Trellix Network Detection and Response vs WatchGuard XTM [EOL] comparison

"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."

"Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams."

"Trellix Network Detection and Response is a great tool that integrates with a lot of security tools such as Palo Alto, which is a good firewall, and if you have these types of tools, your organization would benefit greatly."

"The installation phase was easy."

"The features that I find most valuable are the MIR (Mandiant Incident Response) for checks on our inbound security."

"Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening."

"The most valuable feature is MVX, which tests all of the files that have been received in an email."

"The MVX Engine seems to be very capable against threats and the way it handles APTs is impressive."

"There is a site-to-site VPN configuration between others people."

"We have used technical support for WatchGuard many times and overall, we are satisfied with it. They are always listening and there is a good reaction time to our findings. When there are issues, they really try to resolve them."

"​Monitoring of network activity is included in the box.​"

"SNMP status monitoring and the Central Management Software."

"WatchGuard XTM is fairly basic. We use it as the perimeter firewall. The main point is to protect from attack software and hacking."

"It configures in all-in-one place.​"

"It is stable and does not require you to reboot all the time.​"

"Reputation Enabled Defense indicates that some websites are so infested that it's not even worth visiting them, and therefore saving the bandwidth of going through the detection process."

"Certain features in Trellix Network Detection and Response, such as using AL-type commands, may initially pose a challenge for those unfamiliar with such commands. However, once users become accustomed to the system, it becomes easier to use."

"If you want to search the hashes in the environment, you need to put in IOCs one by one, making it a very hectic job."

"FireEye Network Security should have better integration with other vendors' firewalls or proxies, such as Palo Alto and Fortinet. Files that are being submitted should happen through the API or automatically."

"Technical support could be improved."

"It would be great if we could create granular reports based on the protocols, types of attacks, regions of attack, etc. Also we would like to easily be able to add exceptions to rules in cases of false positives."

"Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard."

"It is very expensive, the price could be better."

"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."

"The VPN errors are not helpful when troubleshooting."

"One huge issue with WatchGuard XTM is that I'm not getting reports in a readable format. Readable means, I don't want Excel online. We repeat auditing when we trigger the report or setup calendar. That functionality is what we are looking for from WatchGuard XTM here."

"The setting policies need improvement. It needs an easier way to do static NAT and check on what policy is being used for that specific traffic."

"Syslog (Dimension) is focused on presentation, but needs more focus on utility like SonicWall syslog (GMS/Analyzer)."

"The initial setup is neither simple nor complex. If you know the base in networking and how the firewall works, you will be able to figure it out.​"

"Sometimes we have had issues with stability of the product."

"I would like them to improve the product's overall protections. This would be good for all product users."

"WatchGuard doesn't have a product that allows them to get into the data center. And that's just because there is no hardware to do the job. The software could do it, but there's no hardware that allows that to happen at the moment. So it doesn't scale as well as some other products, that's for sure."

"When you purchase FireEye Network Security NX, will need to purchase a megabit per second package. You must know your needs from day one."

"Pricing and licensing are reasonable compared to competitors."

"The pricing is fair, a little expensive, but fair. We've evaluated other products, and they're similarly priced."

"The user fee is not as high but the maintenance fee is expensive."

"When I compare this solution to its competitors in the market, I find that it is a little expensive."

"The pricing is a little high."

"Its price is a bit high. A small customer cannot buy it. Its licensing is on a yearly basis."

"There are some additional services that I understand the vendor provides, but our approach was to package all of the features that we were looking to use into the product."

"Like all other manufacturers, there are a lot of features and different pricing. The best is to talk to a representative.​"

"The licensing and renewal is very expensive."

"It costs less than the SO works and others (like SonicWall, Cisco, and Barracuda) without increasing so much CPU use."

"Get at least a maintenance contract for the updates and take a larger WatchGuard than you need. A WatchGuard creates new ways to secure your network."