What is our primary use case?
Investigations that we conduct can become intricate and our SOC is essentially a backend exit of the client's. We conduct simultaneous investigations, receive from them recommendations and exchange notes. Essentially, we come up with similar observations, with us sometimes going back to the client and he, in turn, producing his own observations. It allows us to correlate in a fluid manner.
What is most valuable?
The categorization is a valuable feature. Also, the MDR team does a good job of giving us limited, periodic briefings. We undergo briefing sessions to assist us as a compensatory mechanism, although we are afforded little view of the threat factors in respect to Managed Defense.
What needs improvement?
The only feature needing improvement which comes to mind is the need for better pricing for the licensing.
For how long have I used the solution?
We have been using FireEye Managed Defense for three years.
How are customer service and technical support?
We are satisfied with technical support. It is good.
How was the initial setup?
The installation was good. We subscribed to the DNI, which means the entire installation was attendant to the procurement. We ran the DNI project for a couple of months, whereby we installed all the end points and network devices.
The installation was straightforward. As we use DevOps technologies primarily with OPIC, we automated all of these, meaning the installation did not take long. I believe that the FireEye network appliances took some time, but these are equally limited to around 90 minutes. Obviously there were snags, although this is part and parcel of the deployment, so there is no room for complaint.
We use only four people for the deployment and maintenance.
What about the implementation team?
We did not use any third party consultants. There were no external conduits between FireEye and my company. There is actually a deployment team, with a go to deployment service. The deployment came with our subscription to this service.
What's my experience with pricing, setup cost, and licensing?
The solution is expensive and should be less so. I believe there is a per-seat license. As the count goes up, the price can decline.
We pay on an annual basis.
Which other solutions did I evaluate?
Before going with this solution we evaluated three other companies, including Cisco Talos.
What other advice do I have?
The solution is cloud-based.
Deployment was handled in an efficient manner and those responsible allocated to us their time for this task. Moreover, they showed up, conducted a sort of boot camp and brought us out onto a single play.
I rate FireEye Managed Defense as a nine out of ten.