Trend Micro Deep Discovery Reviews

We use the product for signature-based user behavior analysis. It helps us detect threats in virtual environments as well.

The platform provides all essential features for discovery and administration. There is no need for customization options as the features are designed with a user-centered approach. We can identify the root cause of the problem and share the results with the users.

The product's security features need enhancement.

We have been using Trend Micro Deep Discovery for ten months.

I rate the product's stability an eight out of ten.

I rate Trend Micro Deep Discovery's scalability an eight out of ten. We use it 24/7.

The technical support team replies on time in case of any issues.

Positive

The initial setup process is easy. It doesn't require a lot of experience for implementation. It needs five executes for deployment and maintenance.

I recommend Trend Micro Deep Discovery to others and rate it an eight out of ten. I advise others to implement it in a test environment if they use it for IPS and IDS purposes.

Our primary use case of Deep Discovery is as a sandbox. It sorts the DDAN, our on-premise Deep Discovery Analyzer solution, so if Deep Security or Trend Micro isn't able to find out whether a particular file or memory is a threat or not, they will send that file signature or file to the DDAN. The DDAN will then deploy that file inside their virtual sandbox, analyze the implications, and return the result to the concerned agent. We mainly use it for zero-day vulnerability protection. 

Deep Discovery is deployed on-premise. 

One of the most valuable features is the performance, since, so far, we have not faced any issues with Deep Discovery. 

This solution could be improved with faster technical support and cheaper licensing prices. 

We have been using Deep Discovery for a couple of years. 

I'm satisfied with the stability and performance of Deep Discovery. So far, we have not faced any issues. 

In our organization, we have around one thousand licenses for Trend Micro. Whether or not we increase our usage will depend on business requirements. 

Trend Micro's technical support could be better and faster. 

The installation was done by a Trend Micro implementation partner. It took about one or two weeks. 

For deployment and maintenance, we have a team of two engineers and a few managers. 

We implemented Deep Discovery through a Trend Micro partner. 

The licensing cost is a bit pricey. We pay a yearly subscription. 

I rate Deep Discovery an eight out of ten. I would recommend Deep Discovery to others. If people are ready to invest as a capital, then I can recommend a Deep Discovery license. Otherwise, they can go with their cloud-based solution. 

We use the solution for its security features. Trend Micro has an MSP portal where you can create customer accounts, assign some licenses, and make your customers use those licenses from a portal. Trend Micro is ahead of its competitors in providing MSP services to customers.

Trend Micro Endpoint Encryption is stable and easy to use. It's very useful for an MSP company, making it easy and efficient to work with.

Security features could be improved.

I have been using Trend Micro Endpoint Encryption for one year.

The product is very stable.

The solution is scalable because it doesn't require an on-premise server installed. Everything is being monitored and managed from the cloud portal, irrespective of the number of agents. You can manage all from one portal.

Vendors are locally present in our country. We contact them via email, etc. We are very flexible with vendor support.

The initial setup is straightforward. One person is enough for it.

An MSP company creates customer accounts from Trend Micro's MSP portal. Then, the customer gets the key. After that, they can log in to the Trend Micro portal. They will see the agent to be downloaded for Windows and Linux. It takes about two or three minutes to deploy.

Deployment can be done by yourself.

The MSP's model and licensing is global and has very reasonable prices. Also, the perpetual license model is reasonable. It's cheap for the assembly companies. Licensing is very straightforward.

Around five to ten technical persons are using the support. We will be able to sell those agents to more than 20 companies.

Only one technical person is enough for a large company for the installation and the management. In terms of management, many logs, alarms, and entries are happening in the portal.

Trend Micro can be a viable option for SMBs looking for a basic EDR or PRT solution. However, for larger organizations or those with highly complex security needs demanding advanced services and sophisticated department knowledge, Trend Micro's capabilities might not be sufficient.

Overall, I rate the solution a seven out of ten.

Deep Discovery is good for network protection. There is also an Email Inspector.

It is a very good solution. It is very light, and it is quite quick to figure out the problem in your network.

It is very easy to use. It is also very easy to install and deploy.

Trend Micro can improve the pricing in general. There is nothing else they can add or improve in the solution.

It is very stable.

There are quite a lot of clients who use this solution. It is an enterprise solution, and 80% of the enterprise-level companies are using it over here.

We do hear of issues from our clients. We go over there for technical support, but there is nothing major for which they require support from Trend Micro itself.

It is straightforward. It doesn't take much time. It usually takes an hour or two. It requires a maximum of a day.

Its price is fine, but Trend Micro can improve the pricing in general. 

It is a hardware solution. It is based on the number of nodes, and according to the number of nodes, clients decide which box they should acquire. They have to renew their license every year. It is subscription-based.

Trend Micro has divided most of the solutions into different sectors. If you want to go for the end-to-end solution, they are very much in a position to provide that. You do not have to add different kinds of products or vendors. Trend Micro covers almost everything.

I would definitely recommend this solution. It is a very good solution. I would rate it a nine out of ten.

We use Trend Micro Deep Discovery to identify ransomware attacks.

The most valuable feature of Trend Micro Deep Discovery is its complete end-to-end visibility of threats.

Trend Micro Deep Discovery's technical support could be improved, and it could be made more active.

I have been using Trend Micro Deep Discovery for four to five months.

Trend Micro Deep Discovery's initial setup is easy.

Trend Micro Deep Discovery's interface and threat mechanism are very proactive.

Overall, I rate Trend Micro Deep Discovery a nine out of ten.

This solution can be used as threat protection and to block phishing emails.

We are using version 6.0.

There are 15 people using this solution in my organization.

The solution could be more secure.

It's stable.

It's scalable.

We are using local technical support. We haven't had any problems with it.

Initial setup is easy. It can be done by yourself.

I would rate this solution 9 out of 10.

I would recommend this solution to anyone who wants to start using it.

I work for a distribution partner company. We use the on-prem, physical model of this solution.

It's intuitive and has a user-friendly interface. It's also flexible. We can put files, web links in this solution through other Windows.

The most valuable feature is that the user can customize images of virtual machines in the sandbox functionality. The other vendors only use images that were created by the vendor but not the customer, end-user or partner. This helps to detect advanced threats and attacks. It helps to clone the internal structure, IT structure of some companies. So you could clone the computer of the director or the financial department and place it to the sandbox. The bad guys who are looking for a way to get into your organization when they get to a computer, they think that it's a real computer. They see software or something connected with finance and they think that this is a real computer and not a laboratory or a sandbox so they run the bad script and think that they're stealing some important information or encrypting some important information. Antivirus solutions can stop attacks when they know how these attacks play out. If we don't know how the attack is going to go, we can't identify it. It customizes the images and Trend Micro helps to identify these unknown attacks.

Different parts of the organization can quickly receive information about the bad scripts. It helps to protect the organization's infrastructure from these attacks. 

We'd like to see more video guides. I'd also like for them to increase the numbers of different virtual images. Now the solution can use only three different images. For example, it's Windows 7, Windows 10, and the Windows servers are 2016. Only three of them at the same time. It would be more useful if the solution can operate with around five or six different images like Windows 7 2019, Windows 8.1. I would like the ability to analyze all files in our internal network, at the same time on different operating systems. Not just three of them, but as many as possible.

It's very stable.

It's a solution for enterprise antivirus protection. It's not for small companies. The price of this solution corresponds to its class.

In my company only I use this solution. It's a stand-alone laboratory. It's a stand-alone server that analyzes files, URLs, and messages from all IT infrastructure in an organization. It's not a solution for one person or 10 people. It's a solution for all employees inside an organization.

We haven't had the need to contact technical support. It's very easy to use. 

The main difference from other solutions is that it uses customized images inside sandboxes. They're similar in functionality. All of them run, scan, and notice every change that some files, some scripts, some links do inside the system. The environment is imported inside the sandbox and in this way, Trend Micro is the leader in the world's markets of sandbox solutions.

The initial setup was straightforward and very easy. You don't need special knowledge or courses to complete an installation of this solution. It's very easy.

We implemented it ourselves. 

I would rate it a ten out of ten. 

Ease of use, just connect to a span port on your core switch and you're ready to go. Of course, you will see a bunch of white noise, but the built-in auto tuning system does a great job of detecting legitimate services and devices on the network, and from there you white-list the ones which you've confirmed to be known goods. Built in sandboxing provides an additional layer of defense to shake out suspicious objects and processes. This works especially well if you're running Trend Micro's Office Scan Endpoint Protection, where DDi is able to generate a new virus definition via the sandbox, and push it out to the Office Scan AV engine to provide protection across your network.

DDi rapidly discovers C2 traffic and pinpoints the offenders, source and recipient. It also provides a set of eyes to keep track of suspicious lateral movements between nodes. The out of the box rule set does a great job of hunting down previously unflagged threats, but can easily be customized for those that like to tweak and refine.

Not too much to complain about, really. There were a few instances where legitimate traffic (WPAD) was flagged as C2 communication. There were some challenges in white-listing it, which resulted in a bunch of alerts/noise.

2 years

No

Never

It can get expensive if you wish to monitor all core switches across many satellite offices. My suggestion is to put one or more DDi appliances at core switches nearest to where your critical data is housed.

Customer service is very good.

Very good.

FireEye. Fire Eye is incredibly expensive, and requires multiple appliances which together, scan far less protocols than DDi. It also hasn't fared so well in terms of detection rates, in independent tests against competing products.

Straightforward setup.

Implemented in-house along with Trend's team.

Be sure to implement Trend's Control Manager module (free) for more flexible reporting, along with integration with other Trend products (strongly suggest using this along with Office Scan and Deep Discovery Endpoint Sensor, which is an EDR solution).