Trend Micro Deep Security Review

Handles the important task of virtual patching, although the agent-based version has performance issues


What is our primary use case?

We recommend the use of this solution to our clients, both with virtual and traditional servers.

How has it helped my organization?

This has helped our customers keep up to date with security patches. Many customers do not patch their software after a new purchase has been released because there are a lot of other technologies and considerations to be carried out. It takes time to go through all of these, and some customers have not been patched for many years. Especially for those customers, this solution will protect them against those vulnerabilities.

What is most valuable?

The most valuable feature is the virtual patching. This offers protection of the application before it can be patched by the actual vendor.

What needs improvement?

Some areas for improvement are:

  • There are new additions to the standard product that should be included with the Deep Security version.
  • When implementing this solution, sometimes we have challenges with SQL migration.
  • Some of our customers complain about the cost of this solution.
  • I would like to see an AI component added to the next release of this solution.
  • The agent-based version has performance issues and they have to make it more lightweight.
  • The forensic analysis capability needs to be improved.

What do I think about the stability of the solution?

This is a stable and well-known solution in the market. It is especially well-known for use in virtualized server networks. 

What do I think about the scalability of the solution?

We have not faced scalability issues whatsoever. This solution is commonly used for servers, and not in workstations. We only recommend it for the customer's servers.

How are customer service and technical support?

There are different service levels available for technical support.

When a problem occurs then we collect the logs and submit them. There is some time lost here because we do not always immediately deal with somebody who has sufficient expertise with the solution. This is something that we would like to see change. 

Generally, reaching technical support is fine, but in terms of having problems resolved, it varies. Sometimes it can take three days, while other problems can take three months.

How was the initial setup?

The complexity of the initial setup depends on the customer's environment. There are different methods of deployment. If it is an agentless deployment then there are prerequisites for that. The agent-based version is a bit easier to set up than the agentless version.

They have to go through setting up policies, which will take time to implement and fine tune. They have to make sure that the solution is communicating with the management server, and that there are no conflicts with other applications that are running. If there is anything that is broken or should not be running, then that is fixed. Once the initial application is perfectly up and running without any issues, and the policies have been fine-tuned, there should not be an issue.

Depending on the customer's environment, the deployment time varies. We have deployed some solutions in one day, while others have taken months to complete the fine-tuning. 

Generally, for any implementation, we will not use more than two staff. For cases with more than one hundred machines, this can be a challenge during deployment. 

What about the implementation team?

We do the complete deployment and implementation of this solution for our clients.

Which other solutions did I evaluate?

We resell a variety of products, some of which are similar to the Trend Micro solution, but our recommendation depends on our customer's requirements. Some customers will demand a particular vendor, such as Trend Micro, while others will specify that they do not want to use solutions by a specific vendor. In these cases, we work on alternative solutions for our clients.

Some of the other options our clients consider are solutions by McAfee, Kaspersky, and Symantec. 

What other advice do I have?

It is important to implement this kind of solution because many people do not have security on their servers. This includes the vulnerability patching that should be done.

This solution has improved over time. They have been introducing third-party plug-ins and integration, and there is a cloud version available as well. 

I would rate this solution a seven out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
Add a Comment
Guest
Sign Up with Email