We performed a comparison between Trellix Intrusion Prevention System and Vectra AI based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable features are the customization of the signature and the unlimited amount of signatures in IPS."
"The ability to centrally manage all the IPS sensors, track the different security events generated by it, and customize the different policies, depending on their location."
"It has a lot of functions, such as firewall. We are administrators, and we create some rules to protect our network. We also monitor the traffic in and out and have disk encryption on-premises. When we detect malware, we scan for the virus on the PC. We can then delete or block the malware."
"The feature I found most valuable is the network threat analyzer in the security platform. It also integrates with GTI, or Global Threat Intelligence. Otherwise, I just use the basic features."
"Overall the solution is very good. It offers great protection and gives us a good overview of what is on the network."
"The initial setup is straightforward."
"There's a good dashboard you can drill down into. It helps you easily locate intrusions and the source of attacks."
"McAfee NSP is much more stable than Cisco."
"It's important for us that the user interface is easy to understand and that is the biggest benefit we see from Vectra AI."
"It has helped us to organize our security. We get a better overview on what is happening on the network, which has helped us get quicker responses to users. If we see malicious activity, then we can quickly take action on it. Previously, we weren't getting an overview as fast as we are now, so we can now provide a quicker response."
"It is doing some artificial intelligence. If it sees a server doing a lot of things, then it will assume that is normal. So, it is looking for anomalous behavior, things that are out of context which helps us reduce time. Therefore, we don't have to look in all the logs. We just wait for Vectra to say, "This one is behaving strange," then we can investigate that part."
"The dashboard gives me a scoring system that allows me to prioritize things that I should look at. I may not necessarily care so much about one event, whereas if I have a single botnet detection or a brute force attack, I really want to get on top of those."
"Vectra produces actionable data using automation. That has helped us. It's less manpower now to look at incidents, which has definitely increased efficiency. Right now, in a lot of cases, our mean time to detection is within zero days. This tells me by the time something happened, and we were able to detect it, it was within the same day."
"The UI is easy to use and when we send detection to everybody, they easily understand what we are asking at the time."
"The core product provides excellent visibility, but my favorite feature is Vectra Recall."
"The automatic filtering that they provide is valuable. The logic inside that makes some detections instead of us is very useful. We are confident that if we are just looking into it and there is nothing, nothing could happen."
"The management console needs to be less complex and easier to navigate."
"The Network Security Managers could be more stable, agile, and work faster. When it comes to instability, there is room for improvement."
"The solution needs to improve the graphical interface. And they had a limitation in some of the sensor modems as well."
"The pricing could be improved."
"We would like to have a simpler version. Some settings and functions on the McAfee console are complex and complicated. I want the management console to be simpler."
"The technical support has room for improvement."
"There are limited resources for configuration guidance."
"The platform’s GUI could be the latest."
"An area for improvement in Vectra AI is reporting because it currently needs some details. For example, when you download a report from Vectra AI, you won't see complete information about the alerts or triggers. Another area for improvement in the tool is that sometimes, an alert has high severity, yet it's marked as low severity. Vectra AI should have a mechanism to change the severity level from low to high or critical."
"There could be an option where Vectra manages the solution remotely, and when there is an attack, there could be a notification center to give us information about the attack."
"Vectra is still limited to packet management. It's only monitoring packet exchanges. While it can see a lot of things, it can't see everything, depending on where it's deployed. It has its limits and that's why I still have my SIEM."
"One of the things that we are missing a bit is the capability to add our own rules to it. At the moment, the tech engine does its thing, but we have some cool ideas to make additional rules. There should be an option in the platform to add custom rules, or there should be some kind of user group where we can suggest them for the roadmap and see if they get evaluated and get transparent communication on whether they will be implemented in the product or not."
"One of the things I am not so happy about when it comes to Vectra is the scoring board."
"You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks."
"If you hit a certain number of rules, triage filters, or groups, the UX responds more slowly. However, we have a complex network and a lot of rules. So, our setup might not be a typical implementation example. We even had UX engineers onsite, and they looked at issues, improvements, and user feedback. Since then, it has gotten a lot better, they even built in features that we specifically requested for our company."
"I would like more integrations with IOCs and threats currently on the Internet. I would also like to know which threats are based on zero-day attacks, current botnets, etc. Therefore, I would like more information on external threats."
More Trellix Intrusion Prevention System Pricing and Cost Advice →
Trellix Intrusion Prevention System is ranked 14th in Intrusion Detection and Prevention Software (IDPS) with 14 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 40 reviews. Trellix Intrusion Prevention System is rated 8.4, while Vectra AI is rated 8.6. The top reviewer of Trellix Intrusion Prevention System writes "Protects from attacks in real-time and provides accurate threat intelligence updates". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Trellix Intrusion Prevention System is most compared with Trend Micro TippingPoint Threat Protection System, Cisco NGIPS, Palo Alto Networks Advanced Threat Prevention, Check Point IPS and Fortinet FortiGate IPS, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Corelight. See our Trellix Intrusion Prevention System vs. Vectra AI report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
