We are using two products. One is Trend Mirco Deep Security, and the other is Apex One. We use Apex One for endpoint protection and Deep Security for server protection.
It scans for intrusion prevention and the forensics of any threats.
Download the Trend Micro Deep Security Buyer's Guide including reviews and more. Updated: June 2022
Trend Micro Deep Security is a powerful server security solution for physical, virtual, and cloud servers. It protects data centers and cloud operations from breaches and business disruptions without making use of emergency patching. This centrally managed platform ensures regulatory compliance and speeds up the return on investment (ROI) for virtualization and cloud initiatives.
Trend Micro Deep Security is offered as software or as a service. The solution includes integrated modules such as anti-malware, web reputation, firewall, intrusion prevention, integrity monitoring, and log inspection. Trend Micro Deep Security is a single, multifunction agent that can be deployed across all settings and streamlines security operations by providing a single management dashboard for all capabilities.
Trend Micro Deep Security works with cloud systems including Amazon Web Services (AWS), Microsoft Azure, and VMware vCloud Air to extend data center security standards to cloud-based applications.
Trend Micro Deep Security Features
Trend Micro Deep Security has many valuable key features. Some of the most useful ones include:
Reviews from Real Users
Trend Micro Deep Security stands out among its competitors for a number of reasons. Two major ones are its robust data and loss prevention feature and its patch management, which saves users money. PeerSpot users take note of the advantages of these features in their reviews:
One PeerSpot reviewer, a Senior Security Advisor at a healthcare company, writes, “DLP, Data Loss Prevention, and the complexity of how we manage the console and how this client, or this tool, will notify us when there is something going wrong within the server and endpoint, is good.”
Nadeem S., CEO at Haniya Technologies, notes of the solution, “Patch management is most valuable. The major selling point of Deep Security is that it is based on the cloud. Deep Security is for the servers and databases of data centers, and generally, for patch management, you have to shut down the machines, and then you have to restart them. So, they need shutdown time, which is a cost.”
Trend Micro Deep Security was previously known as Deep Security.
Rush University Medical Center, Guess? Inc., Mazda Motor Logistics Europe, MEDHOST, KSC Commercial Internet Co., Ricoh Company Ltd., Square Enix, SoftBank Telecom, Telecom Italia, United Way of Greater Atlanta, A&W Food Services of Canada
We are using two products. One is Trend Mirco Deep Security, and the other is Apex One. We use Apex One for endpoint protection and Deep Security for server protection.
It scans for intrusion prevention and the forensics of any threats.
On the product side, they have done multiple upgrades. When we started with Trend Micro they offered us the OfficeScan agent. It is a malware product. After that, it upgraded to Worry-Free. Then we moved to Apex One. So Trend Micro offered all the upgrades. Since we are in the manufacturing industry our focus is mainly on production and we don't consider IT much. In this regard, we are not upgrading our hardware much. We are using the same hardware for five, six, seven years.
However, Trend Micro does not support less than Windows 7. So that is a drawback for us. Otherwise, the functioning of the product is very good.
In terms of valuable features, I would say its intrusion prevention. Each and every IP connecting to the server gets scanned so we know everyone who is accessing our server and we can block whichever IPs do not belong to us at the firewall.
Another valuable feature is its lightweight nature. It is only 25 MB deployed in the server, yet it works smoothly, and everything is automated, including the updates and scans. We have scheduled scans that give us a weekly report.
As for what could be improved, I think it should come with an XDR facility without any extra cost. They're always releasing new features, but we need to pay extra for them. Our management is a little conservative about paying for new features. So if they're upgrading something or coming out with a new technology, they should provide it to the existing users. Recently, I attended a webinar that XDR gave about their new threat finding features and we have not received them yet. They are not giving it to existing customers. They are only offering it for purchase. It is for threat forensic reports.
I'm not asking for free, since we are already paying. Whenever they come out with a new thing, they should integrate it with the existing product. That is my opinion.
Additionally, we need a complete web reputation. We need to be able to do forensics for any incoming threat, to find details of the source of the threat, and to catch the '"enemy."
We have been using Trend Micro Deep Security for the last two years.
In terms of stability, it is very good at finding malware, threats, etc... There is no virus problem, no external threats, no data leak. It is good for now.
We have not experienced any bugs, or glitches, or crashes.
Before we started using Trend Micro were using McAfee. We switched because we got a ransomware attack back in 2016. It wasn't safe enough. It was one of the first attacks in India and our management said that McAfee was not ready for it. They had not upgraded their signature and it had multiple systems attacked. After that, management decided to switch to another product and that's when we started using Trend Micro. For the last four or five years we have not had any problems.
The initial setup and deployment are not complex. The infrastructure is very good to operate.
The deployment of the agent is very lightweight. It takes about 10 minutes to complete.
We deployed under the consultation of Trend Micro. But I can also manage it. When we run into any actual problem only then do we contact Trend Micro. Otherwise, it is running smoothly.
As a user, I am not finding any drawbacks or problems in this security product. But I do see in some forums comments about issues other customers are facing. I know there are multiple products in the market that are maybe better than Trend Micro. That is why I came to your site and researched other solutions. I have found that Palo Alto is better than Trend Micro. But we have not tested it yet, so I requested from Palo Alto Networks to show us some other products. They are coming next week to show us. If we find that they are better than Trend Micro we will switch. But overall, Trend Micro is working very well.
We had also evaluated Symantec in the past.
I am satisfied with the product. As I mentioned, sometimes we feel some other features should be included. For example, the complete system control and web reputation. Regarding web reputation, I am a little limited because although we are blocking some sites, they are able to access those sites from out of our network. In other words, the restriction should be permanent whether it is done on-premises or on the internet. That is a drawback.
I can recommend it because it is good product. I have experience with other products as well and they have failed in the security field. That why I'm working with Trend Micro now.
The user interface in Trend Micro is very helpful. They have some study videos and some process videos included in the portal itself. So when we are in any system or get a warning or any critical error we can resolve it on the spot because we have the solution attached to the data error. That is something good thing they have done in the portal. With the instructions they have given we can see what we need to do so we can get it resolved by our self. We can learn the things on our own with no need to go to support.
On a scale of one to ten I would rate Trend Micro Deep Security an eight.
We recommend the use of this solution to our clients, both with virtual and traditional servers.
This has helped our customers keep up to date with security patches. Many customers do not patch their software after a new purchase has been released because there are a lot of other technologies and considerations to be carried out. It takes time to go through all of these, and some customers have not been patched for many years. Especially for those customers, this solution will protect them against those vulnerabilities.
The most valuable feature is the virtual patching. This offers protection of the application before it can be patched by the actual vendor.
Some areas for improvement are:
This is a stable and well-known solution in the market. It is especially well-known for use in virtualized server networks.
We have not faced scalability issues whatsoever. This solution is commonly used for servers, and not in workstations. We only recommend it for the customer's servers.
There are different service levels available for technical support.
When a problem occurs then we collect the logs and submit them. There is some time lost here because we do not always immediately deal with somebody who has sufficient expertise with the solution. This is something that we would like to see change.
Generally, reaching technical support is fine, but in terms of having problems resolved, it varies. Sometimes it can take three days, while other problems can take three months.
The complexity of the initial setup depends on the customer's environment. There are different methods of deployment. If it is an agentless deployment then there are prerequisites for that. The agent-based version is a bit easier to set up than the agentless version.
They have to go through setting up policies, which will take time to implement and fine tune. They have to make sure that the solution is communicating with the management server, and that there are no conflicts with other applications that are running. If there is anything that is broken or should not be running, then that is fixed. Once the initial application is perfectly up and running without any issues, and the policies have been fine-tuned, there should not be an issue.
Depending on the customer's environment, the deployment time varies. We have deployed some solutions in one day, while others have taken months to complete the fine-tuning.
Generally, for any implementation, we will not use more than two staff. For cases with more than one hundred machines, this can be a challenge during deployment.
We do the complete deployment and implementation of this solution for our clients.
We resell a variety of products, some of which are similar to the Trend Micro solution, but our recommendation depends on our customer's requirements. Some customers will demand a particular vendor, such as Trend Micro, while others will specify that they do not want to use solutions by a specific vendor. In these cases, we work on alternative solutions for our clients.
Some of the other options our clients consider are solutions by McAfee, Kaspersky, and Symantec.
It is important to implement this kind of solution because many people do not have security on their servers. This includes the vulnerability patching that should be done.
This solution has improved over time. They have been introducing third-party plug-ins and integration, and there is a cloud version available as well.
I would rate this solution a seven out of ten.
The HIPS feature, as well as the monitoring around the file integrity, are very valuable aspects of the solution.
The vulnerability scanning reduces false positives by quite a bit.
The client can show as offline sometimes, and that becomes a bit difficult for troubleshooting. We end up basically redeploying the client. This is something that could be improved in the future.
It would be helpful if they added more machine learning into the solution in the future.
The solution is largely stable, except for the fact that when the client communication breaks, you end up troubleshooting and you sometimes have to redeploy to get the client to establish the connection again.
The solution is good from a scalability perspective. It doesn't take much effort.
Technical support is okay. I would rate them 7.5 out of ten. My experience with Trend Micro has been that if there are issues with respect to databases, it takes time for them to resolve the problem.
The initial setup is straightforward. From a deployment perspective, I would say all vendors are quite similar.
We largely work with enterprise-level organizations.
I advise others to make sure that any recommendations in terms of system requirements that have been given to them are followed properly.
I would rate the solution 8.5 out of ten.
Our primary use case for this solution is to prevent DDoS and other types of attacks from internal or external sources.
This solution protects us against different types of attacks, including email phishing, and it includes spam filtering. There have been some spam cases that we found recently and Trend Micro had already detected them. It caught EXE files in email and we put policies in place to block Excel attacks.
There are daily updates and we can even protect the internal workstations from viruses.
The most valuable features are web security, email filtering, and content filtering. The user interface is very friendly, and it is easy to control things from the policy.
The support for email protection can be improved.
I have been using different Trend Micro products in 2009 or 2010. For me, this is the best on the market.
This product scales very easily. We have more than one hundred and thirty licenses and more than five thousand users.
The people who use this solution are experts in networking and cybersecurity. All of them are CCIE certified.
We will be increasing our usage by adding another site. Right now we are using an MDRC (Mobile Disaster Recovery Center), but within two or three months, we will have a PDC (Primary Data Center).
When we call technical support they respond immediately. They are local and we have met them three or four times in the last couple of months. After they visited our office, we had a discussion with them.
We get very good support from them, and we appreciate it.
We have been using Trend Micro products and we were happy with them so we went with this solution.
The initial setup for this solution is straightforward.
For the deployment, we are using three cybersecurity engineers and three network security engineers.
We implemented this solution using a local provider in Qatar. The support was amazing. Every day, we received updates from our representative.
I cannot predict the ROI at the moment because we are still planning to implement other areas, such as the PDC.
It is approximately three million Qatari Riyal ($820,000 USD) for our licensing fees. The cost is approximately six thousand Qatari Riyal ($1,650 USD) per user.
We did evaluate other options, including Kaspersky. I know that it does not have the capability that we need. We did use it for endpoints, but we were not happy with it at the time.
We would recommend this solution to others. This is based on our security implementation. We are strongly protected through Trend Micro.
I would rate this solution a nine out of ten.
We use it for virtual environment protection.
It has improved functions by bringing us complete security on our clients' virtual environment.
It needs better global visibility of the virtual environment.
I would like more security tools which could fit into a DevOps environment.
We use it just for DevOps workloads.
We have used it to deploy a client's DevOps environment.
It has a perfect SaaS which integrates with AWS, offering flexibility to deploy quickly and easily in the cloud.
Purchasing this solution through the AWS Marketplace was secure and quick. We did it as a renewal license for one of our customers. AWS has good prices for a good product.
While it is a good security product, they have to develop better tools to manage it.
I have not tried to integrate it with other products.
Our primary use case is to provide endpoint security for our AWS EC2 instances, covering features, such as host-based firewall, IDS/IPS, anti-malware, and application control.
Deep Security has given us strong protection and configuration of our endpoint security and enables us to bridge the gap between patching windows using the Virtual Patching feature. This allows us to make sure full patching is tested properly in our testing environments before roll out. This especially helps when, like this month, a patch is released which can’t be used, due to stability/performance issues.
I am also currently looking into the newer integrations with our various other security tools.
The training needs improvement. It is expensive (classroom training), and it is often hard to find answers by yourself using the documentation.
I would like them to add EDR features, moving away from traditional signature-based anti-malware.
The product seems very stable. We have only ever had one incident which caused us concern, and Trend Micro identified a way to mitigate it for future occurrences. They also ensured the issue was patched.
It seems to work at the scale that we are currently using it at: Approximately 65 EC2 instances.
Customer service team are fantastic and help provide timely resolution to issues and questions
Configuration in our AWS environment is straightforward and policy-based with inheritance, e.g., making it easy to align with Active Directory. Event-based triggers can automate the correct policy implementation.
It is simple and cost-effective to purchase through the AWS Marketplace, which provides an easy understanding of the scale of the costs. Our organization purchased it through the AWS Marketplace because it is easier to track when added to our AWS bill and convenient purchasing model.
The AWS licensing model is scalable and easy to use, but could do with tiered discounts. I am not sure how well this model will scale when we start to use Auto Scaling with AWS resources.
It provides a comprehensive feature set and a strong security baseline for us with integrations into other security tools.
It integrates with AlienVault USM Anywhere and AWS GuardDuty in our environment.
There are compliance issues of legacy applications and after applying OS security patches. The product's HIPS (Host Intrusion Prevention System) modules do the job for you automatically, without any downtime.
Reports. The default reports provided don't provide much insight.
No stability issues.
No scalability issues.
I would rate tech support in the range of six to eight out of 10. Time to provide solution could be improved.
There is no competition for this product, as no other product provides HIPS, host-firewall, and anti-malware together.
Very straightforward and very easy to implement.
Deep Security SaaS provides security for cloud-hosted servers for only INR 1 RS/hour/server.
I would rate this product at nine out of 10. There is always a chance that it can be improved.
Go for it without any hesitation.
It's made the security guy's life a lot easier. A lot of what it does is automated and it's simple. You put it into place and the security guy just uses it instead of trying to administer it.
The most valuable feature is the direct link to AWS to tell me if a new instance created is unprotected. That's just so valuable to me. When running reports, you see can whether or not your environment is covered.
It also has a full breadth of services that include not just antivirus, but also IDS/IPS and file integrity and vulnerability management. It's really meant for the cloud and is proactive on AWS.
I'd like to have the ability to manage heterogenous clouds so that, for example, AWS and Microsoft are protected with the same security patterns. It already does that, but I think they may have rolled it back recently.
Also, it has great IDS/IPS built in, but I'd like a way to visualize the traffic. This way, there's more of an artistic view of security and the ability to ask question about the data. That would be really beneficial.
We don't have any issues with stability. I will get alerts at times for problems that have already been addressed, but I wouldn't call that instability.
I haven't hit any thresholds that tell me that it's not scalable. We just add servers and agents and keep going. As far as I'm concerned, it'll scale for anything.
We had a little bit of trouble when we first implemented the tool. We couldn't configure something, but it was our own problem as we weren't reading the documentation. We ended up calling implementation support, and they were excellent. They were patient and walked us through the process. They didn't charge us a dime. Since then, we haven't had to use support other than providing our feedback to the product teams.
The initial setup was pretty straightforward. We were novices to the cloud anyways, so we were struggling with some of the ideas. But I think that if you're acclimated with AWS, it's pretty straightforward. We were struggling to learn cloud concepts and we couldn't understand how to ping horizontal scaling versus vertical scaling.
Think about it. It's for the cloud and not meant to be retro-fitted. You're not managing a core server and it's got elastic scalability up and down from a cost perspective. You just pay per agent. If you don't need a server anymore, you don't pay.
When you implement and install, really learn how to set up the dashboard. You have to have a good intimate knowledge of your environment. Take the time to learn the product; don't just plug it in because it's not meant for that.
It's used as a part of our managed solutions. Security is key for them because we have seen a lot of ransomware in the past. We do very well on security side, whether it is application network or a host-based security. This is one of the offerings that we offer to our customer by default.
As it is a core part of our managed services, it integrates with other products which revolve around patch management. We have our own IP which takes care of the actual patch management that we leverage. We also have a lot of monitoring platforms with a single, integrate dashboard taking the data from the APIs.
Previously, a lot of attacks happened.
Sometimes, you have your files which you don't want anybody to change. With this product, you can monitor that very easily. Therefore, whenever someone tries to play with that file, you receive an alert.
For day-to-day efficiency, it provides a good dashboard, so our team can be active 24/7 instead of doing a lot of manual stuff. We just look at the dashboard, and it's all done.
Every module is important because it serves a different purpose.
Because a lot of vulnerabilities are coming out, we work with a lot of large enterprises using virtual patching. It is very difficult to patch, because you have to take approvals, and go through the cycle, as there is a proper process in place. However, if you have virtual patching, it makes it easier, and you are protected as soon as the patch is released.
It needs to improve its integration with a lot of other products. This should be in the road map because we have a lot of SaaS-based appliances which are not connected with each other. Thus, I'm looking forward to more integrations coming together as a part of the product.
Going forward, I would like to have more APIs and integration with more application monitoring intelligence platforms.
Stability-wise, it is one of the best in the market. However, since a lot of innovation is happening, it comes with a lot of risk as well. Certain times, we have seen where a customer is being attacked irrespective of if the product was there. The reason is that patch is not available. While I know the team who works on it does a lot proactively, sometimes things get missed out.
We have customers in five to six different regions, ranging from Japan, Korea, Singapore, India, and the U.S. We use it for a lot of our customers (about 90 percent). Their size ranges from 500 servers to thousands of servers. We work with a lot of enterprises, including Telco, retail, government sector, and media.
We are very well-connected with our technical support. Most of our team is quite trained on the product. 95 percent of the time, our team doesn't need the technical support team's help.
The integration and configuration in our AWS is user-friendly. When you work with enterprise, you have a multi-cloud strategy. We can deploy it in AWS and use it in other clouds as well. So, it is pretty robust.
In the case of ransomware, every time it happens, for every machine that you have, you have to pay something like $400 USD or more. With Trend Micro, you are paying a couple of dollars every month to save the environment, and you don't have to go into that part where you pay a hacker to get back your data. Therefore, it's a good ROI, though it's an investment.
We are an original partner with AWS, so a couple of customers chose to directly take it from AWS Marketplace. A couple of customers will want us to take care of the billing. So, it's a mixed type of reaction that we receive from the customer. Eventually, for us, it matters that customers are secure.
The customers can deploy in their environment and the licensing model goes through our reseller.
The price is reasonably good as compared to other products into the market.
There are products, like Symantec, but Deep Security from Trend Micro is quite helpful for us. It is being absorbed by a lot of customers, whether they belong to an enterprise or the public sector. It is highly adopted.
We went with Trend Micro because it was more cloud native, the architecture was more on the high availability side of it, and it had the the implementation that we wanted.
Do your evaluation well. After the core evaluation, choose what fits best for your customer.
I used to previously work with on-premise solutions and private cloud. Now, I work with AWS.
We use Trend Micro Deep Security as a Service on AWS through Marketplace and Trend Micro Deep Security on-prem to meet our virtualization security & compliance requirements.
Besides increasing more visibility into data insight, I strongly believe we have not only reduced potential risks while gaining significant performance but also our investment costs was rightly justified.
The file integrity and log inspection are game-changing features for us. Provides deep data insights while meeting compliance requirements.
I'm currently evaluating TippingPoint. Trend Micro is still working on building tight integration with TippingPoint being a recent acquisition from a few years ago. So, a Tipping Point integration with Deep Security, having one single pane of glass dashboard, would provide us a simple use case.
well, we have had no hiccups. It's an awesome product.
It's as scaled as it can get.
The technical support is very helpful and geographically dispersed.
We have saved a 50% ROI for the on-premise product. It gave us significant improvement overall in productivity, costs, and efficiency.
With AWS, we get single, consolidated billing. This is the beauty of it; its ease of use.
Purchasing on AWS Marketplace is like shopping on Amazon Prime.
We do pay-as-you-go pricing, which is good for us. We are working with Trend Micro to see if we can have something similar for on-premise.
After our move to virtualization was complete and its security woes were becoming evident, we began our search for a new security solution that could protect both its physical and virtual environments. After a three-month proof of concept with solutions from Gartner and Forrester’s top five security vendors, we selected Trend Micro Deep Security. “We wanted a solution that provided seamless integration with VMware vCenter management software and true agentless deployment. Deep Security for VMware was the only solution that really worked.
We started with it on-premise, and now we also have it on the cloud to protect our cloud workloads. The cloud has all the features and functionality turned on by default, which makes it very easy and simple to use. This hosted solution means there's no set up or configuration and they handle all the product and kernel updates for us.
We are primarily using the product for IDS, IPS, and deep security.
It provides the type of data and availability that we need to have. We don't have to worry about intrusions.
Trend Micro is not government certified or federal complaint. If they could become compliant/certified, this would make it easier for us to use it for our government projects.
I would give the product's stability a high rating. We trust the Trend Micro brand.
We are not that big in size, so we haven't had any scalability issues.
We are experiencing major technical support issues right now, and the technical support has been reasonable about fixing them.
The integration and configuration of Trend Micro in our AWS environment was easy. We haven't had any issues with this at all.
We did not purchase it through the AWS Marketplace because we have used Trend Micro in the past. We have not compared the pricing and licensing of buying it on the AWS Marketplace.
We also considered Pure Storage. In the end, we decided to only pursue Trend Micro because it is easier for us to install and use. The decision to use Trend Micro was based on cost, brand name, and ease of use.
I would recommend Trend Micro. We are happy with them. In the current world, you have to earn the business because it is like a subscription, and they keep us happy.
We don't have Trend Micro integrated with any other product except for our internal cloud solution. We just use the AWS version of the product.
It is for managing application whitelisting, and intrusion detection and prevention for the CLOUD Act.
The initial setup needs improvement. Once it is set up, the configuration is relatively simple. However, the initial setup was a bit of a challenge.
We haven't had any issues with stability. It has been rock solid for us.
In the past year, it is still a fairly lightweight environment, so there has not been a lot of stress.
Size of our particular environment is about 200 systems. The scalability has worked very well for us.
We used the technical support for setting up profiles. Working with them was pretty good, they are extremely responsive and helpful.
The integration and configuration of this product in our AWS environment was good. We haven't had any problems at all.
We haven't really seen ROI so far. Since it is a light traffic environment right now, the product hasn't had that many incidents to deal with yet.
Our company chose to procure this product via AWS Marketplace due to regulatory requirements. We mostly use it in the AWS GovCloud.
I was not at the company when they evaluated the other products. I do know that they evaluated Symantec.
Trend Micro was selected because it has better whitelisting of applications, its intrusion detection was far superior, and it has configurability.
The best approach is to start off with a node where it is sort of monitoring and looking at stuff, then work your way into the actual prevention and blocking. Because it can turn off a bunch of services without too much effort which can be good, but it can also shut things down.
We haven't really gone into the integration aspect yet.
The primary use case is its antivirus and anti-malware capabilities.
We mostly integrate it with the EC2 instances.
Their support is good. They are responsive, which is nice.
I know that they are working on it, but their automation needs improvement.
I would also like to see more containerization stuff, specifically Docker.
It has been stable so far. We don't put a lot stress on it.
It scales very well. We have around 2,000 instances running.
Their technical support is great.
The integration and configuration of Trend Micro in our AWS environment seemed pretty seamless.
Take it for a spin. Ask their support for a demo. The product is really solid.
We previously used the on-premise version. Now, we are using it on a SaaS environment (AWS).
There is a degree of set it and forget it in regards to the actual endpoints and what you can do with the console, which is nice.
If I had more reporting, the product would be an A plus. Reporting is the one thing that we are sort of missing, especially with more log information.
I trust this product more than Symantec. Since we have installed the program, we have had no intrusions at all.
They're tech support is on top of things. The few times when we had questions, they have gotten back to me quite rapidly.
We have quite a bit of old servers that we are trying to migrate off of, and we had Symantec on them. Because of Symantec's logs, we were on the constant battle of always having to clean up the space, where when we put on Trend Micro on it, we didn't have to worry about that anymore. It has been easy to use. I can control it from the computer on my desk and not have to worry about it. I can push definitions, which has been easy to use as opposed to having to be on the actual user's computer.
The integration and configuration of this product in our AWS environment was very easy.
Purchasing on the AWS Marketplace was easy. We decided to purchase this solution on the AWS Marketplace since we were already there.
The pricing is fair.
There were three runners up when evaluating this product: Sophos, Symantec, and Trend Micro.
We chose Trend Micro for the following reasons:
It integrates well with other products, e.g., we use it on user endpoints, servers, physical servers, VMware, and AWS. We use it on a lot of platforms.
Right now, we are using a cloud-based version, which I believe is the AWS version. We have the risk-free version which gives us a web format for us to push out programs to computer servers.
It's for security: IDS, IPS, intrusion detection, and securing our perimeter in general. E.g., OWASP rules.
Trend Micro gave our security teams a certain degree of comfort by just having it in the background, as they have familiarity with the product.
IDS and IPS are its most valuable features.
AWS products could become more compatible with intrusion detection products leveraging help from Trend Micro.
We have had no stability issues.
Scalability hasn't been an issue.
We have different workloads, so it depends on if we're talking about development, QA, or the testing environment. They are all separate accounts. We have a central account to try to manage all of them. A lot of these type products, like Trend Micro, fit into these shared environments.
Right now, we've got a few production workloads, but most of the workloads are still in development.
Automation is a big part of everything that we do. The team setting it up would have had to set up Chef scripts and other things to make sure that we could automatically deploy. This would have been part of the configuration and management into the AWS environment.
We were looking for a tool to help secure our environment. There wasn't anything immediately available as an AWS native service, so we looked for a third-party tool which could do it.
We would like to see more from AWS natively on the intrusion detection side.
Take a good look at all the different options. If there are things which I think teams are familiar with, that always gives a product a bit of a leg up. This is not just from the perspective of the people who support and deploy the product, but even the security teams who may be already familiar with the product and know how effective it is. It gives them a lot more comfort seeing something that they have some background with.
Our company uses the on-premise and AWS versions. I work with the AWS version, and have been happy with it. I am seeing more of the end result of it rather than the infrastructure and security perimeter.
We decided to use AWS because it was something the teams were familiar with. Our teams, who are currently using Trend Micro, were already familiar with the product and wanted to make use of it in the cloud as well. It was just a matter of continuity.
It is integrated with a SIEM, security incident and event management, platform. A lot of the output which comes from Trend Micro, we fed into the SIEM system so the security teams and the monitoring teams have a single pane of glass view into all the security features of our environment.
We use it for security, specifically for old servers still in the company. It is doing its job.
I have heard of a lot of threats coming from Europe, but they have never touched our company.
The reports are very extensive. They give us information about things that we are not expecting, such as number of threats that failed due to compromised servers.
It is connected into an intelligence database and is quick to pick up new threats. It also reduces my workload with its speed and the protection that it provides.
The working interface and the reports for non-technical people could use improvement. They are a bit scary.
It is very stable. We are not putting too much stress on it since we are scaling down.
We have not had any problems with scalability. We have very few servers for it to protect. Instead of scaling out, we are shrinking the number of servers (scaling down).
We hired a third-party to do the AWS integration and configuration. The reseller appointed them, and everything was done for us.
On an AWS defined scope, it will cheaper than buying the on-premise service. We did a trial for the on-premise version, but we decided to go with the AWS version. We are downsizing our server room, and it didn't make sense to put more machines in there, as we already have workloads in Indianapolis.
We already use Trend Micro for their endpoint protection. Therefore, we selected them for their server product because we liked their endpoint protection product. The process took a week to ten days.
I would recommend it. I have been satisfied, as it is a good product.
It is lightweight and provides a multi-platform for the client. It combines host intrusion prevention and provides AV, file monitoring, log collection, etc. in a single agent.
There are a good signature set and a high rate of detection.
It is one of the best client protection available for cloud computing.
I have used this product for three years.
Installation and operations may have issues on some machines owing to their configuration of the network cards as the product is a DPI driver. The typical client-server issues exist as with any other product.
The setup is simple as the agent provides a feature called as the Recommendation Scan. This scans the profiles of the host computer and provides recommendations on the appropriate signature and the policies to apply.
The installation of the agents, subsequent patching of the agents, etc. can be automated, thereby reducing the management overhead.
If you are looking for an all-rounder for endpoint protection, then don't look any further than TM Deep Security.
Working mostly with the virtual security data center (the server security platform) feature has been crucial in day-to-day businesses of the company because we're in data center services.
It's enabled us to protect our enterprise applications and data from breaches and business disruptions without emergency patching.
Not only do these benefits reduce both capital and operational expenditures, but they also provide resource agility that promotes business innovation and growth.
They need to improve their perimeter detection and tenancy.
We haven't had any issues with deployment.
We've had no issues with stability.
We've had no issues with scalability.
The setup is easy, as is the configuration.
With the changing tech world, with competitors not sleeping as time is money, simplified management is very crucial to my business.
Having centralized malware is very practical, but there should be a way to migrate without having to uninstall prior antivirus products.
Centralizing rules is practical and greatly accelerates the administration.
They should improve the interface of the main dashboard. It is difficult to find where templates define policies. Also, if you are not careful, your policy implementation can lead to management problems. It should have warnings before applying policies. They also need to improve its dashboard to help monitor the rules that are incorrect or are duplicated.
We’ve been using it for one-and-a-half years.
The product should have a strategy for installation. Prior to installation, the vendor should advise on a logical design of installation depending on the customer’s needs. In my case, it was not successful and produced serious inconveniences in our virtual infrastructure.
There were some stability issues in the virtual infrastructure due to issues with the deployment.
We have had no issues scaling it for our needs.
The level of technical support is just regular. They failed to advise how to carry out the setup and this caused serious drawbacks with interoperability between virtual machines. The consultant was not certified enough for installation to the point that after the installation, we lost money fixing the issues.
I was the one who installed the solution, as well as charged with maintaining it. Also, I'm the ESL tester who creates policies and installs them.
It is complex to install. As I said, we were not well-guided, we did not get certified support, and we weren't trained according to best practices.
We did not evaluate anything else.
Prior evaluations of possible scenarios have resulted in determining problem areas as well as good practices. Also, it should be clear the level of integration with VMware and its different versions. My advice would be to have the most updated versions of ESXi, vCenter, vShield, etc. It's fundamental to have a network or network segment for the administration and management of all infrastructure.
Virtual Patching (part of Integrity Monitoring module) is the most valuable because it shields vulnerabilities in critical systems until an actual patch is available and deployed reducing the downtime, and protecting unpatchable systems extending the life of legacy systems and applications. Also, the possibility to know which files have been changed in the host machine.
The possibility to extend the security of the datacenter to cloud using API integration to AWS, vCloud, Azure and others in a single management console is also valuable.
In the past, we had to search for a window of time to patch the OS and some applications and it took a long time up a virtual machine and make it available for our needs because its update process was very slow. Now, we don’t have to wait for this process because when we need a VM we can just boot one up and run and patch the VM at an opportune time.
We use it to help a large payment company in Brazil to process millions of credit card transactions a day, and others company with similar challenges.
It needs real-time anti-malware support for Amazon Linux and an option that allows you to classify and mark reports using tags like Top Secret or Confidential which are missing in Deep Security 9.5 but are in v9.6, which was released in January. We're still homologating 9.6 version with this new feature.
An improvement on its Control Manager integration is also needed because it's insufficient for individual and granular management. Control Manager is a console that integrates all Trend Micro products.
I've been using it since it was first released in 2010 and have used it in two different ways. At my own company, it's used to protect about 40 VMs on two hosts using VMware. It's also used for installing and supporting 36 clients over 250 servers and millions of transactions per day.
I'm one of the founders of company and I've been working as a technician from the beginning, my role was design, deployment planning and pre-sales support until the end of the last year with our support team. Now, I'm dedicating my time to executing our vision as CEO.
We have had no issues deploying it, especially when following the guides.
It has been stable in our deployments.
We have no issues scaling it when we need to.
Trend Micro has a Channel Partner ecosystem highly prepared to solve any questions and they work very closely with Trend Micro support services to deliver the best experience to their customers.
We did not have anything in place previously.
The deployment depends on how you set up your VMware environment and what features you’re using. Following the steps described in the Administrator and Deployment guides helps you to avoid any complications.
The implementation team was formed with inside analysts and vendor specialists. It's strongly recommended to use someone with the necessary skills to work with VMware and have someone familiar with infrastructure and security analysis.
Start with a small group of servers and the most important modules for your company. Depending on the way you buy the product, you have the benefit of renewing discounts up to 50% in the next year.
It's a hybrid platform with about five modules that will help you to manage and secure your datacenter and cloud initiative with multi-platform support. To get the same solution, you may have to contract at least four different vendors.
The modules that are included with it will help us displace the local anti-virus that we're currently using today.
There are a couple of areas for improvement. It needs better support for Mac, and there are some challenges in its implementation.
Unfortunately, the relationship with VMware that Trend Micro has, prohibits us from continuing our use of the non agent-based solution as NSX is now required to go forward from version 5.5 to version 6. NSX has now become a necessity to go with agent-based, so we're moving to an agent-based solution on the VDI's and our server-based as well.
We've used it for four years.
There's an ongoing, continuing education process that needs to be in-sync with your Trend Micro staff. It's not a total set-it-and-forget-it type of solution. You need to continually manage and maintain it.
We're experiencing some instability, but my understanding from VMware and Trend Micro is that there's a relationship being built. They're pursuing a strategy to come up with perhaps a light version of NSX.
We've had no issues with scalability.
I was involved in the setup from a managerial perspective. I contracted with Trend Micro support to provide us with implementation support.
We've looked at McAfee, Kaspersky, and Symantec.
My team specifically looks at what's there on a regular basis. We work closely with the security team to be sure that we are making a good, conscious choice on an annual basis.
It's important that you get a baseline of training, then partner with Trend Micro, whether it's an engineer pre-sales or an engineer that's implemented the product before. Be certain that your staff have the steering wheel and Trend Micro are the ones helping you navigate through the solution.
Deep Security is a really innovative security solution in the world of software-defined data centers and in the NSX space. It makes controls available to consultants and security architects in the new, software-defined datacenter and traversing up into the cloud. It's optimized to support security for virtual desktop infrastructures.
It's not a well-recognized solution and there's not much buzz around it in the marketplace. When I speak with an auditor about what Trend Micro is doing to cover my compliance footprint, it's not well-understood. That's where the challenge lies.
There were some initial challenges with it, those in my experience have all been worked out, and it's a very stable solution now. We're working on taking it out, we do a lot of consulting in an NSX space, with software-defined networking, and we're taking Trend Micro out to all of our customers.
It works in relatively small scenarios, and up to the biggest scenario that I can imagine.
Never had an issue with Trend Micro support. It's fantastic.
It's in a complex technological space, typically proposed into NSX or cross-hybrid cloud scenario. There are a lot of moving parts and it's a challenging space to implement technologies and controls, but I think Trend Micro does it well.
The important thing that I would encourage people to look at with Deep Security is how it plays with Endpoint, how it plays with your particular software-defined data center or hybrid cloud, and make sure that you understand where the capabilities are available to you. Because for most people it's surprising that Trend Micro can do all the things that it can.
The comprehensive agility is the most valuable feature. It's very agile and flexible, and performs multiple tasks simultaneously very effectively. We're able to do firewalls, IPS, and log inspections with it.
It's very difficult for an enterprise, especially one of our size, to patch effectively at all times. The IPS helped us with this. Oftentimes, there's a delay between discovery of malicious threats and production of patches. The IPS allows us to virtually protect against those threats before true patches can be applied to our inputs.
Deep Security is a fantastic product but there are certain little details that could be tweaked or improved to make it a ten.
VMware and Trend Micro are pursuing a strategy to develop a light version of NSX that will allow us to run it agentlessly.
They also need to offer support for Apple machines. Almost every vendor I've seen, they're all junk. For Trend Micro to take a step either with their office-end product or with Deep Security to actually protect Macs, that would be a huge game-changer for iOS.
We've been using it for three years.
We've had no issues with deployment.
Overall, I'd say the product is very stable, both agentless and agent-based. Agentless is less stable due to the nature of how many moving parts have to be working and in place for the whole system to work effectively. However, moving forward with the relationship with VMware, agentless protection is not going to be possible without VMware NSX setup with the environment.
Our organization has 1,500 servers and 18,000 endpoints -- and it's growing.
Trend Micro has excellent technical support.
Starting off with agentless, it was complex. With agentless, you have a lot of moving parts and they all have to be in-sync and working together for the whole system to work. It adds a level of complexity with vShield, the DSVA's, and all the different moving parts.
Come up with a solid working plan before you even think about actually implementing anything. The foundation is all in the preparation, the education and the project management.
No product is perfect. Deep Security is a fantastic product but there are certain little details, I think, that could be tweaked or improved. Do your homework, engage Trend Micro, get trained, get all the knowledge you can and come up with a solid working plan before you even think about actually implementing anything.
The most valuable feature for us is that it's agentless, meaning we can implement it without having to protect every guest at a guest-by-guest level. That's huge for us.
Everything on our ESXi host is protected and we don't have to worry about pushing an anti-virus to individual guests. All we have to do is activate Deep Security in the console and we're set.
There's a little room for improvement as far as being more concise with the error messages. It's a small thing, and maybe that's coming in a newer version. Better notifications would be nice, such as error messages that a particular ESXi host is not protected properly.
If there's a problem, you have to drill down manually. You have to click and click and click to see what the message is. It would be nice to have a more transparent meaning instead of having to click so much to get to different levels.
I've used it for six months.
We did have one issue where the signature files we received were not valid files. It caused the host to continuously try to scan, causing a performance issue. We had it resolved within a couple of hours by powering up our Deep Security appliances until we got the proper update. Then we were able to move on.
Mike Horton is our account rep. He and technical support work as a team. We all work well together.
Technical Support:Technical support is where Trend Micro really shines. They're not a big group, which is great because you feel like you're not just a customer, but also a partner in the product. You really feel like they're interested in making sure you know how to work the product to its full potential.
Be involved with the installation so that you really get a feel for what the product's doing. If they provide any support or any training, definitely attend that. It is an intuitive product but there's a lot of moving parts. You're doing virus scanning so you definitely want to make sure you understand what you're doing because if you do have an issue, it’s very important piece of your infrastructure to make sure you're protecting your server.
There are several features I find valuable, including the fact that it's agentless, each module can be installed on its own, it provides a single pane of glass for managing it, its integration with VMWare (NSX), and items are auto-added as soon as they're discovered. Ease of use is a big plus because of the foregoing items.
We were having some AV issues around 2010 and the incumbent product had gotten big and clunky and was interfering with several desktops performance. When the solution let 3 viruses in over a few weeks I deemed it no longer suitable and we chose Trend Micro Deep Security as the replacement.
Right from the start it was easy: the installation routine very kindly sought out and removed the previous solution, greatly reducing deployment time (we implemented OfficeScan first) and DS uses auto discovery. Updates are automatic and run smoothly in off hours (except for pattern updates of course).
The Trend Micro solution was stable after a few tweaks and was instrumental in stopping an incursion of ransom ware that could have brought the company to its knees. Instead we had only a few file directories encrypted and we were able to restore those in about a day. We spend way less time on AV issues since implementing Trend Micro Deep Security.
There are several areas for improvement:
I've used it for over five years.
Deployment went surprisingly smoothly. Mind you we had a Trend Micro tech (Trevor) do the initial config.
We've had no issues with stability.
We've had no issues with scalability, but we're not a big shop (under 200 VM’s).
Trend Micro's service has always been one of its strong points. I don’t particularly like the online case management tool, but response has always been good. Local support is stellar (Vancouver, Canada area) – both reps and support techs.
Technical Support:Technical support is excellent. A Trend Micro tech was always available to me locally and this helped reduce the time-to-resolution of the few issues that came up.
Yes, we used Symantec. We found it was getting a larger footprint in memory and was starting to cause performance issues. When it failed to stop viruses 3 times in 3 weeks, I had enough. On all counts, Trend Micro is a superior product with superior people, and I have never regretted the switch.
It was a fairly standard install as we were not a large data centre. Trevor (then Martin) – both local Trend Micro techs - took about a day to get it all settled down. Over the next month, I made several support calls but mostly because I did not yet have the experience with it. After a month or so, I no longer needed the support.
The install was done by a Trend Micro tech (Trevor) and later supported by Martin Sima. Both are excellent fellows.
I'm not exactly sure what our ROI is as we did not quantify it. But I can say that supporting our users got a whole lot easier and we had a significant reduction in time spent on AV issues at the desktop. Management was easier (auto add new VM’s, etc.) and Control Manager provided reports for my bosses.
Trend Micro now does certificates and this made getting certs easy and fast. Pricing was competitive, although I have not looked at pricing recently. Licensing was also easy as each additional module could be licensed separately.
I was pretty aware of the market in 2010. I knew Symantec was not doing the job anymore and I had used Trend Micro in a previous life and knew the OfficeScan product. I also considered Sophos as they have a large local presence. I do not ever want McAfee again (bad experience back in the ‘90s). And I didn’t trust the Russian product.
Make friends with your local rep and support tech – they can help you over the gotchas and issues that invariably arise with a new implementation. There is lots of online training also from Trend Micro. And classroom courses are available; I took the Deep Security course in Ottawa the first year we had it.
The most valuable feature for us is moving the AV scanning engine to the hypervisor and removing it from the virtual machine. We also use the compliance reporting (reporting in general) feature.
It's given us a significant reduction of CPU/memory footprint required to run traditional AV products inside a virtual machine (VDI).
I'm not sure how this product could improve, although we did have some compatibility issues between it and versions of vSphere.
We've used it for 13 months.
During deployment, we had the issue of compatibility between vSphere and Deep Security.
The stability issue we had was with regard to vSphere.
We had no issues with scalability.
Customer service was initially very poor, but once we reclassified our account from mid-size to enterprise, the support was very good.
Technical Support:Technical support is above average.
We previously used Symantec SAV, but it was too heavy for VDI.
Our initial setup was somewhat complex and required a significant interaction with Trend Micro support. This is a very new concept of taking the AV engine outside the VM and it took us some time to feel comfortable with the whole idea. It also required some deep understanding of how Trend Micro Deep Security “embeds” into a VMware environment, and that was not a easy task to master.
We did the initial setup with our in-house team with significant help from Trend Micro technical support. I'd rate them very poorly because they completely missed the compatibility with vSphere issue. It took us a lot of time to fix the entire mess.
Our ROI is still unclear, but I'll have more details once the entire enterprise is moved to Trend Micro Deep Security.
Get a good reseller (our original VAR, MicroAge, had a difficult time clarifying some of the licensing vs. maintenance costs).
ESET and Symantec
Make sure your VMware SME is plugged in from the very beginning, do a limited low-level impact POC, and plug into the Trend Micro user community.
The most valuable feature for us is mainly the fact that we can control what the PC or server is doing protection-wise, even remotely. We use this protection feature all the time.
The main benefit it provides us is that it will show what the issues might be and it's scalable. It allows us to know that if we have an issue somewhere on one device or endpoint, we can correct it or get down to a level where we can find out what the problem is. For example, we can apply exclusions to set policies for a certain type of group that can scale for a lot of environments, whether it's Linux or Windows servers or Windows 10 endpoints.
I'd like to see some sort of database out-of-the-box. Deep Security uses its own database, with which we have some issues, but we just go right to SQL or another database. Right now, the standard database as to be converted to SQL or Oracle, but that's something that should be out-of-the-box standard.
We've used it for four years.
We've had no issues with deployment, other than the database issue.
We had one failure, but it came back up within twenty minutes, so we've really had no downtime.
Yes, it's been scalable. In the coming year, we're going to be testing many more policies and deploying it out in our system.
The setup was a little complex on the security side. But the endpoints -- desktops, laptops, were pretty easy. The server environments were a little more complicated and in-depth.
We implemented with a vendor team.
We very much have an ROI, and although I don't have numbers, I can see that we've been able to catch problems before they happen.
Make sure you perform thorough testing as there were different situations that came up for us that we didn't account for. I think that a POC would really be worth the investment because you can find out what the structure can do and what it can't. That's really important.
Of course, the anti-virus module, the firewall module, and integrity monitoring are the big ones for us. They're the most valuable features that we use daily.
It’s protected our network from viruses, and it’s done a really good job with that. It’s allowed us to set up business rules and notifications on changes to our operating systems and our firewall rules, which is a big piece of our business right now. It’s working really well.
I would like to see a little bit of better means of agent distribution. The ability to deploy agents maybe from the solution itself that would be a good one.
I’d like to see more of a database involved with integrity monitoring, a database that would be developed to identify some of the more well-known processes and files, trends, etc. Anything that would help me do less research would be an improvement.
I've used it for one year.
There were no issues with the deployment.
I would say it’s probably 8 or 9/10. The server operating systems are probably a 9/10, the agent installations on our work stations and servers are an 8 or 9/10, and finally on our laptop computers/remote users the number goes down a little to a 7/10 for stability.
Scaling it has been fine as we haven’t done a whole lot but it seems to handle everything we need it to do. If we doubled in size tomorrow, I’d say it could handle it because the product has the availability to have more than one server with the cost remaining the same. I’d say scalability is very good.
I’d say they are very good, very knowledgeable, and very proactive. It's all good.
I would say it was pretty straightforward. We have a complex network, so if it was complex, it was because of us.
We had an engineer come out and spend a week with us to help everything run smoothly.
I wasn't involved with the process, but I know we looked at a number of other solutions. I know, however, the reasons they went with this solution is because of its compatibility with VMware, which was one of the big factors. Also, the cost was a deciding factor.
I would say that before Trend Micro comes out to install the product, you need to come up with a plan with the product. That could be anti-virus and a good plan of how you want anti-virus to work on your work stations, computers, and servers. I shouldn't just say anti-virus, but also firewall protection, integrity, what exclusions do you want. You want a good plan for each system and that will make the installation much faster. If you have to go back when the person is with you and try to figure it out as you go along, it will slow you down. Get a good plan.