Try our new research platform with insights from 80,000+ expert users

Trellix Intrusion Prevention System vs Vectra AI comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 19, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Trellix Intrusion Preventio...
Ranking in Intrusion Detection and Prevention Software (IDPS)
13th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
14
Ranking in other categories
No ranking in other categories
Vectra AI
Ranking in Intrusion Detection and Prevention Software (IDPS)
4th
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
45
Ranking in other categories
Network Detection and Response (NDR) (2nd), Extended Detection and Response (XDR) (14th), Identity Threat Detection and Response (ITDR) (10th), AI-Powered Cybersecurity Platforms (6th)
 

Mindshare comparison

As of July 2025, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Trellix Intrusion Prevention System is 3.7%, up from 3.1% compared to the previous year. The mindshare of Vectra AI is 11.2%, up from 10.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

Juan Muriel - PeerSpot reviewer
Protects from attacks in real-time and provides accurate threat intelligence updates
I rate the ease of setup a seven or eight out of ten. The platform functions very well. We need technical support to make improvements to the platform. The deployment takes eight months. We need two or three system engineers and one electronic engineer specialized in Trellix platforms to deploy the tool. We need only one system engineer to maintain the product.
Mohammad Alkurdi - PeerSpot reviewer
Innovative detection features enhance monitoring
The advantages of the integration are not entirely out-of-the-box. You have to do it manually. When I'm doing tier response, an out-of-the-box solution is not available. You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end. This is a major consideration about them. The recall feature, if it can be placed in some areas instead of the cloud, and charged for, would be better. Recall the storage where you watch all the traffic, and you can recall it and try to analyze it in the back end. It’s cloud-based. If they offer it on-prem, it would be better. I think they have a solution, but I have never tested it, to be honest with you.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The initial setup is straightforward."
"There's a good dashboard you can drill down into. It helps you easily locate intrusions and the source of attacks."
"The most valuable features of the solution stem from the fact that it is a good product for dealing with DDoS attacks and for the inspection of network traffic."
"The ability to centrally manage all the IPS sensors, track the different security events generated by it, and customize the different policies, depending on their location."
"The product is worth the investment."
"The threat intelligence updates are very accurate."
"It has a lot of functions, such as firewall. We are administrators, and we create some rules to protect our network. We also monitor the traffic in and out and have disk encryption on-premises. When we detect malware, we scan for the virus on the PC. We can then delete or block the malware."
"Great monitoring feature."
"I like the way that Vectra AI focuses on the internal network. Nowadays, most of the attackers are already inside, and they can be inside for many years before they start attacking. With normal monitoring, it's quite difficult to find them."
"It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra."
"Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an advantage. This is very helpful on a day-to-day basis."
"One of the key advantages for us is we define a 24/7 service around it. We use far more of Vectra alerts than we do with our SIEM product because we understand that when we get an alert from Vectra we actually need to do something about it."
"The packet-capturing feature is very useful."
"It provides various dashboards that facilitate the identification of connections and can detect data exfiltration, meaning data sent from your environment to another."
"The fact that we get the visualization of what's happening on our network, which is a way of improving our security in-depth is most valuable."
"It keeps up with the network traffic, which is a good thing. It provides more context to plain alerts compared to using an older system. So, it helps an analyst reduce the information overload."
 

Cons

"The Network Security Managers could be more stable, agile, and work faster. When it comes to instability, there is room for improvement."
"The management console needs to be less complex and easier to navigate."
"The technical support has room for improvement."
"The solution could improve some aspects of detection."
"The area of concern where the tool needs improvement is how the product prompts users at a network level that helps prevent any wireless network attacks through alerts and notifications."
"Integration with Global Thereat Intelligence could be better. Also, I think management solutions are end of life now at McAfee. Network threat analyzer may be used for endpoint quarantines. Integration between these sides, as well as endpoint APO, will help you quarantine the risky endpoints."
"Some of the documentation is not as straightforward as it could be."
"The solution needs to improve the graphical interface. And they had a limitation in some of the sensor modems as well."
"What is most important for us is to have one place where we can manage a few brains because we are based on a zero-trust network. As a result, each customer needs to have a separate brain. For the SOC team, we need to have one place where the SOC analyst can go to visit the website and from that site manage all of the customers. Right now, Vectra AI doesn't have this capability, and I would really like to have this feature."
"I would like to see a bit more strategic metrics instead of technical data. Information that I could show to my executive management team or board would be valuable."
"The solution's marketing is not good."
"If you hit a certain number of rules, triage filters, or groups, the UX responds more slowly. However, we have a complex network and a lot of rules. So, our setup might not be a typical implementation example. We even had UX engineers onsite, and they looked at issues, improvements, and user feedback. Since then, it has gotten a lot better, they even built in features that we specifically requested for our company."
"Some of the customization could be improved. Everything is provided for you as an easy solution to use, but working with it and doing specific development could be worked on a bit more in the scope of an incident response team."
"It would be commercially beneficial if Vectra AI had something like Darktrace's Antigena Email or something similar to email protection."
"I'd like to be able to get granular reports and to be able to output them into formats that are customizable and more useful. The reporting GUI is lacking."
"Integration with other security components needs improvement. It should have true integration as opposed to just being a separate pane of glass."
 

Pricing and Cost Advice

"The tool is competitively priced."
"I rate the product’s pricing an eight out of ten."
"The pricing is very good. It's less expensive than many of the tools out there."
"Its cost is too much. It's an investment that we can afford. It's a lot, but it's worth it."
"Vectra's pricing is too high. All schools will not be able to afford it. Vectra will only end up targeting higher education and higher value independence purely because of the price. A lot of schools would love to have a product like Vectra AI, but they simply can't because they struggle to even pay the high E5 licensing from Microsoft. When you're up against that, Vectra AI is never going to be within the sector's price range."
"My company pays for the Vectra AI licensing fee yearly. I know the figure because my company recently renewed the license, and it's okay, at least for the financial sector."
"Vectra's licensing model could scale to our research network, which has multiple, 100-gigabit links."
"The upfront pricing model that we have would have been more beneficial if it had been a recurring license fee, but that wasn't a massive issue for us. It's fairly priced."
"We are running at about 90,000 pounds per year. The solution is a licensed cost. The hardware that they gave us was pretty much next to nothing. It is the license that we're paying for."
"The solution's pricing was 50 percent lower than the other vendors shortlisted."
report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
859,687 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
12%
Computer Software Company
11%
Manufacturing Company
11%
Comms Service Provider
7%
Financial Services Firm
13%
Computer Software Company
12%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about McAfee Network Security Platform?
The threat intelligence updates are very accurate.
What is your experience regarding pricing and costs for McAfee Network Security Platform?
The tool is competitively priced. I rate the pricing a six out of ten.
What needs improvement with McAfee Network Security Platform?
Network Threat Behavior Analysis must be improved. The technical support must be improved. The support team must provide better help with configurations of devices and enabling NTBA.
What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...
What do you like most about Vectra AI?
The solution is currently used as a central threat detection and response system.
What is your experience regarding pricing and costs for Vectra AI?
It is very acceptable when you compare it with Darktrace, for example.
 

Also Known As

McAfee Network Security Platform, McAfee NSP, IntruShield Network Intrusion Prevention System, IntruShield Network IPS
Vectra Networks, Vectra AI NDR
 

Overview

 

Sample Customers

Desjardins Group, HollyFrontier, Nubia, Agbar, WNS Global Services, INAIL, Universidad de Las Américas Puebla (UDLAP), Cook County, China Pacific Insurance, Bank Central Asia, California Department of Corrections and Rehabilitation, City of Chicago, Macquarie Telecom, Sutherland Global Services, Texas Tech University Health Sciences Center, United Automotive Electronic Systems
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Find out what your peers are saying about Trellix Intrusion Prevention System vs. Vectra AI and other solutions. Updated: June 2025.
859,687 professionals have used our research since 2012.