TrendAI Vision One Reviews

I have experience with TrendAI Vision One, specifically using endpoint security, email security, and all of the modules that are used most commonly.

We mostly install TrendAI Vision One endpoint security in all client organizations, configure everything covering endpoints, servers, emails, and then work on the alerts for them as the need arises.

We are using the sensors that are included in TrendAI Vision One.

TrendAI Vision One has helped me to consolidate my use of security vendors quite a lot. Many of my clients were using different brands of antivirus for the server security and endpoint security, and another product for email security. Because of TrendAI Vision One, they were able to combine all of them in the same console. This reduced a lot of siloed tools.

I am quite impressed by the speed with which the server policy gets deployed. While the endpoint policy takes about 15 minutes to get assigned to the system, server policy is quite quick in that regard.

The coverage of these sensors is quite vast. When compared to other antiviruses, we found that TrendAI Vision One does cover quite a lot of ground.

The endpoint security policy for standard endpoints with TrendAI Vision One takes a lot of time. It would be beneficial if there were DLP features in it, as many customers require that. While TrendAI Vision One's full suite is quite impressive, customers have to find another product for DLP and file monitoring. TrendAI Vision One does have a not fully-fledged DLP in the endpoint security part, and it sometimes hangs up the PC when we apply it.

The alerts could be better because when an alert comes for an email that has been compromised and found on the dark web, we cannot quite find where it got compromised from.

The network part is something that needs to be worked on because most of the time we have to look at the firewall to get the full scenario or coverage.

We have found a lot of performance issues with TrendAI Vision One agents. They are not lightweight. The first time I used TrendAI Vision One, the agent was 500 MB. Now that I am using them, the initial size is 800 MB. Sometimes the CPU utilization is so high that the computer crashes or lags behind. This is a really big concern for everyone using TrendAI Vision One.

TrendAI Vision One is quite a good tool because there are not any issues in scalability. We can easily add more licenses to it and increase our organization security. Scalability-wise, it is good.

I have contacted the technical support or customer support of TrendAI Vision One quite a lot.

The engineers are quite helpful when they respond, but I have found that sometimes the assigned engineer responds to the first query a bit too late. I can see in the portal that the engineer has been assigned to my case, but we have to prompt them to give us a reply because nobody is answering. We have to call TrendAI Vision One support sometimes. Once we start the case, the responses are quite helpful, though we have had to escalate some of the cases quite a lot when customers need it.

Negative

I have not basically used any alternatives to TrendAI Vision One. I have tried CrowdStrike and Symantec. Symantec is so far out of TrendAI Vision One's reach and CrowdStrike, I have not used it much, but it is a bit harder to configure than TrendAI Vision One. I find TrendAI Vision One's UI much easier.

The initial deployment of TrendAI Vision One is quite easy since it is basically a cloud-based app, and you just have to deploy the agent.

If integrating AD with TrendAI Vision One, I am sure only one person would be needed. If you have to deploy and install the agents directly into the systems, at least four to five people are needed if the size of the organization is for 1,000 to 2,000 employees.

It would take one or two months to deploy TrendAI Vision One for a client, but mostly because sometimes things get delayed on the client side.

No maintenance is required on our side for TrendAI Vision One.

I am not into sales, but we have lost a few customers because of the pricing of TrendAI Vision One. They seem to gravitate to Symantec and others because their pricing range is quite less than TrendAI Vision One, and we have lost them because of that.

My review rating for TrendAI Vision One is 9 out of 10.

Our use case for Trend Vision One is for our security platform. We use it for antivirus, XDR, and network telemetry purposes.

Trend Vision One helped us to consolidate our use of security vendors and reduce silos. We had three or four consoles from different products, and we consolidated them into one console with this product. 

Trend Vision One helped reduce the time to detect and respond to threats by 70% to 80%.

Trend Vision One has helped us reduce noise from false positives.

We have been using cyber risk exposure management for 2 months since upgrading in April. It helps us identify blind spots by providing more visibility and insights into our environment, making it a valuable feature. 

We use the network sensor, and its coverage is critical. With SIEM, we gain substantial insights into our environment, and having a complete 360 view is necessary in today's security world. It reduces the risk by 50%.

Having AI built into the Trend Vision One platform is important for our organization. It reduces many manual steps, resulting in more and quicker detections and advanced automation for remediation, improving efficiency by 60% to 70%. The solution aims to reduce risks and enhance detection.

I like how easy it is, and there is a single pane of glass. We have one console for everything. 

Trend Vision One provides centralized visibility and management across protection layers. It has the functionality of different products and management of a single pane of glass. We have one console for everything. As a security engineer, it's easier to check the alerts and find everything. It consolidates a lot of consoles into one, and that's what we like most about it.

Vulnerability scanning could be improved. They need to see more CVEs and scan products for known vulnerabilities, allowing for better display and review of potentially exploitable servers by hackers or through configuration settings.

We have been using Trend Vision One for approximately 18 months.

We haven't experienced any stability issues. It has proven to be stable.

The scalability of Trend Vision One is good.

I have contacted technical support from Trend Micro. The quality and speed of support are good.

Positive

It was easy. It took us one day to fully deploy Trend Vision One.

Some maintenance is required for updating agents on the servers.

The deployment involved just one person working with the vendor in one day.

Trend Vision One has reduced risks by 50%. We have reduced the response time by approximately 70%-80%.

When we have a good product such as Trend Vision One, the price is fine.

We have used Trend Micro products for many years, and we upgraded to Trend Vision One. We didn't test any alternatives, staying with what we've used for years.

I would rate Trend Vision One an eight out of ten.

My use case for TrendAI Vision One is deploying it for an entity within a company. I deployed TrendAI Vision One to protect all kinds of endpoints, including mobiles, machines, mailboxes, and servers.

The best features of TrendAI Vision One that I appreciate include its centralized nature, the Copilot AI agent, its simplicity of use, and the quality of their API.

TrendAI Vision One has helped reduce my time to detect and time to respond to threats by approximately 10%.

To improve TrendAI Vision One to a perfect score, I believe better pricing and more support would be ideal.

I have been using TrendAI Vision One for one year.

I would rate the stability of TrendAI Vision One highly, as there were no bugs. I would give it a 10.

Regarding scalability, TrendAI Vision One is scalable. I would give it an eight.

I rate the technical support an eight.

The coverage for my organization's network is critical. When we have questions, we return to them. When we need something, we return to them, and they were always available.

Positive

The risk reduced by switching to TrendAI Vision One is similar to other EDR or XDR solutions. It can detect malicious operations and threats, but the exact percentage is difficult to quantify. For the company I was deploying it for, we detected many threats. I would rate the risk reduction as a 10 because the company in question did not have an XDR or EDR solution in place before.

The deployment of TrendAI Vision One is easy; it is just an executable.

It takes almost one day for TrendAI Vision One to appear in the console.

In my organization, we had four specialists working with TrendAI Vision One: myself and three security engineers. I was the project manager.

I can estimate the ROI seen from TrendAI Vision One to be approximately 15%.

When it comes to pricing, I find TrendAI Vision One not expensive compared to other products.

I compare TrendAI Vision One with other solutions and vendors on the market, and we can see that it is well-placed in Gartner, so it is one of the best products.

TrendAI Vision One helps with centralized visibility and protection across multiple layers.

The visibility and protection provided by TrendAI Vision One allow us to see all the assets in one console, which is beneficial. We can also see all the features in one console, which is equally advantageous.

I did not use the cyber risk exposure management capabilities with TrendAI Vision One, nor did my clients use that for identifying blind spots.

The top security challenges in the industry include handling the decommissioning of old products, specifically a Microsoft product. Additionally, not all features are centralized in one console, which is not ideal for the correlation of investigations.

TrendAI Vision One is deployed as a cloud solution and a SaaS solution.

I used TrendAI Vision One sensors.

I would recommend TrendAI Vision One to other users because it is easy to use and easy to deploy, as these are the most important factors. The importance of having AI built into TrendAI Vision One is significant; I use the AI aspects. When I want to look for a feature, I go to AI. When I want to create, for example, an IOC, I go to AI, and it assists with this.

We have been in contact with Trend Micro for a very long time. We have a Domino server, which is the alternative to an Exchange server, and we have implemented their virus scanner there. Because of that, we decided to stick with the company and integrate Email Gateway Protection as well. It is important for us because we host our own mail server, and we receive a huge amount of spam. The goal was to reduce that. So far, we have reduced our email traffic by almost 50%—thanks to email filtering. This means our employees do not have to handle those emails anymore.

We receive around 1,000,000 emails per year and 500,000 of those are junk. That was a key factor in saving work time. Every email that lands in an inbox has to be handled—either deleted or responded to. We tested this with different employees and found that deciding whether an email is relevant or junk takes about 10 to 15 seconds per email. With 500,000 unnecessary emails, you can imagine how much time we are saving company-wide.

Another major reason we implemented this solution is phishing emails. This is a huge issue. Trend Micro offers phishing awareness training, but ideally, these phishing emails should not even reach our company, as they are highly dangerous. So far, Trend Micro has filtered out around 3,700 phishing emails for us.

There is another extremely dangerous issue—malicious software hidden in attachments. If an employee clicks on such an attachment, files could get encrypted. In the past year, Trend Micro has intercepted 60 such cases, meaning 60 incidents where our files did not get encrypted.

This is why we use this solution. Of course, there are other providers, but we find Trend Vision One's interface very user-friendly. We also have a dashboard where we can track everything and pull these statistics.

In Germany, such a security solution is very important. Due to a change in the law, company management is now obligated to ensure that IT security is based on best practices. If they fail to do so or are unaware of their security status and neglect it, they are now personally liable with their private assets. I also need a tool that allows my management and board to monitor our security status. One of the reasons why we chose Trend Vision One was that it provides the option for the board to check the dashboards. This means that every morning while having coffee, they can see the security status of the company on their phones. They can also ask, "Hey, why is our security score high? Is our IT department not working properly? Or do we have a real problem that requires additional software or other measures?" Additionally, negotiations become easier for the IT department, for management, and for us. If security gaps arise, we can say, "Hey, we need software or an investment of a certain amount." We now have a solid foundation for our case.

We use email security and endpoint protection. Endpoint protection is installed on every computer and server, with enhanced sensors on the servers. These security tools are crucial for us—without them, we would be blind in IT. They allow us to monitor the health of each system and user activity, including preventing access to inappropriate websites.

We have a lot of remote work, and we used to struggle because we could not properly monitor devices outside our network or firewall. Now, we can control things like applications, websites, USB sticks, and external hard drives, which was previously impossible. A key feature of our endpoint protection is that if a computer reaches a certain security risk score, it is automatically blocked by the software. This means that if an attack occurs, the affected computer is isolated from the network, preventing further spread.

Our biggest challenge is not direct hacking attacks—our company is not a high-priority target. Instead, phishing emails are the main issue. These emails attempt to trick employees into making fraudulent payments or providing access to our systems, allowing ransomware installation. Email security is our biggest focus area.

It has significantly reduced email volume, which is crucial, especially for our security team, as they do not have time to review every message. IT also receives fewer inquiries about whether emails are legitimate. Additionally, phishing training has helped—our employees recognize phishing attempts better, and our click rate on phishing simulations has dropped to zero. Previously, conducting a phishing simulation would have cost €2,500 per test, but now, we can run one or two tests per month at no additional cost. This provides great value.

It is important for us that Trend Vision One has AI built into its platform. It is essential for detecting abnormalities quickly. Humans may not notice certain threats, but AI can. However, AI is not perfect and sometimes lets suspicious emails through, which we then manually review in quarantine. AI is constantly learning, and the more it improves, the less manual intervention is needed, which is beneficial for us.

We now have visibility. Previously, we were blind and could not assess our security status.

Trend Vision One helped reduce our time to detect and respond to threats. Previously, we relied on reading security forums and websites to identify vulnerabilities. Now, we get real-time alerts and can take immediate action.

Our speed has increased significantly. We can update and patch security threats daily, whereas before, it took weeks or even months.

Trend Vision One has helped our organization reduce its cyber risk, especially through endpoint protection. For example, our field employees used to connect unknown external hard drives, which posed a risk. That is no longer possible, eliminating a major threat vector.

Trend Vision One has helped consolidate our use of security vendors. Previously, we only had basic endpoint protection from another provider, which we replaced with Trend Vision. We now have more security software, not less, because our company has grown significantly—from a small business to a mid-sized enterprise. The IT department was lagging behind, and security was not a priority. Now, we manage everything with one provider, rather than multiple vendors.

The dashboard is valuable. It provides a comprehensive view of our security status and allows us to compare ourselves with other companies using Trend Vision. We can immediately see if we need to take action when updates are released with high CVE scores, without having to check multiple websites. This saves time and enables faster decision-making.

The platform provides not only visibility but also intervention capabilities, such as blocking threats. We are operating at a high level in this regard. I would rate Trend’s Vision One platform very high in providing centralized visibility and management across protection layers.

Improving the user interface would be helpful—it can be confusing, especially if you do not use it daily. 

We do not see a need for additional features. The tool has so many capabilities that it can be overwhelming at first, which is why we implemented it step by step to avoid overwhelming our administrators.

We started with the Email Gateway Protection solution in December.

Its stability is very good. We have not had any failures so far.

Its scalability is very good as we can work with it flexibly.

We have an environment with 160 users and about 15 servers, all virtualized and running entirely on-premise.

It is very good. If we have a problem, we call Mr. Weckwert or send him an email and receive a response.

Positive

We used SonicWall’s endpoint protection before, but it had issues. For example, the endpoint protection conflicted with VPN installations, requiring us to uninstall security features before updating VPN settings—an unacceptable security risk. With Trend Vision, we feel much better protected.

SonicWall is just a basic antivirus tool, whereas Trend Vision One provides more advanced features like software firewalls and the ability to block specific applications and websites, such as preventing employees from using Telegram or WhatsApp on work computers.

A downside is that Trend Vision One requires more system resources, so we had to upgrade some computers with additional RAM. However, that is not just due to Trend Vision One but also Windows 11’s increased demands.

We use a hybrid model—Trend Vision’s cloud solution with local installations on our devices. We operate entirely on-premise.

We worked with a partner and now manage everything internally.

For the implementation, all admins were present to understand how it works. It was like a training session for us.

Fundamentally, there is one colleague responsible for it, and they spend about an hour to an hour and a half on it daily.

In terms of maintenance, it only requires updates.

We have seen an ROI through time savings. The email filtering system paid for itself within a year.

It is very good. The flexibility to temporarily exceed license limits when setting up new devices is helpful, as it allows us to ensure security before purchasing additional licenses.

Try it out. Ultimately, everyone has to decide for themselves if it fits their admin team. What I always say is that this tool monitors you and provides insights—it exposes weaknesses in an IT department. If IT management cannot handle that level of transparency, they should avoid it. If they see value in having more insights, it is a very valuable tool.

I would rate Trend Vision One an eight out of ten.

Foreign Language: (German)

Bietet solide Sicherheit, zentrale Transparenz und flexible Lizenzierung

Was ist unser Hauptanwendungsfall?
Wir stehen schon sehr lange in Kontakt mit Trend Micro. Wir haben einen Domino-Server, der eine Alternative zu einem Exchange-Server ist, und haben dort deren Virenscanner implementiert. Aufgrund dieser positiven Erfahrung haben wir uns entschieden, dem Unternehmen treu zu bleiben und auch den Email Gateway Protection-Dienst zu integrieren. Dies ist für uns besonders wichtig, da wir unseren eigenen Mailserver hosten und eine enorme Menge an Spam erhalten. Unser Ziel war es, diesen zu reduzieren. Bisher konnten wir unser E-Mail-Aufkommen um fast 50 % reduzieren – dank der E-Mail-Filterung. Das bedeutet, unsere Mitarbeitenden müssen diese E-Mails nicht mehr manuell verwalten.

Wir erhalten etwa 1.000.000 E-Mails pro Jahr, von denen 500.000 Spam sind. Das war ein entscheidender Faktor zur Einsparung von Arbeitszeit. Jede E-Mail, die im Posteingang landet, muss entweder gelöscht oder beantwortet werden. Wir haben dies mit verschiedenen Mitarbeitenden getestet und festgestellt, dass die Entscheidung, ob eine E-Mail relevant oder Spam ist, etwa 10 bis 15 Sekunden pro E-Mail dauert. Bei 500.000 unnötigen E-Mails kann man sich vorstellen, wie viel Zeit wir unternehmensweit einsparen.

Ein weiterer wichtiger Grund für die Implementierung dieser Lösung sind Phishing-E-Mails. Dies ist ein enormes Problem. Trend Micro bietet Schulungen zur Phishing-Sensibilisierung an, aber idealerweise sollten diese Phishing-E-Mails unser Unternehmen gar nicht erst erreichen, da sie extrem gefährlich sind. Bisher hat Trend Micro für uns rund 3.700 Phishing-E-Mails herausgefiltert.

Ein weiteres äußerst gefährliches Problem ist schädliche Software in Anhängen. Wenn ein Mitarbeitender auf einen solchen Anhang klickt, könnten Dateien verschlüsselt werden. Im letzten Jahr hat Trend Micro 60 solcher Fälle abgefangen – das bedeutet 60 Vorfälle, in denen unsere Dateien nicht verschlüsselt wurden.

Deshalb nutzen wir diese Lösung. Natürlich gibt es auch andere Anbieter, aber wir finden die Benutzeroberfläche von Trend Vision One sehr benutzerfreundlich. Wir haben auch ein Dashboard, mit dem wir alles nachverfolgen und Statistiken abrufen können.

Wie hat es meinem Unternehmen geholfen?
In Deutschland ist eine solche Sicherheitslösung äußerst wichtig. Aufgrund einer Gesetzesänderung ist das Unternehmensmanagement nun verpflichtet, sicherzustellen, dass die IT-Sicherheit auf Best Practices basiert. Falls sie dies nicht tun oder sich ihres Sicherheitsstatus nicht bewusst sind und diesen vernachlässigen, haften sie nun persönlich mit ihrem Privatvermögen. Ich benötige daher ein Tool, das es meinem Management und dem Vorstand ermöglicht, unseren Sicherheitsstatus zu überwachen.

Einer der Gründe, warum wir uns für Trend Vision One entschieden haben, war die Möglichkeit, dass der Vorstand die Dashboards einsehen kann. Sie können damit morgens beim Kaffee den Sicherheitsstatus des Unternehmens auf ihren Handys überprüfen können. Sie können auch nachfragen: „Risikowert so hoch? Arbeitet unsere IT-Abteilung nicht richtig? Oder haben wir ein echtes Problem, das zusätzliche Software oder andere Maßnahmen erfordert?“

Zudem erleichtert es Verhandlungen zwischen IT-Abteilung, das dem und uns. Falls Sicherheitslücken auftreten, können wir argumentieren: „Wir brauchen Software oder eine Investition in Höhe von X.“ Dadurch haben wir nun eine fundierte Grundlage für unsere Entscheidungen.

Wir nutzen E-Mail-Sicherheit und Endpoint Protection. Endpoint Protection ist auf jedem Computer und Server installiert, mit erweiterten Sensoren auf den Servern. Diese Sicherheits-Tools sind für uns essenziell – ohne sie wären wir in der IT blind. Sie ermöglichen es uns, die Systemgesundheit und Benutzeraktivitäten zu überwachen und den Zugriff auf unangemessene Websites zu verhindern.

Wir haben viele Remote-Mitarbeitende und hatten früher Schwierigkeiten, Geräte außerhalb unseres Netzwerks oder unserer Firewall richtig zu überwachen. Jetzt können wir Dinge wie Anwendungen, Websites, USB-Sticks und externe Festplatten kontrollieren – etwas, das vorher nicht möglich war. Eine zentrale Funktion unserer Endpoint Protection ist, dass ein Computer, der eine bestimmte Risikostufe erreicht, automatisch von der Software blockiert wird. Damit wird bei einem Angriff der betroffene Computer bei einem Angriff vom dem Netzwerk isoliert wird, um eine weitere Verbreitung zu verhindern.

Unser größtes Problem sind keine direkten Hackerangriffe – unser Unternehmen ist kein priorisiertes Ziel. Stattdessen sind Phishing-E-Mails die größte Gefahr. Diese E-Mails versuchen, Mitarbeitende dazu zu verleiten, betrügerische Zahlungen zu tätigen oder unsichere Zugriffe zu gewähren, wodurch Ransomware installiert werden kann.

E-Mail-Sicherheit ist unser wichtigstesSchwerpunktthema. Die Lösung hat das E-Mail-Aufkommen erheblich reduziert, was für unser Sicherheitsteam
entscheidend ist, da es nicht die Zeit hat, jede Nachricht
zu überprüfen.

Zusätzlich hat das Phishing-Training geholfen hat unsere Mitarbeitenden erkennen Phishing-Versuche besser, und unsere Klickrate auf Phishing-Simulationen ist auf null gesunken. Früher hätte eine Phishing-Simulation 2.500 € pro Test gekostet, jetzt können wir ein bis zwei Tests pro Monat ohne zusätzliche Kosten durchführen. Dies ist ein großer Mehrwert.

Was ist besonders wertvoll?
Das Dashboard ist äußerst wertvoll. Es bietet eine umfassende Übersicht über unseren Sicherheitsstatus und ermöglicht es uns, uns mit anderen Unternehmen zu vergleichen, die Trend Vision One nutzen.

Die Plattform bietet nicht nur Transparenz, sondern auch Eingriffsmöglichkeiten, etwa zur Bedrohungsabwehr. In diesem Bereich sind wir sehr gut aufgestellt. Ich würde die Trend Vision One Plattform in Bezug auf zentrale Sichtbarkeit und Management über verschiedene Schutzebenen hinweg sehr hoch bewerten.

Was könnte verbessert werden?
Die Benutzeroberfläche könnte verbessert werden – sie kann verwirrend sein, insbesondere wenn man sie nicht täglich nutzt.

Wie lange haben wir die Lösung bereits im Einsatz?
Wir haben im Dezember mit der Email Gateway Protection-Lösung begonnen.

Wie bewerten wir die Stabilität der Lösung?
Die Stabilität ist sehr gut. Wir hatten bisher keine Ausfälle.

Wie bewerten wir die Skalierbarkeit der Lösung?
Die Skalierbarkeit ist ebenfalls sehr gut, da wir flexibel damit arbeiten können.

Unsere Umgebung besteht aus 160 Usern und etwa 15 Servern, die alle virtualisiert und vollständig On-Premise betrieben werden.

Wie ist der Kundenservice und Support?
Sehr gut. Falls wir ein Problem haben, rufen wir Herrn Weckwert an oder schicken ihm eine E-Mail und erhalten eine schnelle Antwort.

Wie bewerten wir den Kundenservice?
Positiv.

Welche Lösung haben wir vorher genutzt und warum sind wir gewechselt?
Wir haben vorher SonicWall Endpoint Protection verwendet, aber es gab Probleme, z. B. Konflikte mit VPN-Installationen.

Mit Trend Vision One fühlen wir uns deutlich besser geschützt.

Wie war die Implementierung?
Wir haben ein hybrides Modell – die Cloud-Lösung von Trend Vision mit lokalen Installationen auf unseren Geräten. Wir betreiben alles On-Premise.

Für die Implementierung waren alle Administratoren anwesend, um das System zu verstehen – es war für uns wie eine Schulung.

Eine Person ist hauptverantwortlich und verbringt täglich etwa eine bis anderthalb Stunden mit der Lösung.

Welchen ROI haben wir gesehen?
Die E-Mail-Filterung hat sich innerhalb eines Jahres amortisiert.

Wie sind Preisgestaltung und Lizenzierung?
Sehr gut. Die Flexibilität, Lizenzen temporär zu überschreiten, ist ein großer Vorteil.

Welche weiteren Empfehlungen haben wir?
Einfach ausprobieren. Jeder muss selbst entscheiden, ob es zu seinem Admin-Team passt.

Ich würde Trend Vision One mit acht von zehn Punkten bewerten.

Welches Bereitstellungsmodell nutzen wir?
On-Premises.

We use TrendAI Vision One for endpoint security.

For example, we use XSIAM, which is Palo Alto's XDR plus SIEM solution. When we get an incident, we need to do some hunting in that system. It takes approximately 45 minutes. However, with TrendAI Vision One, because most of the information is already enriched, we get only high fidelity incidents. This saves us around 25% of time compared to other solutions.

TrendAI Vision One mostly delivers high-fidelity incidents. We receive nearly 60% of incidents as true positives, with the remaining 40% being false positives. Comparatively, with XSIAM we have around 40% true positives and 60% false positives.

We are an MSSP with nearly 60 people working in SCI, which is Shared Commercial Infrastructure. We have approximately 60 people dedicated to TrendAI Vision One.

One feature I appreciate about TrendAI Vision One is that compared to other solutions, the alerts we receive are already enriched. We use it in a shared commercial infrastructure which was inherited from IBM. During investigation, it is much easier to work with TrendAI Vision One compared to other solutions.

Compared to CrowdStrike sensor, TrendAI Vision One consumes more compute power. CrowdStrike is more optimized than this solution.

TrendAI Vision One is a niche product because XSIAM is a combination of SIEM plus XDR, while this is an XDR solution. If I need to do deep hunting, for example, we had an incident in Microsoft Defender yesterday which required advanced hunting capabilities. This is not possible in TrendAI Vision One, which I see as a drawback. TrendAI Vision One is a very good product, but it has a specific use case. If you want less customization, you can use TrendAI Vision One. If you need more customization, you need to use a SIEM plus XDR solution. Nowadays, they are integrating SIEM with XDR solutions. For example, we have XSIAM and Microsoft Defender is going to integrate SIEM as well going forward. In that case, TrendAI Vision One is a niche product. As a product with its specific use case, it is good.

Specifically regarding sensors, they consume comparatively more compute capacity, so we need to plan our workloads accordingly. Additionally, the user interface could be improved. When I investigate one alert, all the indicators appear jumbled together in one area. If they improve the user interface, it would be better.

We have been using TrendAI Vision One for the last one and a half years.

I would rate the technical support an eight.

Positive

Since the alerts are high fidelity and TrendAI Vision One requires less overall from the security analyst perspective, it reduces cyber risk effectively. Regarding downtime compared to XSIAM, I would rate this a nine because its downtime is considerably less. In terms of scalability, it is pretty scalable, though somewhat complex, so I would rate it an eight point five. I would recommend TrendAI Vision One if the organization is less mature in terms of SOC. However, if you want to do advanced SOC hunting, this is not the right product in my opinion. The overall review rating for this product is eight point five.

TrendAI Vision One use cases are mostly related to endpoints, such as detecting registry modifications or new software being added, as well as monitoring for malicious activities including PowerShell scripts, double extension files, ransomware, and crypto miners. Since I work for the financial sector, it is crucial to ensure there are no remote software programs running, especially regarding banking security.

TrendAI Vision One has two types of alerts that help reduce the time to detect and respond to threats. The first is based on alerts and workbench ID, while the second is host-based detections, allowing me to see all different threats on particular endpoints over a selected time frame. I can check for various endpoints affected by different alerts and customize this for specific time frames. Monitoring critical assets, threat hunting, and running queries are feasible tasks, providing a comprehensive overview of endpoint security and the ability to remove malicious files quickly.

One of the best features of TrendAI Vision One is its ability to let me remediate endpoints without disturbing branch users, as long as the endpoint is online and connected. I can delete files or take control through the console by informing the bank's security team to get approval. Another great feature is viewing alerts, segregating them by type and host, which makes it easier to fine-tune security and monitor critical resources. Additionally, the ability to create reference sets for known malicious hashes enhances detection capabilities across endpoints.

TrendAI Vision One saves resources and time. It provides better visibility of endpoints compared to other security management tools, which makes it invaluable. For smaller organizations that may not afford multiple tools, an XDR solution can handle their security needs effectively.

TrendAI Vision One allows mitigation of threats without interrupting branch users' regular work, which is its unique selling point.

The area for improvement is to provide more clarity on the query part, including examples for creating reference sets and documenting capabilities thoroughly so future users can benefit without needing to experiment.

Documenting the capabilities of endpoint consoles would also be beneficial for new users understanding what can be done effectively.

I initially used the first EDR approximately two years ago, and now I have been using TrendAI Vision One for eight to nine months.

The stability of TrendAI Vision One is good; I would rate it an eight.

I would rate the scalability at eight and a half.

I have not worked with technical support yet, so I cannot rate it.

Neutral

I have not worked with other solutions yet, so I can only speak to my experience with TrendAI Vision One XDR, which I find to be good for handling threats across endpoints.

I am not aware of the deployment process since I have not been involved with it.

Only a few of us are using the solution currently—my manager and I. Due to my background in threat hunting, I have admin access to monitor various alerts and create reference sets for potential threats effectively.

Only three or four users have access to TrendAI Vision One, including my manager and me from the vendor side, and two from the bank end.

I am a vendor hired for SOC security and threat hunting, working for IBM clients.

I cannot estimate the return on investment accurately, as I do not have insight into the financials. However, I can say that the tool is good, particularly the basic subscription which provides me with necessary tools and knowledge to protect security.

I do not have any information regarding the pricing, so I cannot comment on that.

Every organization typically installs antivirus agents on their endpoints and servers.

My false positives have decreased, but reducing them requires thorough investigation. For example, each endpoint has its own scanning device, such as Windows Defender.

Apex Central is attempting to stop the services of Windows Defender, leading to alerts when malicious behavior is detected. Through thorough investigation, I have identified that while Apex Central might not directly stop processes, it does so using CMDlets. Hence, I decided to whitelist that.

TrendAI Vision One reduces endpoint risk by approximately 60 to 70 percent; the remaining 30 percent can be due to other factors such as phishing and web interactions.

For small organizations, implementing TrendAI Vision One is a wise choice because it delivers great visibility and clarity on endpoint threats, enabling effective monitoring and quarantining regardless of the environment.

TrendAI Vision One sensors are being used on the endpoints.

I do not know if Cyber Risk Exposure Management comes under the basic subscription, as I mostly focus on threat hunting and do not recall using it.

If the suggested improvements are implemented, it will be even more flexible and feasible.

I give this review an overall rating of 9 out of 10, and I definitely recommend TrendAI Vision One to other users because it provides solid security for endpoint protection.

TrendAI Vision One sensors are used at the endpoint to gather information from endpoints, which has proven to be very useful. The coverage provided by TrendAI Vision One is critical for our organization's network because it's a comprehensive way to get all the relevant data from the endpoints regarding antivirus security and similar security settings.

Some basic features of the Cyber Risk Exposure Management capabilities in TrendAI Vision One are being used. Plans exist to expand the usage, but currently the overview of the cyber risk settings is checked, though it hasn't been used much in the last few months.

TrendAI Vision One has helped consolidate the use of security vendors and reduce silos, but other vendors have not been replaced. TrendAI Vision One alone is sufficient for current needs, so other vendors for such solutions do not need to be used, at least not for now.

TrendAI Vision One is used for consolidated security across hybrid environments.

The comprehensive overview of the security status is the most valuable feature of TrendAI Vision One. TrendAI Vision One platform's ability to provide centralized visibility and management is quite good because all the relevant data are present, providing everything needed. The interface is quite simple to use and all the relevant data can be seen there.

TrendAI Vision One has helped reduce the time to detect and respond to threats because information is gathered more quickly and all the relevant points are visible. If there's any problem, it can be seen much easier and quicker.

TrendAI Vision One has also helped reduce cyber risks because it decreases cyber risks as there is more control over the environment.

There are currently no particular suggestions on how TrendAI Vision One can be improved because improvements have been seen in nearly every version, and satisfaction with what can be seen and used is high.

Additional features are not desired to be seen in the next release of TrendAI Vision One because not all the features that are available now are being used. For current needs, everything is already there. Perhaps in the future something else will be needed, but everything that is currently needed is already included.

TrendAI Vision One has improved its integration with other products, with other vendors, or with mobile device management. The mobile device management solution has improved over the years and was pretty basic when it started, but now it has much more options. Some improvements could be made, but all the possibilities of the platform are not being fully utilized, so some features that could be discussed may not have been explored yet, though they may already be available.

TrendAI Vision One has been used for a couple of years.

There have been no problems with scaling TrendAI Vision One. The organization is not large, so there were no problems in scaling. TrendAI Vision One appears to be tailored for much bigger organizations, so no scaling problems were encountered.

There has not been much contact with technical support, though some checks and presentations were conducted, which were quite good. The response was very quick and all the information needed was received, resulting in high satisfaction.

Technical support would be rated nine out of ten. Regarding local technical support, it is also quite good through the partner network and directly. If something is escalated directly to Trend Micro, responses are received. There is high satisfaction with the current support level.

Positive

The initial setup of TrendAI Vision One was seamless because it was a migration from an on-premises Trend Micro service to a cloud-based one, so there were no particular problems.

External partners were used for the implementation of TrendAI Vision One, though the process was overseen. There was a transfer of knowledge during the implementation.

Return on investment from TrendAI Vision One has not been calculated in the traditional sense, but price-wise, it's a better solution than some others that have been looked at or researched. TrendAI Vision One is quite convenient for the organization.

Before TrendAI Vision One, a broader marketplace was evaluated. A granular possibility to purchase only needed options without purchasing unnecessary components was not observed in other solutions. The licensing model of TrendAI Vision One is the best among other solutions that have been seen.

For integrations with third-party solutions, integration was done for log management. Logs are downloaded or shipped from Trend Micro solutions to internal log management solutions, and there were no particular problems in integrations. Many other integrations specifically with Trend Micro were not conducted.

TrendAI Vision One is considered the best option on the market at the moment for this organization. TrendAI Vision One appears to be quite popular in the region, with many companies using it, both bigger and smaller organizations. A community provides information and support, making TrendAI Vision One popular in the area.

TrendAI Vision One has been using AI technologies already for some time, which shows awareness of the landscape. It is believed that TrendAI Vision One will tailor the solution accordingly, as AI is already being used in some solutions within the platform, indicating good direction for the product.

TrendAI Vision One provides learning courses, and events from partners sometimes offer opportunities to gather new information on the products. Additionally, a community is available, creating a good landscape for learning and support in the region.

The partnership program is not well known because collaboration is through partners, but it is believed that partner satisfaction is high.

TrendAI Vision One received an overall rating of eight out of ten.

Our primary use case is to secure our endpoints and servers via Managed Detection. We secure them using XDA and Trend Micro’s SOC. We secure it based on behavior so that we have someone to respond if there are unusual issues with PCs, even on weekends and holidays when we’re not onsite, and then they inform us. That’s why we chose Trend Vision One.

We have it deployed on all of our PCs, both Windows and Linux laptops.

The security coverage is very important for my company's network. It is a requirement under the NIS2 directive, which is now coming into effect in the EU. The coverage is also important for us because we operate 24/7, but our IT staff is not available around the clock. To fill this gap, we opted for Trend Micro’s XDR solution. Trend Micro’s SOC team can respond even when no one from our team is available.

They also make sure we are properly notified because if an email comes in at 3 AM on a Sunday, no one will read it but if Trend Micro's SOC team calls, someone will check immediately. That’s why we chose this solution.

The security coverage is also particularly important for us because, as a hospital running 24/7, we must ensure the security of patient data and maintain the IT infrastructure's operational capability. If our systems go down, it could directly impact patient treatment. Around 10 years ago, before we had Trend Micro, we experienced an attack and our IT systems were down for an entire week. That was incredibly difficult.

With increasing digitalization and more medical processes relying on computers, doctors need easy access to X-rays, prior medical examinations, and other records. Since all of this data is stored digitally, solutions like Trend Vision One become even more essential. Availability must be guaranteed, and we cannot afford a situation where a system gets attacked and taken down. That’s why it is crucial for us to have this protection in place.

The biggest security challenges in my organization are:

1. Preventing unauthorized external access.

2. Reducing the risk of employees unknowingly giving attackers access to the network due to inexperience.

That’s why we use these solutions, in combination with Apex One and Deep Security, to prevent such incidents. If a user mistakenly clicks on something they shouldn’t, the system can respond immediately and prevent damage before it occurs.

With Trend Micro Vision One we now have a comprehensive overview of our entire network of all of our endpoints and Active Directory. We also have an industry comparison feature that allows us to gauge our security status.

For example, our advisor recently reviewed our security score and confirmed that we are in a good position. That gives us peace of mind.

The SOC team is the most valuable feature for us. Having experts who monitor global threat landscapes and can respond accordingly is incredibly helpful. They keep an eye on our system and can intervene if necessary to prevent significant damage. That is the most important aspect for us.

That’s a bit tricky to answer. Trend Vision One is a powerful tool that provides a vast amount of information. It requires some practice to filter out the most relevant insights and respond accordingly like investigating specific endpoints when necessary.

Since we are still relatively new to the platform and have a small IT team, we haven’t been able to fully explore all of Vision One’s capabilities. However, the data we do utilize helps us react appropriately and address potential threats before they escalate.

A major advantage is that we can integrate Active Directory into Vision One. This means we get alerts if something unusual happens in AD, and these notifications appear directly in Vision One. I believe firewalls can also be integrated, though we haven’t done that yet as we are currently upgrading our firewall infrastructure.

Having a centralized platform where logs and security alerts from multiple systems converge is a huge benefit, as it allows us to react efficiently from a single interface.

AI is beneficial because it can operate independently of predefined patterns, reacting based on behavior rather than fixed rules. It continuously learns and can detect threats that might not yet be covered by existing security protocols. This is a major step forward in cybersecurity.

We realized Trend Vision One's benefits quite quickly. Within one to two weeks, we already saw improvements. We really noticed the full impact after receiving our first report. That allowed us to analyze incidents, track past threats, and understand what was happening within our network. After about four weeks, we fully realized the platform's value.

It does save time when searching for an incident because you can simply display the incidents in the Vision One console. You can drill down to the task level and see which file was affected on which endpoint.

That makes things much easier when tracking a specific incident. It saves more than fifty percent of the time because, as mentioned, you can drill down directly from the endpoint in the console, down to the task, down to the file, the DLL, or whatever it is. And you also get a display of what it is without having to access the computer and search on Google. As mentioned, everything is displayed clearly and neatly in the Vision One console, sometimes even with suggestions on what to do.

My organization has reduced its cybersecurity risk. We have a centralized view of where the risks are, you can specifically access individual endpoints, and as mentioned, the SOC in the background immediately reports unusual behavior even when you’re not around. If it’s high-risk, we get a call.

In this regard, cybersecurity has improved significantly because a lot of things that previously went unnoticed are now detected.

Trend Vision One is already very powerful. The clarity and usability could be improved a bit. Sometimes it’s difficult to find your way around.

It’s such an important tool, and you can do a lot with it. With some practice and proper training, you can manage quite well.

We are currently implementing, as a pilot hospital, an ICAP virus scanner through the Service Gateway via Vision One, which scans our KIM emails. This was an important feature and Trend Micro has now implemented it.

I have been using Trend Vision One for about six months. 

I would rate the stability a nine out of ten.

We are currently working on scaling. We are integrating with ICAP functionality.

The scalability is very good. You can integrate almost everything you need, including mail security, etc. I’d give scalability a 10 because nearly everything is integrated.

The staff we have dealt with were always very competent. What I find a bit difficult is that there is no German support. Since my English isn’t the best, we usually go through our consultant, as he knows the Trend Micro support team well and handles these things daily. So, we rely on our partner for that.

In terms of knowledge, the support is competent. The language barrier is just a bit challenging because when they speak fast in English and I don’t understand much.

The initial setup was done by a consultant from SoftwareOne. He did a really good job, and everything went smoothly except for the hybrid installation with Deep Security.

That went quite smoothly. Apex One had some issues, and we had to keep a support case open for a long time before it worked properly. But now, everything works fine.

We are only four people in IT here, and everyone does a bit of everything for the setup.

We install the agents ourselves, meaning we have to manually set them up on each computer or server.

The clients are already rolled out, and everyone contributes when needed like whenever we work on something, another sensor gets installed, etc.

We have around 400 endpoints and approximately 600 users with a Windows environment and a virtualized setup using VMware.

Our server environment also includes VMware View in some areas.

In terms of maintenance, I have to regularly check reports and see what needs to be done. Otherwise, everything updates itself in Vision One.

Since Vision One is cloud-based, the console updates itself, as do the agents. Once everything is installed, there’s little to do.

There are additional costs.

Overall, the price-performance ratio is okay.

We looked at Sophos beforehand because we use it as a firewall. Since Vision One integrates well with existing solutions like Deep Security and Apex One, we chose an integrated solution and decided to go with Trend Vision One.

We also deliberately opted against a purely web-based solution. We run a hybrid installation, meaning that Apex One and Deep Security are still managed locally and connected to Vision One.

This is because we have been hacked before, and if I cut off internet access to our firewall, I wouldn’t be able to administer my security suite. With this setup, I can still manage and configure it before reconnecting to the internet.

I would rate Trend Vision One a nine out of ten. 

My advice to anybody considering Trend Vision One is that the most important aspect is the integration with existing solutions like Apex One and Deep Security.

It’s stable and provides a lot of information. The only downside is that it can be a bit complex to navigate.

Foreign Language: (German)

Ein Benutzer klickt versehentlich auf etwas, auf das er nicht klicken sollte. Das System kann sofort reagieren und Schäden verhindern, bevor sie entstehen.

Was ist unser primärer Anwendungsfall?

Unser primärer Anwendungsfall besteht darin, unsere Endpunkte und Server durch Managed Detection zu sichern. Wir schützen sie mit XDA und dem SOC von Trend Micro. Die Sicherheit basiert auf Verhaltensanalysen, sodass jemand reagieren kann, falls ungewöhnliche Probleme mit PCs auftreten – selbst an Wochenenden und Feiertagen, wenn wir nicht vor Ort sind. Dann werden wir benachrichtigt. Deshalb haben wir uns für Trend Vision One entschieden.

Wir haben die Lösung auf all unseren PCs implementiert, sowohl auf Windows- als auch auf Linux-Laptops.

Die Sicherheitsabdeckung ist für unser Unternehmensnetzwerk äußerst wichtig. Sie ist eine Anforderung der NIS2-Richtlinie, die nun in der EU in Kraft tritt. Zudem ist die Abdeckung essenziell, da wir rund um die Uhr arbeiten, unser IT-Personal jedoch nicht jederzeit verfügbar ist. Um diese Lücke zu schließen, haben wir uns für die XDR-Lösung von Trend Micro entschieden. Das SOC-Team von Trend Micro kann auch dann reagieren, wenn niemand aus unserem Team verfügbar ist.

Sie stellen außerdem sicher, dass wir ordnungsgemäß benachrichtigt werden. Denn wenn eine E-Mail um 3 Uhr morgens an einem Sonntag eintrifft, liest sie niemand. Aber wenn das SOC-Team von Trend Micro anruft, wird sofort reagiert. Aus diesem Grund haben wir uns für diese Lösung entschieden.

Die Sicherheitsabdeckung ist für uns besonders wichtig, da wir als 24/7 betriebenes Krankenhaus die Sicherheit von Patientendaten gewährleisten und die Betriebsfähigkeit der IT-Infrastruktur sicherstellen müssen. Wenn unsere Systeme ausfallen, kann dies direkte Auswirkungen auf die Patientenversorgung haben. Vor etwa zehn Jahren, bevor wir Trend Micro genutzt haben, wurden wir angegriffen, und unsere IT-Systeme waren eine ganze Woche lang nicht verfügbar. Das war extrem schwierig.

Mit der zunehmenden Digitalisierung und der stärkeren Abhängigkeit medizinischer Prozesse von Computern benötigen Ärzte einfachen Zugang zu Röntgenbildern, früheren Untersuchungen und anderen Aufzeichnungen. Da all diese Daten digital gespeichert werden, sind Lösungen wie Trend Vision One umso wichtiger. Die Verfügbarkeit muss garantiert sein, und wir können uns keine Situation leisten, in der ein System angegriffen und außer Betrieb gesetzt wird. Deshalb ist dieser Schutz für uns unerlässlich.

Unser Hauptziel ist es, unsere Endpunkte und Server durch Managed Detection zu schützen. Dafür setzen wir auf XDR und das SOC von Trend Micro. Die Sicherheit basiert auf Verhaltensanalysen, sodass ungewöhnliche Aktivitäten frühzeitig erkannt und entsprechende Maßnahmen ergriffen werden können – auch an Wochenenden und Feiertagen, wenn wir nicht vor Ort sind. In solchen Fällen erhalten wir Benachrichtigungen, sodass keine Bedrohung unbeachtet bleibt.

Wir haben die Lösung auf all unseren PCs implementiert, sowohl auf Windows- als auch auf Linux-Laptops. Eine umfassende Sicherheitsabdeckung ist für unser Unternehmensnetzwerk essenziell, insbesondere vor dem Hintergrund der NIS2-Richtlinie, die in der EU nun in Kraft tritt. Diese neuen Vorgaben erfordern verstärkte Sicherheitsmaßnahmen, um eine kontinuierliche Betriebsfähigkeit kritischer Infrastrukturen sicherzustellen. Da wir rund um die Uhr arbeiten, unser IT-Personal jedoch nicht jederzeit verfügbar ist, haben wir uns für Trend Micros XDR-Lösung entschieden. So stellen wir sicher, dass Bedrohungen jederzeit erkannt und entsprechende Maßnahmen ergriffen werden können – auch wenn unser eigenes Team nicht erreichbar ist.

Ein entscheidender Vorteil dieser Lösung ist die zuverlässige Alarmierung: Eine E-Mail um 3 Uhr morgens an einem Sonntag könnte übersehen werden, doch ein direkter Anruf des SOC-Teams stellt sicher, dass sofort reagiert wird.

Für uns als 24/7 betriebenes Krankenhaus ist dieser Schutz unerlässlich. Die Sicherheit von Patientendaten und die Betriebsfähigkeit unserer IT-Infrastruktur haben oberste Priorität, denn ein Systemausfall kann direkte Auswirkungen auf die Patientenversorgung haben. Vor etwa zehn Jahren, bevor wir Trend Micro eingesetzt haben, wurden wir Opfer eines Angriffs, der unsere IT-Systeme eine Woche lang lahmlegte – eine extrem schwierige Situation.

Mit der zunehmenden Digitalisierung und der stärkeren Abhängigkeit medizinischer Prozesse von IT-Systemen ist ein stabiler und sicherer Zugriff auf Röntgenbilder, Untersuchungsergebnisse und Patientendaten unerlässlich. Da all diese Daten digital gespeichert werden, sind Lösungen wie Trend Vision One entscheidend, um höchste Verfügbarkeit zu gewährleisten und unser System zuverlässig vor Angriffen zu schützen

Die größten Sicherheitsherausforderungen in meiner Organisation sind:

• Unbefugten externen Zugriff verhindern.

• Das Risiko verringern, dass Mitarbeiter durch Unerfahrenheit Angreifern unbewusst Zugang zum Netzwerk gewähren.

Deshalb nutzen wir diese Lösungen in Kombination mit Apex One und Deep Security, um solche Vorfälle zu verhindern. Falls ein Benutzer versehentlich auf etwas klickt, auf das er nicht klicken sollte, kann das System sofort reagieren und Schäden verhindern, bevor sie entstehen.

Wie hat es meiner Organisation geholfen?

Mit Trend Micro Vision One haben wir jetzt einen umfassenden Überblick über unser gesamtes Netzwerk, alle Endpunkte Active Directory. Zudem verfügen wir über eine Branchenvergleichsfunktion, mit der wir unseren Sicherheitsstatus bewerten können.

Zum Beispiel hat unser Berater kürzlich unsere Sicherheitsbewertung überprüft und bestätigt, dass wir gut aufgestellt sind. Das gibt uns ein beruhigendes Gefühl.

Was ist am wertvollsten?

Das SOC-Team ist für uns das wertvollste Merkmal. Es ist extrem hilfreich, Experten zu haben, die globale Bedrohungslandschaften überwachen und entsprechend reagieren können. Sie behalten unser System im Blick und können eingreifen, falls nötig, um erheblichen Schaden zu verhindern. Das ist für uns der wichtigste Aspekt.

Das ist jedoch nicht ganz einfach zu beantworten. Trend Vision One ist ein leistungsstarkes Tool mit einer enormen Menge an Informationen. Es erfordert etwas Übung, um die relevantesten Erkenntnisse herauszufiltern und entsprechend zu reagieren – beispielsweise bestimmte Endpunkte zu untersuchen, wenn nötig.

Da wir noch relativ neu auf der Plattform sind und nur ein kleines IT-Team haben, konnten wir nicht alle Funktionen von Vision One vollständig erkunden. Aber die Daten, die wir nutzen, helfen uns dabei, angemessen zu reagieren und potenzielle Bedrohungen zu adressieren, bevor sie eskalieren.

Ein großer Vorteil ist, dass wir das Active Directory in Vision One integrieren können. Das bedeutet, dass wir Benachrichtigungen erhalten, wenn im Active Directory etwas Ungewöhnliches passiert. Diese Nachrichten erscheinen direkt in Vision One.

Das Vorhandensein einer zentralisierten Plattform, auf der Protokolle und Sicherheitswarnungen aus mehreren Systemen zusammenlaufen, ist ein enormer Vorteil, da wir so effizient über eine einzige Schnittstelle reagieren können. KI ist vorteilhaft, weil sie unabhängig von vordefinierten Mustern agieren kann und auf Verhalten statt auf feste Regeln reagiert. Sie lernt kontinuierlich und kann Bedrohungen erkennen, die möglicherweise noch nicht von bestehenden Sicherheitsprotokollen abgedeckt sind. Dies ist ein bedeutender Fortschritt in der Cybersicherheit.

Wir haben die Vorteile von Trend Vision One sehr schnell erkannt. Innerhalb von ein bis zwei Wochen haben wir bereits Verbesserungen festgestellt. Die volle Wirkung wurde uns bewusst, als wir unseren ersten Bericht erhielten. Dadurch konnten wir Vorfälle analysieren, vergangene Bedrohungen nachverfolgen und verstehen, was in unserem Netzwerk passiert. Nach etwa vier Wochen erkannten wir den vollen Wert der Plattform.

Die Suche nach einem Vorfall wird erheblich beschleunigt, da man die Vorfälle einfach in der Vision One-Konsole anzeigen lassen kann. Man kann bis auf die Aufgabenebene herunterbrechen und genau sehen, welche Datei auf welchem Endpunkt betroffen war.

Das erleichtert die Nachverfolgung eines bestimmten Vorfalls enorm. Es spart mehr als fünfzig Prozent der Zeit, da man, wie erwähnt, direkt vom Endpunkt in der Konsole bis zur Aufgabe, zur Datei, zur DLL oder zu anderen relevanten Elementen navigieren kann. Zudem erhält man eine Anzeige darüber, um was es sich handelt, ohne den Computer direkt aufrufen oder bei Google suchen zu müssen. Wie erwähnt, wird in der Vision One-Konsole alles übersichtlich und klar dargestellt – manchmal sogar mit Handlungsempfehlungen.

Eine zentrale Plattform zu haben, auf der Logs und Sicherheitswarnungen aus verschiedenen Systemen zusammenlaufen, ist ein enormer Vorteil, da wir so effizient von einer einzigen Benutzeroberfläche aus reagieren können.

Was braucht Verbesserung?

Trend Vision One ist bereits sehr leistungsfähig. Die Übersichtlichkeit und Benutzerfreundlichkeit könnten jedoch noch etwas verbessert werden. Manchmal ist es schwierig, sich zurechtzufinden.

Es ist ein so wichtiges Tool, mit dem man viel machen kann. Mit etwas Übung und der richtigen Schulung kann man sich jedoch gut einarbeiten.

Wir implementieren derzeit als Pilotkrankenhaus einen ICAP-Virenscanner über das Service Gateway via Vision One, um unsere KIM-E-Mails zu scannen. Dies war eine wichtige Funktion, und Trend Micro hat sie nun implementiert.

Seit wann nutze ich die Lösung?

Ich nutze Trend Vision One seit etwa einem halben Jahr.

Was halte ich von der Stabilität der Lösung?

Ich würde die Stabilität mit neun von zehn bewerten.

Was halte ich von der Skalierbarkeit der Lösung?

Wir arbeiten derzeit an der Skalierung und integrieren ICAP-Funktionalitäten.

Die Skalierbarkeit ist sehr gut. Man kann fast alles integrieren, was man benötigt, einschließlich E-Mail-Sicherheit usw. Ich würde ihr eine 10 geben, da fast alles integriert ist.

Wie sind Kundenservice und Support?

Die Mitarbeiter, mit denen wir zu tun hatten, waren immer sehr kompetent. Was ich etwas schwierig finde, ist, dass es keinen deutschen Support gibt. Da mein Englisch nicht das Beste ist, laufen Anfragen meistens über unseren Berater, der das Trend-Micro-Support-Team gut kennt und diese Themen täglich behandelt. Wir verlassen uns daher auf unseren Partner.

In Bezug auf Fachwissen ist der Support kompetent. Die Sprachbarriere ist nur etwas herausfordernd, insbesondere wenn sie schnell Englisch sprechen und ich nicht alles verstehe.

Wie würde ich den Kundenservice und Support bewerten?

Positiv.

Wie war das Implementierungsteam?

Die erste Einrichtung wurde von einem Berater von SoftwareOne durchgeführt. Er hat sehr gute Arbeit geleistet, und alles verlief reibungslos – bis auf die Hybridinstallation mit Deep Security.

Apex One hatte einige Probleme, und wir mussten lange einen Support-Fall offenhalten, bis es richtig funktionierte. Aber jetzt läuft alles einwandfrei.

Wir sind hier nur vier Leute in der IT, und jeder kümmert sich um alles rund um die Einrichtung.

Wir installieren die Agenten selbst, das heißt, wir müssen sie manuell auf jedem Computer oder Server einrichten.

Wir haben etwa 400 Endpunkte und ungefähr 600 Nutzer in einer Windows-Umgebung mit einer virtualisierten Infrastruktur über VMware.

Was ist meine Erfahrung mit Preisgestaltung, Einrichtungskosten und Lizenzierung?

Es gibt zusätzliche Kosten.

Insgesamt ist das Preis-Leistungs-Verhältnis in Ordnung.

Welche anderen Lösungen habe ich evaluiert?

Wir haben zuvor Sophos in Betracht gezogen, da wir es als Firewall nutzen.

Da Vision One gut mit bestehenden Lösungen wie Deep Security und Apex One integriert ist, haben wir uns für eine integrierte Lösung mit Trend Vision One entschieden.

Wir haben bewusst gegen eine rein webbasierte Lösung entschieden und betreiben eine Hybridinstallation.

Welches Bereitstellungsmodell nutzen wir?

Public Cloud.

Falls Public Cloud, Private Cloud oder Hybrid Cloud – welchen Cloud-Anbieter nutzen wir?

Microsoft Azure.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure