Trellix Network Detection and Response Reviews

We implemented this solution for our customers. The primary use case is for Advanced Persistent Threat detection at a network level.

Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser.

The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it, like what type of Windows and what type of applications they use, and they have zero control over this. I would like to see more customization of the VMs.

Their stability is good. 

In terms of scalability, we haven't deployed them on a larger scale. We have only deployed on two appliances. It requires two or three people to administer the device. Usually, those are cybersecurity engineers or network admins. 

Their technical support is very good and responsive. 

FireEye is easy to use and the setup is easy. The deployment could be finished in two hours. Three to four staff are required for the deployment.

The pricing is a little high. 

I would rate it a 7.5 out of ten. 

• Call back
• Zero day attack

We have discovered different malware which was basically a zero day attack and call back.

Cluster option is not available in NX, and for false positives we need some customization configuration available, such as a whitelist.

I've used it for one year.

No issues encounter.

No issues encounter.

No issues encounter.

It's very good.

It's very good.

Different IPS and end point products were used. FireEye has a different concept for the handling of ATP and malware with a virtual machine which resides in their box.

It was simple and straightforward.

We have implemented it ourselves on customer premises.

It is a good product to implement, especially where the existing technology fails to detect zero day attacks.

Implementing at customer sites. Conducting pre-sales and PoC demos for customers and providing technical support to customers on behalf of FireEye.

Improved our systems and our customers' by providing better malware protection, defense against zero-day threats, and improved network security.

The MVX Engine seems to be very capable against threats and the way it handles APTs is impressive. It has helped FireEye be the first ones to announce zero-days on many occasions.

Management of the appliance could be greatly improved. 

They should take a leaf out of the book of Symantec's (Formerly Blue Coat) MAA appliances. The management is super-easy, most features are available through the GUI, and the administrator has an easy to navigate interface that helps in faster threat analysis.

We use FireEye to prevent cyber attacks. 

Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening.

It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning. 

FireEye is quite stable. 

We are currently also using Symantec. 

The initial setup was straightforward, not complex. The deployment didn't take too much time. It took around fifteen to twenty days. It took one person to deploy it and we have three administrators using this solution.

We used a third-party to help us with the deployment. We had a good experience with them.

I have seen return of investment in the way that it prevents breaches and attacks.

I would rate this solution an eight out of ten. I would recommend implementing FireEye, it's a great tool.

This solution is our firewall protection.

The most valuable feature is the view into the application.

I would like to see a smoother dashboard so I could monitor it better. A better depth of view, being able to see deeper into the management process, is what I'd like to see.

I would rate this solution at seven out of ten. It works and it's relatively easy to monitor.