Trellix Network Detection and Response vs WatchGuard XTM [EOL] comparison

"FireEye has placed us in the position to proactively counter malicious threats; we now don’t have to take a user offline in order to rebuild their PC following an attack."

"I also like its logging method. Its logging is very powerful and useful for forensic purposes. You can see the traffic or a specific activity or how something entered your network and where it went."

"It is stable and quite protective, and it has a lot of features to scan many malicious things and vulnerabilities."

"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."

"Trellix NDR provides an essential defense by automatically responding to network incidents that firewalls may not catch."

"It allows us to be more hands off in checking on emails and networking traffic, as we can set up a bunch of different alerts and have it alert us, giving us a better view of our network and our email environment."

"It is a good product to implement, especially where the existing technology fails to detect zero day attacks."

"It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."

"We compared this solution to Juniper, and we find that WatchGuard is a much better product."

"Security is a requirement for any organization, using WG products you can deploy faster solutions to big problems with a fair price."

"For the current network demand, I think the product is worth buying as it is not too expensive and it has almost all the features that I need."

"After installing the product, we achieved awareness of our data protection needs and email misuse."

"It costs less than the SO works and others (like SonicWall, Cisco, and Barracuda) without increasing so much CPU use."

"The multi-WAN feature allows us to configure multiple external interfaces."

"This product is solid and has a great reputation behind it."

"I have found the GUI interface to be invaluable, as it is very intuitive and easy to manage."

"I would like to see in Trellix Network Detection and Response more explanation about some details of the threat, and I wish it had more actions that you can take to contain the host or move it somewhere else."

"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box."

"FireEye Network Security should have better integration with other vendors' firewalls or proxies, such as Palo Alto and Fortinet. Files that are being submitted should happen through the API or automatically."

"Stability issues manifested in terms of throughput maximization."

"Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official distributor and partner of FireEye, and we have access to complete documentation about how to configure or implement this technology, but for customers, very limited documentation is available openly. This is the area in which FireEye should evolve. All documents should be easily available for everyone."

"I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet."

"It is an expensive solution."

"Certain features in Trellix Network Detection and Response, such as using AL-type commands, may initially pose a challenge for those unfamiliar with such commands. However, once users become accustomed to the system, it becomes easier to use."

"It's a fine product, but some features like the max bandwidth don't work well. Also, the VPN errors are not helpful when troubleshooting."

"Sometimes we have had issues with the stability of the product."

"Licensing should be improved."

"One huge issue with WatchGuard XTM is that I'm not getting reports in a readable format. Readable means, I don't want Excel online. We repeat auditing when we trigger the report or setup calendar. That functionality is what we are looking for from WatchGuard XTM here."

"I feel that paying a yearly maintenance fee for firmware updates is not worth it in my opinion."

"Early models of the XTM2 (e.g. 21, 22, 23) line lacked sufficient memory, and caused a number of issues that required frequent reboots."

"The issue that we had was that the integration with Active Directory was a bit of a hassle."

"I would like them to improve the product's overall protections."

"FireEye is comparable to other products, such as HX, but seems expensive. It may cause us to look at other products in the market."

"There are some additional services that I understand the vendor provides, but our approach was to package all of the features that we were looking to use into the product."

"Its price is a bit high. A small customer cannot buy it. Its licensing is on a yearly basis."

"The tool is a bit pricey."

"We're partners with Cisco so we get a reasonable price. It's cheaper than Palo Alto in terms of licensing."

"The pricing is a little high."

"When I compare this solution to its competitors in the market, I find that it is a little expensive."

"Because of what the FireEye product does, it has significantly decreased our mean time in being able to identify and detect malicious threats. The company that I work with is a very mature organization, and we have seen the meantime to analysis decrease by at least tenfold."

"The licensing and renewal is very expensive."

"Like all other manufacturers, there are a lot of features and different pricing. The best is to talk to a representative.​"

"Get at least a maintenance contract for the updates and take a larger WatchGuard than you need. A WatchGuard creates new ways to secure your network."

"It costs less than the SO works and others (like SonicWall, Cisco, and Barracuda) without increasing so much CPU use."