No more typing reviews! Try our Samantha, our new voice AI agent.

SolarWinds Security Event Manager vs Trellix ESM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SolarWinds Security Event M...
Ranking in Security Information and Event Management (SIEM)
34th
Average Rating
7.8
Reviews Sentiment
5.7
Number of Reviews
27
Ranking in other categories
No ranking in other categories
Trellix ESM
Ranking in Security Information and Event Management (SIEM)
30th
Average Rating
7.4
Reviews Sentiment
7.0
Number of Reviews
38
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of SolarWinds Security Event Manager is 1.0%, up from 0.7% compared to the previous year. The mindshare of Trellix ESM is 1.0%, down from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Trellix ESM1.0%
SolarWinds Security Event Manager1.0%
Other98.0%
Security Information and Event Management (SIEM)
 

Featured Reviews

Yashokanth Partkunan - PeerSpot reviewer
Managed Services Engineer at Loop1 Systems
Has supported client needs efficiently but requires deeper analysis features and faster support
The log analyzing capability of SolarWinds Security Event Manager should go into more depth than the current environment. More modification and enhancements are required on the dashboard side in order to make it closer to optimal performance. From observation and feedback from users, they need more functionality related to monitoring, and in-depth analyzing needs to be improved.
MD
Senior Vice President IT at AS IT Consulting Pvt. Ltd.
Offers comprehensive report generation while maintaining ease of integration
We need to improve Trellix ESM by making sure that most of the logging devices available in the global market should be covered, and if there is any device which is not covered, there should not be any additional charges for writing the custom parsers on that. We can add some new features regarding AI in the future for Trellix ESM, but the maturity will take a longer time. There are many false positives that happen in an environment during the first couple of months, or around six months, so the system analyst is not able to identify whether the event which has occurred is a true positive or a false positive.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"SolarWinds' stability is fine. I don't think we've had any software issues."
"We did previously use a different solution, but SolarWinds is much better. It's easy to interact with SolarWinds. It's easy to operate, easy to configure and is generally easier compared to what we were working with before."
"The most valuable feature of SolarWinds Security Event Manager is the analysis and the knowledge about the incidence that we trace."
"It's extremely easy to deploy."
"The most valuable feature of the solution is intuitivity of navigation; it's easy to build rules and actions which are based on the logs and event types we collect with the software."
"The solution helps me to go back in time and search for different events. For example, if you wanted to know who activated an account; you could go back in time and find out."
"The solution helps you monitor database instances, application instances, other customer application things, Linux servers, IBM servers, and Oracle servers."
"The scalability of SolarWinds Security Event Manager is good."
"We are quite happy with the product and its stability, but the problem is the lack of support, which is one of the major issues that we are facing."
"McAfee is the right choice for a low-budget solution."
"The most valuable feature of Trellix ESM, for detecting, is that it detects malware and viruses, such as a particular virus that was critical in Kenya; we used ESM to detect and block that particular virus completely."
"The product works better than other vendors available in the market."
"The most valuable feature for us is that it comes with many correlations, reports, and dashboards already available, and it's also very easy to use."
"Trellix ESM utilizes fewer human resources and improves security and visibility."
"It blocks the things which are not to be allowed. It has an adaptive mode where it learns for itself."
"It can be easily deployed with the other solutions."
 

Cons

"We have automated threat detection in the Alliance Security, Antoinette. However, if these features could be further enhanced, it would simplify my work, potentially allowing me to allocate more time to address complex issues."
"There are no multiple dashboards which would allow you to see information side-by-side."
"The reporting could be more robust. It can be a lot more granular and that will make it a lot more useful in comparison to how it is incorporated at the moment."
"Under the new system, it is not upgradable the way they say. When you try to do an upgrade, it doesn't really work unless you dump everything and start from scratch. You lose a lot of your nodes. Whenever you set your nodes up and everything else, they don't want to bring those nodes back in, so you have to really go back and restructure all your nodes. I went from version 6.5 to version 6.6 and then to version 6.7. I then went to version 2019, and now it is version 2020. It would be good if we can upgrade without having to delete everything and start from scratch. They can maybe build more KPIs and other things for the dashboard. Some of the other systems already have built-in KPIs. SolarWinds is starting to catch up, but it is not there yet. They can include some of the business or industry standards for tracking the time, that is, the meantime to detect (MTTD) and the meantime to resolve (MTTR). They can also find a way to build a KPI that measures the number of instances of port scans experienced in a week or a month."
"I think the customization area in the tool can be considered as an area of concern where improvements are required."
"I would like to have a more customizable dashboard."
"The main area that would mean a big improvement for me would be for the product to include multiple dashboards."
"Training for this solution needs to be improved, as new employees are sometimes unfamiliar with the product."
"I would like to see fingerprint recognition included in the next release of this solution."
"The support from McAfee ESM could improve. They could improve the speed."
"There are always multiple bugs in the product. For example, the console page was hanging multiple times. Afterwards, they released multiple upgrades for the same, multiple patches from McAfee."
"It is more difficult to operate Trellix ESM than other solutions."
"It is not a very advanced solution, and it is for very generic use cases. It cannot cope with the advanced requirements that we're going to have. For example, for multiple authentication failures, it is still based on Windows events for detecting multiple login failures, whereas other companies are going beyond and working on implementing two-factor authentication. It is time to correlate the two-factor authentication results with authentification failures, which is not happening with McAfee ESM. The performance of the tool should be improved because it is very slow. The data display on the console is very slow in McAfee ESM. Its data storage is still old-fashioned, and it should be improved and upgraded to the latest versions. They have to come up with some new ideas to match what other leaders in the same domain are doing. For example, in Splunk, when you search for information for the last 60 days or five months, it quickly shows the information, but that is not the case with McAfee. The results should be quicker and faster on the console. They should integrate some additional features such as User Behavior Analytics (UBA) and automation. The threat intelligence part should also be improved on McAfee."
"McAfee ESM is not able to cope with the advanced features."
"We would welcome integrations with some of the new McAfee acquisitions, e.g., behavioural analytics."
"The product is mature and needs little improvement, but we could enhance the customized dashboarding based on use cases."
 

Pricing and Cost Advice

"The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten."
"Licenses can only be purchased in blocks of fifty at a time."
"Licensing is on devices, so if you have many, then this may be high."
"The price of SolarWinds Security Event Manager is reasonable."
"The pricing model would benefit from having package deals with other SolarWinds products."
"It is in the appropriate mid-range. It is not as expensive as some of the other solutions. It is also not cheap."
"We do a yearly license renewal. For a year, the solution costs roughly $500,000 USD. There are no costs beyond this yearly fee."
"It is an inexpensive product. We purchase its yearly license."
"The price is good. It's moderate. We follow a pay-as-you-go model. There are different models available, and they can also be monthly. You can choose monthly or yearly. It's very flexible. If our existing customers exceed the current plan, you can just call McAfee and get it extended."
"The licensing cost is based on EPS."
"The pricing is good, and they are competitive compared to providers such as RSA and IBM QRadar."
"The cost is all included. The finance department handles the financial part, and we mostly don't get involved in it."
"The pricing is fair."
"We renew our license annually."
"The cost is dependent on the customer's environment and requirements."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
903,871 professionals have used our research since 2012.
 

Comparison Review

VS
Manager, Enterprise Risk Consulting at a tech company with 1,001-5,000 employees
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Financial Services Firm
14%
Construction Company
13%
Manufacturing Company
11%
Comms Service Provider
7%
Comms Service Provider
14%
Construction Company
13%
Financial Services Firm
9%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business19
Midsize Enterprise3
Large Enterprise7
By reviewers
Company SizeCount
Small Business15
Midsize Enterprise6
Large Enterprise25
 

Questions from the Community

What is your experience regarding pricing and costs for SolarWinds Security Event Manager ?
The tool is available at a good price for customers compared to other solutions in the market. I rate the product's price as an eight out of ten.
What needs improvement with SolarWinds Security Event Manager ?
The log analyzing capability of SolarWinds Security Event Manager should go into more depth than the current environment. More modification and enhancements are required on the dashboard side in or...
What is your primary use case for SolarWinds Security Event Manager ?
I work with all SolarWinds products mostly, including Network Configuration Manager and NPM. I am a reseller. I usually recommend SolarWinds products for Loop1. It's for the bigger ones; we are the...
What is your experience regarding pricing and costs for McAfee ESM?
When discussing Trellix ESM pricing and licensing, if you consider some premium product, the pricing also has to be premium, however, enterprise customers who look for a premium product, alongside ...
What needs improvement with McAfee ESM?
Areas of Trellix ESM that could be improved or enhanced include checking on the clients who are still on-prem, especially banks, as most are not moving everything to the cloud due to confidentialit...
What is your primary use case for McAfee ESM?
My customer's usual use case for Trellix ESM involves one client, as most of the users have moved to ESM. Nowadays, they don't use IPS only, since McAfee IPS is standalone; they incorporate firewal...
 

Also Known As

SolarWinds LEM, Solarwinds SIEM, TriGeo, Log and Event Manager
McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager
 

Overview

 

Sample Customers

NetSuite, EasyStreet, Legacy Texas Bank, and Energy Federal Credit Union, to name a few.
San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport
Find out what your peers are saying about SolarWinds Security Event Manager vs. Trellix ESM and other solutions. Updated: June 2026.
903,871 professionals have used our research since 2012.