We performed a comparison between Splunk User Behavior Analytics and Trellix Intrusion Prevention System based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"Because of some of the visualizations that we utilize, we are able to understand strange, unusual traffic on our networks."
"The solution is fast, flexible, and easy to use."
"We are really pleased with Splunk and its features. It would be practically impossible to function without it. To provide a general overview of the system, it's important to note that the standard log files are currently around 250 gigabytes per day. It would be impossible to manually walk through these logs by hand, which is why automation is essential."
"The solution appears to be stable, although we haven't used it heavily."
"Splunk is more user-friendly than some competing solutions we tried."
"It is a solution that helps test and measure customer satisfaction."
"This intelligent user behavior analytics package is easy to configure and use while remaining feature filled."
"This is a good security product."
"The most valuable features are the customization of the signature and the unlimited amount of signatures in IPS."
"The initial setup is straightforward."
"The solution can scale."
"McAfee NSP is much more stable than Cisco."
"It has a lot of functions, such as firewall. We are administrators, and we create some rules to protect our network. We also monitor the traffic in and out and have disk encryption on-premises. When we detect malware, we scan for the virus on the PC. We can then delete or block the malware."
"The feature I found most valuable is the network threat analyzer in the security platform. It also integrates with GTI, or Global Threat Intelligence. Otherwise, I just use the basic features."
"There's a good dashboard you can drill down into. It helps you easily locate intrusions and the source of attacks."
"The most valuable features of the solution stem from the fact that it is a good product for dealing with DDoS attacks and for the inspection of network traffic."
"The initial setup was complex because some of the configurations that we required needed customization."
"I would like improved downward integration with other tools such as McAfee and other GCP solutions."
"They should work to add more built-in correlation searches and more use cases based on worldwide customer experiences. They need more ready-made use cases."
"The solution is much more expensive than relative competitors like ArcSight or LogRhythm. It makes it hard to sell to customers sometimes."
"We want to have an automated system for bot hunting that enables us to detect anomalies predictively based on historical data. It would be helpful if Splunk included process mining as an alternative option. We have a threat workflow, but it would be useful if we could supplement that with some process mining capabilities over time."
"It could be easier to scale the solution if you are using it on-premise, not in the cloud."
"Currently, a lot of network operations need improvement. We still need people to handle incidents. Our vision is to leverage status and convert it directly from the network devices. It would be ideal if we could take action using APIs and API code and remove manual processes."
"The ability to do more complicated data investigation would be a welcome addition for pros, though the functionality now gives most people what they need."
"The solution could improve some aspects of detection."
"The technical support has room for improvement."
"The solution needs to improve the graphical interface. And they had a limitation in some of the sensor modems as well."
"The technical support must be improved."
"The Network Security Managers could be more stable, agile, and work faster. When it comes to instability, there is room for improvement."
"The platform’s GUI could be the latest."
"Integration with Global Thereat Intelligence could be better. Also, I think management solutions are end of life now at McAfee. Network threat analyzer may be used for endpoint quarantines. Integration between these sides, as well as endpoint APO, will help you quarantine the risky endpoints."
"There are limited resources for configuration guidance."
More Splunk User Behavior Analytics Pricing and Cost Advice →
More Trellix Intrusion Prevention System Pricing and Cost Advice →
Splunk User Behavior Analytics is ranked 13th in Intrusion Detection and Prevention Software (IDPS) with 17 reviews while Trellix Intrusion Prevention System is ranked 15th in Intrusion Detection and Prevention Software (IDPS) with 14 reviews. Splunk User Behavior Analytics is rated 8.2, while Trellix Intrusion Prevention System is rated 8.4. The top reviewer of Splunk User Behavior Analytics writes "Easy to configure and easy to use solution that integrates with many applications and scripts ". On the other hand, the top reviewer of Trellix Intrusion Prevention System writes "Protects from attacks in real-time and provides accurate threat intelligence updates". Splunk User Behavior Analytics is most compared with Darktrace, Microsoft Defender for Identity, IBM Security QRadar, Cynet and Varonis Datalert, whereas Trellix Intrusion Prevention System is most compared with Trend Micro TippingPoint Threat Protection System, Cisco NGIPS, Palo Alto Networks Advanced Threat Prevention, Check Point IPS and Trend Micro Deep Discovery. See our Splunk User Behavior Analytics vs. Trellix Intrusion Prevention System report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
