Trend Micro Deep Security Reviews

Deep Security is a really innovative security solution in the world of software-defined data centers and in the NSX space. It makes controls available to consultants and security architects in the new, software-defined datacenter and traversing up into the cloud. It's optimized to support security for virtual desktop infrastructures.

It's not a well-recognized solution and there's not much buzz around it in the marketplace. When I speak with an auditor about what Trend Micro is doing to cover my compliance footprint, it's not well-understood. That's where the challenge lies.

There were some initial challenges with it, those in my experience have all been worked out, and it's a very stable solution now. We're working on taking it out, we do a lot of consulting in an NSX space, with software-defined networking, and we're taking Trend Micro out to all of our customers.

It works in relatively small scenarios, and up to the biggest scenario that I can imagine.

Never had an issue with Trend Micro support. It's fantastic.

It's in a complex technological space, typically proposed into NSX or cross-hybrid cloud scenario. There are a lot of moving parts and it's a challenging space to implement technologies and controls, but I think Trend Micro does it well.

The important thing that I would encourage people to look at with Deep Security is how it plays with Endpoint, how it plays with your particular software-defined data center or hybrid cloud, and make sure that you understand where the capabilities are available to you. Because for most people it's surprising that Trend Micro can do all the things that it can.

The comprehensive agility is the most valuable feature. It's very agile and flexible, and performs multiple tasks simultaneously very effectively. We're able to do firewalls, IPS, and log inspections with it.

It's very difficult for an enterprise, especially one of our size, to patch effectively at all times. The IPS helped us with this. Oftentimes, there's a delay between discovery of malicious threats and production of patches. The IPS allows us to virtually protect against those threats before true patches can be applied to our inputs.

Deep Security is a fantastic product but there are certain little details that could be tweaked or improved to make it a ten.

VMware and Trend Micro are pursuing a strategy to develop a light version of NSX that will allow us to run it agentlessly.

They also need to offer support for Apple machines. Almost every vendor I've seen, they're all junk. For Trend Micro to take a step either with their office-end product or with Deep Security to actually protect Macs, that would be a huge game-changer for iOS.

We've been using it for three years.

We've had no issues with deployment.

Overall, I'd say the product is very stable, both agentless and agent-based. Agentless is less stable due to the nature of how many moving parts have to be working and in place for the whole system to work effectively. However, moving forward with the relationship with VMware, agentless protection is not going to be possible without VMware NSX setup with the environment.

Our organization has 1,500 servers and 18,000 endpoints -- and it's growing.

Trend Micro has excellent technical support.

Starting off with agentless, it was complex. With agentless, you have a lot of moving parts and they all have to be in-sync and working together for the whole system to work. It adds a level of complexity with vShield, the DSVA's, and all the different moving parts.

Come up with a solid working plan before you even think about actually implementing anything. The foundation is all in the preparation, the education and the project management.

No product is perfect. Deep Security is a fantastic product but there are certain little details, I think, that could be tweaked or improved. Do your homework, engage Trend Micro, get trained, get all the knowledge you can and come up with a solid working plan before you even think about actually implementing anything.

The most valuable feature for us is that it's agentless, meaning we can implement it without having to protect every guest at a guest-by-guest level. That's huge for us.

Everything on our ESXi host is protected and we don't have to worry about pushing an anti-virus to individual guests. All we have to do is activate Deep Security in the console and we're set.

There's a little room for improvement as far as being more concise with the error messages. It's a small thing, and maybe that's coming in a newer version. Better notifications would be nice, such as error messages that a particular ESXi host is not protected properly.

If there's a problem, you have to drill down manually. You have to click and click and click to see what the message is. It would be nice to have a more transparent meaning instead of having to click so much to get to different levels.

I've used it for six months.

We did have one issue where the signature files we received were not valid files. It caused the host to continuously try to scan, causing a performance issue. We had it resolved within a couple of hours by powering up our Deep Security appliances until we got the proper update. Then we were able to move on.

Mike Horton is our account rep. He and technical support work as a team. We all work well together.

Technical support is where Trend Micro really shines. They're not a big group, which is great because you feel like you're not just a customer, but also a partner in the product. You really feel like they're interested in making sure you know how to work the product to its full potential.

Be involved with the installation so that you really get a feel for what the product's doing. If they provide any support or any training, definitely attend that. It is an intuitive product but there's a lot of moving parts. You're doing virus scanning so you definitely want to make sure you understand what you're doing because if you do have an issue, it’s very important piece of your infrastructure to make sure you're protecting your server.

There are several features I find valuable, including the fact that it's agentless, each module can be installed on its own, it provides a single pane of glass for managing it, its integration with VMWare (NSX), and items are auto-added as soon as they're discovered. Ease of use is a big plus because of the foregoing items.

We were having some AV issues around 2010 and the incumbent product had gotten big and clunky and was interfering with several desktops performance. When the solution let 3 viruses in over a few weeks I deemed it no longer suitable and we chose Trend Micro Deep Security as the replacement.

Right from the start it was easy: the installation routine very kindly sought out and removed the previous solution, greatly reducing deployment time (we implemented OfficeScan first) and DS uses auto discovery. Updates are automatic and run smoothly in off hours (except for pattern updates of course).

The Trend Micro solution was stable after a few tweaks and was instrumental in stopping an incursion of ransom ware that could have brought the company to its knees. Instead we had only a few file directories encrypted and we were able to restore those in about a day. We spend way less time on AV issues since implementing Trend Micro Deep Security.

There are several areas for improvement:

• The ability to manage agent-based AV (i.e. integrate Officescan into Deep Security) for desktops and laptops;
• Streamline the install (specifically configuring of external product requirements i.e. the VMware side); and
• Better integration with Control Manager (had a few issues with it not recognizing the DS server).

I've used it for over five years.

Deployment went surprisingly smoothly. Mind you we had a Trend Micro tech (Trevor) do the initial config.

We've had no issues with stability.

We've had no issues with scalability, but we're not a big shop (under 200 VM’s).

Trend Micro's service has always been one of its strong points. I don’t particularly like the online case management tool, but response has always been good. Local support is stellar (Vancouver, Canada area) – both reps and support techs.

Technical support is excellent. A Trend Micro tech was always available to me locally and this helped reduce the time-to-resolution of the few issues that came up.

Yes, we used Symantec. We found it was getting a larger footprint in memory and was starting to cause performance issues. When it failed to stop viruses 3 times in 3 weeks, I had enough. On all counts, Trend Micro is a superior product with superior people, and I have never regretted the switch.

It was a fairly standard install as we were not a large data centre. Trevor (then Martin) – both local Trend Micro techs - took about a day to get it all settled down. Over the next month, I made several support calls but mostly because I did not yet have the experience with it. After a month or so, I no longer needed the support.

The install was done by a Trend Micro tech (Trevor) and later supported by Martin Sima. Both are excellent fellows.

I'm not exactly sure what our ROI is as we did not quantify it. But I can say that supporting our users got a whole lot easier and we had a significant reduction in time spent on AV issues at the desktop. Management was easier (auto add new VM’s, etc.) and Control Manager provided reports for my bosses.

Trend Micro now does certificates and this made getting certs easy and fast. Pricing was competitive, although I have not looked at pricing recently. Licensing was also easy as each additional module could be licensed separately.

I was pretty aware of the market in 2010. I knew Symantec was not doing the job anymore and I had used Trend Micro in a previous life and knew the OfficeScan product. I also considered Sophos as they have a large local presence. I do not ever want McAfee again (bad experience back in the ‘90s). And I didn’t trust the Russian product.

Make friends with your local rep and support tech – they can help you over the gotchas and issues that invariably arise with a new implementation. There is lots of online training also from Trend Micro. And classroom courses are available; I took the Deep Security course in Ottawa the first year we had it.

The most valuable feature for us is moving the AV scanning engine to the hypervisor and removing it from the virtual machine. We also use the compliance reporting (reporting in general) feature.

It's given us a significant reduction of CPU/memory footprint required to run traditional AV products inside a virtual machine (VDI).

I'm not sure how this product could improve, although we did have some compatibility issues between it and versions of vSphere.

We've used it for 13 months.

During deployment, we had the issue of compatibility between vSphere and Deep Security.

The stability issue we had was with regard to vSphere.

We had no issues with scalability.

Customer service was initially very poor, but once we reclassified our account from mid-size to enterprise, the support was very good.

Technical support is above average.

We previously used Symantec SAV, but it was too heavy for VDI.

Our initial setup was somewhat complex and required a significant interaction with Trend Micro support. This is a very new concept of taking the AV engine outside the VM and it took us some time to feel comfortable with the whole idea. It also required some deep understanding of how Trend Micro Deep Security “embeds” into a VMware environment, and that was not a easy task to master.

We did the initial setup with our in-house team with significant help from Trend Micro technical support. I'd rate them very poorly because they completely missed the compatibility with vSphere issue. It took us a lot of time to fix the entire mess.

Our ROI is still unclear, but I'll have more details once the entire enterprise is moved to Trend Micro Deep Security.

Get a good reseller (our original VAR, MicroAge, had a difficult time clarifying some of the licensing vs. maintenance costs).

ESET and Symantec

Make sure your VMware SME is plugged in from the very beginning, do a limited low-level impact POC, and plug into the Trend Micro user community.

The most valuable feature for us is mainly the fact that we can control what the PC or server is doing protection-wise, even remotely. We use this protection feature all the time.

The main benefit it provides us is that it will show what the issues might be and it's scalable. It allows us to know that if we have an issue somewhere on one device or endpoint, we can correct it or get down to a level where we can find out what the problem is. For example, we can apply exclusions to set policies for a certain type of group that can scale for a lot of environments, whether it's Linux or Windows servers or Windows 10 endpoints.

I'd like to see some sort of database out-of-the-box. Deep Security uses its own database, with which we have some issues, but we just go right to SQL or another database. Right now, the standard database as to be converted to SQL or Oracle, but that's something that should be out-of-the-box standard.

We've used it for four years.

We've had no issues with deployment, other than the database issue.

We had one failure, but it came back up within twenty minutes, so we've really had no downtime.

Yes, it's been scalable. In the coming year, we're going to be testing many more policies and deploying it out in our system.

The setup was a little complex on the security side. But the endpoints -- desktops, laptops, were pretty easy. The server environments were a little more complicated and in-depth.

We implemented with a vendor team.

We very much have an ROI, and although I don't have numbers, I can see that we've been able to catch problems before they happen.

Make sure you perform thorough testing as there were different situations that came up for us that we didn't account for. I think that a POC would really be worth the investment because you can find out what the structure can do and what it can't. That's really important.

Of course, the anti-virus module, the firewall module, and integrity monitoring are the big ones for us. They're the most valuable features that we use daily.

It’s protected our network from viruses, and it’s done a really good job with that. It’s allowed us to set up business rules and notifications on changes to our operating systems and our firewall rules, which is a big piece of our business right now. It’s working really well.

I would like to see a little bit of better means of agent distribution. The ability to deploy agents maybe from the solution itself that would be a good one.

I’d like to see more of a database involved with integrity monitoring, a database that would be developed to identify some of the more well-known processes and files, trends, etc. Anything that would help me do less research would be an improvement.

I've used it for one year.

There were no issues with the deployment.

I would say it’s probably 8 or 9/10. The server operating systems are probably a 9/10, the agent installations on our work stations and servers are an 8 or 9/10, and finally on our laptop computers/remote users the number goes down a little to a 7/10 for stability.

Scaling it has been fine as we haven’t done a whole lot but it seems to handle everything we need it to do. If we doubled in size tomorrow, I’d say it could handle it because the product has the availability to have more than one server with the cost remaining the same. I’d say scalability is very good.

I’d say they are very good, very knowledgeable, and very proactive. It's all good.

I would say it was pretty straightforward. We have a complex network, so if it was complex, it was because of us.

We had an engineer come out and spend a week with us to help everything run smoothly.

I wasn't involved with the process, but I know we looked at a number of other solutions. I know, however, the reasons they went with this solution is because of its compatibility with VMware, which was one of the big factors. Also, the cost was a deciding factor.

I would say that before Trend Micro comes out to install the product, you need to come up with a plan with the product. That could be anti-virus and a good plan of how you want anti-virus to work on your work stations, computers, and servers. I shouldn't just say anti-virus, but also firewall protection, integrity, what exclusions do you want. You want a good plan for each system and that will make the installation much faster. If you have to go back when the person is with you and try to figure it out as you go along, it will slow you down. Get a good plan.

We use Trend Micro Deep Security to protect our network, endpoint, email, servers, etc.

The product has robust security features. They release timely updates and have efficient prediction features for threat detection.

It is a stable platform.

We have 5000 Trend Micro Deep Security users. It is a scalable platform.

The technical support services are good.

The initial setup process is straightforward. It requires two to three executives for implementation and takes five minutes to complete.

The end users can implement the product themselves.

We purchased Trend Micro Deep Security's yearly license. It is expensive but reasonable compared to other products by Trend Micro.

I recommend Trend Micro Deep Security to others and rate it a nine out of ten.