Try our new research platform with insights from 80,000+ expert users

Trellix Network Detection and Response vs Zabbix comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Trellix Network Detection a...
Average Rating
8.4
Number of Reviews
38
Ranking in other categories
Advanced Threat Protection (ATP) (15th), Network Detection and Response (NDR) (12th)
Zabbix
Average Rating
8.2
Number of Reviews
103
Ranking in other categories
Application Performance Monitoring (APM) and Observability (10th), Network Monitoring Software (1st), Server Monitoring (1st), IT Infrastructure Monitoring (1st), Cloud Monitoring Software (2nd)
 

Mindshare comparison

Trellix Network Detection and Response and Zabbix aren’t in the same category and serve different purposes. Trellix Network Detection and Response is designed for Advanced Threat Protection (ATP) and holds a mindshare of 5.1%, down 6.1% compared to last year.
Zabbix, on the other hand, focuses on Network Monitoring Software, holds 11.1% mindshare, down 12.4% since last year.
Advanced Threat Protection (ATP)
Network Monitoring Software
 

Featured Reviews

BiswabhanuPanda - PeerSpot reviewer
Apr 4, 2024
Offers in-depth investigation capabilities, integrates well and smoothly transitioned from a lower-capacity appliance to a higher one
The in-depth investigation capabilities are a major advantage. When the system flags something as malicious, it provides a packet capture of that activity within the environment. That helps my team quickly identify additional context that most other tools wouldn't offer – like source IP or base64 encoded data. We can also see DNS requests and other details that aren't readily available in solutions like Check Point or others that we've tried. The detection itself is solid, and their sandboxing is powerful. There's a learning curve – you need a strong grasp of OS-level changes, process forking, registry changes, and the potential impact of those. But with that knowledge, the level of information Trellix provides is far greater than what we've seen elsewhere. The real-time response capability of Trellix has been quite effective, although it's not very fast. The key is this solution's concept of 'preference zero.' They don't immediately act on a zero-day. For example, the solution has seen a piece of malware for the first time. It'll let it in, then do sandboxing. Maybe after four or five minutes, it identifies that specific file's DNX Secure Store as malicious. At that point, they update the static analysis engine, and it gets detected if anything else tries to download the same file. There is that initial 'preference zero' concept, like with Panda. You may not hold traffic in the network. That's standard in the industry; we don't do much about it. To address that, we also have endpoint solutions. We use SentinelOne in our environment, which helps us identify threats like Western Bureaus and others.
ASM Naushad Alam - PeerSpot reviewer
Dec 16, 2022
Allows any number of customizations but lacks functionality for finding root causes
Our company is a financial organization and we use the solution to check connectivity, CPU utilization, and hard disk utilization for all of our servers. We monitor networks to learn traffic conditions. We use threshold features to compare servers or routers and find each server's size before it…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The sandbox feature of FireEye Network Security is very good. The operating system itself has many features and it supports our design."
"We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement and that nothing else was infected. It helped us correlate the events and feel confident in our containment."
"The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks."
"The most valuable feature is the network security module."
"Very functional and good for detecting malicious traffic."
"Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities."
"It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us."
"Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams."
"The flexible licensing model is one of the solution's most valuable aspects. It really allows for great flexibility for companies."
"Health and communication links availability."
"Zabbix is good for discovery."
"We detect problems before the customer does and before it actually happens using the predictive functions in Zabbix."
"It has improved our server performance monitoring overall. We know right away when there are problems. It has built-in statistics, so we can go back and see if there's spiking. We can check what's happening every day around the same time and check the configuration to see if there's something that's running and needs to be fixed."
"The most valuable feature is the alert and alarm monitoring."
"The product is very stable."
"SNMP monitoring, source discovery, and alert triggering are most valuable."
 

Cons

"Certain features in Trellix Network Detection and Response, such as using AL-type commands, may initially pose a challenge for those unfamiliar with such commands. However, once users become accustomed to the system, it becomes easier to use."
"The world is currently shifting to AI, but FIreEye is not following suit."
"There is a lot of room for Improvement in the offering, from cost to functionality. It is pretty straightforward to implement which is an advantage. However, it falls short in pricing, detection capabilities, and, most importantly, reporting and policy management."
"Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier."
"We'd like the potential for better scaling."
"Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard."
"The analytics could be better. It seems heavily influenced by the McAfee and FireEye integration, and that integration still isn't seamless."
"It would be great if we could create granular reports based on the protocols, types of attacks, regions of attack, etc. Also we would like to easily be able to add exceptions to rules in cases of false positives."
"When we have a problem, we have to do a lot of research to solve it."
"The user web interface is a little bit too basic, we need to link Zabbix to Grafana to have more options, such as graphs and charts. The interface needs to be improved. Additionally, there could be better integration with Grafana API."
"I would like for this solution to be more cloud-friendly."
"The System Center Operations Manager can be improved."
"Sometimes, the documentation is a little bit written in Estonia – a country in Europe. The language barrier and translation to English can sometimes make it difficult to understand what they're trying to get at. It's just a language thing."
"There are areas of improvement. The database grows really fast. So, when you install Zabbix, you have to deal with some issues, like the database. We become pretty big very fast."
"Having a more customizable interface and dashboard would be an improvement."
"The stability could be better."
 

Pricing and Cost Advice

"The pricing is fair, a little expensive, but fair. We've evaluated other products, and they're similarly priced."
"When I compare this solution to its competitors in the market, I find that it is a little expensive."
"We're partners with Cisco so we get a reasonable price. It's cheaper than Palo Alto in terms of licensing."
"It's an expensive solution."
"Its price is a bit high. A small customer cannot buy it. Its licensing is on a yearly basis."
"FireEye is comparable to other products, such as HX, but seems expensive. It may cause us to look at other products in the market."
"The pricing is a little high."
"Because of what the FireEye product does, it has significantly decreased our mean time in being able to identify and detect malicious threats. The company that I work with is a very mature organization, and we have seen the meantime to analysis decrease by at least tenfold."
"There is a license required for this solution and we pay annually for our license."
"Zabbix is free but if you use it in production then you have to pay for it."
"This is an open-source solution that can be used free of charge."
"Zabbix is an open-source tool, and it's free to use."
"The tool's licensing costs are yearly."
"We pay the subscription for support by year."
"It is reasonable."
"It’s free of cost."
report
Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Comparison Review

it_user174738 - PeerSpot reviewer
May 31, 2015
Nagios vs. Zabbix vs. PRTG vs. Spiceworks vs. Solarwinds Network Performance Monitor
I have researched a quite a few network monitoring tools which can be used for various monitoring purposes of not only the servers, but the intermediate routers as well. There are majorly three types of these softwares. Ones which are completely open-source, you can do almost anything you want…
 

Top Industries

By visitors reading reviews
Financial Services Firm
19%
Comms Service Provider
9%
Manufacturing Company
9%
Computer Software Company
9%
Educational Organization
39%
Computer Software Company
11%
Financial Services Firm
6%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about FireEye Network Security?
We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement an...
What is your experience regarding pricing and costs for FireEye Network Security?
The pricing is fair, a little expensive, but fair. We've evaluated other products, and they're similarly priced. It's a bit on the expensive side, but we don't want to compromise with cheap, less r...
What needs improvement with FireEye Network Security?
The solution's support needs to improve their support.
What do you like most about Zabbix?
The template system in Zabbix is very beneficial as it saves time in configuration.
What needs improvement with Zabbix?
I'm using the free version of Zabbix, and I'd like to see more customization options, especially for setting trigger thresholds.
 

Also Known As

FireEye Network Security, FireEye
No data available
 

Learn More

Video not available
 

Overview

 

Sample Customers

FFRDC, Finansbank, Japan Advanced Institute of Science and Technology, Investis, Kelsey-Seybold Clinic, Bank of Thailand, City of Miramar, Citizens National Bank, D-Wave Systems
1. IBM 2. Dell 3. Cisco 4. HP 5. Oracle 6. Microsoft 7. Amazon 8. Google 9. Facebook 10. Twitter 11. LinkedIn 12. Netflix 13. Adobe 14. VMware 15. Salesforce 16. SAP 17. Intel 18. AT&T 19. Verizon 20. T-Mobile 21. Vodafone 22. Ericsson 23. Nokia 24. Siemens 25. General Electric 26. Honeywell 27. Philips 28. Sony 29. Samsung 30. LG 31. Panasonic 32. Toshiba
Find out what your peers are saying about Microsoft, Palo Alto Networks, Fortinet and others in Advanced Threat Protection (ATP). Updated: October 2024.
814,649 professionals have used our research since 2012.