The email relays and proxies could be improved. 

The implementation is hard to deploy, and it should be easier. There is room for improvement here. 

The implementation can be inflexible and not easy, as it requires knowledge of things like virtualization and administration on Windows.

There is room for improvement with Trend Micro Deep Security, as there are instances where installations may need to be redone. There seem to be glitches when working with older Windows servers, such as those from 2003 or 2005, requiring us to uninstall and reinstall the product to resolve the issue.

In the solution, servers often go offline for various reasons, requiring us to manually check the cause or issue, such as connectivity issues, and to find out why the agent went offline. The aforementioned details are to be considered for improvement in the solution.

I would like the solution to improve its stability and ability to go online and offline.

Our company hasn't received any feedback or suggestions from our clients on Trend Micro Deep Security because it has been working fine. In Apex One and Apex Central, the new versions usually pose issues to their users after updating the tools. There haven't been any critical issues with the solution in the last few months.

A minor issue in Trend Micro Deep Security is that once the tool is upgraded, it shows some machines as offline or not reported while showing a recent update as outdated. The tool has some server connection issues. We have raised the concerns from our end with Trend Micro Deep Security to resolve them.

The real-time server is stopped, and it shows offline whenever we check our console.

I would like to see the tool add EDR features in the future.

There is room for improvement in Trend Micro Deep Security, particularly in endpoint security. Enhancements in agent performance are needed, specifically in reducing server utilization during scanning. This improvement would contribute to increased efficiency and lower operational costs, ensuring a smoother and more responsive system.

We're using the manager and cloud security. The cloud security does have different features available.

If they continue to offer better protection, we can do a better job of offering protection at the first level.

Sometimes the patching is a bit slow.

We need to have them do a better job of protecting the servers. 

There needs to be a bit of maintenance time before running the solution on production.

The pricing could always be better. Some clients would appreciate it if the pricing was reduced. 

The solution should focus on the EDR part and probably have an integrated data leak prevention module as well.

In future releases, the solution should provide one agent who takes care of EDR, end-point security, DLP, and application control.

I haven't received any distribution emails from the Trend Micro team regarding recent vulnerabilities and their efforts to mitigate them. It would be helpful if they could send emails notifying their users about the recommended upgraded versions to address the newly discovered vulnerabilities. This is an area that could be improved from more of a marketing perspective than a technical aspect.

We couldn't make the necessary modifications to the solution. We want to see improved authentication. We want to improve the interaction, and we want to get more notifications from the security service.

The tool needs to improve its subscription. 

They are working to improve the solution. For example, nowadays, they're offering cloud based EDR which addresses a lot of this scalability challenges like storage requirements, et cetera. We'd like to see extended capacity in the on-premises versions. 

They recently put out some more additions which I have yet to explore. They've already addressed a lot of previous concerns. 

We'd like the cloud model to have better pricing. 

AWS products could become more compatible with intrusion detection products leveraging help from Trend Micro.  

The initial setup was complex.

Pricing is on the expensive side and could be more affordable. The technical support for Trend Micro Deep Security also needs improvement.

I've not worked with CrowdStrike Falcon, but one of our customers also had CrowdStrike Falcon on some of the devices. I was only supporting Trend Micro. They had a ransomware attack, but Trend Micro didn't detect that particular ransomware attack, whereas CrowdStrike did. I was not a big fan of CrowdStrike till then, but when I saw that Trend Micro couldn't detect that particular attack but CrowdStrike could, my opinion changed. All the servers with Trend Micro were impacted, but all the devices on which CrowdStrike agents were running weren't impacted. CrowdStrike detected and blocked the attack immediately. From that perspective, I have high regard for CrowdStrike because the role of an EDR is to detect and respond immediately and block an attack. Containment is the first priority. Trend Micro can give numerous ifs and buts about why it couldn't detect that attack, and even though I'm a fan of Trend Micro and have extensive experience with Trend Micro Deep Security and Trend Micro Apex One, in that particular instance, CrowdStrike literally beat Trend Micro.

A disadvantage of Trend Micro as compared to CrowdStrike is that it doesn't work well with other solutions. If you have McAfee for anti-malware and IPS and the firewall of Trend Micro, they don't go very well. I had challenges deploying it with Carbon Black as well as McAfee and Symantec. It's because of the way Trend Micro works. It integrates with the NIC driver, so if two agents are running, it doesn't work well because they both want to integrate with the NIC driver.

We have had some issues when it drains some of the resources of the server. When that happens it slows down some of the processes and causes the CPU to run a little harder.

I am not sure about what could be improved. I don't look at the solution from this angle. Some other person from our team is managing that at the moment.

The solution could use more integration. I've heard that if we are going to deploy the XDR of some other solution, it'll not be integrated. It would be helpful if everything could come together. 

Some of the reporting and integrations could be more robust.

The risk is very complex. We need our tools to be more intelligent, more automated, more detectable. They could improve all of those aspects. I'd specifically like to see automation in terms of detection and auto mitigation.

The integration could be better. When we need to integrate a full console to manage endpoints and servers in the same place, we need to understand better how to deploy it so we don't need an agent or something else to deploy the solution to monitor everything.

The initial setup can be difficult. 

I would like to see better pricing. The pricing could be lower.

The initial setup needs improvement. Once it is set up, the configuration is relatively simple. However, the initial setup was a bit of a challenge.

They should include WAF modules in the product. There should be signature-based advanced and responsive features.

I think more work could be done on Deep Security's ability to handle dynamic threat scenarios. 

I'd like to have the ability to manage heterogenous clouds so that, for example, AWS and Microsoft are protected with the same security patterns. It already does that, but I think they may have rolled it back recently.

Also, it has great IDS/IPS built in, but I'd like a way to visualize the traffic. This way, there's more of an artistic view of security and the ability to ask question about the data. That would be really beneficial.

The pricing is a bit expensive. If they want to target SMBs, small enterprises, and small networks, then they need to reduce their prices.

It would be better if they merge a few features into one product. For example, they have an encryption feature that is separately sold. If they could merge it with Apex One or any endpoint security solution, maybe it would also be good for the end user.

One problem with this kind of  products is scaling. If you go on large sites you have to have an external database, which would increase the overall solution cost.

The solution offers many features aside from antimalware, lile Host FE and IDS/IPS, File integrity monitoring and so on, but if you use it to protect deliering agents on hosts you'd better verify the amount of host resources (ram)  utilized by DS agent itself.   

It needs to improve its integration with a lot of other products. This should be in the road map because we have a lot of SaaS-based appliances which are not connected with each other. Thus, I'm looking forward to more integrations coming together as a part of the product.

Going forward, I would like to have more APIs and integration with more application monitoring intelligence platforms.

The updates for legacy systems are not rolled out frequently. The product must improve on it.

Deep Security's reporting functionality could be improved. 

I'm currently evaluating TippingPoint. Trend Micro is still working on building tight integration with TippingPoint being a recent acquisition from a few years ago. So, a Tipping Point integration with Deep Security, having one single pane of glass dashboard, would provide us a simple use case.

The biggest drawback with Trend Micro is even when it is connected to the server, it will show as offline.

Another issue is, if I want to suggest this solution to a customer, we won't get the pricing immediately, which is a major problem.

I would like to see cloud-based integration.

The support for email protection can be improved.

If I had more reporting, the product would be an A plus. Reporting is the one thing that we are sort of missing, especially with more log information. 

Trend Micro Deep Security should provide better options. In the case of detection, we are not very happy with the functioning of the antivirus capabilities that Trend Micro Deep Security provides us. It doesn't have a passive way by which we can enable Microsoft Defender, considering most of the other antiviruses allow Microsoft Defender to work passively.

We are not very happy with Trend Micro Deep Security since it is not able to detect many viruses and bugs. We are looking for an alternate solution.

The tool lacks proper detection capabilities. Trend Micro Deep Security should know how to work along with Microsoft Defender in a passive mode. These two are major improvements.

On the cloud version, Trend Micro Deep Security Scanner has to improve on the signature part of analyzing the latest threat.

Some areas for improvement are:

• There are new additions to the standard product that should be included with the Deep Security version.
• When implementing this solution, sometimes we have challenges with SQL migration.
• Some of our customers complain about the cost of this solution.
• I would like to see an AI component added to the next release of this solution.
• The agent-based version has performance issues and they have to make it more lightweight.
• The forensic analysis capability needs to be improved.

The training needs improvement. It is expensive (classroom training), and it is often hard to find answers by yourself using the documentation.

I would like them to add EDR features, moving away from traditional signature-based anti-malware.

The workloads must be better.

Deep Security's biggest shortcoming is its reporting.

The main drawback is that it's complicated. With Trend Micro solutions, everything is complicated. Deep Security has its own management console, and every product in Trend Micro has its own management console. Everything is siloed. Now, they are trying now to connect everything inside the main control management or reporting console, however, it's still not a central management console. It makes for a lot of work when applying policies and security solutions.

The product isn't very user-friendly.

It's a bit old-fashioned in its design and approach.

While, for example, McAfee might have a new version every two months, Trend Micro might not release a new version for two years. While it's very stable, it could be a bit too long in-between versions.

It would be ideal if the solution communicated better with other security solutions from other brands. This is an issue. They need to open up their API or give access, or exchange information with other security products so that everything can communicate together, learn from each other, and block malicious threats better.

The working interface and the reports for non-technical people could use improvement. They are a bit scary.

The tool should integrate SIM functionality. It should also improve customer support. 

It would help if they would reduce the price. 

It should have XDR and EDR integration. It would be nice if they can tie it up with an XDR or EDR.

Its price is also quite high. It is more expensive than other products for patching. So, it would be nice if they lower its price.

As for what could be improved, I think it should come with an XDR facility without any extra cost. They're always releasing new features, but we need to pay extra for them. Our management is a little conservative about paying for new features. So if they're upgrading something or coming out with a new technology, they should provide it to the existing users. Recently, I attended a webinar that XDR gave about their new threat finding features and we have not received them yet. They are not giving it to existing customers. They are only offering it for purchase. It is for threat forensic reports.

I'm not asking for free, since we are already paying. Whenever they come out with a new thing, they should integrate it with the existing product. That is my opinion.

Additionally, we need a complete web reputation. We need to be able to do forensics for any incoming threat, to find details of the source of the threat, and to catch the '"enemy."

There's a little room for improvement as far as being more concise with the error messages. It's a small thing, and maybe that's coming in a newer version. Better notifications would be nice, such as error messages that a particular ESXi host is not protected properly.

If there's a problem, you have to drill down manually. You have to click and click and click to see what the message is. It would be nice to have a more transparent meaning instead of having to click so much to get to different levels.

We'd like to have more application control. It would help us block things more strategically. 

Support could be faster. 

I would like to see XDR features and endpoint sensors become available.

It's not a well-recognized solution and there's not much buzz around it in the marketplace. When I speak with an auditor about what Trend Micro is doing to cover my compliance footprint, it's not well-understood. That's where the challenge lies.

There are a couple of areas for improvement. It needs better support for Mac, and there are some challenges in its implementation.

Unfortunately, the relationship with VMware that Trend Micro has, prohibits us from continuing our use of the non agent-based solution as NSX is now required to go forward from version 5.5 to version 6. NSX has now become a necessity to go with agent-based, so we're moving to an agent-based solution on the VDI's and our server-based as well.

Their support should be improved. We need support in the UAE, but it is always going to some other country or region, and the time schedule is not suitable for us. 

They need to build in a central console because central integration is not very good right now. I have four locations and I need to log in to each location's portal to look at it. That is a very big job and I would like to have a consolidated report for all of them.

We would like to see the advanced threat protection (ATP) built-in, without having to use another product.

The situation with the currency in Turkey makes this solution a little bit on the expensive side, and if it were lowered then it would be more competitive.

The cost is very high. it would be ideal if they would work on the pricing.

Technical support could be much better.

The product should be able to host a vulnerability scanner. Right now, we need to pay extra. It would be ideal if they could do a vulnerability scan of my endpoints. 

Trend Micro is not government certified or federal complaint. If they could become compliant/certified, this would make it easier for us to use it for our government projects.

There are several areas for improvement:

• The ability to manage agent-based AV (i.e. integrate Officescan into Deep Security) for desktops and laptops;
• Streamline the install (specifically configuring of external product requirements i.e. the VMware side); and
• Better integration with Control Manager (had a few issues with it not recognizing the DS server).

I'm not sure how this product could improve, although we did have some compatibility issues between it and versions of vSphere.

I'd like to see some sort of database out-of-the-box. Deep Security uses its own database, with which we have some issues, but we just go right to SQL or another database. Right now, the standard database as to be converted to SQL or Oracle, but that's something that should be out-of-the-box standard.

What this product lacks at this stage is the ability to have automated workbooks to do the response. At this stage, the response is more manual, and it is not automated. If there is a response functionality in Deep Security, similar to what we have in EDR these days, to automatically respond to some of the threats, it would be cool. So, we'd like to have an automated response. There should be a response functionality.

It needs real-time anti-malware support for Amazon Linux and an option that allows you to classify and mark reports using tags like Top Secret or Confidential which are missing in Deep Security 9.5 but are in v9.6, which was released in January. We're still homologating 9.6 version with this new feature.

An improvement on its Control Manager integration is also needed because it's insufficient for individual and granular management. Control Manager is a console that integrates all Trend Micro products.

There should be more tools to trace back. Some sort of module needs to be included to attach all the things. 

It should be more stable, and the traceback feature should be improved. There were cases when we got virtual analyzer or CMC errors. We got false-positive malware notifications, but we couldn't trace them. I raised a case with Trend Micro two or three times, but they couldn't resolve it. Their support should be improved in terms of technical abilities to troubleshoot complex issues. They should be more knowledgeable.

This is a very good tool but I don't find it to be a particularly user friendly solution, a lot of trouble shooting is required. I believe it needs simplification, without that they will run into continual problems. For now the solution requires spending a lot of time on module issues and anti-malware modules. We also have issues with scaling and this area could be improved. Adding one additional end point means you need to re-input all the other end points. If you have 1,000 users, that is not possible in real time. Each time we deploy new managers we need to connect with all endpoints and they need to be re-entered. 

I would like to see a retroactive alert. If it had the capability of generating retroactive alerts it would be helpful.

While it is stable, it has room to improve.

Deep Security is a fantastic product but there are certain little details that could be tweaked or improved to make it a ten.

VMware and Trend Micro are pursuing a strategy to develop a light version of NSX that will allow us to run it agentlessly.

They also need to offer support for Apple machines. Almost every vendor I've seen, they're all junk. For Trend Micro to take a step either with their office-end product or with Deep Security to actually protect Macs, that would be a huge game-changer for iOS.

I would like to see a little bit of better means of agent distribution. The ability to deploy agents maybe from the solution itself that would be a good one.

I’d like to see more of a database involved with integrity monitoring, a database that would be developed to identify some of the more well-known processes and files, trends, etc. Anything that would help me do less research would be an improvement.

I would like to see an EDR function for the servers, as that would be useful for us.

Detection and Response directly to the servers.

Trend Micro Deep Security security and scalability could be improved.

The licensing structure could improve.

I know that they are working on it, but their automation needs improvement.

I would also like to see more containerization stuff, specifically Docker.

They should improve the interface of the main dashboard. It is difficult to find where templates define policies. Also, if you are not careful, your policy implementation can lead to management problems. It should have warnings before applying policies. They also need to improve its dashboard to help monitor the rules that are incorrect or are duplicated.

They need to improve their perimeter detection and tenancy.

An additional feature that should be included in the next release is the ability to scan more document types.

The client can show as offline sometimes, and that becomes a bit difficult for troubleshooting. We end up basically redeploying the client. This is something that could be improved in the future.

It would be helpful if they added more machine learning into the solution in the future.

Reports. The default reports provided don't provide much insight.

It needs better global visibility of the virtual environment.

I would like more security tools which could fit into a DevOps environment.