NNT Log Tracker Enterprise vs Trellix ESM Comparison 2024

Read 85 Microsoft Sentinel reviews

32,763 views|18,195 comparisons

NNT Log Tracker Enterprise

Read 4 NNT Log Tracker Enterprise reviews

307 views|221 comparisons

Trellix ESM

Read 34 Trellix ESM reviews

3,720 views|1,591 comparisons

Comparison Buyer's Guide

Download the complete report

Buyer's Guide

Security Information and Event Management (SIEM)

April 2024

Executive Summary

We performed a comparison between NNT Log Tracker Enterprise and Trellix ESM based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM).

To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: April 2024).

Download the complete report

768,886 professionals have used our research since 2012.

Featured Review

Harman Saggu

Cyber Security Engineer at a tech services company

Provides valuable alerts and saves investigation time, but can use more connectors

It is crucial that Sentinel empowers us to safeguard our hybrid, cloud, and multi-cloud environments. We employ a hybrid cloud setup, and securing... Read more →

Jagganath Tendle

Senior Infra Manager at a tech vendor

Great for PCI compliance but issues with stability and large amounts of data

The automation of compliance reports and the correlation of the log have been major improvements.

Daniel Durian

Information Security Manager at SM Prime Holdings

Provides visibility of all the traffic within the company infrastructure

It provides threat monitoring from the Internet and if there is malicious activity on the end-point, the ESM can provide us what host is affected.

Quotes From Members

We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:

Pros

"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources.""Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information.""There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection.""Sentinel is a Microsoft product, so they provide very robust use cases and analytic groups, which are very beneficial for the security team. I also like the ability to integrate data sources into the software for on-premise and cloud-based solutions.""The dashboard that allows me to view all the incidents is the most valuable feature.""We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility.""The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature.""The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."

More Microsoft Sentinel Pros →

"File integrity monitoring is a very important function.""The most valuable feature is the predefined reports for PCI compliance.""The FIM features in the Change Tracker and the Log Tracker are the most valuable.""This is a very easy-to-use interface with a quick ramp-up time."

More NNT Log Tracker Enterprise Pros →

"I like the ease of deployment.""I rate the tool's deployment an eight out of ten. The deployment is completed in two days.""The most valuable feature for us is that it comes with many correlations, reports, and dashboards already available. It's also very easy to use.""The most valuable feature is for the security operation center because it provides visibility of all traffic within the company infrastructure.""It is easy to use and deploy. It comes with user-friendly manuals.""The most valuable features of McAfee ESM are intrusion detection, malware protection, and the device controller.""It can be easily deployed with the other solutions.""The most valuable feature is the correlation rules."

More Trellix ESM Pros →

Cons

"The solution could be more user-friendly; some query languages are required to operate it.""The product can be improved by reducing the cost to use AI machine learning.""If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries.""The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results.""If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies.""Sentinel's reporting is complex and can be more user-friendly.""We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft.""I would like to be able to monitor applications outside of the Azure Cloud."

More Microsoft Sentinel Cons →

"The correlation suite needs to be improved.""I would like to see the integration of AI technology, so rather than manually monitoring the logs, the tool will understand it and take care of it.""Only one minor deployment issue came up and it was resolved quickly. No other areas of improvement come to mind yet.""It is able to identify the vulnerability, however, they need an option to auto-mitigate."

More NNT Log Tracker Enterprise Cons →

"I would like to see fingerprint recognition included in the next release of this solution.""There are always multiple bugs in the product. For example, the console page was hanging multiple times. Afterwards, they released multiple upgrades for the same, multiple patches from McAfee.""There are some banking and transactional cases that are local, South America transactions. I would like to see them add features that can be used locally, to make those transactions more reliable.""Product-wise, adding accounts on a single data source by batch would be a really great help.""The user interface could be more user-friendly.""Customized reports and alerting functionality could be included in the dashboard.""I have to purchase a new box now. Its existing box is not scalable and I can't use it anymore.""It cannot integrate with our Next-Generation Firewall and few applications such as Cisco ACI."

More Trellix ESM Cons →

Pricing and Cost Advice

"It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."

"It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"

"Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."

"I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."

"It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."

"I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."

"Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."

"Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."

More Microsoft Sentinel Pricing and Cost Advice →

"Consider both their on-premises solution and their hosted solution. Both are reasonably priced."

"We have selected a perpetual license along with support."

"NNT's pricing is moderate - I would rate their pricing two-and-a-half out of ten."

More NNT Log Tracker Enterprise Pricing and Cost Advice →

"You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points."

"We pay for our licensing fees on a yearly basis, and there are no costs in addition to the standard licensing fees."

"The cost is dependent on the customer's environment and requirements."

"The pricing is good, and they are competitive compared to providers such as RSA and IBM QRadar."

"The cost is all included. The finance department handles the financial part, and we mostly don't get involved in it."

"We renew our license annually."

"McAfee is the right choice for a low-budget solution."

"The price is good. It's moderate. We follow a pay-as-you-go model. There are different models available, and they can also be monthly. You can choose monthly or yearly. It's very flexible. If our existing customers exceed the current plan, you can just call McAfee and get it extended."

More Trellix ESM Pricing and Cost Advice →

See Which Vendors Are Best For You

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See Recommendations

768,886 professionals have used our research since 2012.

Comparison Review

Vinod Shankar

Manager, Enterprise Risk Consulting at a tech company

HP ArcSight vs. IBM QRadar vs. McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm

We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are based on Gartner Magic Q which is what Organizations typically use to select SIEM vendors. The Vendors mentioned here in the deck are : 1. HP ArcSight 2. McAfee Nitro 3. IBM QRadar 4. Splunk SIEM 5. RSA Security Analytic 6. LogRhythm. SIEM Technology Space SIEM market analysis of the last 3 years suggest: Market consolidation of SIEM players (25 vendors in 2011 to 16 vendors in 2013)Only products with technology maturity and a strong road map have featured in leaders quadrant.HP ArcSight & IBM Q1 Labs have maintained leadership in SIEM industry with continued technology upgradeMcAfee Nitro has strong product features & road map to challenge HP & IBM for leadershipHPArcSight The ArcSight Enterprise Threat and Risk Management (ETRM) Platform is an integrated set of products for collecting, analysing, and managing enterprise Security Event information ArcSight Enterprise Security Manager (ESM): Correlation and analysis engine used to identify security threat in real-time& virtual environments ArcSight Logger: Log storage and Search solution ArcSight IdentityView: User Identity tracking/User activity monitoring ArcSight Connectors: For data collection from a variety of data… Read more →

Questions from the Community

Is there a common threat intelligence tool that aggregates multiple threa...

Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »

Read all 10 answers →

What is a better choice, Splunk or Azure Sentinel?

Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »

Which is better - Azure Sentinel or AWS Security Hub?

Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »

Read all 2 answers →

What do you like most about NNT Log Tracker Enterprise?

Top Answer:The most valuable feature is the predefined reports for PCI compliance.

Read all 3 answers →

What needs improvement with NNT Log Tracker Enterprise?

Top Answer:The correlation suite needs to be improved. I also think they need to improve the product's handling of large amounts of… more »

Read all 3 answers →

What is your primary use case for NNT Log Tracker Enterprise?

Top Answer:I mainly use this solution to meet PCI compliance.

Read all 3 answers →

What do you like most about McAfee ESM?

Top Answer:The solution's technical support is great.

Read all 22 answers →

What is your experience regarding pricing and costs for McAfee ESM?

Top Answer:The product is slightly expensive. They offer some discount on the purchase of a certain number of nodes. They should… more »

Read all 16 answers →

What needs improvement with McAfee ESM?

Top Answer:The integration capabilities of Trellix ESM with SaaS solutions are an area of concern where improvements are needed… more »

Read all 20 answers →

Comparisons

AWS Security Hub vs. Microsoft Sentinel

Compared 17% of the time.

IBM Security QRadar vs. Microsoft Sentinel

Compared 12% of the time.

Microsoft Defender for Cloud vs. Microsoft Sentinel

Compared 7% of the time.

Splunk Enterprise Security vs. Microsoft Sentinel

Compared 6% of the time.

Elastic Security vs. Microsoft Sentinel

Compared 5% of the time.

More Microsoft Sentinel Competitors →

Cybereason Endpoint Detection & Response vs. NNT Log Tracker Enterprise

Compared 100% of the time.

More NNT Log Tracker Enterprise Competitors →

ArcSight Enterprise Security Manager (ESM) vs. Trellix ESM

Compared 18% of the time.

IBM Security QRadar vs. Trellix ESM

Compared 17% of the time.

Splunk Enterprise Security vs. Trellix ESM

Compared 17% of the time.

LogRhythm SIEM vs. Trellix ESM

Compared 16% of the time.

Cybereason Endpoint Detection & Response vs. Trellix ESM

Compared 4% of the time.

More Trellix ESM Competitors →

Also Known As

Azure Sentinel

McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager

Learn More

Microsoft

NNT

Video Not Available

Trellix

Video Not Available

Overview

Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

- Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

- Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

- Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

- Respond to incidents rapidly with built-in orchestration and automation of common tasks

To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

NNT Log Tracker Enterprise is a comprehensive and easy-to-use Security Information and Event Management (SIEM) solution for any compliance mandate providing:

Enterprise-class SIEM capabilities.
Compliance Automation.
User and System Activity Audit trails.
Network Anomaly forensics.
Proactive Threat Detection.

Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.

Sample Customers

Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.

Wonga, WHSmith

San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport

Top Industries

REVIEWERS

Financial Services Firm22%

Computer Software Company11%

Manufacturing Company8%

Comms Service Provider8%

VISITORS READING REVIEWS

Computer Software Company16%

Financial Services Firm10%

Government9%

Manufacturing Company7%

VISITORS READING REVIEWS

Financial Services Firm17%

Computer Software Company14%

Government12%

Educational Organization8%

REVIEWERS

Financial Services Firm25%

Government15%

Computer Software Company10%

Manufacturing Company10%

VISITORS READING REVIEWS

Educational Organization70%

Computer Software Company5%

Government4%

Financial Services Firm4%

Company Size

REVIEWERS

Small Business33%

Midsize Enterprise21%

Large Enterprise47%

VISITORS READING REVIEWS

Small Business25%

Midsize Enterprise16%

Large Enterprise59%

VISITORS READING REVIEWS

Small Business32%

Midsize Enterprise8%

Large Enterprise61%

REVIEWERS

Small Business29%

Midsize Enterprise15%

Large Enterprise56%

VISITORS READING REVIEWS

Small Business8%

Midsize Enterprise74%

Large Enterprise18%

Buyer's Guide

Security Information and Event Management (SIEM)

April 2024

Download Free Report

Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM). Updated: April 2024.

DOWNLOAD NOW

768,886 professionals have used our research since 2012.

NNT Log Tracker Enterprise is ranked 42nd in Security Information and Event Management (SIEM) with 4 reviews while Trellix ESM is ranked 18th in Security Information and Event Management (SIEM) with 34 reviews. NNT Log Tracker Enterprise is rated 8.2, while Trellix ESM is rated 7.4. The top reviewer of NNT Log Tracker Enterprise writes "Great for PCI compliance but issues with stability and large amounts of data". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". NNT Log Tracker Enterprise is most compared with Cybereason Endpoint Detection & Response, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, Splunk Enterprise Security, LogRhythm SIEM and Cybereason Endpoint Detection & Response.

See our list of best Security Information and Event Management (SIEM) vendors.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

NNT Log Tracker Enterprise vs Trellix ESM comparison

Microsoft Sentinel

NNT Log Tracker Enterprise

Trellix ESM