Most Helpful Review
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
The feature that stands out the most is that when someone clicks on a link in an email... [if] that link is malicious and it has some malware or keylogger attached to it, when it opens up in that Bromium virtualized browser, there's no chance of it actually being on the machine and running, because as soon as they click that "X" in the upper right-hand side of the browser, everything just vanishes. That is an added plus.
Now, instead of us having to go through that analysis, they actually give us a monthly report that shows us: "Here's what you got hit with, here's what would have happened, here are the forensics behind the attack," and, obviously, Bromium stopped it.
Our overall security posture has absolutely improved as a result of adding Bromium to our security stack. We continue to have less user impact through a significantly reduced amount of malware infections. It's become a non-event.
The most valuable feature is the process isolation because it simply stops malware from infecting the machines.
The isolation feature is the most important because it prevents attacks.
We've been able to isolate and prevent malicious code from external email attachments and from downloaded internet files. Those are the two big areas that have really made an impact.
It has prevented thousands of potential threats by encapsulating them within its own vSentry container, thus providing overall protection and integrity of the operating system.
The one feature of Palo Alto Networks Traps that our organization finds most valuable is the App ID service.
The stability of the solution is very good. We have about 100 users on it right now, and we use it twice a week.
It's very stable. I've never experienced downtime for the ASM console or ASM core.
We have a complete overview of all our PCs and it's very easy to handle and to use the interface. It has a lot of benefits for us.
It blocks malicious files. It prevents attacks. It doesn't require many updates, it's a very light application.
The most valuable features are the fact that it was running in the background and it would intercept any weird stuff, and the fact that it would send things directly to the cloud for sandboxing. It's quite practical.
After deploying Traps, we saw the performance of the network improve by 65 to 70 percent.
Traps is quite a stable product. Once it was properly deployed and configured, you have nothing to be worried about.
Initially, when we came in contact with Bromium a few years ago, it had a nice threat analyst, or a LAVA Pop, which is what they used to call it. Once it detected malware, it would show us the malware's path... I don't see that on the computers now. We only get to see that in the console. I would like to still see that on the individual machines because when we go out to look at a machine, we don't necessarily have access to the console.
They have always struggled with usability. The protection that it offers you is tremendous, but there's definitely an impact with use of resources on the computer. It's gotten a lot better now with Win 10. But sometimes, when you open up a website, it's going to take longer than it would without Bromium, and it's the same with documents.
Reporting is one of the shortcomings of the product. We do mine the data that's in there from a forensics perspective... It becomes very difficult because you have to spend a lot of time digging through the volumes of data. Reporting is absolutely the biggest shortcoming.
They need to improve the compatibility with other applications and its stability. It works well with attacks, but it doesn't work well with all software on the clients. There is a lot of troubleshooting and a lot of things that need to be tuned to make it work and not break things.
When you deploy, not only is the user asked to reboot their computer, they are also asked to wait for 20 minutes while it sits there and initializes. It definitely impacts the end-user. It takes time away from their day.
Room for improvement would be keeping up with the rate of change, specifically on Windows platforms. There are a lot of updates that come out for Microsoft Windows operating systems and the Bromium product needs to be able to keep up quickly with those updates and all the browser updates that are coming out. It's hard to do, but that's really where they need to be more responsive because we end up with problems and then we have to call support to get patches, etc.
After a major release, there's always a lot of "dust settling." You have to work through all those issues and then you're fine for a while. The problem is, it's stable, it's fine, until the next major release comes out. Then you go back into the cycle again of uncertainty, instability, working through issues until they have patched and remediated all the problems that you're having. It's not unlike any other vendor though
I did not find this to be an out-of-the-box solution, it required planning and alignment across many groups.
It automatically detects security issues. It should be able to protect our network devices while operating autonomously.
The solution needs better reports. I think they should let the customer go in and customize the reports.
In the next release, I would like to see more UI improvements. Their UI is a bit basic. When we are speaking about Palo Alto Networks they are the big company, so they can improve the UI a little bit. The UI, the reports, the log system can all be improved.
Currently, if you use Palo Alto endpoint protection as the only solution it's very complicated to remove pre-existing threats.
Managing the product should be easier.
There are some false positives. What our guys would have liked is that it would have been easier to manipulate as soon as they found a false positive that they knew was a false positive. How to do so was not obvious. Some people complained about it. The interface, the ESM, is not user-friendly.
There are some default policies which sometimes affect our applications and cause them to run around. In the hotel industry, we use a different type of data versus Oracle and SQL. By default, there are some policies which stop us from running properly. Because of this, the support level is also not that strong. We have to wait to get a results.
Traps doesn't work with McAfee. You need to remove McAfee to install Traps. This is very common, and its nothing that should be an issue. Some antivirus engines recognize Traps as an threat component, so maybe they need to shake hands somewhere.
Pricing and Cost Advice
The pricing is very fair compared to the competition. The licensing is straightforward.
Pricing is reasonable.
The product's pricing is a good value. We only run it on our internet-facing workstations, we don't run it on everything in our environment. We are very selective. Some organizations may want to consider doing something like that to reduce their license count.
I think the pricing is a good value. All of these security products are always going to be very expensive, but I don't think Bromium is unreasonable. I think Bromium is decently priced. It’s a tiered licensing platform. The more you buy, the cheaper gets per unit, and I think their tiers are very well defined. I think they're fair.
The price was fine.
When we first bought it, it was a bit expensive, but it was worth it. The licensing was straightforward.
I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require.
It is cost-effective compared to similar solutions. It fits for the small businesses through to the big businesses.
The return on investment is from the user side because we have seen the performance of it increase the delivery time of the product if we are using too many web-based and on-premise applications. In indirect ways, we saw the return of investment in terms of performance and user satisfaction increase.
It is "expensive" and flexible.
Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance.
We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice.
out of 57 in Endpoint Protection for Business
Average Words per Review
out of 57 in Endpoint Protection for Business
Average Words per Review
Compared 28% of the time.
Compared 15% of the time.
Compared 10% of the time.
Compared 14% of the time.
Compared 14% of the time.
Compared 12% of the time.
Also Known As
|HP||Palo Alto Networks|
Bromium vSentry offers a better way to defeat cyber attacks that target the endpoint, where more than 70% of breaches originate. vSentry transforms endpoint security with powerful new hardware-isolation technology that protects your business from malware, reduces costs, while empowering your user.
Traps replaces legacy antivirus and secures endpoints with a multi-method prevention approach that blocks malware and exploits, both known and unknown, before they compromise endpoints such as laptops, desktops and servers.
Learn more about Bromium
Learn more about Palo Alto Networks Traps
|Valspar||CBI Health Group, University Honda, VakifBank|
No Data Available
Mining And Metals Company22%
Software R&D Company29%
Comms Service Provider13%