We performed a comparison between Trellix Network Detection and Response and Trend Micro Deep Discovery based on real PeerSpot user reviews.
Find out in this report how the two Advanced Threat Protection (ATP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."
"Over the thirteen years of using the product, we have not experienced a single compromise in our environment. During the COVID period, we faced numerous DDoS attacks, and the tool proved highly effective in mitigating these threats."
"The solution can scale."
"It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us."
"Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening."
"We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement and that nothing else was infected. It helped us correlate the events and feel confident in our containment."
"We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up."
"Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams."
"The most valuable feature is that the user can customize images of virtual machines in the sandbox functionality. The other vendors only use images that were created by the vendor but not the customer, end-user or partner. This helps to detect advanced threats and attacks."
"The tool's most valuable feature is its collaboration with other products. Integrating with other security products was simple and easy."
"The HTML file sandboxing is very good."
"The tool's stability and performance are good."
"Deep Discovery is scalable and compatible with other products. It's crucial to have that compatibility because it's an integral part of our security solution. It integrates smoothly. The interface is user-friendly, so administration is simple."
"The platform provides all essential features for discovery and administration."
"Initial setup is easy. It can be done by yourself."
"The most valuable feature of Trend Micro Deep Discovery is its complete end-to-end visibility of threats."
"They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."
"We'd like the potential for better scaling."
"FireEye Network Security should have better integration with other vendors' firewalls or proxies, such as Palo Alto and Fortinet. Files that are being submitted should happen through the API or automatically."
"Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier."
"The product's integration capabilities are an area of concern where improvements are required."
"I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."
"The world is currently shifting to AI, but FIreEye is not following suit."
"It would be great if we could create granular reports based on the protocols, types of attacks, regions of attack, etc. Also we would like to easily be able to add exceptions to rules in cases of false positives."
"Trend Micro Deep Discovery's technical support could be improved, and it could be made more active."
"Scalability becomes an issue when managing a higher number of customers."
"Trend Micro Deep Discovery is a very expensive solution, making it very hard to sell."
"The solution should support multiple platforms in Windows, Linux, and Mac. Customers can have different software types. The virtual environment should be able to install and analyze them. The tool also gives only a minimum level of extension support. It may not be able to extract files and give details about them. I would also like to see third-party product integration in the tool. The solution's current integration is only with Trend Micro products only."
"The solution could be more secure."
"Deep Discovery is easy to manage, but there is still room for improvement on the administration and operations side. Competing products have a cleaner interface that makes it easier to manage their products. Trend Micro offers a lot of features in one product suite, but it can be unwieldy for the customer to manage all that with a single interface."
"There are certain aspects of flexibility in the policies that should be added to Deep Discovery."
"The tool's configuration can be made easier."
More Trellix Network Detection and Response Pricing and Cost Advice →
Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 37 reviews while Trend Micro Deep Discovery is ranked 17th in Advanced Threat Protection (ATP) with 23 reviews. Trellix Network Detection and Response is rated 8.4, while Trend Micro Deep Discovery is rated 8.4. The top reviewer of Trellix Network Detection and Response writes "Offers in-depth investigation capabilities, integrates well and smoothly transitioned from a lower-capacity appliance to a higher one". On the other hand, the top reviewer of Trend Micro Deep Discovery writes "Good threat detection capabilities and offers flexibility for hosting options". Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Fortinet FortiGate and Vectra AI, whereas Trend Micro Deep Discovery is most compared with Darktrace, Trend Micro TippingPoint Threat Protection System, Arista NDR, Vectra AI and Palo Alto Networks Advanced Threat Prevention. See our Trellix Network Detection and Response vs. Trend Micro Deep Discovery report.
See our list of best Advanced Threat Protection (ATP) vendors.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
