We performed a comparison between Fortinet FortiSandbox and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Advanced Threat Protection (ATP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."FortiSandbox helps us handle unknown threats. Every vendor is competing for who can detect an unknown threat the fastest. Fortinet is competitive in the market."
"The initial setup is straightforward."
"The real-time analysis capability of FortiSandbox is beneficial for email analysis."
"The product is great. It can be deployed on the cloud or on-premises."
"Integration is one of the solution's most valuable aspects. You can integrate even third-party solutions so that they can send the information or files they quarantine through the FortiSandbox"
"What I find most valuable, is that it is easy to use."
"The most valuable feature is the protection and the way it works, the technology is what I like the most."
"The most valuable features for me when it comes to Fortinet FortiSandbox are the integrity of the Sandbox and the power of the analyzing tool of the solution."
"It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us."
"We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up."
"The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks."
"We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement and that nothing else was infected. It helped us correlate the events and feel confident in our containment."
"Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities."
"The solution can scale."
"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."
"If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution."
"The delivery feature in my country is extremely bad."
"If you were to compare prices between vendors and manufacturers, you would see that the lowest equipment in the Sandbox line is quite expensive for a new customer."
"The use cases in Fortinet FortiSandbox are not good. It is difficult to upload a custom VM for Fortinet FortiSandbox. The integration of Fortinet FortiSandbox with other Fortinet or FortiGate firewalls is not good. VMs are already installed in the hardware and are working fine, but we tried to approve the custom VM many times but did not succeed."
"I would like to have machine learning added to the solution in a future release."
"The area I would like this solution to be improved in is the integrations for Sandbox with AI and big data ML mechanisms. I think this would be a practical improvement."
"In the next release, I would like to see machine learning and anti-exploitation included."
"The response time from technical support should be improved."
"Fortinet FortiSandbox should improve its performance and security accuracy to keep competitive with other solutions, such as IBM."
"They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."
"As far as future inclusions, it would be useful to display more threat intelligence, such as the actual area of the threat and the origin of the web crawling (Tor and Dark Web)."
"Management of the appliance could be greatly improved."
"I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."
"Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official distributor and partner of FireEye, and we have access to complete documentation about how to configure or implement this technology, but for customers, very limited documentation is available openly. This is the area in which FireEye should evolve. All documents should be easily available for everyone."
"We'd like the potential for better scaling."
"It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning."
"There is a lot of room for Improvement in the offering, from cost to functionality. It is pretty straightforward to implement which is an advantage. However, it falls short in pricing, detection capabilities, and, most importantly, reporting and policy management."
More Trellix Network Detection and Response Pricing and Cost Advice →
Fortinet FortiSandbox is ranked 4th in Advanced Threat Protection (ATP) with 36 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 37 reviews. Fortinet FortiSandbox is rated 8.2, while Trellix Network Detection and Response is rated 8.4. The top reviewer of Fortinet FortiSandbox writes "Light and powerful solution design; useful to have". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Offers in-depth investigation capabilities, integrates well and smoothly transitioned from a lower-capacity appliance to a higher one". Fortinet FortiSandbox is most compared with Palo Alto Networks WildFire, Check Point SandBlast Network, Microsoft Defender for Office 365, Fortinet FortiEDR and Cisco Secure Network Analytics, whereas Trellix Network Detection and Response is most compared with Palo Alto Networks WildFire, Zscaler Internet Access, Fortinet FortiGate, Vectra AI and NetWitness Platform. See our Fortinet FortiSandbox vs. Trellix Network Detection and Response report.
See our list of best Advanced Threat Protection (ATP) vendors.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.