We performed a comparison between Palo Alto Networks WildFire, Trellix Network Detection and Response, and WatchGuard XTM [EOL] based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, ESET and others in Advanced Threat Protection (ATP)."The cloud-based services are a nice feature."
"The most valuable feature is the Automatic Verdict, to recognize whether something is a threat, or not."
"The graphic user interface of Palo Alto is good and it's easy to configure."
"Their technical support is outstanding and top-notch."
"It gives a more accurate assessment of a virus in terms of whether it's truly a virus, malware, or a false positive. We have some legacy software that could pop up as being something that is malware. WildFire goes through and inspects it, and then it comes back and lets us know if it's a false positive. Usually, when it finds out that it's not a virus, it lets us know that it's benign, and it can exclude it from that scan, which means I don't even have to worry about that one popping up anymore."
"The most valuable feature is the cloud-based protection against zero-day malware attacks."
"It catches modified signatures of known viruses."
"I give the initial setup an eight out of ten."
"The most valuable feature is the network security module."
"We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up."
"Improved our systems and our customers' by providing better malware protection, defense against zero-day threats, and improved network security."
"The most valuable feature is the view into the application."
"Over the thirteen years of using the product, we have not experienced a single compromise in our environment. During the COVID period, we faced numerous DDoS attacks, and the tool proved highly effective in mitigating these threats."
"The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks."
"The solution can scale."
"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."
"It is stable and does not require you to reboot all the time."
"We have used technical support for WatchGuard many times and overall, we are satisfied with it. They are always listening and there is a good reaction time to our findings. When there are issues, they really try to resolve them."
"They have a reporting system which can store data over a very long period of time. Not many other firewall vendors provide a reporting system, but if they do, like Fortinet does, then you've got buy that as an additional product and that can be more than twice as expensive as the initial investment in the firewall. And without reporting over a long-term period, you're just about wasting your time."
"There is a site-to-site VPN configuration between others people."
"Reputation Enabled Defense indicates that some websites are so infested that it's not even worth visiting them, and therefore saving the bandwidth of going through the detection process."
"It configures in all-in-one place."
"Monitoring of network activity is included in the box."
"WatchGuard XTM is fairly basic. We use it as the perimeter firewall. The main point is to protect from attack software and hacking."
"The configuration should be made a little bit easier. I understand why it is as it is, but there should be a way to make it easier from the user side."
"The initial setup was a little bit complex, mainly due to the GUI console and management challenges."
"The cost of the solution is excessively high."
"There are more specialized solutions that compete with Wildfire. Therefore, they need to work on their machine learning and AI to be more competitive."
"In terms of what I'd like to see in the next release of Palo Alto Networks WildFire, each release is based on malware that has been identified. The key problem is an average of six months from the time malware is written to the time it's discovered and a signature is created for it. The only advice that I can give is for them to shorten that timeframe. I don't know how they would do it, but if they shorten that, for example, cut it in half, they'll make themselves more famous."
"They provide a medium level of technical support."
"When comparing this solution to others it is not as good overall."
"The solution can improve its traffic management."
"The product's integration capabilities are an area of concern where improvements are required."
"Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier."
"The world is currently shifting to AI, but FIreEye is not following suit."
"Technical packaging could be improved."
"Technical support could be improved."
"Certain features in Trellix Network Detection and Response, such as using AL-type commands, may initially pose a challenge for those unfamiliar with such commands. However, once users become accustomed to the system, it becomes easier to use."
"Management of the appliance could be greatly improved."
"I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."
"Sometimes we have had issues with stability of the product."
"Syslog (Dimension) is focused on presentation, but needs more focus on utility like SonicWall syslog (GMS/Analyzer)."
"The VPN errors are not helpful when troubleshooting."
"The initial setup is neither simple nor complex. If you know the base in networking and how the firewall works, you will be able to figure it out."
"I would like them to improve the product's overall protections. This would be good for all product users."
"WatchGuard doesn't have a product that allows them to get into the data center. And that's just because there is no hardware to do the job. The software could do it, but there's no hardware that allows that to happen at the moment. So it doesn't scale as well as some other products, that's for sure."
"The setting policies need improvement. It needs an easier way to do static NAT and check on what policy is being used for that specific traffic."
"One huge issue with WatchGuard XTM is that I'm not getting reports in a readable format. Readable means, I don't want Excel online. We repeat auditing when we trigger the report or setup calendar. That functionality is what we are looking for from WatchGuard XTM here."
More Trellix Network Detection and Response Pricing and Cost Advice →
Earn 20 points