Try our new research platform with insights from 80,000+ expert users

NetWitness Platform vs Trellix Network Detection and Response comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Customer Service

No sentiment score available
Sentiment score
7.1
Trellix Network Detection and Response's customer service is rated highly for responsiveness, with room for improvement compared to competitors.
 

Room For Improvement

No sentiment score available
Sentiment score
5.1
Trellix Network Detection and Response requires improvements in false positives, customization, integration, user interface, support, pricing, and collaboration.
 

Scalability Issues

No sentiment score available
Sentiment score
7.7
Trellix Network Detection and Response is scalable, effectively supporting various network sizes and user bases with few issues.
 

Setup Cost

No sentiment score available
Sentiment score
6.6
Trellix pricing is high for small enterprises, offering quality threat detection, competitive against some but not all rivals.
 

Stability Issues

No sentiment score available
Sentiment score
7.8
Trellix Network Detection and Response is stable and robust, with occasional performance issues requiring regular updates for optimal functionality.
 

Valuable Features

No sentiment score available
Sentiment score
7.7
Trellix Network Detection and Response offers advanced threat detection, real-time response, and automation for comprehensive network protection and security operations.
 

Categories and Ranking

NetWitness Platform
Average Rating
7.4
Reviews Sentiment
7.5
Number of Reviews
36
Ranking in other categories
Log Management (25th), Security Information and Event Management (SIEM) (24th)
Trellix Network Detection a...
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
38
Ranking in other categories
Advanced Threat Protection (ATP) (15th), Network Detection and Response (NDR) (12th)
 

Mindshare comparison

NetWitness Platform and Trellix Network Detection and Response aren’t in the same category and serve different purposes. NetWitness Platform is designed for Log Management and holds a mindshare of 0.4%, down 0.5% compared to last year.
Trellix Network Detection and Response, on the other hand, focuses on Advanced Threat Protection (ATP), holds 5.1% mindshare, down 6.1% since last year.
Log Management
Advanced Threat Protection (ATP)
 

Featured Reviews

MdZaman - PeerSpot reviewer
Really scalable for enterprise customers
The solution should have more integration capabilities with different platforms. The API is nearly open and scalable, so the solution can integrate with many platforms. The solution has more than 200 log sources in the scalability to support, but this is its limit. Installation is pretty easy. However, there are a couple of modules involved, so it is not as easy as it could be. We are talking about a distributed module, not a single-module type. This is what makes things a bit complex, instead of easier. I rate it as a seven out of ten on its installation and configuration capabilities.
BiswabhanuPanda - PeerSpot reviewer
Offers in-depth investigation capabilities, integrates well and smoothly transitioned from a lower-capacity appliance to a higher one
The in-depth investigation capabilities are a major advantage. When the system flags something as malicious, it provides a packet capture of that activity within the environment. That helps my team quickly identify additional context that most other tools wouldn't offer – like source IP or base64 encoded data. We can also see DNS requests and other details that aren't readily available in solutions like Check Point or others that we've tried. The detection itself is solid, and their sandboxing is powerful. There's a learning curve – you need a strong grasp of OS-level changes, process forking, registry changes, and the potential impact of those. But with that knowledge, the level of information Trellix provides is far greater than what we've seen elsewhere. The real-time response capability of Trellix has been quite effective, although it's not very fast. The key is this solution's concept of 'preference zero.' They don't immediately act on a zero-day. For example, the solution has seen a piece of malware for the first time. It'll let it in, then do sandboxing. Maybe after four or five minutes, it identifies that specific file's DNX Secure Store as malicious. At that point, they update the static analysis engine, and it gets detected if anything else tries to download the same file. There is that initial 'preference zero' concept, like with Panda. You may not hold traffic in the network. That's standard in the industry; we don't do much about it. To address that, we also have endpoint solutions. We use SentinelOne in our environment, which helps us identify threats like Western Bureaus and others.
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
816,406 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Financial Services Firm
18%
Computer Software Company
17%
Government
8%
Insurance Company
6%
Financial Services Firm
19%
Comms Service Provider
9%
Manufacturing Company
9%
Computer Software Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about NetWitness Platform?
The product's initial setup phase was not at all difficult.
What is your experience regarding pricing and costs for NetWitness Platform?
The product price was reasonable for my region and the market.
What needs improvement with NetWitness Platform?
From an improvement perspective, the NetWitness Platform needs to release new features and improve in areas like log correlation. The tool needs to have easier integrations with the cloud. Building...
What do you like most about FireEye Network Security?
We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement an...
What is your experience regarding pricing and costs for FireEye Network Security?
The pricing is fair, a little expensive, but fair. We've evaluated other products, and they're similarly priced. It's a bit on the expensive side, but we don't want to compromise with cheap, less r...
What needs improvement with FireEye Network Security?
The solution's support needs to improve their support.
 

Also Known As

RSA Security Analytics
FireEye Network Security, FireEye
 

Learn More

Video not available
Video not available
 

Overview

 

Sample Customers

Los Angeles World Airports, Reply
FFRDC, Finansbank, Japan Advanced Institute of Science and Technology, Investis, Kelsey-Seybold Clinic, Bank of Thailand, City of Miramar, Citizens National Bank, D-Wave Systems
Find out what your peers are saying about NetWitness Platform vs. Trellix Network Detection and Response and other solutions. Updated: September 2022.
816,406 professionals have used our research since 2012.