We just raised a $30M Series A: Read our story

Bromium OverviewUNIXBusinessApplication

What is Bromium?

Bromium vSentry offers a better way to defeat cyber attacks that target the endpoint, where more than 70% of breaches originate. vSentry transforms endpoint security with powerful new hardware-isolation technology that protects your business from malware, reduces costs, while empowering your user.

Bromium is also known as Bromium vSentry.

Buyer's Guide

Download the Endpoint Protection for Business (EPP) Buyer's Guide including reviews and more. Updated: October 2021

Bromium Customers

Valspar

Bromium Video

Archived Bromium Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
HP
Manager of Cyber Security Operations at a healthcare company with 1,001-5,000 employees
Real User
Enabled us to remove AV defenses from the endpoints protected with this solution

Pros and Cons

  • "The feature that stands out the most is that when someone clicks on a link in an email... [if] that link is malicious and it has some malware or keylogger attached to it, when it opens up in that Bromium virtualized browser, there's no chance of it actually being on the machine and running, because as soon as they click that "X" in the upper right-hand side of the browser, everything just vanishes. That is an added plus."
  • "Initially, when we came in contact with Bromium a few years ago, it had a nice threat analyst, or a LAVA Pop, which is what they used to call it. Once it detected malware, it would show us the malware's path... I don't see that on the computers now. We only get to see that in the console. I would like to still see that on the individual machines because when we go out to look at a machine, we don't necessarily have access to the console."

What is our primary use case?

Our primary use case is in our radiology department. We see a lot of our patients daily. What would happen was, a traditional antivirus would scan each Radiologist's files. The files can be massive, 4 or 5-plus gigs, because they are radiation imaging files. The scans would slow down the process, as the radiologists need to see a bunch of images in a specified amount of time. A big complaint was that the AV was really slowing things down, it was ruining productivity.

How has it helped my organization?

With the Bromium, everything comes up in a nice, isolated window, which negates the need to wait for that AV scan to conclude, so the radiologists can be very productive; see many patients in a specified amount of time. we know we are safe with Bromium because once they close out that window, Any threats, if that particular image was compromised, would just disappear.

Here at Moffitt, patients are our top priority. They are everything to us. We want the patient experience to be wonderful, from registering, to the care that they receive here, to the experts that we hire and recruit to make sure they have top-notch, quality care. The way Bromium adds to that is that when you have cancer you have to do some scans, no matter where you go. These imaging scans are vital to the care of patients. These scans require radiologists and clinicians to read them efficiently and effectively. The workload we have, to see patients, is tremendous. Anything that slows down the process of taking care of our patients - to wait for an image to come up, to redo that image, to close it down - really inhibits the appropriate patient care we're trying to give. Bromium allows us to safely view images. It allows us to quickly and safely surf our network so that we can take proper care of our patients efficiently, effectively, and expeditiously.

I've heard from the doctors that, now that we have installed Bromium on the systems, on the radiology machines, they're able to spend more time with the actual patient, and the patients appreciate that extra time with their doctor to talk about what's happening to them, to map out a treatment plan. That has really been well received in the organization and by our patients.

Our overall security posture has improved as a result of adding this solution to our security stack. In the past, a request might be made like, "Hey, your AV is having some effect on our systems here. We need to exclude this file path because every time your AV scans this file path it makes the system stall or it makes the system freeze. We just can't run this program on the server that's needed for patient care." Or, "We cannot view what we need to view fast enough to be effective." So we would exclude that particular path. The AV would no longer scan a particular area of a computer, whether it's a file path or a file itself, and that would leave us vulnerable. The threat actors out there could leverage that to put malware or that like in that file path. With Bromium, there's no need to exclude anything, any path, any file, because everything is open in a micro VM. We are now more secure because we don't have to exclude anything from being scanned for malicious activity.

After implementing Bromium, we were able to remove endpoint protection defenses. All of the radiology machines, which is quite a few, do not have an AV on them. We have Bromium instead. We were able to remove one of the major, top-five antivirus solutions.

What is most valuable?

The feature that stands out the most is that when someone clicks on a link in an email, it opens up a web browser window, Internet Explorer. Let's say that link is malicious and it has some malware or keylogger attached to it. When it opens up in that Bromium virtualized browser, there's no chance of it actually being on the machine and running, because as soon as they click that "X" in the upper right-hand side of the browser, everything just vanishes. That is an added plus.

What needs improvement?

Initially, when we came in contact with Bromium a few years ago, it had a nice threat analyst, or a LAVA Pop, which is what they used to call it. Once it detected malware, it would show us the malware's path; for example, the malware was activated here, in this file, then it went here and it generated another file, then it went here. It was almost like a spider web, so to speak. And it showed it on the end user's computer, and that's what we liked. We could go to any computer and see what the malware tried to do, how it got into the micro VM, which is like a sandbox. I don't see that on the computers now. We only get to see that in the console. 

I would like to still see that on the individual machines because when we go out to look at a machine, we don't necessarily have access to the console. We would like to see right there on the machine what has transpired.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

In the last two years, we haven't had any problems with Bromium outside of the issue I mentioned with WebEx. That's it.

To me, it's almost like that old Fixodent denture commercial: Fix it and forget it. To me, it's been a breath of fresh air. I was the single administrator for it and I didn't have any issues there at all. There are no tickets that have come in because of a Bromium issue. It's been running smoothly.

What do I think about the scalability of the solution?

The scalability is fine. We have not rolled it out enterprise-wide because we have a very complex system here and we like to roll out everything in sections. The scalability of Bromium would be conducive to a small, medium, or large enterprise. I don't think that would be a problem at all.

In my organization, we have about 150 users of it, and that number is growing rapidly. They are mostly clinicians and radiologists.

We have plans to increase usage in the future. The first thing we want to do is complete using Bromium throughout our Radiology department. As you can imagine, we have quite a large Radiology staff, so we want to cover that because the use case in that department has been a tremendous benefit to us. After we do that, we're going to roll it out into other sections that have had issues with the traditional antivirus. What I mean by issues is, if the antivirus is scanning the system at a specific time, especially when that device is in use, it interrupts that device because it's scanning a file that is very sensitive. To alleviate that, we would have to put in an exclusion for that file path or that file. When we come across issues like that, we would use Bromium to help protect the system to not interfere with the use of the system.

How are customer service and technical support?

Last time we talked to Ted in tech support, the incident was that a doctor trying to go to a WebEx. When you go to a WebEx meeting, it asks you to install a .exe file to get to the meeting website. Bromium would not allow that file to be installed. We simply had to whitelist that particular executable for that site and it installed just fine. The reason why Ted was engaged was because, while we're savvy enough to know that we needed to whitelist that site, when we checked Bromium Enterprise Controller, we saw that the WebEx site was already in our whitelist so we could not figure out why it would not install that .exe.

After troubleshooting with the help of Ted, we realized that the actual .exe for WebEx was a different site. WebEx had upgraded their .exe and it redirected you to another site which we did not have on our whitelist. Once we added that additional site it came up and installed no problem.

Overall, technical support is wonderful. They're very responsive, through email or by phone. It's always less than 24 hours until they get back to us. Usually, it's within an hour or so. That's really quick.

Which solution did I use previously and why did I switch?

We did have previous solutions. My boss came across Bromium about four-and-a-half years ago at a conference. Bromium gave a presentation and he was wowed by that presentation. He was so wowed that he actually came back to our place of employment and he had them do a demo for us. When we saw it, we were wowed as well. From that point, we did a proof of concept and it worked well, and we decided to bring it in-house.

How was the initial setup?

The setup was pretty straightforward. They make it really easy to install this particular product and you give it various avenues. You can do it remotely, through the BEC (Bromium Enterprise Controller), or you can do it on the endpoint, and the endpoint would actually reach back out to the BEC. It's pretty simple, pretty smooth. We just added two more Bromium administrators here and they were pleasantly pleased by how easy it was to manage and install.

The initial deployment didn't take that long at all. Installing the enterprise controller and installing on our first several PCs, took no more than an hour, if that. It was three years ago, roughly, when we did that, but I don't remember it taking more than an hour. Each additional machine literally takes five to ten minutes, tops. I hesitate to say ten minutes, not even that long. It's really easy and it's really simple.

Staff, on our side, for the deployment was two people: One setting up the Bromium Enterprise Controller, and the other who was over the radiology department, the technical control person there. That was so we could coordinate things, but it didn't take a lot of folks at all. 

As far as to manage Bromium on a day-to-day basis, we only had one Bromium administrator, but we've expanded that to three. That's not because of the workload requirement but because everybody has to take vacation or gets sick once in a while. We just need a backup administrator for Bromium.

What about the implementation team?

We did work with Bromium. They "loaned" us one of their fantastic techs. His name is Ted and he did a beautiful job of assisting us. Every now and then, we still touch base with Ted about the new features and the upgrades to Bromium that they come out with and he assists us with upgrading if we need to. It's relatively easy to upgrade but we like to have him on the phone with us just to touch base.

Not having to use a third-party consultant was a cost savings.

What was our ROI?

We have definitely saved money in remediation expenses since implementing Bromium. With Bromium we don't have to worry about malware being on those systems, for the departments that it's in. That saves money in that we don't have to send a technician to those areas to see if problems can be cleaned and, if not, to clean them, re-image them, etc. So the time that they don't have to do that means that that person can be doing something more productive or handling another situation. That definitely saves us overhead.

We haven't done any detailed margins analysis but we recognize from day-to-day operations that we are saving. Definitely. That's easy to see.

There is ROI in the ability to see patients and to map out a plan with patients according to what is read on the scan that the Radiologists receive. Since we now don't get bogged down with the AV scanning of a particular image, we can see more. We can do more with patients. That's a return on investment right there.

What's my experience with pricing, setup cost, and licensing?

The pricing is very fair compared to the competition. The licensing is straightforward.

Which other solutions did I evaluate?

At that time we were evaluating many options, but nothing worked quite as well as Bromium, especially for isolation through email, the links, where they download something by surfing the web and catching Zero-day attacks. The traditional AV is signature-based and Bromium negates the need for that. That was very appealing to us as well. That was a cut above the rest.

What other advice do I have?

Bromium is a very good choice. It will make your life a lot easier and you should definitely implement it, especially if you're in a hospital environment and you have a radiology department that uses traditional AV.

We do not use the forensic data reported from Bromium to help protect our data center. We don't use the secure browser to isolate high-risk web activities. We use the regular browsers here. Our browsers are hardened: Internet Explorer and Google Chrome.

I would rate Bromium as an eight out of ten. What comes to mind is the ease of use. What also comes to mind is that if you are in the BEC and it detects some malicious activity it shows you in detail what it is, what it's doing, and where you can find it. We haven't really received a lot of tickets or complaints or issues with Bromium, so that again saves money. Finally, I think of the ease of install and support.

The reason it doesn't get a ten, in my opinion, is that there are some slight issues that I haven't been able to work out yet. Because Bromium has isolation, it isolates from one browser to another. If you're doing SSO and you actually want better communication or a certain type of communication from one browser window to another, you have to do a little bit of finagling to get it to work correctly. It's not all the time, just in some instances. As I said, our particular environment is very complex. But, that's the only reason it doesn't get a ten. I'm sure in the future that they will make adjustments accordingly.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
JR
Director of Information Security with 1,001-5,000 employees
Real User
Forensic data helps us analyze a situation to make sure there isn't a larger problem involved

Pros and Cons

  • "Now, instead of us having to go through that analysis, they actually give us a monthly report that shows us: "Here's what you got hit with, here's what would have happened, here are the forensics behind the attack," and, obviously, Bromium stopped it."
  • "They have always struggled with usability. The protection that it offers you is tremendous, but there's definitely an impact with use of resources on the computer. It's gotten a lot better now with Win 10. But sometimes, when you open up a website, it's going to take longer than it would without Bromium, and it's the same with documents."

What is our primary use case?

We use it for endpoint protection. We use it for browsing and for documents: Microsoft, PDF, etc. We use all the capabilities.

How has it helped my organization?

It comes down to the endpoint protection. It has greatly reduced our risk of infection on our endpoints, either when browsing or when opening untrusted or unknown documents and PDF files.

Our overall security posture has improved as a result of adding this solution to our security stack. It's definitely a big improvement. We have seen a decrease in infections on our endpoints. That means less helpdesk and office technology people having to troubleshoot issues with machines, scan them, take them out of service, and put them back into service. From an operational standpoint, there has been a reduction in cost, and time spent cleaning up machines with infections.

It's another layer to our stack. We haven't removed anything from our stack because we have Bromium, but certainly, we're not adding extra things to the endpoints - there are a lot of different products that are out there - because we are really comfortable with the protection that we get from Bromium.

We definitely use the forensic data reported from this solution. If there's an attack, obviously we get the alerts and we can look at them. We also use the host monitoring portion too, which uses some of their cloud information. We definitely analyze the data and use it to make sure there's not a larger issue.

What is most valuable?

One of the big enhancements they've added recently is the following: When you go to a website that has an issue, Bromium will generate an alert, what they call a LAVA alert, which tells you, "Hey, this site was infected, here's what it had." There is a whole bunch of analysis and forensics that can go on behind the alert to look at what it was, what the issue was, and what they've done. That is great. Now, instead of us having to go through that analysis, they actually give us a monthly report that shows us: "Here's what you got hit with, here's what would have happened, here are the forensics behind the attack," and, obviously, Bromium stopped it. 

From the point of view of saleability to our management, it's great to show, "Hey, we had this many infections that would have happened if not for Bromium stopping them." It's great for the product, as far as being able to justify its existence, because you're able to show actual things that it's stopping. It's not like an antivirus where, typically, you get infected and then it cleans it. It's blocking everything before you get hit, so it's nice to have that analysis to show what you could have been in for.

What needs improvement?

They have always struggled with usability. The endpoint protection that it offers you is tremendous, but there's definitely an impact with use of resources on the computer. It's gotten a lot better now with Win 10. But sometimes, when you open up a website, it's going to take longer than it would without Bromium, and it's the same with documents. There is that extra overhead so anything that they can do to reduce the resources that it uses would help. It's doing everything in a micro VM, so obviously it needs to suck up some resources, and there's some overhead associated with it. They're definitely aware of the problem. It has improved over different versions. But that's the biggest issue. The overhead, that it uses resources, and it slows down browsing and opening documents.

Implementation, initially, was huge. That's gotten way better.

I'd like to see support for other browsers, which they've been working on. It supports IE and Chrome, and they do support some Firefox. They're looking at containerizing certain applications. That could be an interesting feature as well.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

The stability has improved hugely, by leaps and bounds. Initially, three years ago, it was very difficult to implement. It's way better now.

There are still issues that pop up once in a while. Recently they had an issue with an Adobe update that came in where they had to quickly tweak a version and get a pack pushed out. But again, they were very responsive. We were the first ones talking to them about it and they supported it quickly.

They've had the same issue with one or two Windows 10 versions that have come out where an issue came up that they had to work through and resolve. It hasn't caused us downtime. In the worst-case scenario, we may have had a machine or some machines that were unprotected, if there was a big issue.

What do I think about the scalability of the solution?

The scalability is good now. The thing you've got to balance is that there is definitely some extra resource use on the endpoints. But with their current version it's been getting better and better and better. We have it on between 2,500 and 3,000 endpoints and I know there are companies that are much bigger than us that have it deployed on many more.

How are customer service and technical support?

Bromium has always been super-responsive. We have the support portal. We can quickly put a ticket in there. And we actually have monthly meetings with one of their leads in the support area during which we just troubleshoot.

Initially - and, again, this just shows how much they supported the product - during implementation, we were having weekly meetings or more to discuss issues and problems and to make sure we were getting implemented as quickly as we could.

Their support, their engineers are very good. We've had calls working through some issues here and there on different things. We've had calls with high-up people from the company. We've had calls with people overseas in the UK, troubleshooting different issues. I can't say enough about their support of the product, and their team.

Which solution did I use previously and why did I switch?

We didn't have any similar product.

How was the initial setup?

It was definitely very difficult to implement but that was over three years ago. If not for their support and their follow through on getting it up and running and going... 

The endpoint protection you get from it is phenomenal but there's definitely some overhead and there are some bumps in the road from time to time. You may have to do some work when a website doesn't operate correctly or you have to whitelist it because again it doesn't run well in a micro VM.

The deployment took around six months or so. We did a slow roll at first because a lot of websites did not render properly. We had some internal things that didn't work properly with it. There were some enhancements that they did and some whitelisting that went on. It was not a simple process to get up and running.

Our implementation strategy was to start with a small pilot group and grow as we felt comfortable with the usability.

In terms of the number of staff it took for deployment, we have a very small staff. There are only four IT security people here. At the peak of implementation, it was taking two of us a good deal of our time, between getting it going and trying to get with Bromium and resolve issues.

Now that it's fully implemented it takes a fraction of one person's time to maintain it. We'll still have a one-off issue now and then where there will be an issue with a website that somebody is going to, or they are trying to download a file from that may not work. But, we have pretty good expertise within our staff now for dealing with those problems.

What about the implementation team?

We just used Bromium for the initial piloting and implementation.

What was our ROI?

We have definitely saved money in remediation expenses. Where we've seen the improvement is in the decrease in times where our desktop people have to go get a computer and re-scan it or clean it or re-image it.

We have a fairly small team here so ROI is not a metric that we can really keep. It's hard to say what the ROI is on a machine that doesn't get infected, that might have gotten infected. Certainly we've had cases - one case in particular - where we dealt with them directly and had their engineers on there and it was a big help for a website that was affiliated with our organization. It was infected and it had been flagged by one of our machines that went there through Bromium. We've had some cases like that where we have definitely seen things that could have been big issues, from an IT security side of things, but were not. In terms of ROI, if the issues never happen, what do you see?

What's my experience with pricing, setup cost, and licensing?

We did a three-year deal three years ago. We're due for a renewal in a couple months. We'll see, then, where we're at. Initially, the cost was higher than some other solutions. The renewal, the licenses, are a perpetual thing, so I think the renewals are pretty reasonable.

Which other solutions did I evaluate?

We evaluated another product at the same time, Invincea, which is very similar. But we felt Bromium was better. The level of the OS where Bromium protects the exposure to the lines of code that they have, versus Invincea, was just a better solution.

What other advice do I have?

Make sure that you meet their specs as far as hardware requirements go. Having a standard hardware configuration, as we do, is huge, where you don't have to deal with different hardware things that may get affected by the resources that Bromium needs.

We're very happy with the product, for both things that I mentioned already: protecting endpoints for when our users are accessing the internet, for unknown websites, and the same for docs and PDF.

We've had this for a little over three years, we were one of their early customers. It was a rocky implementation initially because it was when they first came out, but their support, their service, and responsiveness have always been excellent. Any problems that we have had, they have always been very quick to assist, address.

They do a user group once a year, which is very valuable. Customers come in and they meet with Bromium execs, some engineers are there as well. It's like a user group, where they sponsor it and they have people come. That's a great exchange of information and great product-wise for talking about enhancements and what people are seeing, problems they are having, things they'd like to see. It's definitely nice and I would recommend they keep doing that because I think it's a big benefit.

For us that's what kept us going down this path, besides the great protection we're getting, especially during the rocky road at the beginning: the response, how responsive they are with issues.

I'd give it a high nine out of ten. Looking at it in the big picture of the risk that you're mitigating and the protection that you're getting, it's phenomenal. You pay for it a little with the resources and a little bit of work, from time to time, with sites that don't function quite right with it.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Find out what your peers are saying about HP, BlackBerry, Sophos and others in Endpoint Protection for Business (EPP). Updated: October 2021.
541,108 professionals have used our research since 2012.
PH
Director of IT Security, Risk and Compliance. at a pharma/biotech company with 1,001-5,000 employees
Real User
Reduces lost productivity across our environment by making malware infections a non-event

Pros and Cons

  • "Our overall security posture has absolutely improved as a result of adding Bromium to our security stack. We continue to have less user impact through a significantly reduced amount of malware infections. It's become a non-event."
  • "The most valuable feature is the process isolation because it simply stops malware from infecting the machines."
  • "Reporting is one of the shortcomings of the product. We do mine the data that's in there from a forensics perspective... It becomes very difficult because you have to spend a lot of time digging through the volumes of data. Reporting is absolutely the biggest shortcoming."

What is our primary use case?

We use it for malware protection.

How has it helped my organization?

We've seen a significant decrease in our need to respond to malware infections. It has reduced desktop re-imaging and really reduced the amount of lost productivity across the environment.

Our overall security posture has absolutely improved as a result of adding Bromium to our security stack. We continue to have less user impact through a significantly reduced amount of malware infections. It's become a non-event.

What is most valuable?

The most valuable feature is the process isolation because it simply stops malware from infecting the machines.

The secure browser for isolating high-risk web activities is the core of the product. We isolate all untrusted content, be it through email, be it through browsers. You name it. Anything that does not originate from a trusted source is isolated by default.

What needs improvement?

In terms of using forensic data reported from the solution, reporting is actually one of the shortcomings of the product. We do mine the data that's in there from a forensics perspective, and we use it to raise awareness and make sure that the organization understands the type of threats we see on a day-to-day basis.

The solution itself just quietly protects and the user doesn't really see it. We have to go in and actually mine the data to understand the events that have been protected against with the solution. It becomes very difficult because you have to spend a lot of time digging through the volumes of data. So reporting is absolutely the biggest shortcoming.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

The stability is very solid. It's a stable product. As long as you're maintaining it and operating it, it just runs.

What do I think about the scalability of the solution?

It's very scalable. Scalability is not anything that concerns me with the product.

How are customer service and technical support?

Both the technical support and customer success teams are very responsive, very effective.

Which solution did I use previously and why did I switch?

We've used a variety of anti-virus solutions and we switched because anti-virus simply doesn't work.

How was the initial setup?

The setup is complex. It's a solution that forces behavior changes throughout the environment. Because you're isolating processes individually within a host, things behave a little bit differently. The set-up part of it is: 

  1. Understanding where you need, and how you want, to define boundaries of trust; to define what is isolated and what is no isolated.
  2. Going back and making sure that, where you have isolation established, the process will still function and people will understand the differences in how they interact with simple things like downloading a PDF from a website that's not trusted. 

There are some different behavior issues that the users will see, and that was really where the majority of the time and effort went in getting the solution up and running.

To truly to get where we wanted to be it took some nine to ten months.

Our initial implementation strategy was to start rolling it out quietly. But we paused that and actually started going on more of a very active awareness campaign. We had to start marketing what we were doing more, so people would understand the little nuances that were changing and not react negatively to them. That's a big part of why it took us a little bit longer to actually get rolled out.

What about the implementation team?

We used Bromium's Professional Services and they were very good.

What was our ROI?

We have not worked to quantify a dollar amount. This is a risk-mitigation strategy. Everything that we do is about deferring potential negative impact. We could spend a lot of time and effort trying to quantify that. For us as a business, it's not worth the time and effort to try to put a dollar amount to it. 

We've had definitely fewer malware issues that we've had to respond to, which results in less lost productivity.

What's my experience with pricing, setup cost, and licensing?

Pricing is reasonable.

Which other solutions did I evaluate?

Invincea was the competing product, outside of just the anti-virus space. We evaluated both products and we looked at how they worked technically, and Bromium was integrated at the hardware layer, while Invincea was at a software layer. At a software layer, there are too many ways that you could actually circumvent the controls, that you just simply couldn't do when it is hardware-enforced isolation. We went for the more effective solution.

What other advice do I have?

If you want something that is actually effective, versus easy, this is a solution that is effective. It won't necessarily be the easiest tool to implement but, in the end, the work and effort are absolutely worth it.

We haven't really removed solutions as a result of using Bromium but we've looked at them in a different way. We try to make sure that we have the appropriate layers within our environment because every tool has a function. What we've done is actually focused on tuning to make sure every solution that we're using is keyed to be most effective where we need it to be. That includes Bromium. It has a very specific part of our overall security strategy and posture, and we've been focused very heavily on making sure that it is positioned correctly and operating effectively to manage that perspective.

We have roughly 8,000 to 10,000 people whose machines are protected by Bromium and we have everything from mine workers to plant workers to our CFO and our CEO.  It is installed on all of our desktops and we are continuing, as we refresh hardware, to expand it as well. In terms of administration and maintenance, we have two people who focus on it, around troubleshooting issues as they come out, and making sure that we have a strategy for keeping up to date with new releases.

I rate Bromium at eight out of ten. It's an effective solution, but no solution out there is going to cover everything. There are always going to be gaps in whatever solution you go with. Bromium is a very solid one and it is extremely effective in what it does.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
TJ
Product Lead at a retailer with 1,001-5,000 employees
Real User
Isolation feature contains, prevents attacks, but we have faced compatibility issues

Pros and Cons

  • "The isolation feature is the most important because it prevents attacks."
  • "They need to improve the compatibility with other applications and its stability. It works well with attacks, but it doesn't work well with all software on the clients. There is a lot of troubleshooting and a lot of things that need to be tuned to make it work and not break things."
  • "When you deploy, not only is the user asked to reboot their computer, they are also asked to wait for 20 minutes while it sits there and initializes. It definitely impacts the end-user. It takes time away from their day."

What is our primary use case?

Our primary use for the solution is security. Our number one reason for buying it was to avoid phishing campaigns, phishing emails, and contain phishing problems.

How has it helped my organization?

Our security posture has improved. I don't have any specific metrics but it has definitely contained and prevented some malicious attacks from happening.

Normally when we get a phishing attack, a positive on a workstation, that workstation then needs to be cleaned and rebuilt and the attack contained. With Bromium, it is actually isolated, so we have saved money on rebuilding machines.

What is most valuable?

The isolation feature is the most important because it prevents attacks.

What needs improvement?

They need to improve the compatibility with other applications and its stability. It works well on attacks, but it doesn't work well with all software on the clients. There is a lot of troubleshooting and a lot of things that need to be tuned to make it work and not break things.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Especially when we first deployed it, it was very unstable, very troublesome. It has gotten leaps and bounds better over the past few years, its stability has definitely improved. But there are still issues, various applications have issues being compatible with it.

What do I think about the scalability of the solution?

It definitely is resource intensive, and it needs proper hardware to run, usually 8GB of RAM and no less than that unless you want problems. Most of our problems were because of lack of proper hardware to carry the load.

How are customer service and technical support?

Their tech support is okay. We have Premier Support so we have a dedicated person that we work with on a weekly basis. That has definitely been excellent. I can't speak about their normal support because most of our issues are handled through our Premier account rep.

Which solution did I use previously and why did I switch?

There's really nothing else that does what Bromium does. They're a thought leader in the area of isolation. We used antivirus in the past, but we didn't go away from it. We complemented it with Bromium and it's done a pretty good job.

How was the initial setup?

The initial setup was very straightforward, very basic policies, not a lot of complicated policies involved. We found it pretty straightforward.

The deployment, on a scale of one to ten, with one being the hardest and ten being the easiest, was about a six. There are a few reasons. First, it requires a reboot, so it is very intrusive for the end-user, and it also requires an initialization period, which is usually about 20 minutes of slowdown to a workstation. So when you deploy, not only is the user asked to reboot their computer, they are also asked to wait for 20 minutes while it sits there and initializes. It definitely impacts the end-user. It takes time away from their day. 

We try to minimize that impact by scheduling our deployments right before lunch so that they can reboot and then it can initialize while they are at a lunch break. But, of course, not everybody works the same hours. A lot of other agents do not require a reboot and are pretty invisible to the end-user. This is definitely "in your face" to the end-user.

What was our ROI?

It's hard to calculate ROI. The return we see is, as I mentioned: Previously, we would have to rebuild a workstation. How much that costs in an organization is very dependent on each organization. Let's say it is $5,000 to rebuild a workstation with all the labor, etc. involved. You multiply that by how many infections you have per year. There is your return on investment.

I would estimate, based on ten infections a year times $5,000, that we have had some $50,000 in savings a year on labor and rebuilding workstations.

In addition, when something does infect a computer, there is always lateral movement that can happen. This prevents all of that, so it gives us more confidence that the problem is contained.

What's my experience with pricing, setup cost, and licensing?

The product's pricing is a good value.

We only run it on our internet-facing workstations, we don't run it on everything in our environment. We are very selective. Some organizations may want to consider doing something like that to reduce their license count.

Which other solutions did I evaluate?

We didn't do any kind of bake-off because Bromium is really very unique in what it does and it's the only game in town.

What other advice do I have?

Start with proper hardware: 8GB of RAM and Core processors. Don't try to run it on 32-bit software, 32-bit operating systems, and don't try to run it with 4GB of RAM or you will have lots of issues. If you start with good hardware, the issues that we had will be negligible.

I give it a rating of six out of ten because the main thing about Bromium - while it's the only game in town, it really does something unique that no one else is doing - the reasons I knocked it down are the support, the compatibility issues. Whatever team is in charge of maintaining the product, it will definitely increase their workload in troubleshooting potential issues with other things.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
it_user570567
Director with 51-200 employees
Vendor
Enables us to isolate and prevent malicious code from email attachments and downloaded internet files

Pros and Cons

  • "We've been able to isolate and prevent malicious code from external email attachments and from downloaded internet files. Those are the two big areas that have really made an impact."
  • "Room for improvement would be keeping up with the rate of change, specifically on Windows platforms. There are a lot of updates that come out for Microsoft Windows operating systems and the Bromium product needs to be able to keep up quickly with those updates and all the browser updates that are coming out. It's hard to do, but that's really where they need to be more responsive because we end up with problems and then we have to call support to get patches, etc."
  • "After a major release, there's always a lot of "dust settling." You have to work through all those issues and then you're fine for a while. The problem is, it's stable, it's fine, until the next major release comes out. Then you go back into the cycle again of uncertainty, instability, working through issues until they have patched and remediated all the problems that you're having. It's not unlike any other vendor though"

What is our primary use case?

The primary use is for protecting endpoints from malware.

How has it helped my organization?

It has reduced the number of virus and malware incidents and calls we have received compared to prior to deploying this product. Our overall security posture has improved. In conjunction with some of the other products that we have, it works well in ensuring that we don't get hit with any sort of malware or ransomware or virus outbreaks.

We've been able to isolate and prevent malicious code from external email attachments and from downloaded internet files. Those are the two big areas that have really made an impact.

Users, typically, are prone to just opening attachments out of email when they receive them from somebody from the outside. What this product does is, running under the hood or behind the scenes, it isolates and protects from anything that would have been maliciously installed on their computer. It does the same thing with external websites. When users go out to websites that we don't have internally marked, it provides that protection from anything that would be dropping files or anything like that on the computer.

What is most valuable?

Security, price, and usability are the three top features.

What needs improvement?

Room for improvement would be keeping up with the rate of change, specifically on Windows platforms. There are a lot of updates that come out for Microsoft Windows operating systems and the Bromium product needs to be able to keep up quickly with those updates and all the browser updates that are coming out. It's hard to do, but that's really where they need to be more responsive because we end up with problems. Then we have to call support, to get patches, etc.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

After a major release, there's always a lot of "dust settling." You have to work through all those issues and then you're fine for a while. The problem is, it's stable, it's fine, until the next major release comes out. Then you go back into the cycle again of uncertainty, instability, working through issues until they have patched and remediated all the problems that you're having. It's not unlike any other vendor though. It’s the same across the board with everyone.

What do I think about the scalability of the solution?

We haven't encountered any problems with scalability at all.

How are customer service and technical support?

Technical support is excellent.

Which solution did I use previously and why did I switch?

Bromium was the first of its kind to be implemented in our company.

How was the initial setup?

The initial setup was straightforward. We followed the deployment methodology that they outlined and it pretty much worked the way it was supposed to.

Regarding the deployment, on a scale of one to ten, with one being the hardest and ten being the easiest, it's a ten. We didn't have any challenges.

What was our ROI?

Our ROI is the time saved, both from the security department standpoint of not having to deal with infected computers, and regarding the end-user's increased productivity because the machine is not taken from them and they're not waiting for a loaner machine.

What's my experience with pricing, setup cost, and licensing?

I think the pricing is a good value. All of these security products are always going to be very expensive, but I don't think Bromium is unreasonable. I think Bromium is decently priced.

It’s a tiered licensing platform. The more you buy, the cheaper it gets per unit, and I think their tiers are very well defined. I think they're fair.

Which other solutions did I evaluate?

On paper, we evaluated a product from Menlo Security, but we chose to go with Bromium because it was agent-based.

What other advice do I have?

It's absolutely worth taking a look at this technology, especially if your environment is susceptible to ransomware or malware. This product is very effective in addressing that.

I rate Bromium at eight out of ten because I believe there's room for improvement in the rate at which they should keep up with updates, and maybe in some additional functionality.

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
it_user801681
Senior Program Manager Office 365 at a pharma/biotech company with 1,001-5,000 employees
Real User
Prevents thousands of potential threats, but complex initial setup required vendor's help

Pros and Cons

  • "It has prevented thousands of potential threats by encapsulating them within its own vSentry container, thus providing overall protection and integrity of the operating system."
  • "I did not find this to be an out-of-the-box solution, it required planning and alignment across many groups."
  • "Initial setup was complex. There were many configurations that needed to be worked out with the vendor. The setup required hands-on assistance from Bromium."

How has it helped my organization?

It has prevented thousands of potential threats by encapsulating them within its own vSentry container, thus providing overall protection and integrity of the operating system.

What is most valuable?

Office and PDF Micro VM protection.

What needs improvement?

It still needs to mature a bit. There are many tweaks and adjustments required in the Enterprise Controller. We had to work with the vendor to include them in its service roadmap. However, Bromium is very accommodating when it comes to new development requirements.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

At first we encountered stability issues. The client side impact was heavy, Bromium requires at least 4GB of memory to operate correctly, and initially the client performed an initialization very frequently, which caused performance issues to the end users for about 30 mins per. This was later corrected in subsequent versions by working with Bromium.

What do I think about the scalability of the solution?

No scalability issues. We deployed the software to 50,000+ workstations and endpoints, VMs were OOS.

How are customer service and technical support?

Eight out of 10.

Which solution did I use previously and why did I switch?

No previous solution.

How was the initial setup?

Complex. There were many configurations that needed to be worked out with the vendor. The setup required hands-on assistance from Bromium.

What's my experience with pricing, setup cost, and licensing?

We had a special arrangement, due to the scale of our deployment being the first of its kind with Bromium.

Which other solutions did I evaluate?

I was not part of this process.

What other advice do I have?

Understand your current setup and the limitations of your network and endpoints. Perform quality evaluations and metric analysis, then establish your use cases to review during a pilot, before moving into production.

I did not find this to be an out-of-the-box solution, it required planning and alignment across many groups.

Disclosure: I am a real user, and this review is based on my own experience and opinions.