We performed a comparison between Cisco Secure Network Analytics and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Network Detection and Response (NDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Able to drill down into a center's utilization, then create reports based on it."
"The solution reduces the amount of time it takes to detect and remediate threats."
"The solution allowed us to not only get gain insight but also start collaborating with other tools."
"The most valuable part is that Stealthwatch is part of a portfolio of security devices from Cisco. Cisco literally can touch every single end point, every single ingress and egress point in the network. Nobody else has that."
"It is a good application, providing for real-time monitoring of the organization of data. It can basically identify points of peak traffic where possible issues are being caused."
"The most valuable feature of this solution is data hoarding because it catches threats on a frequent basis that we had no idea of."
"It's a dependable product that is able to pinpoint where we have vulnerabilities if they occur."
"Stability is the most valuable feature we have seen in this solution."
"Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams."
"The most valuable feature is MVX, which tests all of the files that have been received in an email."
"It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."
"The installation phase was easy."
"The features that I find most valuable are the MIR (Mandiant Incident Response) for checks on our inbound security."
"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."
"The most valuable feature is the view into the application."
"Very functional and good for detecting malicious traffic."
"We determined that Stealthwatch wouldn't provide the machine learning model that we required."
"I would like to see more expansion in artificial intelligence and machine learning features."
"I would like Cisco to make it easier for the administrators to use it."
"The version with the Dell server had iDRAC problems. Often, it reported iDRAC failure."
"There could be better integration on the programming side, which uses Python. StealthWatch could provide a template for Python to manage the switches. For example, it would be nice if StealthWatch bounced a port automatically it detected something anomalous."
"The initial setup was complex."
"It's not great as a standalone solution."
"Cisco could improve the administration for the customers."
"It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning."
"It would be very helpful if there were better integration with other solutions from other vendors, such as Fortinet and Palo Alto."
"Cybersecurity posture has room for improvement."
"I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."
"Management of the appliance could be greatly improved."
"As far as future inclusions, it would be useful to display more threat intelligence, such as the actual area of the threat and the origin of the web crawling (Tor and Dark Web)."
"A better depth of view, being able to see deeper into the management process, is what I'd like to see."
"It is very expensive, the price could be better."
More Cisco Secure Network Analytics Pricing and Cost Advice →
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Network Analytics is ranked 3rd in Network Detection and Response (NDR) with 57 reviews while Trellix Network Detection and Response is ranked 7th in Network Detection and Response (NDR) with 35 reviews. Cisco Secure Network Analytics is rated 8.2, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Cisco Secure Network Analytics writes "Increased the visibility of what is happening in our network". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Arista NDR, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Fortinet FortiGate and Trellix Advanced Threat Defense. See our Cisco Secure Network Analytics vs. Trellix Network Detection and Response report.
See our list of best Network Detection and Response (NDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.