NNT Log Tracker Enterprise vs Trellix ESM comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between NNT Log Tracker Enterprise and Trellix ESM based on real PeerSpot user reviews.

Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM).
To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: March 2024).
765,386 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user.""Microsoft Sentinel comes preloaded with templates for teaching and analytics rules.""The UI of Sentinel is very good and easy to use, even for beginners.""The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature.""Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly.""I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box.""The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent.""One of the most valuable features of Microsoft Sentinel is that it's cloud-based."

More Microsoft Sentinel Pros →

"The FIM features in the Change Tracker and the Log Tracker are the most valuable.""File integrity monitoring is a very important function.""This is a very easy-to-use interface with a quick ramp-up time.""The most valuable feature is the predefined reports for PCI compliance."

More NNT Log Tracker Enterprise Pros →

"The most valuable feature for us is that it comes with many correlations, reports, and dashboards already available. It's also very easy to use.""It is a good central viewpoint for issues. These can then be investigated in more detail on the subnet server(s)/endpoints.""We are now able to completely monitor our environment so we can review what is there, which is a big win for us.""The most valuable feature is that if the scanning does find something, it quarantines it. Then you can decide what you are going to do with it.""It blocks the things which are not to be allowed. It has an adaptive mode where it learns for itself.""This solution integrates easily and very well with other technologies.""It is easy to use.""The most valuable feature is the correlation rules."

More Trellix ESM Pros →

Cons
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details.""The troubleshooting has room for improvement.""There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it.""While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate.""The data connectors for third-party tools could be improved, as some aren't available in Sentinel. They need to be available in the data connector panel.""There is room for improvement in entity behavior and the integration site.""I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them.""We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."

More Microsoft Sentinel Cons →

"The correlation suite needs to be improved.""It is able to identify the vulnerability, however, they need an option to auto-mitigate.""Only one minor deployment issue came up and it was resolved quickly. No other areas of improvement come to mind yet.""I would like to see the integration of AI technology, so rather than manually monitoring the logs, the tool will understand it and take care of it."

More NNT Log Tracker Enterprise Cons →

"I would like to see fingerprint recognition included in the next release of this solution.""The only issue I have with McAfee is the amount of computer resources that it takes... it's definitely impacting some of the other applications that are running on a computer at the same time.""There are always multiple bugs in the product. For example, the console page was hanging multiple times. Afterwards, they released multiple upgrades for the same, multiple patches from McAfee.""The support from McAfee ESM could improve. They could improve the speed.""The solution needs to improve case management. The UI is confusing.""Cloud integration has room for improvement because they're not full-fledged to integrate with the cloud solutions that come. They use different integration platforms to bring in data, and that needs to be improved.""It seems McAfee does test its product before releasing. When we - not only us, other companies also - deploy McAfee, we face multiple issues from the customer side, after which, McAfee reacts and fixes the bugs.""It cannot integrate with our Next-Generation Firewall and few applications such as Cisco ACI."

More Trellix ESM Cons →

Pricing and Cost Advice
  • "It comes with a Microsoft subscription which the customer has, so they don't have to invest somewhere else."
  • "It is a consumption-based license model. bands at 100, 200, 400 GB per day etc. Azure Sentinel Pricing | Microsoft Azure"
  • "Good monthly operational cost model for the detection and response outcomes delivered, M365 logs don't count toward the limits which is a good benefit."
  • "I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."
  • "It is kind of like a sliding scale. There are different tiers of pricing that go from $100 per day up to $3,500 per day. So, it just kind of depends on how much data is being stored. There can be additional costs to the standard license other than the additional data. It just kind of depends on what other services you're spinning up in Azure, or if you're using something like Azure log analytics."
  • "I am just paying for the log space with Azure Sentinel. It costs us about $2,000 a month. Most of the logs are free. We are only paying money for Azure Firewall logs because email logs or Azure AD logs are free to use for us."
  • "Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."
  • "Azure Sentinel is very costly, or at least it appears to be very costly. The costs vary based on your ingestion and your retention charges."
  • More Microsoft Sentinel Pricing and Cost Advice →

  • "Consider both their on-premises solution and their hosted solution. Both are reasonably priced."
  • "We have selected a perpetual license along with support."
  • "NNT's pricing is moderate - I would rate their pricing two-and-a-half out of ten."
  • More NNT Log Tracker Enterprise Pricing and Cost Advice →

  • "You should buy the distributed option instead of the all-in-one for environments with more than 1000 end points."
  • "We pay for our licensing fees on a yearly basis, and there are no costs in addition to the standard licensing fees."
  • "The cost is dependent on the customer's environment and requirements."
  • "The pricing is good, and they are competitive compared to providers such as RSA and IBM QRadar."
  • "The cost is all included. The finance department handles the financial part, and we mostly don't get involved in it."
  • "We renew our license annually."
  • "McAfee is the right choice for a low-budget solution."
  • "The price is good. It's moderate. We follow a pay-as-you-go model. There are different models available, and they can also be monthly. You can choose monthly or yearly. It's very flexible. If our existing customers exceed the current plan, you can just call McAfee and get it extended."
  • More Trellix ESM Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
    765,386 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    Questions from the Community
    Top Answer:Yes, Azure Sentinel is a SIEM on the Cloud. Multiple data sources can be uploaded and analyzed with Azure Sentinel and… more »
    Top Answer:It would really depend on (1) which logs you need to ingest and (2) what are your use cases Splunk is easy for… more »
    Top Answer:We like that Azure Sentinel does not require as much maintenance as legacy SIEMs that are on-premises. Azure Sentinel is… more »
    Top Answer:The most valuable feature is the predefined reports for PCI compliance.
    Top Answer:The correlation suite needs to be improved. I also think they need to improve the product's handling of large amounts of… more »
    Top Answer:I mainly use this solution to meet PCI compliance.
    Top Answer:The solution's technical support is great.
    Top Answer:The product is slightly expensive. They offer some discount on the purchase of a certain number of nodes. They should… more »
    Top Answer:The integration capabilities of Trellix ESM with SaaS solutions are an area of concern where improvements are needed… more »
    Comparisons
    Also Known As
    Azure Sentinel
    McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager
    Learn More
    NNT
    Video Not Available
    Trellix
    Video Not Available
    Overview

    Microsoft Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution that lets you see and stop threats before they cause harm. Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. With Microsoft Sentinel, you can:

    - Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds

    - Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft

    - Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft

    - Respond to incidents rapidly with built-in orchestration and automation of common tasks

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    NNT Log Tracker Enterprise is a comprehensive and easy-to-use Security Information and Event Management (SIEM) solution for any compliance mandate providing:

    • Enterprise-class SIEM capabilities.
    • Compliance Automation.
    • User and System Activity Audit trails.
    • Network Anomaly forensics.
    • Proactive Threat Detection.

    Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.

    Sample Customers
    Microsoft Sentinel is trusted by companies of all sizes including ABM, ASOS, Uniper, First West Credit Union, Avanade, and more.
    Wonga, WHSmith
    San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company11%
    Manufacturing Company8%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm10%
    Government9%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Financial Services Firm16%
    Computer Software Company15%
    Government11%
    Educational Organization7%
    REVIEWERS
    Financial Services Firm25%
    Government15%
    Computer Software Company10%
    Manufacturing Company10%
    VISITORS READING REVIEWS
    Educational Organization69%
    Computer Software Company5%
    Government4%
    Financial Services Firm4%
    Company Size
    REVIEWERS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise16%
    Large Enterprise59%
    VISITORS READING REVIEWS
    Small Business31%
    Midsize Enterprise10%
    Large Enterprise59%
    REVIEWERS
    Small Business29%
    Midsize Enterprise15%
    Large Enterprise56%
    VISITORS READING REVIEWS
    Small Business8%
    Midsize Enterprise73%
    Large Enterprise19%
    Buyer's Guide
    Security Information and Event Management (SIEM)
    March 2024
    Find out what your peers are saying about Microsoft, Splunk, Wazuh and others in Security Information and Event Management (SIEM). Updated: March 2024.
    765,386 professionals have used our research since 2012.

    NNT Log Tracker Enterprise is ranked 42nd in Security Information and Event Management (SIEM) with 4 reviews while Trellix ESM is ranked 17th in Security Information and Event Management (SIEM) with 34 reviews. NNT Log Tracker Enterprise is rated 8.2, while Trellix ESM is rated 7.4. The top reviewer of NNT Log Tracker Enterprise writes "Great for PCI compliance but issues with stability and large amounts of data". On the other hand, the top reviewer of Trellix ESM writes "Provides visibility of all the traffic within the company infrastructure". NNT Log Tracker Enterprise is most compared with Cybereason Endpoint Detection & Response, whereas Trellix ESM is most compared with ArcSight Enterprise Security Manager (ESM), IBM Security QRadar, LogRhythm SIEM, Splunk Enterprise Security and Fortinet FortiSIEM.

    See our list of best Security Information and Event Management (SIEM) vendors.

    We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.