We implemented this solution for our customers. The primary use case is for Advanced Persistent Threat detection at a network level.
Senior Director of IT with 501-1,000 employees
POV discovered a number of previously undetected threats enabling system administrators to take action and make the system even more secure.
At the core of the bank’s ability to meet our mandate is a substantial IT infrastructure that not only needs to run optimally, but must be protected. We have long embraced best practices when it came to cybersecurity, but recognized that advanced threats evolve over time and need to be well handled.
We selected FireEye for a POV conducted over a period of three months. The POV soon discovered a number of previously undetected threats enabling system administrators to take action and make the system even more secure. As a result of the findings, we implemented FireEye to strengthen our IT infrastructure. The POV was up and running in less than a day and used actual traffic analysis to investigate what was occurring in our IT environment.
This solution consists of FireEye Network Threat Prevention platform and FireEye Email Threat Prevention platform in operation alongside FireEye Central Management to coordinate intelligence gathering from the Web and email appliances in addition to the intelligence gathered by the FireEye Threat Intelligence. The POC quickly revealed areas for improvement and potential threats that the traditional defenses had utterly missed.
The FireEye team remained in close contact with our key personnel throughout the process. FireEye proved very supportive both of the technical and business aspects of the POV and ultimately our implementation of their technology both in terms of cost and underscoring the difference between traditional defenses and the next-generation defense system. We are continually strengthening our IT infrastructure together with reinforcing policy and process on IT Security to achieve the highest productivity and lowest risks.
Disclosure: PeerSpot has made contact with the reviewer to validate that the person is a real user. The information in the posting is based upon a vendor-supplied case study, but the reviewer has confirmed the content's accuracy.
System Engineer at a tech services company with 1,001-5,000 employees
Protects the users' browser by finding zero-day threats and malware
Pros and Cons
- "Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser."
- "The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
What is our primary use case?
How has it helped my organization?
Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser.
What needs improvement?
The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it, like what type of Windows and what type of applications they use, and they have zero control over this. I would like to see more customization of the VMs.
For how long have I used the solution?
Still implementing.
What do I think about the stability of the solution?
Their stability is good.
What do I think about the scalability of the solution?
In terms of scalability, we haven't deployed them on a larger scale. We have only deployed on two appliances. It requires two or three people to administer the device. Usually, those are cybersecurity engineers or network admins.
How are customer service and technical support?
Their technical support is very good and responsive.
How was the initial setup?
FireEye is easy to use and the setup is easy. The deployment could be finished in two hours. Three to four staff are required for the deployment.
What's my experience with pricing, setup cost, and licensing?
The pricing is a little high.
What other advice do I have?
I would rate it a 7.5 out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Buyer's Guide
Trellix Network Detection and Response
October 2024
Learn what your peers think about Trellix Network Detection and Response. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
816,406 professionals have used our research since 2012.
NetworkEngineer informaton security at a tech services company with 51-200 employees
It helps to detect and prevent zero day attacks.
What is most valuable?
- Call back
- Zero day attack
How has it helped my organization?
We have discovered different malware which was basically a zero day attack and call back.
What needs improvement?
Cluster option is not available in NX, and for false positives we need some customization configuration available, such as a whitelist.
For how long have I used the solution?
I've used it for one year.
What was my experience with deployment of the solution?
No issues encounter.
What do I think about the stability of the solution?
No issues encounter.
What do I think about the scalability of the solution?
No issues encounter.
How are customer service and technical support?
Customer Service:
It's very good.
Technical Support:It's very good.
Which solution did I use previously and why did I switch?
Different IPS and end point products were used. FireEye has a different concept for the handling of ATP and malware with a virtual machine which resides in their box.
How was the initial setup?
It was simple and straightforward.
What about the implementation team?
We have implemented it ourselves on customer premises.
What other advice do I have?
It is a good product to implement, especially where the existing technology fails to detect zero day attacks.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Security Consultant at a tech services company with 51-200 employees
Improves defense against zero-day threats and network security, but management of the appliance could be greatly improved
Pros and Cons
- "Improved our systems and our customers' by providing better malware protection, defense against zero-day threats, and improved network security."
- "The MVX Engine seems to be very capable against threats and the way it handles APTs is impressive."
- "Management of the appliance could be greatly improved."
What is our primary use case?
Implementing at customer sites. Conducting pre-sales and PoC demos for customers and providing technical support to customers on behalf of FireEye.
How has it helped my organization?
Improved our systems and our customers' by providing better malware protection, defense against zero-day threats, and improved network security.
What is most valuable?
The MVX Engine seems to be very capable against threats and the way it handles APTs is impressive. It has helped FireEye be the first ones to announce zero-days on many occasions.
What needs improvement?
Management of the appliance could be greatly improved.
They should take a leaf out of the book of Symantec's (Formerly Blue Coat) MAA appliances. The management is super-easy, most features are available through the GUI, and the administrator has an easy to navigate interface that helps in faster threat analysis.
For how long have I used the solution?
One to three years.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner of FireEye selling their products to customers.
Technical lead at a tech services company with 51-200 employees
Enables us to take appropriate action to prevent any damage from happening
Pros and Cons
- "Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening."
- "It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning."
What is our primary use case?
We use FireEye to prevent cyber attacks.
How has it helped my organization?
Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening.
What needs improvement?
It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning.
What do I think about the stability of the solution?
FireEye is quite stable.
Which solution did I use previously and why did I switch?
We are currently also using Symantec.
How was the initial setup?
The initial setup was straightforward, not complex. The deployment didn't take too much time. It took around fifteen to twenty days. It took one person to deploy it and we have three administrators using this solution.
What about the implementation team?
We used a third-party to help us with the deployment. We had a good experience with them.
What was our ROI?
I have seen return of investment in the way that it prevents breaches and attacks.
What other advice do I have?
I would rate this solution an eight out of ten. I would recommend implementing FireEye, it's a great tool.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
CPM at a comms service provider with 1,001-5,000 employees
Relatively easy to monitor, but a better dashboard would improve monitoring further
Pros and Cons
- "The most valuable feature is the view into the application."
- "A better depth of view, being able to see deeper into the management process, is what I'd like to see."
What is our primary use case?
This solution is our firewall protection.
What is most valuable?
The most valuable feature is the view into the application.
What needs improvement?
I would like to see a smoother dashboard so I could monitor it better. A better depth of view, being able to see deeper into the management process, is what I'd like to see.
What other advice do I have?
I would rate this solution at seven out of ten. It works and it's relatively easy to monitor.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Buyer's Guide
Download our free Trellix Network Detection and Response Report and get advice and tips from experienced pros
sharing their opinions.
Updated: October 2024
Popular Comparisons
Microsoft Defender for Office 365
Palo Alto Networks WildFire
Microsoft Defender for Identity
Palo Alto Networks VM-Series
Trend Micro Deep Discovery
Fortinet FortiSandbox
Check Point SandBlast Network
Symantec Advanced Threat Protection
Trellix Advanced Threat Defense
SonicWall Capture Advanced Threat Protection
Ixia ThreatARMOR
Buyer's Guide
Download our free Trellix Network Detection and Response Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- How much do independent test results affect your security purchases?
- Holding Security Vendors Accountable
- What can businesses do to improve their security posture?
- When evaluating Advanced Threat Protection, what aspect do you think is the most important to look for?
- What is your recommended cost-effective solution to detect and prevent APT attacks?
- Compromise Assessment vs Threat Hunting
- What are the main evaluation criteria for you when choosing the right vendor for brand protection services?
- Why is ATP (Advanced Threat Protection) important for companies?