Try our new research platform with insights from 80,000+ expert users

Trellix Intrusion Prevention System vs Vectra AI comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 19, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Trellix Intrusion Preventio...
Ranking in Intrusion Detection and Prevention Software (IDPS)
10th
Average Rating
8.4
Reviews Sentiment
6.6
Number of Reviews
15
Ranking in other categories
No ranking in other categories
Vectra AI
Ranking in Intrusion Detection and Prevention Software (IDPS)
5th
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
45
Ranking in other categories
Network Detection and Response (NDR) (2nd), Extended Detection and Response (XDR) (18th), Identity Threat Detection and Response (ITDR) (10th), AI-Powered Cybersecurity Platforms (6th)
 

Mindshare comparison

As of September 2025, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Trellix Intrusion Prevention System is 2.7%, up from 2.0% compared to the previous year. The mindshare of Vectra AI is 8.1%, up from 7.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Intrusion Detection and Prevention Software (IDPS) Market Share Distribution
ProductMarket Share (%)
Vectra AI8.1%
Trellix Intrusion Prevention System2.7%
Other89.2%
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

Daniel_Martins - PeerSpot reviewer
Decade of experience empowers seamless problem resolution and support
I haven't seen threat intelligence and machine learning for predictive threat analysis in the Trellix Intrusion Prevention System yet. For Trellix IPS, AI improvements are an area where it can improve. It's a significant feature. Regarding the Trellix Intrusion Prevention System's flexibility for catering to our organization's specific infrastructure requirements, we have only on-premises and virtual appliances, but it's acceptable. The access and platform could potentially integrate with SaaS. Similar to when you put the EPO in mode integration with SaaS, you can connect with a local credential and with an X Console credential. Another possibility would be to connect with an integration login with the X Console. We have this with EPO on-premise, but with IPS, we don't have it.
Mohammad Alkurdi - PeerSpot reviewer
Innovative detection features enhance monitoring
The advantages of the integration are not entirely out-of-the-box. You have to do it manually. When I'm doing tier response, an out-of-the-box solution is not available. You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end. This is a major consideration about them. The recall feature, if it can be placed in some areas instead of the cloud, and charged for, would be better. Recall the storage where you watch all the traffic, and you can recall it and try to analyze it in the back end. It’s cloud-based. If they offer it on-prem, it would be better. I think they have a solution, but I have never tested it, to be honest with you.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The ability to centrally manage all the IPS sensors, track the different security events generated by it, and customize the different policies, depending on their location."
"Overall the solution is very good. It offers great protection and gives us a good overview of what is on the network."
"The product is worth the investment."
"The threat intelligence updates are very accurate."
"McAfee NSP is much more stable than Cisco."
"The feature I found most valuable is the network threat analyzer in the security platform. It also integrates with GTI, or Global Threat Intelligence. Otherwise, I just use the basic features."
"Great monitoring feature."
"There's a good dashboard you can drill down into. It helps you easily locate intrusions and the source of attacks."
"Vectra produces actionable data using automation. That has helped us. It's less manpower now to look at incidents, which has definitely increased efficiency. Right now, in a lot of cases, our mean time to detection is within zero days. This tells me by the time something happened, and we were able to detect it, it was within the same day."
"Scalability wise, we have many sensors, and Vectra AI seems to handle them all very well."
"What I like best about Vectra AI is that it alerts you about suspicious activities."
"One of the key advantages for us is we define a 24/7 service around it. We use far more of Vectra alerts than we do with our SIEM product because we understand that when we get an alert from Vectra we actually need to do something about it."
"It's important for us that the user interface is easy to understand and that is the biggest benefit we see from Vectra AI."
"Cognito Streams gives you a detailed view of what happens in the network in the form of rich metadata. It is just a super easy way to capture network traffic for important protocols, giving us an advantage. This is very helpful on a day-to-day basis."
"It's easy to manage, and I love the UX. It's very well designed. When we are looking for something, it's quite easy to find it."
"It has helped us to organize our security. We get a better overview on what is happening on the network, which has helped us get quicker responses to users. If we see malicious activity, then we can quickly take action on it. Previously, we weren't getting an overview as fast as we are now, so we can now provide a quicker response."
 

Cons

"The area of concern where the tool needs improvement is how the product prompts users at a network level that helps prevent any wireless network attacks through alerts and notifications."
"The technical support must be improved."
"The platform’s GUI could be the latest."
"The technical support has room for improvement."
"The solution could improve some aspects of detection."
"The Network Security Managers could be more stable, agile, and work faster. When it comes to instability, there is room for improvement."
"Some of the documentation is not as straightforward as it could be."
"The pricing could be improved."
"Some of the customization could be improved. Everything is provided for you as an easy solution to use, but working with it and doing specific development could be worked on a bit more in the scope of an incident response team."
"There is room for improvement in the documentation. We would like to have more details on how it detects what we see."
"I would like to see data processed onshore. Right now, the cloud components, like Office 365, must be processed on servers outside of Australia. I would like to see a future adoption of onshore processing."
"One area where there's room for improvement is the absence of a comprehensive TCP recording and replay feature."
"The reporting from Cognito Detect is very limited and doesn't give you too many options. If I want to prepare a customized report on a particular host, even though I see the data, I have to manually prepare the report. The reporting features that are built into the tool are not very helpful."
"There could be an option where Vectra manages the solution remotely, and when there is an attack, there could be a notification center to give us information about the attack."
"For S&D account scans, it would be easier if Vectra AI could triage with users. If a client uses a lot of accounts, then it could indicate that these accounts are benign, for example. That would help a lot."
"The main improvement I can see would be to integrate with more external solutions."
 

Pricing and Cost Advice

"I rate the product’s pricing an eight out of ten."
"The tool is competitively priced."
"The upfront pricing model that we have would have been more beneficial if it had been a recurring license fee, but that wasn't a massive issue for us. It's fairly priced."
"The pricing is very good. It's less expensive than many of the tools out there."
"Vectra's pricing is too high. All schools will not be able to afford it. Vectra will only end up targeting higher education and higher value independence purely because of the price. A lot of schools would love to have a product like Vectra AI, but they simply can't because they struggle to even pay the high E5 licensing from Microsoft. When you're up against that, Vectra AI is never going to be within the sector's price range."
"Vectra AI's pricing is cheaper than that of Darktrace."
"Its cost is too much. It's an investment that we can afford. It's a lot, but it's worth it."
"The licensing is on an annual basis."
"We are running at about 90,000 pounds per year. The solution is a licensed cost. The hardware that they gave us was pretty much next to nothing. It is the license that we're paying for."
"The solution is low-cost and affordable."
report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
867,676 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
13%
Computer Software Company
9%
Financial Services Firm
9%
Comms Service Provider
8%
Financial Services Firm
12%
Computer Software Company
11%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business6
Midsize Enterprise7
Large Enterprise5
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise10
Large Enterprise27
 

Questions from the Community

What do you like most about McAfee Network Security Platform?
The threat intelligence updates are very accurate.
What is your experience regarding pricing and costs for McAfee Network Security Platform?
The tool is competitively priced. I rate the pricing a six out of ten.
What needs improvement with McAfee Network Security Platform?
I haven't seen threat intelligence and machine learning for predictive threat analysis in the Trellix Intrusion Prevention System yet. For Trellix IPS, AI improvements are an area where it can impr...
What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...
What do you like most about Vectra AI?
The solution is currently used as a central threat detection and response system.
What is your experience regarding pricing and costs for Vectra AI?
It is very acceptable when you compare it with Darktrace, for example.
 

Also Known As

McAfee Network Security Platform, McAfee NSP, IntruShield Network Intrusion Prevention System, IntruShield Network IPS
Vectra Networks, Vectra AI NDR
 

Overview

 

Sample Customers

Desjardins Group, HollyFrontier, Nubia, Agbar, WNS Global Services, INAIL, Universidad de Las Américas Puebla (UDLAP), Cook County, China Pacific Insurance, Bank Central Asia, California Department of Corrections and Rehabilitation, City of Chicago, Macquarie Telecom, Sutherland Global Services, Texas Tech University Health Sciences Center, United Automotive Electronic Systems
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Find out what your peers are saying about Trellix Intrusion Prevention System vs. Vectra AI and other solutions. Updated: September 2025.
867,676 professionals have used our research since 2012.