We performed a comparison between Palo Alto Networks WildFire, RiskIQ Illuminate, and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Fortinet and others in Advanced Threat Protection (ATP)."The most valuable feature of this solution is how it keeps up-to-date with viruses."
"The cloud-based services are a nice feature."
"High availability with active-active and active-passive modes."
"My primary use case for this solution is for a secure gateway."
"It is the best device in comparison to other network products in the marketplace."
"With this product, we receive the best monitoring and reports."
"The most valuable feature of Palo Alto Networks WildFire is its ability to adapt to environments and its robustness."
"The most valuable features of Palo Alto Networks WildFire are the good URL and file analysis that uses artificial intelligence. It has different interfaces, such as rest, SMTP protocol, and HTTPS. The Security incidents and event management are very good. Additionally, there are many file types that are supported and there is no limit to the number of files it can handle simultaneously. It integrates well with SIEM solutions."
"The solution is stable with 12 years of established historical data."
"The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks."
"Over the thirteen years of using the product, we have not experienced a single compromise in our environment. During the COVID period, we faced numerous DDoS attacks, and the tool proved highly effective in mitigating these threats."
"We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up."
"It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."
"The server appliance is good."
"Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams."
"It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us."
"The sandbox feature of FireEye Network Security is very good. The operating system itself has many features and it supports our design."
"The configuration should be made a little bit easier. I understand why it is as it is, but there should be a way to make it easier from the user side."
"The system performance degrades after the solution has been deployed for some time. The data that it gives us becomes a little bit slow. When you try to get some data for troubleshooting, it seems like it's working hard to extract that data."
"In terms of what I'd like to see in the next release of Palo Alto Networks WildFire, each release is based on malware that has been identified. The key problem is an average of six months from the time malware is written to the time it's discovered and a signature is created for it. The only advice that I can give is for them to shorten that timeframe. I don't know how they would do it, but if they shorten that, for example, cut it in half, they'll make themselves more famous."
"I would like to see them continue on their developmental roadmap for the product."
"The product fails to offer protection when dealing with high-severity vulnerabilities, making it an area of concern where improvements are required."
"They can keep on doing more updates. As new malware and viruses are coming out, they can make sure that WildFire is up to date."
"The only complaint that we receive from our customers is in regards to the price."
"In the future, Palo Alto could reduce the time it takes to process the file."
"A low-cost service to evaluate the risk score of a supply chain would be very helpful."
"The world is currently shifting to AI, but FIreEye is not following suit."
"The initial setup was complex because of the nature of our environment. When it comes to the type of applications and functions which we were looking at in terms of identifying malicious threats, there would be some level of complexity, if we were doing it right."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
"I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."
"A better depth of view, being able to see deeper into the management process, is what I'd like to see."
"As far as future inclusions, it would be useful to display more threat intelligence, such as the actual area of the threat and the origin of the web crawling (Tor and Dark Web)."
"It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning."
"Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official distributor and partner of FireEye, and we have access to complete documentation about how to configure or implement this technology, but for customers, very limited documentation is available openly. This is the area in which FireEye should evolve. All documents should be easily available for everyone."
More Trellix Network Detection and Response Pricing and Cost Advice →
Earn 20 points
