What needs improvement with Trend Micro Smart Protection?

No online encryption or cloud services are available for the tool, so my company has to install it mostly in an on-premises environment. Encryption or cloud services need to be made available in the product. Maintenance of databases on a product deployed on an on-premises model is difficult. Nowadays, no one wants to maintain databases on a product deployed on an on-premises model, and they prefer a cloud-based tool. The product should support a few DLP features and a few more applications. Google and Microsoft currently offer DLP applications.

The solution’s technical support is not very good and could be improved.

Our technical team suggests that the product meets all customer expectations but the DLP side of the product can be improved. Specifically, some functionalities within the IDLP can be improved. When the user goes on roaming mode, the data log is not pulled into the management console, this is one drawback we witness in the solution. This solution is also lacking in Shadow Copy. We have noticed these drawbacks from our customer service.

We can create security playbooks from our detected workbench for future detection in XDR Vision One. Suppose an error happened in the past, and we created a security playbook for this event. The next time this event happens again, the security playbook can detect the error and notify the incident responder. The solution's device control options are not too beneficial. If I block USB detection, all USBs, including the non-storage devices or any other devices, are blocked. These are the issues with Trend Micro Smart Protection.

The pricing of the solution can be improved.

I see continuous improvement in the product. With the ever-evolving technological landscape, various vendors are acknowledging Trend Micro's intelligent global platform for their solutions. The only notable concern is the level of support in the particular region of Sri Lanka. Following events in the past two years, the quality of technical support has regrettably declined. While the support was commendable before that period, it has not been up to par for the last couple of years in this region, specifically Sri Lanka. I cannot speak for other regions. Having a swift deployment option would be highly beneficial. Additionally, optimizing the product to minimize bandwidth usage is crucial, given the limited bandwidth availability in countries like Sri Lanka. Both deployment flexibility and bandwidth efficiency are key aspects of product enhancement, especially considering that remote deployment options would be a significant advantage for nationwide product adoption. For on-premises products, there is a remote deployment option available. However, for cloud products like incident response solutions, having a similar capability to recognize work devices and seamlessly integrate endpoints into the network via the cloud platform would be beneficial.

I want the tool to provide the solutions integrated within it to have regular updates. Currently, the solutions integrated with Smart Protection get updates from the cloud. I want to minimize the download from the cloud.

Trend Micro Smart Protection could improve automatic scanning because sometimes it pops up when I am doing my work. It would be helpful to have a feature to have it only automatically scan when the system is on standby mode. I would be able to be more efficient with my work. Additionally, security could improve.

There are no data loss prevention features, and they should be included in the next release.

Trend Micro Smart Protection could improve the false positive with some integrations with other solutions and automated reporting. The reports should allow the user to set up some customer trigger alerts instead of the user having to look at the report manually. Additionally, the responses from sender detection and response feature could improve.

Smart Protection could be more compatible with older operating systems like Windows XP and Windows 2000. Some of our clients have requested that.

I'm expecting Smart Protection to be phased out, and for them to only use their cloud-enabled EDR. I expect it to become end-of-life in the next three years and then just the EDR will be available. It is onsite. It does have its challenges in terms of scalability.

Recently our end users are feeling that their system resources are too occupied and slowed because of the Trend Micro agent - that the agent is doing lots and lots of background activities which include Application Control and Advanced Threat Protection. We raised the complaint with them and are waiting for their technical support. The support could be faster for all the Trend Micro solutions. We use the port monitoring and ransomware protection things, and everything is running in background. Because of that, that CPU use is getting high. So the user cannot use that machine as much as they like for other applications. That's the issue we have recently been receiving.

The web filtering could be improved.

I'm not sure about the cloud migration part, in terms of whether it is seamless or not. We'd like the solution to incorporate more ETL functionalities in the future.

We haven't had any problems with the solution so far. I cannot recall noticing any missing features.

The solution could be more stable and secure.

The administration could be better. They could decrease the administrative burden and enable easier management. There are many features, options, and settings which is quite challenging for some of our customers. The complexity of the interface is also an issue. From a software point of view, I would prefer to see actual signatures and actual protection patterns, rather than new features. The variety of products Trend Micro offers is huge, and their names have changed every two years. It's quite difficult to explain to customers the benefits, the complexity of the lineup, and the appropriate products for them.

Nowadays, it is not possible to rely only on an anti-virus solution. This product would be improved if it had more monitoring capabilities so that it could stop threats before they break into the network and damage it. Database encryption is missing and should be added.

We found an issue on the server-side. Sometimes, it slows down the servers if you install it on the SQL. In some cases, the version on the server-side, when you install it on the server, doesn't update when the updates are available. For example, if the virus definitions are getting updated every two days, even though you push the updates to the servers from the management console of Trend Micro, it doesn't update the servers successfully. On the client-side, on the computers, desktops, and laptops, when you do the restart, the new virus definition appears. We are now working with technical support to find out a way to upgrade or use a patch or do some modifications to get the servers updated frequently. Even though we push twice a week from the management console to the servers, still those definitions are not getting updated. We have quite a number of servers - almost 90 server installations - therefore, it's very hard to restart them just to get the virus definition updated. That's one of our biggest problems at the moment with Trend Micro. Of course, when you do restart the server, it fetches the updates from the management server but that's not the way you can perfect the server. It should be noted that servers sometimes will not get used for a month or two. That's a challenge for us, keeping them updated. On top of that, the current vulnerabilities that you have up there on the Windows clients and the number of attacks registered, have increased. It would be ideal if the solution could offer more control of computers from the management console in terms of, maybe, dealing with file-sharing. You should be able to block computers from sharing when they are on an external network. That's one of the things I was hoping they could catch in the new version that was released in July, but we didn't get that option. In Symantec, for example, you can block file-sharing on your clients so they cannot share any data with anybody in the network if they connect to an external network. It makes things much safer.

Documentation-wise, they are a disaster. If you want to know something about Trend Micro, you will not find anything useful from Trend Micro themselves. You have to basically dig some blog, or you need to seek some expert to help you understand what they are offering. I have never seen such a good product with such disastrous documentation. Feature-wise, almost all vendors are providing the same features, but it is all about the integration. For example, Trend Micro is promoting their endpoint protection suite, but they never mention about the integration that they are offering with their EDR solution. They are treating each product as a separate island, and you don't know much about their integration. It would be good if they can focus on integration.

There is room for improvement to make it better for customers.

This product is not very simple and in fact, kind of hard for some people to understand. After you start working with it, you get the hang of it. It would be helpful to have vulnerability scanning and patching built-in. It is available as a separate product and including it would be a good selling point. However, if it is very heavy when running on the end-users computers then it is going to backfire.

I haven't used the solution for very long, so I haven't encountered many issues using the solution. We're just using it as brand protection for now, and for that, it is working as it should.

The solution needs to improve the deployment so it aligns with the latest Microsoft patches and upgrades. It makes the deployment process lengthy and painful. The solution needs to add more AI. It already has some AI and machine learning built in, but they could be more advanced and offer deeper learning capabilities.

The price of the solution could be improved. For us, this is the most important aspect that could be better. If they could improve their pricing strategy, it would impress us. The threat response could be a bit better.

We are currently using Trend Micro for protection, but they have another product called Apex One that we would like to use instead. Apex One includes artificial intelligence and is offered as an upgrade. Trend Micro is signature-based, and with Apex One, because of the Artificial Intelligence, you don't have to use the signature file. In the next release, I would like to see a combination of the different features from Apex One and OfficeScan in Trend Micro Smart, rather than as upgraded features.

The only drawback to this solution is that it needs different products for different types of clients, and it would be better to have a single agent for all of the products. For example, for clients we need to have officescan and for server we need to have deep security from trendmicro. Improvements need to be made so that detection is more behavior-based, rather than signature-based. The behavior analytics is there but it needs to be more advanced. Ideally, I would like to see completely signature-less threat detection.

We were considering switching to SentinalOne because it has pre-detection, and Trend Micro does not offer this; it's something the solution should add.

The design of management tools needs improvement. They are improving it constantly, but there's still room for improvement. The integration part is quite good, but it could be even better. The solution should improve its mobile management solution.

It does not provide insights into what is being done. I don't see value when I present the product to the customer. It says it has done something, but it doesn't provide me any information about what was done. Insights are very important. When it say that definitions are updated, which definitions? How is it protecting me? What is the product doing? All I am getting are one line updates. More insights, like metadata, is important. Without this, there is no point in installing the solution.