NetWitness Platform vs Trellix Network Detection and Response comparison

"The most valuable feature is the hunting ability to work in a CERT."

"The most valuable features are the integration and ease of use."

"Offers a good wireless feature."

"Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network"

"In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing."

"It's quite economical compared to other solutions in the market."

"The most valuable features are the packet inspection and the automated incident response."

"It's fully scalable. There is no limit. Of course, the license limits per day the number of terabytes. In my opinion, it's very flexible."

"The product is very easy to configure."

"The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks."

"Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities."

"We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement and that nothing else was infected. It helped us correlate the events and feel confident in our containment."

"Support is very helpful and responsive."

"Trellix NDR provides an essential defense by automatically responding to network incidents that firewalls may not catch."

"We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up."

"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."

"I believe that integrating the solution with other products such as Oracle would be beneficial."

"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."

"Security needs improvement."

"More customizability is required, which is something that they need to improve on."

"The user interface is a little bit difficult for new users and it needs to be improved."

"The product's licensing models are complex to understand. This particular area needs improvement."

"Technical support could be improved."

"Nowadays, their support is a little subpar compared to other solutions. I rate RSA support six out of 10."

"The Trellix solution could be improved by enhancing the Central Management Console for faster visibility, which would help in network detection response."

"Cybersecurity posture has room for improvement."

"Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard."

"Technical support needs improvement as sometimes engineers are not available promptly, especially during high-severity incidents."

"The product's integration capabilities are an area of concern where improvements are required."

"I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."

"It is very expensive, the price could be better."

"Certain features in Trellix Network Detection and Response, such as using AL-type commands, may initially pose a challenge for those unfamiliar with such commands. However, once users become accustomed to the system, it becomes easier to use."

"The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs)."

"The product price was reasonable for my region and the market."

"Compared to the competition, the is price is not that high."

"There is a licensing fee and the customer can choose whether he wishes this to be subscription-based or perpetual."

"This is a pricey solution; it's not cheap."

"We have yearly licensing costs. The license fee can be based on the volume of EPS. Some organizations may have, as a gentlemanly gesture, 10,000 EPS and get a 3,000 EPS license but actually use 5,000 EPS."

"We are on an annual license for the use of the solution."

"The product is expensive."

"FireEye is comparable to other products, such as HX, but seems expensive. It may cause us to look at other products in the market."

"Because of what the FireEye product does, it has significantly decreased our mean time in being able to identify and detect malicious threats. The company that I work with is a very mature organization, and we have seen the meantime to analysis decrease by at least tenfold."

"The pricing is a little high."

"The user fee is not as high but the maintenance fee is expensive."

"When you purchase FireEye Network Security NX, will need to purchase a megabit per second package. You must know your needs from day one."

"The pricing is fair, a little expensive, but fair. We've evaluated other products, and they're similarly priced."

"When I compare this solution to its competitors in the market, I find that it is a little expensive."

"The tool is a bit pricey."