Fortinet FortiSandbox vs Trellix Network Detection and Response comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Fortinet FortiSandbox and Trellix Network Detection and Response based on real PeerSpot user reviews.

Find out in this report how the two Advanced Threat Protection (ATP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Fortinet FortiSandbox vs. Trellix Network Detection and Response Report (Updated: March 2024).
768,246 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The analysis engine is a very valuable feature.""It is a stable solution.""The GUI makes administration tasks straightforward.""The most valuable feature is the protection and the way it works, the technology is what I like the most.""The most valuable features of Fortinet FortiSandbox are customization, ICAP protocol, and integration with other vendors. Additionally, the security work very well.""The dynamic behavior analysis is excellent. We have many attacks caught by the FortiSandbox as zero-day attacks. Additionally, the administration is simple and can be customized to fit your companies needs.""The main benefit of Fortinet FortiSandbox is that it allows organizations to detect and prevent unknown threats from entering an infrastructure.""Fortinet FortiSandbox is scalable."

More Fortinet FortiSandbox Pros →

"Improved our systems and our customers' by providing better malware protection, defense against zero-day threats, and improved network security.""The sandbox feature of FireEye Network Security is very good. The operating system itself has many features and it supports our design.""The MVX Engine seems to be very capable against threats and the way it handles APTs is impressive.""Very functional and good for detecting malicious traffic.""We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up.""I also like its logging method. Its logging is very powerful and useful for forensic purposes. You can see the traffic or a specific activity or how something entered your network and where it went.""If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution.""Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams."

More Trellix Network Detection and Response Pros →

Cons
"The area I would like this solution to be improved in is the integrations for Sandbox with AI and big data ML mechanisms. I think this would be a practical improvement.""The initial setup of Fortinet FortiSandbox is complex. You cannot only deploy Fortinet FortiSandbox without deploying the stack of Fortinet solutions. The implementation and integration are challenging tasks with the device and placement in the network. We needed to do POC and offloading testing.""There could be more templates and a higher number of simulated VMs to configure more use cases. Sometimes we need to configure many use cases in many different environments, and if the number of VMs that we configure is limited, we have to remove some and reconfigure the environment if we need another environment.""If we can have more dashboards, it would be good.""For the MSSPs, it would be great if the product could display all the threat chains on a dashboard since it is an area where the tool is currently lacking.""Most people are confused about how to use the right integration of the right Fortinet product.""It should be easier to import custom virtual machines. Some of the VMs that are in FortiSandbox don't have the applications that we have in our environment. We need to import a VM with specific applications that we use in our environment. Have all the licenses because this is a real environment. You need a license for the Windows client you run on it. It's possible to import custom VMs, but it's a pain to do it. I would like a tool that simplifies the process.""For additional features, maybe a form of execution pain files in a non-virtual environment because it has threats that identify when it is being run in a virtual machine."

More Fortinet FortiSandbox Cons →

"Management of the appliance could be greatly improved.""Stability issues manifested in terms of throughput maximization.""It would be great if we could create granular reports based on the protocols, types of attacks, regions of attack, etc. Also we would like to easily be able to add exceptions to rules in cases of false positives.""I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet.""It would be a good idea if we could get an option to block based upon the content of an email, or the content of a file attachment.""I would love to see better reporting. Because you can't export some of the reports in proper formats, it is hard to extract the data from reports.""The world is currently shifting to AI, but FIreEye is not following suit.""Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official distributor and partner of FireEye, and we have access to complete documentation about how to configure or implement this technology, but for customers, very limited documentation is available openly. This is the area in which FireEye should evolve. All documents should be easily available for everyone."

More Trellix Network Detection and Response Cons →

Pricing and Cost Advice
  • "There are no costs in addition to the standard licensing fees."
  • "There are additional costs, which isn't included in the licensing fee."
  • "The solution is not expensive at all."
  • "Altogether, it is about €10,000 for the Sandbox and Email Gateway."
  • "We are on an annual license to use the solution. We have an additional feature that is integrated with S5, which is working well."
  • "There is a license to use this solution."
  • "Fortinet is more reasonable than Palo Alto."
  • "The price is competitive."
  • More Fortinet FortiSandbox Pricing and Cost Advice →

  • "Pricing and licensing are reasonable compared to competitors."
  • "The pricing is a little high."
  • "Because of what the FireEye product does, it has significantly decreased our mean time in being able to identify and detect malicious threats. The company that I work with is a very mature organization, and we have seen the meantime to analysis decrease by at least tenfold."
  • "There are some additional services that I understand the vendor provides, but our approach was to package all of the features that we were looking to use into the product."
  • "We're partners with Cisco so we get a reasonable price. It's cheaper than Palo Alto in terms of licensing."
  • "FireEye is comparable to other products, such as HX, but seems expensive. It may cause us to look at other products in the market."
  • "When I compare this solution to its competitors in the market, I find that it is a little expensive."
  • "The user fee is not as high but the maintenance fee is expensive."
  • More Trellix Network Detection and Response Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
    768,246 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Fortinet FortiSandbox is a nominally priced product, so I would not say that it is a very cheap tool. It is one of the best solutions in the market with a competitive pricing model, similar to the… more »
    Top Answer:For the MSSPs, it would be great if the product could display all the threat chains on a dashboard since it is an area where the tool is currently lacking.
    Top Answer:Over the thirteen years of using the product, we have not experienced a single compromise in our environment. During the COVID period, we faced numerous DDoS attacks, and the tool proved highly… more »
    Top Answer:Certain features in Trellix Network Detection and Response, such as using AL-type commands, may initially pose a challenge for those unfamiliar with such commands. However, once users become… more »
    Ranking
    Views
    3,148
    Comparisons
    1,905
    Reviews
    18
    Average Words per Review
    403
    Rating
    8.3
    Views
    1,942
    Comparisons
    1,376
    Reviews
    5
    Average Words per Review
    381
    Rating
    8.4
    Comparisons
    Also Known As
    FortiSandbox
    FireEye Network Security, FireEye
    Learn More
    Trellix
    Video Not Available
    Overview

    Fortinet FortiSandbox is a behavior-based threat detection solution that prevents and detects malicious code in files transferred within the organization. It is integrated with FortiGate firewalls and FortiMail for threat protection and can be used for monitoring and reporting. The solution inspects files in a virtual environment with different types of virtual machines and can block or quarantine files based on their score. 

    The most valuable features include dynamic behavior analysis, manual scan features, easy management and configuration, fast scanning, scalability, customization, and ICAP protocol. The solution is cost-effective and faster than other sandbox solutions, with a good user interface.

    Detect the undetectable and stop evasive attacks. Trellix Network Detection and Response (NDR) helps your team focus on real attacks, contain intrusions with speed and intelligence, and eliminate your cybersecurity weak points.

    Sample Customers
    Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG
    FFRDC, Finansbank, Japan Advanced Institute of Science and Technology, Investis, Kelsey-Seybold Clinic, Bank of Thailand, City of Miramar, Citizens National Bank, D-Wave Systems
    Top Industries
    REVIEWERS
    Computer Software Company21%
    Comms Service Provider17%
    Energy/Utilities Company13%
    Real Estate/Law Firm8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Government11%
    Financial Services Firm10%
    Comms Service Provider7%
    REVIEWERS
    Financial Services Firm23%
    Computer Software Company14%
    Government9%
    University9%
    VISITORS READING REVIEWS
    Financial Services Firm19%
    Computer Software Company9%
    Manufacturing Company8%
    Government7%
    Company Size
    REVIEWERS
    Small Business38%
    Midsize Enterprise38%
    Large Enterprise24%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise18%
    Large Enterprise58%
    REVIEWERS
    Small Business40%
    Midsize Enterprise16%
    Large Enterprise44%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise12%
    Large Enterprise70%
    Buyer's Guide
    Fortinet FortiSandbox vs. Trellix Network Detection and Response
    March 2024
    Find out what your peers are saying about Fortinet FortiSandbox vs. Trellix Network Detection and Response and other solutions. Updated: March 2024.
    768,246 professionals have used our research since 2012.

    Fortinet FortiSandbox is ranked 5th in Advanced Threat Protection (ATP) with 35 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 35 reviews. Fortinet FortiSandbox is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Fortinet FortiSandbox writes "Light and powerful solution design; useful to have". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Fortinet FortiSandbox is most compared with Palo Alto Networks WildFire, Check Point SandBlast Network, Microsoft Defender for Office 365, Fortinet FortiEDR and Cisco Secure Network Analytics, whereas Trellix Network Detection and Response is most compared with Palo Alto Networks WildFire, Zscaler Internet Access, Fortinet FortiGate, Vectra AI and Check Point SandBlast Network. See our Fortinet FortiSandbox vs. Trellix Network Detection and Response report.

    See our list of best Advanced Threat Protection (ATP) vendors.

    We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.