Try our new research platform with insights from 80,000+ expert users

Splunk User Behavior Analytics vs Trellix Intrusion Prevention System comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 19, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Splunk User Behavior Analytics
Ranking in Intrusion Detection and Prevention Software (IDPS)
12th
Average Rating
8.2
Reviews Sentiment
6.8
Number of Reviews
24
Ranking in other categories
User Entity Behavior Analytics (UEBA) (4th)
Trellix Intrusion Preventio...
Ranking in Intrusion Detection and Prevention Software (IDPS)
13th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
14
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Splunk User Behavior Analytics is 2.3%, down from 2.6% compared to the previous year. The mindshare of Trellix Intrusion Prevention System is 3.7%, up from 3.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

Subhayu Chakraborty - PeerSpot reviewer
Automatic reports streamline tasks and offers easy report gathering
The dashboard part could be improved. While using it, I noticed two options: Classic, which is adequate yet only in black and white, and another one that is more advanced or smart, though I forgot the exact term. I encountered several issues while trying to create solutions for this advanced version, which seem unrelated to query or data issues.
Juan Muriel - PeerSpot reviewer
Protects from attacks in real-time and provides accurate threat intelligence updates
I rate the ease of setup a seven or eight out of ten. The platform functions very well. We need technical support to make improvements to the platform. The deployment takes eight months. We need two or three system engineers and one electronic engineer specialized in Trellix platforms to deploy the tool. We need only one system engineer to maintain the product.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution is fast, flexible, and easy to use."
"The most valuable features are its data aggregation and the ability to automatically identify a number of threats, then suggest recommended actions upon them."
"We are really pleased with Splunk and its features. It would be practically impossible to function without it. To provide a general overview of the system, it's important to note that the standard log files are currently around 250 gigabytes per day. It would be impossible to manually walk through these logs by hand, which is why automation is essential."
"Splunk is more user-friendly than some competing solutions we tried."
"The product is at the forefront of auto-remediation networking. It's great."
"Splunk's technical support is amazing."
"The solution appears to be stable, although we haven't used it heavily."
"Splunk is highly valuable for query purposes."
"The initial setup is straightforward."
"The threat intelligence updates are very accurate."
"It has a lot of functions, such as firewall. We are administrators, and we create some rules to protect our network. We also monitor the traffic in and out and have disk encryption on-premises. When we detect malware, we scan for the virus on the PC. We can then delete or block the malware."
"There's a good dashboard you can drill down into. It helps you easily locate intrusions and the source of attacks."
"The ability to centrally manage all the IPS sensors, track the different security events generated by it, and customize the different policies, depending on their location."
"McAfee NSP is much more stable than Cisco."
"Overall the solution is very good. It offers great protection and gives us a good overview of what is on the network."
"The most valuable features are the customization of the signature and the unlimited amount of signatures in IPS."
 

Cons

"A disadvantage is that it can lead to cost overrun if not properly factored or governed."
"I would like improved downward integration with other tools such as McAfee and other GCP solutions."
"They should work to add more built-in correlation searches and more use cases based on worldwide customer experiences. They need more ready-made use cases."
"High data ingestion costs can be an issue, especially for large enterprises, as Splunk charges based on the amount of data processed."
"The dashboard part could be improved. While using it, I noticed two options: Classic, which is adequate yet only in black and white, and another one that is more advanced or smart."
"It would be good if the solution had an analytics tool that allowed us to analyze the data without writing specific queries."
"The correlation engine should have persistent and definable rules."
"I would like to see an enhancement in the automation of creating the rules."
"The technical support must be improved."
"There are limited resources for configuration guidance."
"The management component could be simplified."
"The management console needs to be less complex and easier to navigate."
"We would like to have a simpler version. Some settings and functions on the McAfee console are complex and complicated. I want the management console to be simpler."
"The platform’s GUI could be the latest."
"The solution could improve some aspects of detection."
"Integration with Global Thereat Intelligence could be better. Also, I think management solutions are end of life now at McAfee. Network threat analyzer may be used for endpoint quarantines. Integration between these sides, as well as endpoint APO, will help you quarantine the risky endpoints."
 

Pricing and Cost Advice

"I am not aware of the price, but it is expensive."
"My biggest complaint is the way they do pricing... You can never know the pricing for next year. Every single time you adjust to something new, the price goes up. It's impossible to truly budget for it. It goes up constantly."
"I hope we can increase the free license to be more than 5 gig a day. This would help people who want to introduce a POC or a demo license for the solution."
"The licensing costs is around 10,000 dollars."
"Pricing varies based on the packages you choose and the volume of your usage."
"There are additional costs associated with the integrator."
"The tool is competitively priced."
"I rate the product’s pricing an eight out of ten."
report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
859,957 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
12%
Government
9%
Manufacturing Company
8%
Financial Services Firm
12%
Computer Software Company
11%
Manufacturing Company
11%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Splunk User Behavior Analytics?
The solution's most valuable feature is Splunk queries, which allow us to query the logs and analyze the attack vectors.
What is your experience regarding pricing and costs for Splunk User Behavior Analytics?
In terms of setup cost, pricing, and licensing, Splunk User Behavior Analytics is not an inexpensive product. The setup requires numerous components including storage, networking, identity access, ...
What needs improvement with Splunk User Behavior Analytics?
There are improvements that could be made to Splunk User Behavior Analytics as any product will have advantages and disadvantages. Scalability is one consideration. For example, the advantages incl...
What do you like most about McAfee Network Security Platform?
The threat intelligence updates are very accurate.
What is your experience regarding pricing and costs for McAfee Network Security Platform?
The tool is competitively priced. I rate the pricing a six out of ten.
What needs improvement with McAfee Network Security Platform?
Network Threat Behavior Analysis must be improved. The technical support must be improved. The support team must provide better help with configurations of devices and enabling NTBA.
 

Also Known As

Caspida, Splunk UBA
McAfee Network Security Platform, McAfee NSP, IntruShield Network Intrusion Prevention System, IntruShield Network IPS
 

Overview

 

Sample Customers

8 Securities, AAA Western, AdvancedMD, Amaya, Cerner Corporation, CJ O Shopping, CloudShare, Crossroads Foundation, 7-Eleven Indonesia
Desjardins Group, HollyFrontier, Nubia, Agbar, WNS Global Services, INAIL, Universidad de Las Américas Puebla (UDLAP), Cook County, China Pacific Insurance, Bank Central Asia, California Department of Corrections and Rehabilitation, City of Chicago, Macquarie Telecom, Sutherland Global Services, Texas Tech University Health Sciences Center, United Automotive Electronic Systems
Find out what your peers are saying about Splunk User Behavior Analytics vs. Trellix Intrusion Prevention System and other solutions. Updated: June 2025.
859,957 professionals have used our research since 2012.