We performed a comparison between Palo Alto Networks WildFire, Trellix Network Detection and Response, and WatchGuard XTM [EOL] based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, ESET and others in ATP (Advanced Threat Protection)."The most valuable feature of Palo Alto Networks WildFire is its ability to adapt to environments and its robustness."
"Stability-wise, I rate the solution a ten out of ten since we never faced any issues."
"It is the best device in comparison to other network products in the marketplace."
"The graphic user interface of Palo Alto is good and it's easy to configure."
"The scalability is acceptable."
"I like the analysis they apply to the unknown files, and I think they have good technology to use as a sandboxing tool. I didn't find something similar to WildFire in the marketplace."
"The solution is easy to use and the Panorama feature is good. The software management or the malware blocking and some authentication management system are good."
"It catches modified signatures of known viruses."
"The most valuable feature is MVX, which tests all of the files that have been received in an email."
"The installation phase was easy."
"I also like its logging method. Its logging is very powerful and useful for forensic purposes. You can see the traffic or a specific activity or how something entered your network and where it went."
"The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks."
"The features that I find most valuable are the MIR (Mandiant Incident Response) for checks on our inbound security."
"If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution."
"The solution can scale."
"The MVX Engine seems to be very capable against threats and the way it handles APTs is impressive."
"It is stable and does not require you to reboot all the time."
"I like the hostwatch because I can see what traffic uses the most bandwidth and I can block that site."
"There is a site-to-site VPN configuration between others people."
"Reputation Enabled Defense indicates that some websites are so infested that it's not even worth visiting them, and therefore saving the bandwidth of going through the detection process."
"They have a reporting system which can store data over a very long period of time. Not many other firewall vendors provide a reporting system, but if they do, like Fortinet does, then you've got buy that as an additional product and that can be more than twice as expensive as the initial investment in the firewall. And without reporting over a long-term period, you're just about wasting your time."
"Application Control is fantastic with over 2,500 applications and the granularity that we can either allow people to view but not be able to log on to Facebook; or view it and log onto it if they're in the marketing department, but not play Facebook games. There are all sorts of different options like that. So it's highly granular."
"After installing the product, we achieved awareness of our data protection needs and email misuse."
"Monitoring of network activity is included in the box."
"When comparing this solution to others it is not as good overall."
"Palo Alto Networks WildFire could improve by adding support for manual submission of suspicious files and URLs. Additionally, it would be an advantage to add rule-based analysis. Currently, it uses only static and AI. We need to be able to analyze archive files."
"When you contact support, there is no guarantee that they will be available to help you tackle the issue that you are facing."
"The price could be better."
"The price of WildFire should be reduced in order to make it more affordable for our customers."
"The cyber security visibility and forensics features to receive more information about incidents could improve in Palo Alto Networks WildFire."
"There are more specialized solutions that compete with Wildfire. Therefore, they need to work on their machine learning and AI to be more competitive."
"The only problem with this solution is the cost. It's expensive."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
"FireEye Network Security should have better integration with other vendors' firewalls or proxies, such as Palo Alto and Fortinet. Files that are being submitted should happen through the API or automatically."
"It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning."
"Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier."
"It would be very helpful if there were better integration with other solutions from other vendors, such as Fortinet and Palo Alto."
"Certain features in Trellix Network Detection and Response, such as using AL-type commands, may initially pose a challenge for those unfamiliar with such commands. However, once users become accustomed to the system, it becomes easier to use."
"I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."
"I would love to see better reporting. Because you can't export some of the reports in proper formats, it is hard to extract the data from reports."
"The initial setup is neither simple nor complex. If you know the base in networking and how the firewall works, you will be able to figure it out."
"WatchGuard doesn't have a product that allows them to get into the data center. And that's just because there is no hardware to do the job. The software could do it, but there's no hardware that allows that to happen at the moment. So it doesn't scale as well as some other products, that's for sure."
"I would like them to improve the product's overall protections. This would be good for all product users."
"One huge issue with WatchGuard XTM is that I'm not getting reports in a readable format. Readable means, I don't want Excel online. We repeat auditing when we trigger the report or setup calendar. That functionality is what we are looking for from WatchGuard XTM here."
"Syslog (Dimension) is focused on presentation, but needs more focus on utility like SonicWall syslog (GMS/Analyzer)."
"Sometimes we have had issues with stability of the product."
"The VPN errors are not helpful when troubleshooting."
"The setting policies need improvement. It needs an easier way to do static NAT and check on what policy is being used for that specific traffic."
More Trellix Network Detection and Response Pricing and Cost Advice →
Earn 20 points