We performed a comparison between Cisco Secure Network Analytics and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Network Detection and Response (NDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It does change the way we troubleshoot and it is relatively easy to use once you learn it. I would recommend it to someone considering it."
"There are already many functionalities, so I don't think there is anything to improve."
"It is a good application, providing for real-time monitoring of the organization of data. It can basically identify points of peak traffic where possible issues are being caused."
"This product alleviates the day-to-day headaches for us, in regards to metrics."
"The solution reduces the amount of time it takes to detect and remediate threats."
"The beginning of any security investigation starts with net flow data."
"The most valuable features provided by this solution are visibility and information."
"The most valuable features are encrypted threat analysis and the ability to run jobs on entire flows."
"The most valuable feature is MVX, which tests all of the files that have been received in an email."
"The server appliance is good."
"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."
"Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities."
"The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks."
"If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution."
"Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser."
"It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."
"Complexity on integration is not so straightforward and you really need an expert to help build it out."
"I would like to see it better organized when I'm looking at it."
"One update that I would like to see is an agent-based client. Currently, Stealthwatch is network-based. A local agent could help manage endpoints."
"I would like to see better filters."
"It would be better to let people know, up front, that is doesn't give you nice, clear information, as seen in the demos, without Cisco ISE installed."
"We are continuing down the road of ACI and ISE with Cisco, so we would like to see the continuation of Stealthwatch integrating into ISE for exchange of information, and also, more into the ACI environment too."
"Stealthwatch needs improvement when it comes to speed."
"Initially, I felt Cisco Secure Network Analytics lacked integration with Splunk."
"Stability issues manifested in terms of throughput maximization."
"It is very expensive, the price could be better."
"Technical packaging could be improved."
"They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."
"I would love to see better reporting. Because you can't export some of the reports in proper formats, it is hard to extract the data from reports."
"It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning."
"Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard."
"I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."
More Cisco Secure Network Analytics Pricing and Cost Advice →
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Network Analytics is ranked 3rd in Network Detection and Response (NDR) with 57 reviews while Trellix Network Detection and Response is ranked 7th in Network Detection and Response (NDR) with 35 reviews. Cisco Secure Network Analytics is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Cisco Secure Network Analytics writes "Increased the visibility of what is happening in our network". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Arista NDR, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Fortinet FortiGate and Vectra AI. See our Cisco Secure Network Analytics vs. Trellix Network Detection and Response report.
See our list of best Network Detection and Response (NDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.