Trellix Network Detection and Response Reviews, Competitors and Pricing

Expert Penetration Tester at a financial services firm with 1,001-5,000 employees

Apr 12, 2015

Compatibility with legacy components alleviates the need for additional investments in hardware, software, and training.

Our infrastructure contains an extensive amount of hardware, applications, networks, and online banking systems; each with their own characteristics and potential vulnerabilities. With an environment of this complexity it is imperative to deploy best-in-class security measures. However, with the escalating sophistication of multi-domain attacks it became very evident that traditional security technologies were becoming increasingly inadequate and easily bypassed.

We spoke with a number of security product providers and industry experts, and we began seeing a pattern of recommendations emerging from many sources for the FireEye suite of solutions. We contacted the company and collaborated to identify exactly what we needed to deploy to supplement our existing defenses.

We implemented the FireEye Network Threat Prevention Platform to guard against zero-day Web exploits and multi-protocol callbacks. The most critical success factor for us was the threat detection performance of the solution: After all of our testing was conducted we felt confident that this was the right approach to safeguard the bank from advanced malware, zero-day and targeted attacks. We especially liked the protection against blended attacks that had already evaded multiple layers of legacy security controls.

Another key benefit was the FireEye platform’s ease of integration with our existing security information event management system. Compatibility with legacy components, such as the SIEM system, alleviates the need for additional investments in hardware, software, and training.

In addition to penetration testing, part of my role involves the analysis of malware that specifically targets Internet banking customers. The appliance’s use of the FireEye Multi-Vector Execution engine and the ability to archive suspected malware for later scrutiny have both been major pluses for this aspect of my job. We are continually investigating new security solutions; the FireEye technology has always been extremely compelling to us, and it has been very validating to see the company back this up with its continuously evolving expertise and innovation. The ever-expanding threatscape makes it a constant challenge to keep our environment protected, but FireEye continues to deliver.

Disclosure: PeerSpot has made contact with the reviewer to validate that the person is a real user. The information in the posting is based upon a vendor-supplied case study, but the reviewer has confirmed the content's accuracy.

it_user221835

Senior Director of IT with 501-1,000 employees

Apr 12, 2015

POV discovered a number of previously undetected threats enabling system administrators to take action and make the system even more secure.

At the core of the bank’s ability to meet our mandate is a substantial IT infrastructure that not only needs to run optimally, but must be protected. We have long embraced best practices when it came to cybersecurity, but recognized that advanced threats evolve over time and need to be well handled.

We selected FireEye for a POV conducted over a period of three months. The POV soon discovered a number of previously undetected threats enabling system administrators to take action and make the system even more secure. As a result of the findings, we implemented FireEye to strengthen our IT infrastructure. The POV was up and running in less than a day and used actual traffic analysis to investigate what was occurring in our IT environment.

This solution consists of FireEye Network Threat Prevention platform and FireEye Email Threat Prevention platform in operation alongside FireEye Central Management to coordinate intelligence gathering from the Web and email appliances in addition to the intelligence gathered by the FireEye Threat Intelligence. The POC quickly revealed areas for improvement and potential threats that the traditional defenses had utterly missed.

The FireEye team remained in close contact with our key personnel throughout the process. FireEye proved very supportive both of the technical and business aspects of the POV and ultimately our implementation of their technology both in terms of cost and underscoring the difference between traditional defenses and the next-generation defense system. We are continually strengthening our IT infrastructure together with reinforcing policy and process on IT Security to achieve the highest productivity and lowest risks.

Buyer's Guide

Trellix Network Detection and Response

December 2024

Free Report: Trellix Network Detection and Response Reviews and More

Learn what your peers think about Trellix Network Detection and Response. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.

DOWNLOAD NOW

831,265 professionals have used our research since 2012.

it_user792615

Security Consultant at a tech services company with 51-200 employees

Jan 16, 2018

Download

Improves defense against zero-day threats and network security, but management of the appliance could be greatly improved

Pros and Cons

"Improved our systems and our customers' by providing better malware protection, defense against zero-day threats, and improved network security."
"The MVX Engine seems to be very capable against threats and the way it handles APTs is impressive."

"Management of the appliance could be greatly improved."

What is our primary use case?

Implementing at customer sites. Conducting pre-sales and PoC demos for customers and providing technical support to customers on behalf of FireEye.

How has it helped my organization?

Improved our systems and our customers' by providing better malware protection, defense against zero-day threats, and improved network security.

What is most valuable?

The MVX Engine seems to be very capable against threats and the way it handles APTs is impressive. It has helped FireEye be the first ones to announce zero-days on many occasions.

What needs improvement?

Management of the appliance could be greatly improved.

They should take a leaf out of the book of Symantec's (Formerly Blue Coat) MAA appliances. The management is super-easy, most features are available through the GUI, and the administrator has an easy to navigate interface that helps in faster threat analysis.

For how long have I used the solution?

One to three years.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner of FireEye selling their products to customers.

it_user298434

NetworkEngineer informaton security at a tech services company with 51-200 employees

Aug 27, 2015

Download

It helps to detect and prevent zero day attacks.

What is most valuable?

Call back
Zero day attack

How has it helped my organization?

We have discovered different malware which was basically a zero day attack and call back.

What needs improvement?

Cluster option is not available in NX, and for false positives we need some customization configuration available, such as a whitelist.

For how long have I used the solution?

I've used it for one year.

What was my experience with deployment of the solution?

No issues encounter.

What do I think about the stability of the solution?

No issues encounter.

What do I think about the scalability of the solution?

No issues encounter.

How are customer service and technical support?

Customer Service:

It's very good.

Technical Support:

It's very good.

Which solution did I use previously and why did I switch?

Different IPS and end point products were used. FireEye has a different concept for the handling of ATP and malware with a virtual machine which resides in their box.

How was the initial setup?

It was simple and straightforward.

What about the implementation team?

We have implemented it ourselves on customer premises.

What other advice do I have?

It is a good product to implement, especially where the existing technology fails to detect zero day attacks.

Disclosure: I am a real user, and this review is based on my own experience and opinions.

Sandip Arote

Technical lead at a tech services company with 51-200 employees

Mar 17, 2019

Download

Enables us to take appropriate action to prevent any damage from happening

Pros and Cons

"Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening."

"It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning."

What is our primary use case?

We use FireEye to prevent cyber attacks.

How has it helped my organization?

Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening.

What needs improvement?

It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning.

What do I think about the stability of the solution?

FireEye is quite stable.

Which solution did I use previously and why did I switch?

We are currently also using Symantec.

How was the initial setup?

The initial setup was straightforward, not complex. The deployment didn't take too much time. It took around fifteen to twenty days. It took one person to deploy it and we have three administrators using this solution.

What about the implementation team?

We used a third-party to help us with the deployment. We had a good experience with them.

What was our ROI?

I have seen return of investment in the way that it prevents breaches and attacks.

What other advice do I have?

I would rate this solution an eight out of ten. I would recommend implementing FireEye, it's a great tool.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.

Cpmef44

CPM at a comms service provider with 1,001-5,000 employees

Mar 28, 2019

Download

Relatively easy to monitor, but a better dashboard would improve monitoring further

Pros and Cons

"The most valuable feature is the view into the application."

"A better depth of view, being able to see deeper into the management process, is what I'd like to see."

What is our primary use case?

This solution is our firewall protection.

What is most valuable?

The most valuable feature is the view into the application.

What needs improvement?

I would like to see a smoother dashboard so I could monitor it better. A better depth of view, being able to see deeper into the management process, is what I'd like to see.

What other advice do I have?

I would rate this solution at seven out of ten. It works and it's relatively easy to monitor.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.