Trend Micro Deep Security Reviews

I use the solution in my company to reduce SMB attacks on the data center site and ensure data center protection from flooding and threats.

For server security purposes, I like the product's firewall. The firewall has three features we use in our company, of which one controls flooding, the other blocks unwanted ports, and the third allows us to control traffic via Deep Security if the firewall port is open from the switch or router side.

In our company's infrastructure, we have not faced any challenges with the product. Considering the lack of issues or challenges faced with the use of the product in our company's environment, I feel that it is a good solution.

Sometimes, the product is not very stable, but it is something that depends on the infrastructure in which the tool is used. The aforementioned area can be considered for improvement.

If Trend Micro Deep Security wants to implement some new features in it, then I would say that it should focus from a networking point of view and see how to control network traffic specifically coming from external to internal traffic on the servers.

I have been using Trend Micro Deep Security for two years. My company operates as a system integrator for Trend Micro.

If I consider my company's infrastructure, everything is good with the product because we have enabled the threat protection systems to control our environment, so we don't see any suspicious activities.

I rate the solution's stability as ten out of ten.

Scalability-wise, it is a good tool, and I rate the solution as nine out of ten.

When it comes to technical support, I would say that none of the products are bad, and all the tools are usually good. There are a few areas where certain modifications or changes are required, and it is something that varies from client to client. In my opinion, all products, including Symantec and Trend Micro, are good. Based on the infrastructure of users and what they want to implement, there are a few things that Trend Micro should understand. I rate the technical support an eight out of ten.

Positive

I work with Trend Micro Endpoint Security with Apex One. I also use Symantec.

If I consider my company's infrastructure, everything is good with the product because we have enabled the threat protection systems to control our environment, so we don't see any suspicious activities.

I rate the solution's stability as ten out of ten.

The solution is deployed on the cloud.

Symantec and Trend Micro Deep Security are good products, and I don't have any issues with either of the solutions, specifically from a technical perspective.

The costs associated with both the products are taken care of by the sales department or management in our company. Symantec and Trend Micro Deep Security have features that are almost 80 to 90 percent similar. The only area where Symantec needs to improve is related to the remote capabilities it offers.

The product's intrusion prevention system works fine, but we have not implemented any other policies in our company. In our company, we use the default policy in our environment to deal with and prevent intrusions, so we have not customized any policies associated with the intrusion prevention system. With the default policies in place, whenever there is some traffic coming in, the tool will automatically detect, allow, or take action based on the signatures.

I have learned many things while using the product, including the fact that it is very important for a company to decide what they want before purchasing a solution.

I rate the tool a nine out of ten.

Trend Micro Deep Security protects our organization from threats. Trend Micro has kept us compliant with PCI and PPA.

Support and threat prevention are the most valuable features of this solution.

I have been using Trend Micro Deep Security for five years.

The solution is stable. Trend Micro gets threat intelligence and is always up-to-date with all cybersecurity threats zero-day. Updates are provided through our email. If anything needs to be adjusted on our system, or their product, they will advise us right away.

Trend Micro is scalable if you have the budget for it. All of our 2,500 employees are covered with Trend Micro Deep Security.

The support from Trend Micro Deep Security is good. The company has a good knowledge base where we can troubleshoot any issues. We also have a support portal with them where we can raise issues that we can't solve on our own. This includes on-call support with them in case the issue needs to be resolved urgently.

Positive

Prior to using Trend Micro, we were using Sophos.

The initial setup of the product was straightforward. All you need to do is install the firmware, ensure the firewall connections are open, and you are done. 

It took about one month for us to deploy Trend Micro Deep Security. We had an integrator deploy the pilot of the first 30. After the pilot, our team deployed the rest.

If you need an additional 10 or 20 licenses, you will need to pay additional fees.

This product is one of the leaders in terms of endpoint protection, server protection, and network protection. They provide good support, and it is easy to deploy. They are scalable, and the threat intelligence is very good. They stay up to date with what is happening in the cyber world.

Personally, I like anti-malware and integrity monitoring. The anti-malware has its own behavioral monitoring and machine learning. It detects all species and objects in the server or the file integrity monitoring. If there are any changes on the server side, they will alert you. I would like to see these tools as part of Trend Micro Deep Security.

I would rate Trend Micro Deep Security a nine out of ten overall.

Our company uses Trend Micro for anti-malware support on servers and user PCs. Its normal anti-virus, file integrity monitoring, and threat prevention modules are also active in our systems.

The overall vision and execution of the vendor are really good. The solution has a low footprint and does not have a lot of impact on the host. The reporting mechanism is also good, and at any given point in time, we can see how many endpoints are compliant. The product support is also good.

The solution should focus on the EDR part and probably have an integrated data leak prevention module as well.

In future releases, the solution should provide one agent who takes care of EDR, end-point security, DLP, and application control.

I have been using Trend Micro Deep Security for more than five years.

It is a stable solution. I would rate its stability a ten out of ten.

The solution is scalable. I would rate its scalability a ten out of ten. Currently, the solution is being used by around 4,000 users in our organization.

The customer service and support team is good.

Positive

The initial setup is straightforward and only a matter of a couple of clicks. Once you have a design in place, deployment is not a challenge. In terms of time– one part goes into solution deployment and the other into solution adaptation. Solution deployment does not take much time; solution adaptation does.

The solution was deployed by consultants. I think one professional from the system integrator or the OEM and one in-house resource are enough for this deployment.

Moreover, it is just like any other IT solution in terms of maintenance. Since it is installed on a server host, whatever general maintenance is required for that host is what’s needed—just general IT maintenance. We have an in-house team of IT and security engineers who take care of the maintenance.

Just like in any other IT solution. General IT maintenance, we have an in-house team of IT and security engineers who take care of the maintenance.

Before deploying a solution, new users must refer to market research. For companies like ours, we select top-of-the-line products. Although this is the best product suiting our requirements, the decision should be based on individual evaluation.

Overall, I rate the solution an eight out of ten.

In our company, all critical systems are connected to a Security Operation Center (SOC), and we use Trend Micro Deep Security on these servers. Our company is in the manufacturing industry, dealing with metals and mining processes, and many of our solutions are hosted on public IP and accessed from outside organizations' networks. Installing Trend Micro Deep Security helps us prevent ransomware attacks and other unauthorized access attempts. Since we are connected to SOC, we receive detailed information on any attempts to penetrate our systems from outside, apart from just letting us know if there are any vulnerabilities or not. Additionally, Trend Micro Deep Security provides features like sandboxing. However, we have not been able to utilize these features fully.

Since I wanted to know the additional features that Trend Micro Deep Security offers beyond what we currently use in our solution, I was trying to find a comparison between Trend Micro Deep Security and Trend Micro Apex One.

Virtualization and sandboxing are the two features available in the solution. I learned about these two features from our service provider, through whom we secured the license required for the solution. So, our service provider is a reseller and not directly related to Trend Micro. Also, I am yet to go through the technical documents of the solution since I couldn't find much information about the solution online.

Regarding the deployment process, we first conducted a study to identify potential vulnerabilities and cybersecurity requirements for the business. Once we clearly understood these objectives, we began exploring solutions that could meet them. We then evaluated options such as a Security Operations Center (SOC) and Trend Micro Deep Security as part of this process.

I haven't received any distribution emails from the Trend Micro team regarding recent vulnerabilities and their efforts to mitigate them. It would be helpful if they could send emails notifying their users about the recommended upgraded versions to address the newly discovered vulnerabilities. This is an area that could be improved from more of a marketing perspective than a technical aspect.

In our company, we have been using Trend Micro Deep Security for at least two years now. Presently, we are using the latest version. So, we keep updating the solution. We provide the solution to the servers on a public IP.

It is a stable solution.

It is a scalable solution. Considering the different price ranges available, one needs to buy a device. It needs device-based licensing. For instance, if 50 more devices in our organization require Trend Micro Deep Security, then I have to purchase 50 more licenses. So, scalability is not a challenge in the solution. Also, we have around 100 people in our organization using the solution.

The solution is being used very extensively in our organization. In the company where I work, we have only a single solution for all of our servers. That single solution is Trend Micro Deep Security. Also, we have been using Trend Micro Apex One for the past two or three years.

I need to check with my team to know whether we ever interacted with the solution's technical support team.

The solution's initial setup was straightforward. It's not kind of a cumbersome one.

The deployment process did not take more than two months post-order placement for the solution. So, Trend Micro Deep Security and SOC are two separate parts. For SOC's deployment, we took around six to nine months. Trend Micro Deep Security is a type of endpoint security solution which, post procurement, takes around four to six weeks to configure.

Regarding the solution's deployment model, the managing, monitoring and diagnostics part of the solution is on the cloud, while all of our clients have chosen an on-premises deployment model. Basically, the clients are installed on physical devices.

Previously we had support for a deployment and maintenance procedure from the service provider. Currently, the solution is managed by our team as it is deployed on-premises.

We need to make yearly payments for the solution's licensing. There are different pricing models, like subscription-based and perpetual. Our company has chosen perpetual pricing. So for us, multiple reassignments are possible. If I choose one license and assign it to one device, I can later remove it from that device and assign it to a different one. Given the requirements that our company has, the solution is not too expensive.

According to our process, our organization usually explores three solutions by making a detailed technical comparison. After that, based on the business requirements, pricing and technical ratings that our experts provide, we go ahead with one of them. I do not know which two solutions were compared with Trend Micro Deep Security.

Currently, my organization relies on Trend Micro Deep Security to meet its business needs in the cybersecurity space. It is important to stay vigilant and explore all possible cybersecurity interventions. Despite having access to many of the solution's features, my organization has not yet deployed them all. As our organization and its systems and solutions continue to grow, in our organization, we want to enable all of the solution's potential, which can provide us with security. Therefore, I was seeking to compare the additional features available within the solution to identify any that could provide significant security benefits to my organization.

I would definitely recommend the solution to those planning to use it. Overall, I rate the solution between eight to nine out of ten.

We primarily use the solution for security purposes. 

We couldn't find any aspect that was valuable. That's why we want to drop the usage of Trend Micro Deep Security. The team cannot see the benefits.

The initial setup was straightforward. 

It is scalable. 

It is stable. 

We couldn't make the necessary modifications to the solution. We want to see improved authentication. We want to improve the interaction, and we want to get more notifications from the security service.

We've been working with the solution for three years. 

The solution has been stable and is working. We don't have any issues with the tool. 

We have not had any issues with scalability. The solution can expand as needed. 

We are using it on our more than 50 virtual servers. 

I cannot recall dealing with technical support. 

We want to replace the solution with Sentinel One and are moving in that direction now. 

We are also using other Trend Micro products, such as email security. 

The product offers a simple, straightforward setup. I'm not sure how long the deployment itself took. It was implemented three years ago, and I do not recall the exact strategy we used during implementation. 

I'm not sure how many people were involved in the initial deployment. 

We bought and paid for the solution three years ago, and in six months, we will have to renew and pay again. Instead of doing that, we are looking for a new solution, likely Sentinel One. 

My team plans to drop the usage of Trend Micro.

I'd rate the solution five out of ten. 

The virtual patching features of Trend Micro Deep Security are very good. If you're running an unpatched server and you need to do n-1 patching, you need to wait for a month for the patch to be rolled out. That one month is a long time for an attacker to do an attack. Virtual patching is a wonderful feature where we do a recommendation scan and an internal assessment on the server, and it updates the IPS signatures to block any attack. I have seen instances where it has prevented attacks on the end-of-support servers such as 2018 R2, and many years ago, even 2007 servers that were end-of-support. It certainly helped there.

Another big advantage of Trend Micro at the time was that it supported Linux. Nowadays, most of the vendors seem to be supporting the Linux operating system, but Trend Micro was the initial organization that started supporting Linux and anti-malware solutions. It only had the anti-malware solution. It didn't do file integrity monitoring or other things.

Trend Micro Deep Security is easy to use and deploy.

I've not worked with CrowdStrike Falcon, but one of our customers also had CrowdStrike Falcon on some of the devices. I was only supporting Trend Micro. They had a ransomware attack, but Trend Micro didn't detect that particular ransomware attack, whereas CrowdStrike did. I was not a big fan of CrowdStrike till then, but when I saw that Trend Micro couldn't detect that particular attack but CrowdStrike could, my opinion changed. All the servers with Trend Micro were impacted, but all the devices on which CrowdStrike agents were running weren't impacted. CrowdStrike detected and blocked the attack immediately. From that perspective, I have high regard for CrowdStrike because the role of an EDR is to detect and respond immediately and block an attack. Containment is the first priority. Trend Micro can give numerous ifs and buts about why it couldn't detect that attack, and even though I'm a fan of Trend Micro and have extensive experience with Trend Micro Deep Security and Trend Micro Apex One, in that particular instance, CrowdStrike literally beat Trend Micro.

A disadvantage of Trend Micro as compared to CrowdStrike is that it doesn't work well with other solutions. If you have McAfee for anti-malware and IPS and the firewall of Trend Micro, they don't go very well. I had challenges deploying it with Carbon Black as well as McAfee and Symantec. It's because of the way Trend Micro works. It integrates with the NIC driver, so if two agents are running, it doesn't work well because they both want to integrate with the NIC driver.

It's easy to deploy. I've deployed it for more than 12,000 devices, which includes endpoints and servers. It's easy to deploy and easy to manage. You can do it automatically through the script. The ease of implementation and ease of management are there, but there are a few challenges. Linux compatibility has some issues because it's a kernel-based rollout. Especially with CentOS, I face challenges. CentOS is now Red Hat, so if we are running CentOS, we have to deploy Red Hat agents and not CentOS agents. It's not that easy to manage on Linux. If it's a stable, standard Linux version, it works, but with beta versions, there are some challenges.

CrowdStrike had an advantage over Trend Micro when it came to pricing. Trend Micro had several modules, so it was a little priced up, but CrowdStrike was not. However, even CrowdStrike has increased their price now, so probably both of them are on par, but the number of modules that Trend Micro has is far more than CrowdStrike. It comes with file integrity monitoring, application control, and web reputation. It has outbound URL protection, and it also has ransomware protection for servers, whereas CrowdStrike Falcon is a straightforward solution. It isn't an apple-to-apple comparison. It's a big apple versus small apple kind of comparison.

My general advice to everyone is to first define your must-haves. What is it that you are looking for in a product? Nowadays, there are so many products with overlapping features, so you need to first decide what it is you are looking for. From a feature perspective, you should define must-haves and nice-to-have. 

You also need to test it out if you are running multiple products on the same server. You need to test it out on the utilization side because there is a huge utilization hit if you are running multiple agents on the same server. You need to work it out because Trend Micro, CrowdStrike, or any other agent would require a good amount of memory. There should be dedicated memory for them. If there is a 16-gig memory, at least 2-gig memory should be dedicated to them. There should be 2 gigs for it to just work and 8 gigs for the OS, so we are talking about a minimum of 10 gigs. If your servers are running on low memory, there'll be a huge utilization hit on the servers. Therefore, you need to choose the right agent. If you are running multiple agents, then you probably need to do a capacity evaluation before purchasing any of the tools. There are trial versions available, and PoCs are also available, so you can certainly check on it and see the utilization. Do proper homework before purchasing the tool. The tool is good, and it will perfectly work fine, but it also depends on the implementation.

At this time, I'd rate it an eight out of ten because of the challenge that I faced when I was dependent on this, but it couldn't protect the server. However, by now, Trend Micro would have fixed the problem that I faced a year ago. I know their Singapore EDR team. I worked with them, and they are quick in terms of fixing any bugs or issues. They would've definitely looked into it, but that was one instance for me where CrowdStrike outperformed Trend Micro.

It's for security: IDS, IPS, intrusion detection, and securing our perimeter in general. E.g., OWASP rules.

Trend Micro gave our security teams a certain degree of comfort by just having it in the background, as they have familiarity with the product.

IDS and IPS are its most valuable features.

AWS products could become more compatible with intrusion detection products leveraging help from Trend Micro.  

We have had no stability issues.

Scalability hasn't been an issue.

We have different workloads, so it depends on if we're talking about development, QA, or the testing environment. They are all separate accounts. We have a central account to try to manage all of them. A lot of these type products, like Trend Micro, fit into these shared environments. 

Right now, we've got a few production workloads, but most of the workloads are still in development.

Automation is a big part of everything that we do. The team setting it up would have had to set up Chef scripts and other things to make sure that we could automatically deploy. This would have been part of the configuration and management into the AWS environment.

We were looking for a tool to help secure our environment. There wasn't anything immediately available as an AWS native service, so we looked for a third-party tool which could do it. 

We would like to see more from AWS natively on the intrusion detection side.

Take a good look at all the different options. If there are things which I think teams are familiar with, that always gives a product a bit of a leg up. This is not just from the perspective of the people who support and deploy the product, but even the security teams who may be already familiar with the product and know how effective it is. It gives them a lot more comfort seeing something that they have some background with.

Our company uses the on-premise and AWS versions. I work with the AWS version, and have been happy with it. I am seeing more of the end result of it rather than the infrastructure and security perimeter.

We decided to use AWS because it was something the teams were familiar with. Our teams, who are currently using Trend Micro, were already familiar with the product and wanted to make use of it in the cloud as well. It was just a matter of continuity.

It is integrated with a SIEM, security incident and event management, platform. A lot of the output which comes from Trend Micro, we fed into the SIEM system so the security teams and the monitoring teams have a single pane of glass view into all the security features of our environment.

The most valuable feature we have found is threat detection.

We have had some issues when it drains some of the resources of the server. When that happens it slows down some of the processes and causes the CPU to run a little harder.

We have been using Trend Micro Deep Security for the past six months.

The stability is good for our purposes.

Trend Micro Deep Security is scalable.

We find that their technical support team is always accessible and willing to assist.

Positive

It can be complex to implement depending on what features you enable because Deep Security is such a comprehensive product. However, if we just enabled everything out of the box, then it's quite easy. Your choice of how many layers of security you want makes a difference.

The cost runs around forty dollars per server a month. 

I know that there is another product that we use that's a competitor. It has a team of specialists that monitor the logs. If you've got the product installed on a server, they monitor it live. That's very useful because it adds another dynamic.

Learn as much as you can about the product because it is very comprehensive. Read the documentation before you install it and learn about the system first. I would rate Trend Micro Deep Security a nine out of ten.