We performed a comparison between Darktrace and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Network Detection and Response (NDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I find the complete portfolio to be excellent."
"Darktrace is very useful for us because it has a large number of models for detecting threats."
"We are able to detect a lot of things, actually, and see what is happening in our network."
"I like the Antigena feature in Darktrace, as it offers immediate response and is helpful."
"The Antigena feature is most valuable. Once it learns your environment, Antigena can step in and block a denial of service attack, a ransomware attack, or just about anything that doesn't belong in the environment. It can detect any type of attack that hits the environment because it understands what normal looks like for the network. It is very useful for an autonomous response."
"It provides a comprehensive, detailed view of network activity and whatever is happening inside it."
"The most valuable feature is that it gives us visibility of rogue traffic that is on the network."
"Artificial intelligence and machine learning functionalities are valuable."
"Over the thirteen years of using the product, we have not experienced a single compromise in our environment. During the COVID period, we faced numerous DDoS attacks, and the tool proved highly effective in mitigating these threats."
"Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening."
"The product is very easy to configure."
"Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser."
"The MVX Engine seems to be very capable against threats and the way it handles APTs is impressive."
"The sandbox feature of FireEye Network Security is very good. The operating system itself has many features and it supports our design."
"Improved our systems and our customers' by providing better malware protection, defense against zero-day threats, and improved network security."
"We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up."
"The user interface and the configuration are a bit complex and should be improved or simplified."
"The program is quite expensive."
"The pricing model is a little too high and could be more flexible."
"It should be easier to access the Darktrace portal and its documentation. Only the customer can access their portal and support. It could be cheaper."
"The product doesn't have an endpoint agent that can react to triggers set on the device,"
"The level of tracking within the network from the transmission level up to the machine level can use improvement."
"The solution can improve the reporting."
"This is quite an expensive product so the pricing is something that can be improved."
"As far as future inclusions, it would be useful to display more threat intelligence, such as the actual area of the threat and the origin of the web crawling (Tor and Dark Web)."
"It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning."
"They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."
"We'd like the potential for better scaling."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
"Certain features in Trellix Network Detection and Response, such as using AL-type commands, may initially pose a challenge for those unfamiliar with such commands. However, once users become accustomed to the system, it becomes easier to use."
"There is a lot of room for Improvement in the offering, from cost to functionality. It is pretty straightforward to implement which is an advantage. However, it falls short in pricing, detection capabilities, and, most importantly, reporting and policy management."
"Technical support could be improved."
More Trellix Network Detection and Response Pricing and Cost Advice →
Darktrace is ranked 1st in Network Detection and Response (NDR) with 66 reviews while Trellix Network Detection and Response is ranked 7th in Network Detection and Response (NDR) with 37 reviews. Darktrace is rated 8.2, while Trellix Network Detection and Response is rated 8.4. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Offers in-depth investigation capabilities, integrates well and smoothly transitioned from a lower-capacity appliance to a higher one". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and ExtraHop Reveal(x), whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Fortinet FortiGate, Zscaler Internet Access and Cisco Secure Firewall. See our Darktrace vs. Trellix Network Detection and Response report.
See our list of best Network Detection and Response (NDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.