2 integrates with leading Service desks and Change Management solutions to reconcile the changes that are actually occurring within your environment with those that were expected and part of an approved Request for Change. Security and IT Service Management (ITSM) have traditionally observed and managed change in two very different ways. By linking the changes approved and expected within the ITSM world with those that are actually happening from a security perspective, SecureOps is delivered and underpins effective, ongoing security and operational availability.

With Gen7R2 you have the ability to reduce change noise by more than 90%, leaving only changes that are unknown, unwanted, unexpected or potentially malicious in nature for further investigation.

Netwrix

Kerio Control is a popular security product for small and medium-sized businesses. It is a next-generation firewall that provides unified threat management without complexity. Kerio Control provides advanced anti-virus protection and industry-leading web and content application filtering, and has a secure VPN.

With Kerio Control you can:

  • Preserve the integrity of your network.
  • Manage bandwidth to streamline traffic flows.
  • Improve productivity with filtering capabilities.

Kerio Control Features

Some of Kerio Control’s most valuable features include:

High availability, deployment flexibility, deep packet inspection, advanced routing, usage reporting, quick administering, intrusion detection and prevention (IPS), gateway anti-virus, VPN, web and content application filtering, and centralized administration with MyKerio.

Kerio Control Benefits

  • Eliminate downtime risks: Because Kerio Control offers high availability and failover protection, you can eliminate the risk and cost of connectivity or threat protection downtime.

  • Detailed reports: Kerio Control makes it easy to view individual users’ internet activity through detailed reports.

  • Traffic monitoring: Traffic monitoring allows you to manage bandwidth and makes it possible for you to control access to streaming video and peer-to-peer networks.

  • Server protection: Using Kerio Control’s advanced networking routing and deep packet inspection, you can protect servers.

  • Easily create policies: With Kerio Control, you can create both inbound and outbound traffic policies, and can also restrict communication by specific URLs, applications, traffic type, content category, or even time of day.

  • Snort-based analysis: Kerio Control gives you the ability to add a transparent layer of intrusion prevention with snort-based analysis along with a database of rule and blacklisted IP addresses that is regularly refreshed.

  • Optionally integrated anti-virus: WIth this feature, you can prevent viruses, Trojans, or spyware from entering your networks.

Reviews from Real Users

Here is some feedback from some of our users who are currently using the solution:

PeerSpot user Brian C., Senior Technology Specialist, VP at Unified Technology Solutions, writes "It is very comprehensive and simple. It has all the active protections. It's updated. We love that you can set how often it is updated so you can work on what is right for you. A large company with a lot of bandwidth can update the virus definitions and security definitions hourly, if they want. A smaller site that's remote, where maybe updating the definitions will eat into the bandwidth, we can schedule those more to go later at night. It's very flexible and works for us in all types of situations. This is great because then we don't have to learn seven different products to be able to work with seven different scenarios."

Andy D., IT Manager at Flare Technologies, praises how easy it is to use and says, "One thing we use quite a lot, as well, is the DHCP Server, because we do a lot of work where all our devices need to have static IP addresses. Rather than going around and configuring every box, we do it all through DHCP reservations. It's easier. We've got a record of it. We can manipulate it if we need to change something or change some hardware. It's all easy. Even guys who are not used to using it can pick it up quite quickly."



GFI

Block More Intrusions
Stop new and unknown attacks with signature-based and signature-less intrusion prevention systems. Signature-less intrusion detection finds malicious network traffic and stops attacks where no signatures exist.

Unify Virtual and Physical Security
Support network virtualization across private and public cloud platforms to scale security and evolve with changing IT dynamics.

Maximize Security and Performance
Scale hardware performance to speeds up to 100 Gbps and leverage data from multiple products.

Trellix
 

Sample Customers

US Army, Xerox, Hewlett Packard, LiveTV, Universal Studios, Guadalupe Valley Electric Cooperative, ACAS, Chanel, Live Nation, Union Bank, Ohio Valley Electric Corporation, Bank of China, Cornell University, Jetblue, Royal Albert Hall, Chaparral Energy, RyanAir
Triton Technical, McDonald's
Desjardins Group, HollyFrontier, Nubia, Agbar, WNS Global Services, INAIL, Universidad de Las Américas Puebla (UDLAP), Cook County, China Pacific Insurance, Bank Central Asia, California Department of Corrections and Rehabilitation, City of Chicago, Macquarie Telecom, Sutherland Global Services, Texas Tech University Health Sciences Center, United Automotive Electronic Systems
Buyer's Guide
Intrusion Detection and Prevention Software (IDPS)
August 2025
Download Free Report
Find out what your peers are saying about Darktrace, Check Point Software Technologies, Fortinet and others in Intrusion Detection and Prevention Software (IDPS). Updated: August 2025.
DOWNLOAD NOW
866,956 professionals have used our research since 2012.