Trend Micro Deep Security Reviews

Virtual Patching (part of Integrity Monitoring module) is the most valuable because it shields vulnerabilities in critical systems until an actual patch is available and deployed reducing the downtime, and protecting unpatchable systems extending the life of legacy systems and applications. Also, the possibility to know which files have been changed in the host machine.

The possibility to extend the security of the datacenter to cloud using API integration to AWS, vCloud, Azure and others in a single management console is also valuable.

In the past, we had to search for a window of time to patch the OS and some applications and it took a long time up a virtual machine and make it available for our needs because its update process was very slow. Now, we don’t have to wait for this process because when we need a VM we can just boot one up and run and patch the VM at an opportune time.

We use it to help a large payment company in Brazil to process millions of credit card transactions a day, and others company with similar challenges.

It needs real-time anti-malware support for Amazon Linux and an option that allows you to classify and mark reports using tags like Top Secret or Confidential which are missing in Deep Security 9.5 but are in v9.6, which was released in January. We're still homologating 9.6 version with this new feature.

An improvement on its Control Manager integration is also needed because it's insufficient for individual and granular management. Control Manager is a console that integrates all Trend Micro products.

I've been using it since it was first released in 2010 and have used it in two different ways. At my own company, it's used to protect about 40 VMs on two hosts using VMware. It's also used for installing and supporting 36 clients over 250 servers and millions of transactions per day.

I'm one of the founders of company and I've been working as a technician from the beginning, my role was design, deployment planning and pre-sales support until the end of the last year with our support team. Now, I'm dedicating my time to executing our vision as CEO.

We have had no issues deploying it, especially when following the guides.

It has been stable in our deployments.

We have no issues scaling it when we need to.

Trend Micro has a Channel Partner ecosystem highly prepared to solve any questions and they work very closely with Trend Micro support services to deliver the best experience to their customers.

We did not have anything in place previously.

The deployment depends on how you set up your VMware environment and what features you’re using. Following the steps described in the Administrator and Deployment guides helps you to avoid any complications.

The implementation team was formed with inside analysts and vendor specialists. It's strongly recommended to use someone with the necessary skills to work with VMware and have someone familiar with infrastructure and security analysis.

Start with a small group of servers and the most important modules for your company. Depending on the way you buy the product, you have the benefit of renewing discounts up to 50% in the next year.

It's a hybrid platform with about five modules that will help you to manage and secure your datacenter and cloud initiative with multi-platform support. To get the same solution, you may have to contract at least four different vendors.

The modules that are included with it will help us displace the local anti-virus that we're currently using today.

There are a couple of areas for improvement. It needs better support for Mac, and there are some challenges in its implementation.

Unfortunately, the relationship with VMware that Trend Micro has, prohibits us from continuing our use of the non agent-based solution as NSX is now required to go forward from version 5.5 to version 6. NSX has now become a necessity to go with agent-based, so we're moving to an agent-based solution on the VDI's and our server-based as well.

We've used it for four years.

There's an ongoing, continuing education process that needs to be in-sync with your Trend Micro staff. It's not a total set-it-and-forget-it type of solution. You need to continually manage and maintain it.

We're experiencing some instability, but my understanding from VMware and Trend Micro is that there's a relationship being built. They're pursuing a strategy to come up with perhaps a light version of NSX.

We've had no issues with scalability.

I was involved in the setup from a managerial perspective. I contracted with Trend Micro support to provide us with implementation support.

We've looked at McAfee, Kaspersky, and Symantec.

My team specifically looks at what's there on a regular basis. We work closely with the security team to be sure that we are making a good, conscious choice on an annual basis.

It's important that you get a baseline of training, then partner with Trend Micro, whether it's an engineer pre-sales or an engineer that's implemented the product before. Be certain that your staff have the steering wheel and Trend Micro are the ones helping you navigate through the solution.

Deep Security is a really innovative security solution in the world of software-defined data centers and in the NSX space. It makes controls available to consultants and security architects in the new, software-defined datacenter and traversing up into the cloud. It's optimized to support security for virtual desktop infrastructures.

It's not a well-recognized solution and there's not much buzz around it in the marketplace. When I speak with an auditor about what Trend Micro is doing to cover my compliance footprint, it's not well-understood. That's where the challenge lies.

There were some initial challenges with it, those in my experience have all been worked out, and it's a very stable solution now. We're working on taking it out, we do a lot of consulting in an NSX space, with software-defined networking, and we're taking Trend Micro out to all of our customers.

It works in relatively small scenarios, and up to the biggest scenario that I can imagine.

Never had an issue with Trend Micro support. It's fantastic.

It's in a complex technological space, typically proposed into NSX or cross-hybrid cloud scenario. There are a lot of moving parts and it's a challenging space to implement technologies and controls, but I think Trend Micro does it well.

The important thing that I would encourage people to look at with Deep Security is how it plays with Endpoint, how it plays with your particular software-defined data center or hybrid cloud, and make sure that you understand where the capabilities are available to you. Because for most people it's surprising that Trend Micro can do all the things that it can.

The comprehensive agility is the most valuable feature. It's very agile and flexible, and performs multiple tasks simultaneously very effectively. We're able to do firewalls, IPS, and log inspections with it.

It's very difficult for an enterprise, especially one of our size, to patch effectively at all times. The IPS helped us with this. Oftentimes, there's a delay between discovery of malicious threats and production of patches. The IPS allows us to virtually protect against those threats before true patches can be applied to our inputs.

Deep Security is a fantastic product but there are certain little details that could be tweaked or improved to make it a ten.

VMware and Trend Micro are pursuing a strategy to develop a light version of NSX that will allow us to run it agentlessly.

They also need to offer support for Apple machines. Almost every vendor I've seen, they're all junk. For Trend Micro to take a step either with their office-end product or with Deep Security to actually protect Macs, that would be a huge game-changer for iOS.

We've been using it for three years.

We've had no issues with deployment.

Overall, I'd say the product is very stable, both agentless and agent-based. Agentless is less stable due to the nature of how many moving parts have to be working and in place for the whole system to work effectively. However, moving forward with the relationship with VMware, agentless protection is not going to be possible without VMware NSX setup with the environment.

Our organization has 1,500 servers and 18,000 endpoints -- and it's growing.

Trend Micro has excellent technical support.

Starting off with agentless, it was complex. With agentless, you have a lot of moving parts and they all have to be in-sync and working together for the whole system to work. It adds a level of complexity with vShield, the DSVA's, and all the different moving parts.

Come up with a solid working plan before you even think about actually implementing anything. The foundation is all in the preparation, the education and the project management.

No product is perfect. Deep Security is a fantastic product but there are certain little details, I think, that could be tweaked or improved. Do your homework, engage Trend Micro, get trained, get all the knowledge you can and come up with a solid working plan before you even think about actually implementing anything.

The most valuable feature for us is that it's agentless, meaning we can implement it without having to protect every guest at a guest-by-guest level. That's huge for us.

Everything on our ESXi host is protected and we don't have to worry about pushing an anti-virus to individual guests. All we have to do is activate Deep Security in the console and we're set.

There's a little room for improvement as far as being more concise with the error messages. It's a small thing, and maybe that's coming in a newer version. Better notifications would be nice, such as error messages that a particular ESXi host is not protected properly.

If there's a problem, you have to drill down manually. You have to click and click and click to see what the message is. It would be nice to have a more transparent meaning instead of having to click so much to get to different levels.

I've used it for six months.

We did have one issue where the signature files we received were not valid files. It caused the host to continuously try to scan, causing a performance issue. We had it resolved within a couple of hours by powering up our Deep Security appliances until we got the proper update. Then we were able to move on.

Mike Horton is our account rep. He and technical support work as a team. We all work well together.

Technical support is where Trend Micro really shines. They're not a big group, which is great because you feel like you're not just a customer, but also a partner in the product. You really feel like they're interested in making sure you know how to work the product to its full potential.

Be involved with the installation so that you really get a feel for what the product's doing. If they provide any support or any training, definitely attend that. It is an intuitive product but there's a lot of moving parts. You're doing virus scanning so you definitely want to make sure you understand what you're doing because if you do have an issue, it’s very important piece of your infrastructure to make sure you're protecting your server.

There are several features I find valuable, including the fact that it's agentless, each module can be installed on its own, it provides a single pane of glass for managing it, its integration with VMWare (NSX), and items are auto-added as soon as they're discovered. Ease of use is a big plus because of the foregoing items.

We were having some AV issues around 2010 and the incumbent product had gotten big and clunky and was interfering with several desktops performance. When the solution let 3 viruses in over a few weeks I deemed it no longer suitable and we chose Trend Micro Deep Security as the replacement.

Right from the start it was easy: the installation routine very kindly sought out and removed the previous solution, greatly reducing deployment time (we implemented OfficeScan first) and DS uses auto discovery. Updates are automatic and run smoothly in off hours (except for pattern updates of course).

The Trend Micro solution was stable after a few tweaks and was instrumental in stopping an incursion of ransom ware that could have brought the company to its knees. Instead we had only a few file directories encrypted and we were able to restore those in about a day. We spend way less time on AV issues since implementing Trend Micro Deep Security.

There are several areas for improvement:

• The ability to manage agent-based AV (i.e. integrate Officescan into Deep Security) for desktops and laptops;
• Streamline the install (specifically configuring of external product requirements i.e. the VMware side); and
• Better integration with Control Manager (had a few issues with it not recognizing the DS server).

I've used it for over five years.

Deployment went surprisingly smoothly. Mind you we had a Trend Micro tech (Trevor) do the initial config.

We've had no issues with stability.

We've had no issues with scalability, but we're not a big shop (under 200 VM’s).

Trend Micro's service has always been one of its strong points. I don’t particularly like the online case management tool, but response has always been good. Local support is stellar (Vancouver, Canada area) – both reps and support techs.

Technical support is excellent. A Trend Micro tech was always available to me locally and this helped reduce the time-to-resolution of the few issues that came up.

Yes, we used Symantec. We found it was getting a larger footprint in memory and was starting to cause performance issues. When it failed to stop viruses 3 times in 3 weeks, I had enough. On all counts, Trend Micro is a superior product with superior people, and I have never regretted the switch.

It was a fairly standard install as we were not a large data centre. Trevor (then Martin) – both local Trend Micro techs - took about a day to get it all settled down. Over the next month, I made several support calls but mostly because I did not yet have the experience with it. After a month or so, I no longer needed the support.

The install was done by a Trend Micro tech (Trevor) and later supported by Martin Sima. Both are excellent fellows.

I'm not exactly sure what our ROI is as we did not quantify it. But I can say that supporting our users got a whole lot easier and we had a significant reduction in time spent on AV issues at the desktop. Management was easier (auto add new VM’s, etc.) and Control Manager provided reports for my bosses.

Trend Micro now does certificates and this made getting certs easy and fast. Pricing was competitive, although I have not looked at pricing recently. Licensing was also easy as each additional module could be licensed separately.

I was pretty aware of the market in 2010. I knew Symantec was not doing the job anymore and I had used Trend Micro in a previous life and knew the OfficeScan product. I also considered Sophos as they have a large local presence. I do not ever want McAfee again (bad experience back in the ‘90s). And I didn’t trust the Russian product.

Make friends with your local rep and support tech – they can help you over the gotchas and issues that invariably arise with a new implementation. There is lots of online training also from Trend Micro. And classroom courses are available; I took the Deep Security course in Ottawa the first year we had it.

The most valuable feature for us is moving the AV scanning engine to the hypervisor and removing it from the virtual machine. We also use the compliance reporting (reporting in general) feature.

It's given us a significant reduction of CPU/memory footprint required to run traditional AV products inside a virtual machine (VDI).

I'm not sure how this product could improve, although we did have some compatibility issues between it and versions of vSphere.

We've used it for 13 months.

During deployment, we had the issue of compatibility between vSphere and Deep Security.

The stability issue we had was with regard to vSphere.

We had no issues with scalability.

Customer service was initially very poor, but once we reclassified our account from mid-size to enterprise, the support was very good.

Technical support is above average.

We previously used Symantec SAV, but it was too heavy for VDI.

Our initial setup was somewhat complex and required a significant interaction with Trend Micro support. This is a very new concept of taking the AV engine outside the VM and it took us some time to feel comfortable with the whole idea. It also required some deep understanding of how Trend Micro Deep Security “embeds” into a VMware environment, and that was not a easy task to master.

We did the initial setup with our in-house team with significant help from Trend Micro technical support. I'd rate them very poorly because they completely missed the compatibility with vSphere issue. It took us a lot of time to fix the entire mess.

Our ROI is still unclear, but I'll have more details once the entire enterprise is moved to Trend Micro Deep Security.

Get a good reseller (our original VAR, MicroAge, had a difficult time clarifying some of the licensing vs. maintenance costs).

ESET and Symantec

Make sure your VMware SME is plugged in from the very beginning, do a limited low-level impact POC, and plug into the Trend Micro user community.

The most valuable feature for us is mainly the fact that we can control what the PC or server is doing protection-wise, even remotely. We use this protection feature all the time.

The main benefit it provides us is that it will show what the issues might be and it's scalable. It allows us to know that if we have an issue somewhere on one device or endpoint, we can correct it or get down to a level where we can find out what the problem is. For example, we can apply exclusions to set policies for a certain type of group that can scale for a lot of environments, whether it's Linux or Windows servers or Windows 10 endpoints.

I'd like to see some sort of database out-of-the-box. Deep Security uses its own database, with which we have some issues, but we just go right to SQL or another database. Right now, the standard database as to be converted to SQL or Oracle, but that's something that should be out-of-the-box standard.

We've used it for four years.

We've had no issues with deployment, other than the database issue.

We had one failure, but it came back up within twenty minutes, so we've really had no downtime.

Yes, it's been scalable. In the coming year, we're going to be testing many more policies and deploying it out in our system.

The setup was a little complex on the security side. But the endpoints -- desktops, laptops, were pretty easy. The server environments were a little more complicated and in-depth.

We implemented with a vendor team.

We very much have an ROI, and although I don't have numbers, I can see that we've been able to catch problems before they happen.

Make sure you perform thorough testing as there were different situations that came up for us that we didn't account for. I think that a POC would really be worth the investment because you can find out what the structure can do and what it can't. That's really important.