Please share with the community what you think needs improvement with Trend Micro Smart Protection.
What are its weaknesses? What would you like to see changed in a future version?
The solution could be more stable and secure.
The administration could be better. They could decrease the administrative burden and enable easier management. There are many features, options, and settings which is quite challenging for some of our customers. The complexity of the interface is also an issue. From a software point of view, I would prefer to see actual signatures and actual protection patterns, rather than new features. The variety of products Trend Micro offers is huge, and their names have changed every two years. It's quite difficult to explain to customers the benefits, the complexity of the lineup, and the appropriate products for them.
Nowadays, it is not possible to rely only on an anti-virus solution. This product would be improved if it had more monitoring capabilities so that it could stop threats before they break into the network and damage it. Database encryption is missing and should be added.
We found an issue on the server-side. Sometimes, it slows down the servers if you install it on the SQL. In some cases, the version on the server-side, when you install it on the server, doesn't update when the updates are available. For example, if the virus definitions are getting updated every two days, even though you push the updates to the servers from the management console of Trend Micro, it doesn't update the servers successfully. On the client-side, on the computers, desktops, and laptops, when you do the restart, the new virus definition appears. We are now working with technical support to find out a way to upgrade or use a patch or do some modifications to get the servers updated frequently. Even though we push twice a week from the management console to the servers, still those definitions are not getting updated. We have quite a number of servers - almost 90 server installations - therefore, it's very hard to restart them just to get the virus definition updated. That's one of our biggest problems at the moment with Trend Micro. Of course, when you do restart the server, it fetches the updates from the management server but that's not the way you can perfect the server. It should be noted that servers sometimes will not get used for a month or two. That's a challenge for us, keeping them updated. On top of that, the current vulnerabilities that you have up there on the Windows clients and the number of attacks registered, have increased. It would be ideal if the solution could offer more control of computers from the management console in terms of, maybe, dealing with file-sharing. You should be able to block computers from sharing when they are on an external network. That's one of the things I was hoping they could catch in the new version that was released in July, but we didn't get that option. In Symantec, for example, you can block file-sharing on your clients so they cannot share any data with anybody in the network if they connect to an external network. It makes things much safer.
Documentation-wise, they are a disaster. If you want to know something about Trend Micro, you will not find anything useful from Trend Micro themselves. You have to basically dig some blog, or you need to seek some expert to help you understand what they are offering. I have never seen such a good product with such disastrous documentation. Feature-wise, almost all vendors are providing the same features, but it is all about the integration. For example, Trend Micro is promoting their endpoint protection suite, but they never mention about the integration that they are offering with their EDR solution. They are treating each product as a separate island, and you don't know much about their integration. It would be good if they can focus on integration.
There is room for improvement to make it better for customers.
This product is not very simple and in fact, kind of hard for some people to understand. After you start working with it, you get the hang of it. It would be helpful to have vulnerability scanning and patching built-in. It is available as a separate product and including it would be a good selling point. However, if it is very heavy when running on the end-users computers then it is going to backfire.
I haven't used the solution for very long, so I haven't encountered many issues using the solution. We're just using it as brand protection for now, and for that, it is working as it should.
The solution needs to improve the deployment so it aligns with the latest Microsoft patches and upgrades. It makes the deployment process lengthy and painful. The solution needs to add more AI. It already has some AI and machine learning built in, but they could be more advanced and offer deeper learning capabilities.
The price of the solution could be improved. For us, this is the most important aspect that could be better. If they could improve their pricing strategy, it would impress us. The threat response could be a bit better.
We are currently using Trend Micro for protection, but they have another product called Apex One that we would like to use instead. Apex One includes artificial intelligence and is offered as an upgrade. Trend Micro is signature-based, and with Apex One, because of the Artificial Intelligence, you don't have to use the signature file. In the next release, I would like to see a combination of the different features from Apex One and OfficeScan in Trend Micro Smart, rather than as upgraded features.
The only drawback to this solution is that it needs different products for different types of clients, and it would be better to have a single agent for all of the products. For example, for clients we need to have officescan and for server we need to have deep security from trendmicro. Improvements need to be made so that detection is more behavior-based, rather than signature-based. The behavior analytics is there but it needs to be more advanced. Ideally, I would like to see completely signature-less threat detection.
We were considering switching to SentinalOne because it has pre-detection, and Trend Micro does not offer this; it's something the solution should add.
The design of management tools needs improvement. They are improving it constantly, but there's still room for improvement. The integration part is quite good, but it could be even better. The solution should improve its mobile management solution.
It does not provide insights into what is being done. I don't see value when I present the product to the customer. It says it has done something, but it doesn't provide me any information about what was done. Insights are very important. When it say that definitions are updated, which definitions? How is it protecting me? What is the product doing? All I am getting are one line updates. More insights, like metadata, is important. Without this, there is no point in installing the solution.
We all know it's really hard to get good pricing and cost information.
Please share what you can so you can help your peers.
What is the best for ransomware infection?