Try our new research platform with insights from 80,000+ expert users

Darktrace vs Trellix Intrusion Prevention System comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 15, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Darktrace
Ranking in Intrusion Detection and Prevention Software (IDPS)
1st
Average Rating
8.2
Reviews Sentiment
7.2
Number of Reviews
82
Ranking in other categories
Email Security (8th), Network Traffic Analysis (NTA) (1st), Network Detection and Response (NDR) (1st), Extended Detection and Response (XDR) (6th), Cloud Security Posture Management (CSPM) (15th), Cloud-Native Application Protection Platforms (CNAPP) (11th), Attack Surface Management (ASM) (4th), AI-Powered Cybersecurity Platforms (2nd)
Trellix Intrusion Preventio...
Ranking in Intrusion Detection and Prevention Software (IDPS)
12th
Average Rating
8.4
Reviews Sentiment
6.6
Number of Reviews
15
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of September 2025, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Darktrace is 18.0%, down from 19.0% compared to the previous year. The mindshare of Trellix Intrusion Prevention System is 3.5%, up from 2.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Intrusion Detection and Prevention Software (IDPS) Market Share Distribution
ProductMarket Share (%)
Darktrace18.0%
Trellix Intrusion Prevention System3.5%
Other78.5%
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

Malebo Lethoba Group - PeerSpot reviewer
Have found the AI analyst and detection functions highly valuable for network operations while managing complexity in initial setup
The functions I find most valuable in Darktrace are the AI analyst as well as the detection.The autonomous response capabilities of Darktrace are not crucial for me because it doesn't work in a network where there are no core switches. In a modern network, the autonomous response doesn't work, especially when sitting in a shared data center.If I'm running a traditional network where I am not in a shared data center with a layer two dedicated for my resources, then it can work for me. However, if I am in a data center where I don't have layer two, it becomes an issue because the autonomous response is reliant on sending spoofed TCP resets to my core switch to block traffic, which is a major issue.
Daniel_Martins - PeerSpot reviewer
Decade of experience empowers seamless problem resolution and support
I haven't seen threat intelligence and machine learning for predictive threat analysis in the Trellix Intrusion Prevention System yet. For Trellix IPS, AI improvements are an area where it can improve. It's a significant feature. Regarding the Trellix Intrusion Prevention System's flexibility for catering to our organization's specific infrastructure requirements, we have only on-premises and virtual appliances, but it's acceptable. The access and platform could potentially integrate with SaaS. Similar to when you put the EPO in mode integration with SaaS, you can connect with a local credential and with an X Console credential. Another possibility would be to connect with an integration login with the X Console. We have this with EPO on-premise, but with IPS, we don't have it.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I have used multiple solutions, but its graphical user interface is quite interesting and quite descriptive. There are a lot of video animations, and we can easily see how the data is transferred between various points. That's something really interesting. It is also quite easy to understand for a new user."
"The active threat dashboard is the most valuable feature of this solution."
"The ability to see what we have not seen before is most valuable. It is very interesting to find out the most vulnerable devices in our network."
"A very useful feature in Darktrace for real-time threat analysis is the packet inspection that analyzes the packet traffic in real time."
"I have found the most valuable features to be artificial intelligence for cybersecurity, advanced machine learning capabilities, enterprise Immune System, Antigena Network, and Antigena Email. The way the solution detects the threat over the network before it spreads is very good. It notifies you of what the threat is exactly doing and gives you all the details about the execution of that application that had created the threat over your network."
"The autonomous response is also highly designed in Darktrace."
"What I like about Darktrace, is that you can quickly identify threats."
"I have found the automation and AI features to be valuable. If someone were to come in to the office at midnight and log in, Darktrace would flag it."
"Great monitoring feature."
"The threat intelligence updates are very accurate."
"The most valuable features of the solution stem from the fact that it is a good product for dealing with DDoS attacks and for the inspection of network traffic."
"It has a lot of functions, such as firewall. We are administrators, and we create some rules to protect our network. We also monitor the traffic in and out and have disk encryption on-premises. When we detect malware, we scan for the virus on the PC. We can then delete or block the malware."
"There's a good dashboard you can drill down into. It helps you easily locate intrusions and the source of attacks."
"The most valuable features are the customization of the signature and the unlimited amount of signatures in IPS."
"The ability to centrally manage all the IPS sensors, track the different security events generated by it, and customize the different policies, depending on their location."
"McAfee NSP is much more stable than Cisco."
 

Cons

"The module can improve so that every time it's more intelligent."
"I think there is some MSSP missing."
"The main portal needs improvement as it is difficult to use."
"One area for improvement is the alerting system, which generates too many alerts and becomes labor-intensive for organizations not equipped with enough personnel in their SOC."
"The management dashboards and the meter dashboards should be more user-friendly and simple to use for easy management."
"Needs to improve its collaboration with local partners."
"Darktrace needs significant improvement in its notification capabilities."
"It takes time to go through the interface and pick up things. If it were a more straightforward interface, then it would free up time."
"Integration with Global Thereat Intelligence could be better. Also, I think management solutions are end of life now at McAfee. Network threat analyzer may be used for endpoint quarantines. Integration between these sides, as well as endpoint APO, will help you quarantine the risky endpoints."
"Some of the documentation is not as straightforward as it could be."
"The technical support must be improved."
"The technical support has room for improvement."
"The solution could improve some aspects of detection."
"We would like to have a simpler version. Some settings and functions on the McAfee console are complex and complicated. I want the management console to be simpler."
"The management component could be simplified."
"The pricing could be improved."
 

Pricing and Cost Advice

"Prior to negotiating, Darktrace offered their appliance and service for $80,000 per year."
"The pricing is expensive. It costs over $100,000 a year."
"They are too expensive compared with other vendors."
"We had an issue with pricing initially and had to cancel some of the features of the projects to fit the budget. I would like to see pricing that is not broken up into parts so that we can buy the whole package once. Darktrace is more expensive than an average solution, but it's functionality won't match that of an average solution."
"I'm unfamiliar with the exact cost, but we have a yearly license and had to pay for Darktrace's services before the deployment. The product is very expensive, so some organizations can't afford to pay the total amount directly, meaning they often seek a partner or pay in installments, which increases the price more."
"When it comes to large installations, it can be expensive, but for small accounts it's fine."
"There is an annual license to use Darktrace."
"Darktrace is expensive. You can pay for the license yearly."
"I rate the product’s pricing an eight out of ten."
"The tool is competitively priced."
report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
866,956 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
12%
Manufacturing Company
9%
Financial Services Firm
8%
Government
7%
Manufacturing Company
12%
Computer Software Company
10%
Financial Services Firm
8%
Comms Service Provider
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business43
Midsize Enterprise19
Large Enterprise29
By reviewers
Company SizeCount
Small Business6
Midsize Enterprise6
Large Enterprise5
 

Questions from the Community

How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organ...
What do you like most about Darktrace?
A very useful feature in Darktrace for real-time threat analysis is the packet inspection that analyzes the packet traffic in real time.
What do you like most about McAfee Network Security Platform?
The threat intelligence updates are very accurate.
What is your experience regarding pricing and costs for McAfee Network Security Platform?
The tool is competitively priced. I rate the pricing a six out of ten.
What needs improvement with McAfee Network Security Platform?
I haven't seen threat intelligence and machine learning for predictive threat analysis in the Trellix Intrusion Prevention System yet. For Trellix IPS, AI improvements are an area where it can impr...
 

Also Known As

No data available
McAfee Network Security Platform, McAfee NSP, IntruShield Network Intrusion Prevention System, IntruShield Network IPS
 

Overview

 

Sample Customers

Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol, Allianz, KKR, AIRBUS, dpd, Billabong, Mclaren Group.
Desjardins Group, HollyFrontier, Nubia, Agbar, WNS Global Services, INAIL, Universidad de Las Américas Puebla (UDLAP), Cook County, China Pacific Insurance, Bank Central Asia, California Department of Corrections and Rehabilitation, City of Chicago, Macquarie Telecom, Sutherland Global Services, Texas Tech University Health Sciences Center, United Automotive Electronic Systems
Find out what your peers are saying about Darktrace vs. Trellix Intrusion Prevention System and other solutions. Updated: September 2025.
866,956 professionals have used our research since 2012.