Trellix Network Detection and Response vs WatchGuard XTM [EOL] comparison

"Trellix NDR provides an essential defense by automatically responding to network incidents that firewalls may not catch."

"The solution can scale."

"The solution has allowed for growth and improvement in our information security and security operations teams."

"It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."

"The product is very easy to configure."

"The MVX Engine seems to be very capable against threats and the way it handles APTs is impressive."

"After all of our testing was conducted we felt confident that this was the right approach to safeguard the bank from advanced malware, zero-day and targeted attacks."

"Over the thirteen years of using the product, we have not experienced a single compromise in our environment. During the COVID period, we faced numerous DDoS attacks, and the tool proved highly effective in mitigating these threats."

"Setup and configuration is straightforward with excellent management interface."

"This product has helped in securing my SQL database and web applications from DDoS attacks and SQL injections, improved my network speed, and helped me to set specific policies for specific applications which I couldn't do with other products."

"Simply, give this tool a try; it will generate great benefits in terms of the scalability and environment."

"We have used technical support for WatchGuard many times and overall, we are satisfied with it. They are always listening and there is a good reaction time to our findings. When there are issues, they really try to resolve them."

"WatchGuard XTM2050A has enterprise class performance with the cost of an SMB class device."

"It is stable and does not require you to reboot all the time.​"

"WatchGuard XTM is fairly basic. We use it as the perimeter firewall. The main point is to protect from attack software and hacking."

"There is a site-to-site VPN configuration between others people."

"I heard that FireEye recently was hacked, and a lot of things were revealed."

"FireEye’s main feature is its sandboxing or threat emulation capabilities to detect malware with extra add-ons such as signature-based IPS or endpoint protection, but these features are lacking compared to most IPS or endpoint vendors."

"Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier."

"Cluster option is not available in NX, and for false positives we need some customization configuration available, such as a whitelist."

"Stability is fine as long as we don't go deeper into the system. Once we go deeper into the SSM, inspection, and decryption, we get some issues."

"It is not a very secure product."

"There is a lot of room for Improvement in the offering, from cost to functionality. It is pretty straightforward to implement which is an advantage, however, it falls short in pricing, detection capabilities, and, most importantly, reporting and policy management."

"They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."

"WatchGuard doesn't have a product that allows them to get into the data center. And that's just because there is no hardware to do the job."

"Licensing should be improved."

"In my experience they need to make changes in web filtering access for Skype as that's the time we had problems."

"Syslog (Dimension) is focused on presentation, but needs more focus on utility like SonicWall syslog (GMS/Analyzer)."

"Initially WatchGuard assured us regarding endpoint security, but we are not sure that the product provides endpoint security features to its full extent."

"The technical support is very bad. The price is very high, the response time is very long, and technical support does not provide a general solution."

"I feel that paying a yearly maintenance fee for firmware updates is not worth it in my opinion."

"I’m not in favor having to setup security proxy settings instead of just turning them on like you do with the SonicWALL enhanced OS."

"When you purchase FireEye Network Security NX, will need to purchase a megabit per second package. You must know your needs from day one."

"When I compare this solution to its competitors in the market, I find that it is a little expensive."

"Because of what the FireEye product does, it has significantly decreased our mean time in being able to identify and detect malicious threats. The company that I work with is a very mature organization, and we have seen the meantime to analysis decrease by at least tenfold."

"FireEye is comparable to other products, such as HX, but seems expensive. It may cause us to look at other products in the market."

"We're partners with Cisco so we get a reasonable price. It's cheaper than Palo Alto in terms of licensing."

"Its price is a bit high. A small customer cannot buy it. Its licensing is on a yearly basis."

"The pricing is fair, a little expensive, but fair. We've evaluated other products, and they're similarly priced."

"The tool is a bit pricey."

"The licensing and renewal is very expensive."

"Get at least a maintenance contract for the updates and take a larger WatchGuard than you need. A WatchGuard creates new ways to secure your network."

"Like all other manufacturers, there are a lot of features and different pricing. The best is to talk to a representative.​"

"It costs less than the SO works and others (like SonicWall, Cisco, and Barracuda) without increasing so much CPU use."