We performed a comparison between Fortinet FortiGate and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."The next-generation firewall is great."
"The Intrusion Prevention System and the web filtering are both working well."
"There are lots of features and most of them are deployed for internet security. Users are protected if they accidentally go to some malicious sites."
"One of the valuable features is a standardized OS."
"I like several features that this product has, such as antivirus and internet navigation inspection. It is also simple to use."
"All of the features of Fortinet FortiGate are useful and the security protection is good."
"We purchased Fortinet because of the pricing, its functionality, because it met our requirements, and the total cost of ownership over five years was quite reasonable. In the market, Fortinet is rated quite well."
"The solution is easy to configure and maintain remotely."
"Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams."
"It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us."
"The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks."
"We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement and that nothing else was infected. It helped us correlate the events and feel confident in our containment."
"The features that I find most valuable are the MIR (Mandiant Incident Response) for checks on our inbound security."
"It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."
"The most valuable feature is MVX, which tests all of the files that have been received in an email."
"If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution."
"For the migration, everyone has a firewall in use and I am selling Fortinet. Typically, I am replacing another firewall. Previously, there was a tool available to convert configurations from one firewall, such as Palo Alto, to Fortinet, but this tool is no longer free. If it could be made free again, it would be very beneficial."
"Fortinet needs to overhaul its documentation."
"The initial setup is complex."
"It is stable, but its stability can be improved."
"They can do more tests before they release new versions because I would like to be more assured. We had some experiences where they release something new and great, but some of the old features are disabled or they don't work well, which impacts the product satisfaction. The manufacturer should be able to prove that everything works or not only that it might work. This is applicable to most of the other services, software, and hardware companies. They all should work on this. We cannot trust every new release, such as a beta release, on the first day. We wait for some comments on the forums and from other companies that we know. We always wait a few weeks before we use the updated version. They should also extend the VPN client application, especially for Linux versions. Currently, it has an application for Linux devices, but it doesn't work the way we want to connect to the VPN. They use only the old connection, not the new one. They have VPN client applications for Windows and Mac, but they can add more useful features to better manage the devices and monitor the current health of each device. Such features would be helpful for our company."
"I could not configure sFlow from the FortiGate graphical user interface. I realized that the sFlow configuration is available only from the CLI, and discovered that sFlow is not supported on virtual interfaces, such as VDOM links, IPsec, or GRE."
"The UTM filtering needs improvement."
"The main aspect of FortiGate that could be improved is load balancing. Our management team does not want to buy another appliance for only load balancing."
"If you want to search the hashes in the environment, you need to put in IOCs one by one, making it a very hectic job."
"We'd like the potential for better scaling."
"I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."
"There is a lot of room for Improvement in the offering, from cost to functionality. It is pretty straightforward to implement which is an advantage. However, it falls short in pricing, detection capabilities, and, most importantly, reporting and policy management."
"Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
"Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier."
"It would be a good idea if we could get an option to block based upon the content of an email, or the content of a file attachment."
More Trellix Network Detection and Response Pricing and Cost Advice →
Fortinet FortiGate is ranked 2nd in Firewalls with 306 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 37 reviews. Fortinet FortiGate is rated 8.4, while Trellix Network Detection and Response is rated 8.4. The top reviewer of Fortinet FortiGate writes "It's a reliable solution that's easy to install and cheaper than competitors ". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Offers in-depth investigation capabilities, integrates well and smoothly transitioned from a lower-capacity appliance to a higher one". Fortinet FortiGate is most compared with Sophos XG, Cisco Secure Firewall, Netgate pfSense, Meraki MX and WatchGuard Firebox, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Vectra AI and NetWitness Platform.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
