Try our new research platform with insights from 80,000+ expert users
Trellix Network Detection and Response Logo

Trellix Network Detection and Response pros and cons

Vendor: Trellix
4.2 out of 5
2,665 followers
Post review

Pros & Cons summary

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Trellix Network Detection and Response enhances organizational security by providing superior malware protection and defense against zero-day threats.
It offers valuable features such as MVX Engine and sandboxing technology for comprehensive threat detection and prevention.
The integration with tools like Splunk improves visibility into security threats and enhances incident response capabilities.
Trellix Network Detection and Response supports high scalability and performance without causing latency issues in high bandwidth networks.
It contributes to cost efficiency by being easy to use and integrate, which saves time and resources.

CONS

There are significant concerns about pricing, as it is considered very expensive, with a need for a more competitive cost structure.
Improvements in reporting and policy management are required, with a call for the ability to create more granular reports and manage exceptions more efficiently.
The current integration capabilities with other firewall solutions and platforms are lacking, prompting a desire for enhanced compatibility with external systems like Fortinet and Palo Alto.
The solution does not leverage advanced machine learning or cloud capabilities effectively, resulting in noticeable gaps in threat detection and intelligence reporting.
Concerns about documentation availability and technical support have been raised, with suggestions for more accessible and comprehensive resources to assist users in configuration and troubleshooting.
 

Trellix Network Detection and Response Pros review quotes

BiswabhanuPanda - PeerSpot reviewer
Apr 4, 2024
We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement and that nothing else was infected. It helped us correlate the events and feel confident in our containment.
CEO8280 - PeerSpot reviewer
Mar 11, 2019
The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks.
CS
May 18, 2021
It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye.
Learn what your peers think about Trellix Network Detection and Response. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,121 professionals have used our research since 2012.
AmgadYousry - PeerSpot reviewer
Aug 23, 2022
The solution can scale.
AE
Feb 21, 2019
Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities.
reviewer1420032 - PeerSpot reviewer
Dec 24, 2020
It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities.
reviewer2392089 - PeerSpot reviewer
Apr 26, 2024
The most valuable feature of the solution stems from how it allows users to do the investigation part. Another important part of the product that is valuable is associated with how it gives information to users in the form of a storyline.
SH
Jun 4, 2019
If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution.
it_user886083 - PeerSpot reviewer
May 27, 2019
The product has helped improve our organization by being easy to use and integrate. This saves time, trouble and money.
Hamada Elewa - PeerSpot reviewer
Feb 16, 2022
The sandbox feature of FireEye Network Security is very good. The operating system itself has many features and it supports our design.
 

Trellix Network Detection and Response Cons review quotes

BiswabhanuPanda - PeerSpot reviewer
Apr 4, 2024
The analytics could be better. It seems heavily influenced by the McAfee and FireEye integration, and that integration still isn't seamless.
CEO8280 - PeerSpot reviewer
Mar 11, 2019
The initial setup was complex because of the nature of our environment. When it comes to the type of applications and functions which we were looking at in terms of identifying malicious threats, there would be some level of complexity, if we were doing it right.
CS
May 18, 2021
Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official distributor and partner of FireEye, and we have access to complete documentation about how to configure or implement this technology, but for customers, very limited documentation is available openly. This is the area in which FireEye should evolve. All documents should be easily available for everyone.
Learn what your peers think about Trellix Network Detection and Response. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,121 professionals have used our research since 2012.
AmgadYousry - PeerSpot reviewer
Aug 23, 2022
It is an expensive solution.
AE
Feb 21, 2019
Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier.
reviewer1420032 - PeerSpot reviewer
Dec 24, 2020
I heard that FireEye recently was hacked, and a lot of things were revealed. We would like FireEye to be more secure as an organization. FireEye has to be more protective because it is one of the most critical devices that we are using in our environment. They have a concept called SSL decryption, but that is only the packet address. We would like FireEye to also do a lot of decryption inside the packet. Currently, FireEye only does encryption and decryption of the header, but we would like them to do encryption and decryption of the entire packet.
reviewer2392089 - PeerSpot reviewer
Apr 26, 2024
If you want to search the hashes in the environment, you need to put in IOCs one by one, making it a very hectic job.
SH
Jun 4, 2019
It would be a good idea if we could get an option to block based upon the content of an email, or the content of a file attachment.
it_user886083 - PeerSpot reviewer
May 27, 2019
As far as future inclusions, it would be useful to display more threat intelligence, such as the actual area of the threat and the origin of the web crawling (Tor and Dark Web).
Hamada Elewa - PeerSpot reviewer
Feb 16, 2022
FireEye Network Security should have better integration with other vendors' firewalls or proxies, such as Palo Alto and Fortinet. Files that are being submitted should happen through the API or automatically.