Trellix Network Detection and Response and Palo Alto Networks VM-Series are prominent competitors in the cybersecurity space. Trellix demonstrates an advantage in zero-day detection capabilities, while Palo Alto stands out for its robust application control and cloud integration features.
Features: Trellix Network Detection and Response offers advanced threat detection including zero-day attacks and APTs, a sophisticated sandboxing engine, and deep visibility into threats with user-level insights. Palo Alto Networks VM-Series is equipped with powerful application and URL filtering, advanced threat prevention, and seamless cloud integration with unparalleled deployment flexibility.
Room for Improvement: Trellix could benefit from enhanced integration capabilities, increased customization options, and improved reporting and management functionalities. Its pricing is also high, and there is a desire for better cloud-based machine learning. Palo Alto Networks VM-Series needs improvements in AWS integration, complexity reduction, and dynamic scalability. User interface updates and advanced multi-factor authentication integration are necessary areas of improvement.
Ease of Deployment and Customer Service: Trellix Network Detection and Response is primarily deployed on-premises, offering strong support, though direct technical support is less accessible, often depending on partners or internal teams. Palo Alto Networks VM-Series, frequently deployed in cloud environments, is known for seamless cloud service integration. Its customer service and technical support are positively noted, though there is room for reducing deployment cost and complexity.
Pricing and ROI: Trellix Network Detection and Response, though expensive, delivers high ROI by effectively preventing breaches and reducing response times. Meanwhile, Palo Alto Networks VM-Series, also seen as costly, offers flexible pricing through AWS Marketplace, allowing for right-sizing. Despite its high price, users value its comprehensive features and flexibility, though licensing complexity is a concern. Both solutions provide significant ROI in threat prevention and operational efficiency.
Customers can see data within a week, indicating a quick return on investment.
Investigations are generally faster because analysts have immediate access to relevant network context instead of manually piecing together information from multiple sources.
The time was reduced because of the automated detections.
If a threat can enter any endpoint that is exposed to the internal network, there is a potential gateway for hackers, leading to a loss of production or significant financial impact to the network.
The support quality could be improved.
Resolving issues promptly.
They are responsive and provide high-quality assistance.
The support team was responsive and knowledgeable.
Technical support needs improvement as sometimes engineers are not available promptly, especially during high-severity incidents.
They were constantly relaying our message to the engineering team and the engineering team was looping that back to them and then to us.
They are easy to upgrade, and with credit licensing, they scale effectively according to demand.
The solution is scalable and can easily handle an increase in the number of users.
It is easy to use with an excellent graphical user interface and extensive documentation, which contributes to its high scalability.
The scalability of Trellix Network Detection and Response is easy; I just have to add another license in the same cloud, and I can easily increase the number of endpoints.
Trellix Network Detection and Response has handled that growth while continuing to provide consistency, visibility, threat detection, and investigation capabilities.
The connectors were always out of sync and we have had multiple noise floods from these connectors which were not configured well.
Hardware is generally very stable.
I have not experienced any major problems or downtime.
Perfection is unlikely as the dynamic nature of traffic and constant changes can result in occasional bugs despite regular updates.
In my day-to-day use, it has consistently provided the visibility and detection capabilities we rely on for security monitoring and investigations.
In our experience, it has had a positive impact on our production environment and has proven to be a dependable part of our security operations.
I encounter no issues with health or reliability when the recommended specifications are met.
Integration with CSIRT across all use levels would make it easier for administrators to stay updated on the blocked entities without manual intervention.
Most customers go for partner-enabled support, which involves multiple layers, leading to delays.
Having those features missing, we are not proposing Palo Alto Networks VM-Series to all customers.
There should be improvements in AI intelligence, faster decision-making, and a more responsive technical support team.
It would be best if Trellix Network Detection and Response sensors were converted into a next-generation firewall with built-in capabilities for routing, switching, and Layer 7 functionality, as most next-generation firewalls today include these features.
Regarding needed improvements for Trellix Network Detection and Response, there is always room for enhancement in terms of AI capability to include proactive triggers based on historical data, enabling AI to learn patterns and detect threats before they manifest.
Palo Alto is expensive in terms of pricing, particularly when comparing features to cost.
The cost involves purchasing through a vendor, which might mark up due to the supply chain.
Pricing for Palo Alto Networks is higher than other OEMs, but considering the robustness and features, it gains customer trust.
Trellix Network Detection and Response is an enterprise-grade security solution, so it represents a significant investment, but we believe that the value it provides in terms of threat detection, network visibility, and incident response justifies the cost.
The pricing model is not transparent, as they do not provide pricing ranges upfront, complicating the evaluation of costs across regions.
My experience with the pricing, setup cost, and licensing of Trellix Network Detection and Response is that they are very good and affordable for the customer range.
We use these tools to prevent all known and unknown threats using Palo Alto Networks' Wildfire and other data filtering tools to gather information, analyze traffic, manage malicious traffic, and offer visibility, control, and attack prevention.
Palo Alto's robust threat intelligence supports new updates, and I can open cases directly with their Threat Intelligence team.
The DNS security significantly enhances security through visibility and detection, allowing control over crucial traffic like DNS, which is often exploited by ransomware.
Per day we used to have 70 to 80 alerts and those could be reduced up to 40 to 30 a day. This is almost a 40 to 50% decrease.
Trellix Network Detection and Response has positively impacted my organization by addressing performance issues, specifically by offloading heavy traffic inspection and SSL inspection through sensors due to the limitations of the firewall.
Visibility is very important as it empowers users to understand what is happening; therefore, detection is one of the strongest features of Trellix Network Detection and Response.
| Product | Mindshare (%) |
|---|---|
| Trellix Network Detection and Response | 4.1% |
| Palo Alto Networks VM-Series | 2.4% |
| Other | 93.5% |
| Company Size | Count |
|---|---|
| Small Business | 31 |
| Midsize Enterprise | 15 |
| Large Enterprise | 24 |
| Company Size | Count |
|---|---|
| Small Business | 32 |
| Midsize Enterprise | 14 |
| Large Enterprise | 23 |
Palo Alto Networks VM-Series offers robust threat prevention and advanced security capabilities. Key features like traffic control and malware protection enhance its usability in cloud and hybrid environments.
Palo Alto Networks VM-Series specializes in delivering comprehensive network security with features such as traffic inspection, threat management, and firewall functionalities. It supports secure remote access and integrates easily with third-party solutions. With features like GlobalProtect VPN and Advanced Threat Protection, enterprises leverage the VM-Series in cloud, on-premises, or hybrid deployments to protect data and enhance cybersecurity. Despite its strengths, improvements in cloud solutions, integration, and scalability are needed.
What are the most important features of Palo Alto Networks VM-Series?In industries like finance, healthcare, and technology, Palo Alto Networks VM-Series plays a crucial role in network security. Companies implement it to secure remote access, protect sensitive data, and ensure compliance. Its compatibility with cloud environments allows versatile deployment across sectors needing stringent cybersecurity measures.
Trellix Network Detection and Response provides robust threat protection with advanced detection of zero-day attacks and APTs. Its user-friendly dashboard and real-time response capabilities enhance security and visibility across networks.
Trellix Network Detection and Response stands out with its MVX engine, leveraging virtual machines for comprehensive behavioral analysis. The solution supports detection of advanced cyber threats through features like sandboxing and application filtering, offering real-time response and packet capture for detailed contextual insights. Companies benefit from seamless integration with other platforms, enhancing usability and overall protection. User-friendly interfaces improve network visibility, while stability and ease of configuration safeguard against both signature-based and signature-less threats.
What key features does Trellix offer?Companies in sectors like finance, healthcare, and enterprise security utilize Trellix Network Detection and Response for tasks such as network intrusion detection, endpoint protection, and securing data transmission paths. It aids in threat investigations, pre-sales demos, and network forensics, reducing risks by protecting against cyber threats like phishing.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
