We performed a comparison between Palo Alto Networks WildFire, Sophos Cyberoam UTM, and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, ESET and others in Advanced Threat Protection (ATP)."They have many different options with Palo Alto WildFire and the set-up is quick. If you have all the details in hand, it does not take more than 15 minutes to deploy a firewall."
"High availability with active-active and active-passive modes."
"It is stable and pretty much scalable."
"The solution has plenty of features."
"We get support in the free version."
"It is the best device in comparison to other network products in the marketplace."
"The most valuable features of the solution are user-friendliness, price, good security, and cloud-related options."
"The most valuable feature of Palo Alto Networks WildFire is its ability to adapt to environments and its robustness."
"The best feature is the flexibility the product offers, in terms of remote access. What we had before was a decentralized mechanism in our organization, but after having this product we were able to get the remote locations into the same LAN. We were able to control the bandwidth and were able to take virtual access of those machines and give them the support, as and when required."
"In terms of features and user-friendliness, the solution is good. It’s very stable. The solution is scalable. In Sophos Cyberoam UTM, the most valuable features are web and application filtering, routing functionalities, and VPN. It has helped us manage the bandwidth."
"The solution has good load balancers."
"The port forwarding is good."
"For a small-medium enterprise this solution is easy to manage and operate."
"The firewall feature has different branches, such as extended firewalls."
"There are plenty of features available, such as Full Guard and WAN."
"User and network policies to be managed on a single screen with powerful filtering and search options."
"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."
"We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up."
"The most valuable feature is the network security module."
"The solution can scale."
"I also like its logging method. Its logging is very powerful and useful for forensic purposes. You can see the traffic or a specific activity or how something entered your network and where it went."
"It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us."
"The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks."
"Very functional and good for detecting malicious traffic."
"The product's false positive logs could be more user-friendly to understand. They could provide examples of precious cases to learn."
"The data analytical system for deployment needs to improve."
"The free version does not have real-time updates. It is slow."
"The GUI is better in 8.0, but I still feel it lacks the fast response most of us desire. Logs are much quicker."
"I don't think it needs to improve anything, except maybe the speed to deploy the changes."
"The price could be better."
"The VPN and decryption need improvement."
"The threat intelligence that we receiving in the reporting was not as expected. We were expecting more. Additionally, we should be able to whitelist a specific file based on a variety of attributes."
"The blocking needs to be improved."
"Sophos Cyberoam UTM could improve by adding VPN site-to-site capabilities. The correct version does not work with Microsoft Azure Cloud."
"Sophos VPN connectivity could be improved, as it can be lengthy, and users take longer to connect"
"Cyberoam configuration is done through the browser, which is one of the places that viruses spread."
"Needs a mail alert/notification when the device loses any of its connections, during ISP redundancy implementation."
"Sophos Cyberoam UTM has room for improvement in specific rules-based objects and redesign. The solution also needs to improve in adding rules and policies, including renewing and finding policies."
"The documentation is not straightforward."
"The product is at its end-of-life. There is nothing to improve as it will be discontinued."
"The world is currently shifting to AI, but FIreEye is not following suit."
"FireEye Network Security should have better integration with other vendors' firewalls or proxies, such as Palo Alto and Fortinet. Files that are being submitted should happen through the API or automatically."
"It would be great if we could create granular reports based on the protocols, types of attacks, regions of attack, etc. Also we would like to easily be able to add exceptions to rules in cases of false positives."
"I would love to see better reporting. Because you can't export some of the reports in proper formats, it is hard to extract the data from reports."
"Certain features in Trellix Network Detection and Response, such as using AL-type commands, may initially pose a challenge for those unfamiliar with such commands. However, once users become accustomed to the system, it becomes easier to use."
"The product's integration capabilities are an area of concern where improvements are required."
"It is very expensive, the price could be better."
"Stability issues manifested in terms of throughput maximization."
More Trellix Network Detection and Response Pricing and Cost Advice →