We performed a comparison between Cisco Secure Network Analytics and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Network Detection and Response (NDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The deployment was a breeze. It is a very innovative and robust platform that allows us to bi-directionally stitch together data elements from Netflow-enabled devices to provide a context for network utilization."
"The most valuable features are encrypted threat analysis and the ability to run jobs on entire flows."
"Being able to identify specific date closed across the network is invaluable."
"StealthWatch lets me see the ports running in and out and the country. It has excellent reporting, telemetry, and artificial intelligence features. With the telemetry, I can set thresholds to detect sudden changes and the alarms go through the PLC parts. I can see all the ports running on that trunk."
"The solution reduces the amount of time it takes to detect and remediate threats."
"Provides easily identifiable anomalies that you can't see with signature detections."
"I believe this solution has reduced our incident response time."
"The most valuable features provided by this solution are visibility and information."
"I also like its logging method. Its logging is very powerful and useful for forensic purposes. You can see the traffic or a specific activity or how something entered your network and where it went."
"It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."
"The MVX Engine seems to be very capable against threats and the way it handles APTs is impressive."
"We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement and that nothing else was infected. It helped us correlate the events and feel confident in our containment."
"The features that I find most valuable are the MIR (Mandiant Incident Response) for checks on our inbound security."
"The product is very easy to configure."
"The product has helped improve our organization by being easy to use and integrate. This saves time, trouble and money."
"Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser."
"The ability to be natively integrated into Port Aggregator would be beneficial because it would reduce just one more component that's needed in order to have that type of view."
"I would like Cisco to make it easier for the administrators to use it."
"Better integration between Cisco Secure Network Analytics and Cisco Secure Workload would be beneficial."
"It hasn't really improved our direct detection rate but it has definitely reduced our incident response time as we wouldn't have been able to detect threats or immediate risks without this solution."
"The configuration of the solution was quite complex."
"We need to be able to filter out internal IPs as non-threats."
"We've had problems with element licensing costs so scalability is a concern."
"Cisco could improve the administration for the customers."
"Cybersecurity posture has room for improvement."
"Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier."
"We'd like the potential for better scaling."
"Technical packaging could be improved."
"Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard."
"Management of the appliance could be greatly improved."
"The initial setup was complex because of the nature of our environment. When it comes to the type of applications and functions which we were looking at in terms of identifying malicious threats, there would be some level of complexity, if we were doing it right."
"A better depth of view, being able to see deeper into the management process, is what I'd like to see."
More Cisco Secure Network Analytics Pricing and Cost Advice →
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Network Analytics is ranked 3rd in Network Detection and Response (NDR) with 57 reviews while Trellix Network Detection and Response is ranked 7th in Network Detection and Response (NDR) with 36 reviews. Cisco Secure Network Analytics is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Cisco Secure Network Analytics writes "Increased the visibility of what is happening in our network". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Arista NDR, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Fortinet FortiGate and Trellix Advanced Threat Defense. See our Cisco Secure Network Analytics vs. Trellix Network Detection and Response report.
See our list of best Network Detection and Response (NDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.