NetWitness Platform vs Trellix Network Detection and Response comparison

"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."

"The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."

"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"

"The most valuable features are the packet decoder, log decoder, and concentrator."

"The newer 11.5 version that my team is using has found it to have good mapping."

"The most valuable feature is that we can create our own connectors for any application, and NetWitness provides the training and tools to do it."

"Their technical support responds quickly and are knowledgable."

"The solution is really scalable for the high-end power, enterprise customer."

"The solution can scale."

"Very functional and good for detecting malicious traffic."

"It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."

"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."

"Trellix NDR provides an essential defense by automatically responding to network incidents that firewalls may not catch."

"Over the thirteen years of using the product, we have not experienced a single compromise in our environment. During the COVID period, we faced numerous DDoS attacks, and the tool proved highly effective in mitigating these threats."

"We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up."

"The most valuable feature is the network security module."

"Health monitoring of the event sources and devices."

"The threat detection capability and centralizing and upgrading capability need to be improved. The threat alert capability needs to be improved as well because there is some lag time at present. They need to work on their database search too."

"The initial setup is complex. There are other solutions that are easier to implement."

"The system architecture is complex and sometimes it’s hard to troubleshoot potential problems."

"I believe that integrating the solution with other products such as Oracle would be beneficial."

"RSA NetWitness Logs and Packets can improve the threat level aspect, it is lacking compared to other solutions. Whenever any hacking activity or any other threat factor occurred they used to provide the coverages very fast when comparing RSA NetWitness Logs and Packets. I heard the other three solutions, from a discussion with my team members who had experience in other solutions, they used to say that. Whenever any issues happened across the globe RSA NetWitness Logs and Packets are a little bit slow improving those detection mechanisms."

"Log aggregation is an issue with this solution because there are a huge number of alerts in a single instance."

"The initial setup was complex because it takes a lot of time to complete the implementation."

"They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."

"It is an expensive solution."

"The world is currently shifting to AI, but FIreEye is not following suit."

"Technical packaging could be improved."

"Management of the appliance could be greatly improved."

"Certain features in Trellix Network Detection and Response, such as using AL-type commands, may initially pose a challenge for those unfamiliar with such commands. However, once users become accustomed to the system, it becomes easier to use."

"As far as future inclusions, it would be useful to display more threat intelligence, such as the actual area of the threat and the origin of the web crawling (Tor and Dark Web)."

"The solution's support needs to improve their support."

"The product price was reasonable for my region and the market."

"There is a licensing fee and the customer can choose whether he wishes this to be subscription-based or perpetual."

"The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs)."

"Compared to the competition, the is price is not that high."

"We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment."

"It’s cheaper to run virtual machines in a VMware environment."

"It provides tools to assist in selecting the appropriate license and usage scenarios."

"This is a pricey solution; it's not cheap."

"When I compare this solution to its competitors in the market, I find that it is a little expensive."

"FireEye is comparable to other products, such as HX, but seems expensive. It may cause us to look at other products in the market."

"We're partners with Cisco so we get a reasonable price. It's cheaper than Palo Alto in terms of licensing."

"When you purchase FireEye Network Security NX, will need to purchase a megabit per second package. You must know your needs from day one."

"The pricing is a little high."

"Its price is a bit high. A small customer cannot buy it. Its licensing is on a yearly basis."

"The user fee is not as high but the maintenance fee is expensive."

"The tool is a bit pricey."