Endpoint Detection and Response » Fidelis Elevate Reviews » Review

Fidelis Elevate Review

IPS security, originally from the GOVT space, now commerical

What is our primary use case?

It is used as our primary in-line IDS/IPS system, replacing FireEye NX. It catches more, looks at more ports than Fireeye NX, and is a scalable appliance, unlike our NX which was saturated and shut itself down.

How has it helped my organization?

Increased our ability to stop malware before it hits workstations. That ability increased by 200% due to the number of ports it monitors, over the FireEye NX product.

It has also improved our hunt ability with quick search tools, to zone in on malware or other anomalies. It is able to link items to incidents from other consoles, and works natively with the SIEM.

What is most valuable?

IPS and reporting. It catches more inline than the FireEye NX even looked at. It has a rating system now so you can rate things up or down, depending on your environment. This means alerting can be customized, yet still pick up anomalies.

Reporting has been great and it is easy to do a quick search through 45 days of data for something of interest.

What needs improvement?

Update: The interface bug issue hasn't happened in last three months. This may be solved now, we hope. Support seems better.

For how long have I used the solution?

Four years

What do I think about the stability of the solution?

There was a bug issue for more than a year, but seems resolved with last patch, last reboot occured over 3 months ago.

What do I think about the scalability of the solution?

No issues with scalability. In fact, we’ve added a datacenter, purchased new gear, and scaled out two more units for the active/standby site to take over the load, should a DR be required.

How are customer service and technical support?

Tech support is competent, usually responds within a few hours, can escalate anything urgent to technical account rep for immediate handling.

If you previously used a different solution, which one did you use and why did you switch?

We used a different solution. We switched due to flexibility, expandability, and cost. Limitation in old hardware appliance would not scale without major costs.

How was the initial setup?

A breeze. After rack and stack, devices were up and running base configurations within two hours. As with any IPS, tuning is required to stop false positives. This is no different, but the ease of use of the interface allowed my team to start making adjustments within a few hours. With the latest version this is even easier, given the new rating system. You can tweak your environment on the fly, as your ops look at alerts to lower thresholds, raise them, or reduce false positives.

What about the implementation team?

we always use 1 of 2 partner implementer. I rate our partner a 9/10.

What was our ROI?

More visibility at the north-south network layer, automation of security event/incident handling.

What's my experience with pricing, setup cost, and licensing?

Company came from government space. You license by the number of days of logs you need to maintain visibility for. Forty-five days is a good solid number for a company with around a 10k user base.

Which other solutions did I evaluate?

Tipping Point, Cisco

What other advice do I have?

The product itself works fine, support is pretty good.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 Comment
IT Security Coordinator at a healthcare company with 1,001-5,000 employeesReal UserTOP 5LEADERBOARD
View Profile | Ask a Question

Account people have moved around and support has taken a small hit but still getting quick responses, although resolutions are taking a bit longer.

04 June 19
Guest
Author
Highlights
Pros
It has also improved our hunt ability with quick search tools, to zone in on malware or other anomalies. It is able to link items to incidents from other consoles, and works natively with the SIEM.It has a rating system now so you can rate things up or down, depending on your environment. This means alerting can be customized, yet still pick up anomalies.Reporting is great, it is easy to do a quick search through 45 days of data for something of interest.After rack and stack, devices were up and running base configurations within two hours. As with any IPS, tuning is required to stop false positives. This is no different, but the ease of use of the interface allowed my team to start making adjustments within a few hours.
Cons
The interface bug needs to be squashed once and for all. This has been the predominant issue with an otherwise stellar product. It reboots itself unscheduled, about once a month, due to a memory buffer flaw in the interface.
Pricing Advice
You license by the number of days of logs you need to maintain visibility for. Forty-five days is a good solid number for a company with around a 10k user base.
Sign in to see all reviews and comparisons. It's free!
By clicking Sign in with LinkedIn™ you agree to let IT Central Station use your LinkedIn profile and email address in accordance with our Privacy Policy and agree to the Terms of Service.
Sign Up with Email
  • Unlimited access to 29000+ reviews from real users
  • Your own page to promote your professional skills
  • Join a community of experts to call upon for support
As seen in:

By registering, you agree to our Terms of Service and Privacy Policy.
  • Unlimited access to 29000+ reviews from real users
  • Your own page to promote your professional skills
  • Join a community of experts to call upon for support
As seen in