Trend Micro Deep Discovery [EOL] Reviews

My usual use cases for Trend Micro Deep Discovery are focused on Deep Discovery Email Inspector, which is specifically used for email gateway inspection and filtration. We also have other solutions such as Deep Discovery Inspector and Deep Discovery Analyzer, but the specific name for the solution I use is Deep Discovery Email Inspector, or DDEI for short.

In terms of functionality, it handles email inspection and filtration for spamming emails, phishing emails, and applies security controls on our emails for both outbound and inbound traffic, making it an effective email filtration system.

I find Trend Micro Deep Discovery very easy and simple, and it can be customized in very simple ways.

The most valuable capabilities of Trend Micro Deep Discovery Email Inspector include its ability to perform mail detection and mail filtration against various email attacks such as phishing and spam, serving as an email gateway for both inbound and outbound traffic.

There are areas of Trend Micro Deep Discovery that could be improved, particularly in the context of our deployment. We have multiple components such as Deep Discovery Email Inspector for mail gateways, Deep Discovery Analyzer for sandboxing, and Deep Discovery Inspector, which serves as an IDS detecting malicious network traffic.

I have been working with Trend Micro Deep Discovery for almost three years.

Deep Discovery's threat intelligence is not applied in our environment.

Trend Micro Deep Discovery is stable and reliable.

I identify the stability of this solution through regular testing and health checks that occur daily, weekly, and monthly. We share feedback with our partners and vendors, and from our perspective, it proves to be very stable. Health checks are performed consistently without major issues in our environment. The product updates and security updates are kept current, allowing us seamless integration with Trend Micro and getting daily updates and signatures without problems.

I evaluate the scalability of this solution by considering the hardware appliance and its scalability features. If the appliance supports scalability, Trend Micro support will inform us, and we can implement it without replacing the hardware. If it doesn't support scalability, Trend Micro will recommend an upgraded hardware version, requiring only a simple payment for the new appliance.

My interaction with technical support has been very easy and simple. If I were to rate them from 0 to 10, I would give them a nine or a ten.

Positive

We are a customer of this tool.

I participated in the initial setup of Trend Micro Deep Discovery.

The setup process for Trend Micro Deep Discovery was straightforward; we didn't have any complex communication during the implementation. All issues we faced related to false positives regarding many hashes and URLs specifically for mail gateway and sandboxing, which led us to open a threat ticket with Trend Micro support for validation. Their response time is prompt, allowing us to manage issues as they arise.

Regarding the pricing and licensing of Trend Micro Deep Discovery, I find it very simple. When we need to make a purchase order or renew the license, we contact the partner, and once the license is provided along with Trend Micro support, we activate it in Trend Micro support, which listens to all our products, including Trend Micro Deep Discovery, Deep Discovery Analyzer, and Deep Discovery Inspector.

I do not consider it an expensive tool; its price is justified based on the capabilities that we receive when compared to another mail gateway or other vendors. It is reasonably priced, not very expensive like Proofpoint or other vendors.

I work with Trend Micro Apex One.

I have used the Deep Discovery's Sandbox analysis feature, and we utilize another appliance known as Deep Discovery Analyzer, abbreviated as DDA. This tool makes analysis for URLs and attachments contained in inbound emails, so whenever we receive an email with a URL or attachment, it will be analyzed by Trend Micro Deep Discovery Analyzer.

In evaluating Deep Discovery's real-time visibility on network traffic, it is important to note that we applied our Deep Discovery Analyzer for Trend Micro to conduct sandboxing specifically for email channels only, and we do not utilize it for network channels. For network channel sandboxing, we use a solution called FortiAnalyzer, which belongs to another team called network security.

I assess Deep Discovery's effectiveness in identifying sophisticated attack patterns by looking at how it handles high traffic loads, and how effectively it can use its instances and images to analyze numerous URLs and attachments simultaneously. Additionally, I evaluate its ability to maintain round-robin or load balancing across different analyses without leaving samples queued for analysis. The performance is critical when the product updates for signatures are up-to-date, as this aids in the detection and classification of URLs and attachments without delay in the analysis process.

On a scale of one to ten, I rate Trend Micro Deep Discovery a nine.

Positive

I am working with Microsoft solutions, specializing in cyber security. I work with XDR, Apex One, Apex Central, Deep Security, Deep Discovery Inspector, and Deep Discovery Analyzer for monitoring the network and IDS.

This solution allows us to see anomalies, network traffic in our network, and zero-day threats.

Trend Micro Deep Discovery Inspector integrates effectively with XDR and Trend Micro XDR.

Server Protect is not commonly used.

When considering the Sandbox feature, it only inspects small files, and not all types of files are supported.

The solution is very expensive.

The solution is not scalable as it is an agent product rather than a product designed for scalability.

I have been using this solution for more than 10 years.

The solution has not experienced any stability issues.

The solution is not scalable as it is an agent product rather than a product designed for scalability.

We have not had any notable experiences with customer service.

Neutral

We have not used any previous solutions.

The installation process is straightforward.

We implemented through an integrator.

This solution comprises Trend Micro Deep Discovery Analyzer with Trend Micro Deep Discovery Inspector, serving as IDS and Sandbox.

The solution is very expensive.

Microsoft offers Sandbox in the cloud but not an on-premises product. For SaaS solutions, Microsoft is preferable. For enterprise on-premises solutions, Trend Micro Deep Discovery is the better choice.

The solution's effectiveness depends on how you connect this product to a Firewall or network switch.

The solution has Sandbox integrated, but I use a separate Sandbox product rather than the one integrated with Trend Micro Deep Discovery Analyzer and Inspector.

I rate this solution 10 out of 10.

We usually create new entries and copy traffic to the Discovery appliance for analysis in order to detect low-level attacks, viruses, and hacking attempts. We assess competitive products by deploying the solution to analyze the effectiveness and capabilities.

With Trend Micro Deep Discovery, our enterprise clients can identify forgotten or unmanaged network segments, thereby mitigating unexpected network actions such as outdated antivirus software operations. When under attack, such as with ransomware, it allows us to identify the attack vector and disable it. It also assists in security audits required to prove certain network security measures.

The entire package of the solution is superior. Sandboxing gives us a chance to identify malicious behavior, especially for unknown vulnerabilities, although it's rarely needed as a last resort after all other security measures have failed.

The main issue is its high cost, which makes it difficult to sell. The technical support has declined in quality over the years. It is necessary for highly qualified partners to get better pre-qualified support up to level two, reducing the need to contact Trend Micro directly.

I have been familiar with Trend Micro Deep Discovery for about ten years.

The customer support for Trend Micro used to be great five years ago. However, now it's challenging. We try to offer as much support as possible to minimize the need to contact Trend Micro directly.

Positive

I have worked with McAfee to complement Trend Micro for customers who require it for NATO or European Union compliance. We have been partners with McAfee to provide additional solutions for clients who prefer not to use Trend Micro.

Trend Micro Deep Discovery is expensive compared to regular antivirus solutions, though it is competitively priced compared to similar products with advanced features.

Customers sometimes require solutions like McAfee for certain regulatory compliance requirements.

I'd rate the solution nine out of ten.

It's a good fit for organizations that follow strict data regulations and need to keep sensitive data on-premises. In Sri Lanka, for example, financial data cannot be used in the cloud. So, Deep Discovery is a good solution because it's an on-premises device. We can do the sandboxing on-site. This is a strong selling point.

We are distributors. A couple of our customers use this product. There are three customer references in Sri Lanka that use Deep Discovery.

There are some zero-day attacks that we cannot block with regular firewall rules. We need to execute the file to see whether it is truly an attack or not. Sandboxing helps to identify this by safely executing and analyzing suspicious files in an isolated environment.

Moreover, it has some features that stand out compared to other products. For example, we can get live snapshots and instant reports, and we can submit files manually for free.

It is effective at protecting against various threats.  

The custom sandboxing capability is well-received by customers, who appreciate its performance and flexibility.

With the custom sandboxing feature, customers can replicate their own environment within the sandbox, allowing for more accurate threat detection and analysis.

So, the sandbox itself is a major factor. Additionally, the reporting is very good, providing detailed analysis in a short amount of time. It takes just a millisecond to analyze the file. It doesn't take much time. 

Another thing is the integration capability with other Trend Micro products. We can integrate Deep Discovery with, for example, Trend Micro Vision One to gain insights and visibility into network threats and vulnerabilities.

The price range is a little high, which can deter customers from buying the product. 

Additionally, cloud sandboxing features are valuable now, and their inclusion would be a significant improvement. These are points of concern that should be addressed with Trend Micro regarding pricing.

I have experience with it for about three years now.

The product is stable. If you configure the product in the correct way, it runs smoothly without any issues. I can rate it a nine or ten for stability.

I can rate it a ten out of ten for scalability.

The first response time and accountability should be improved.

Neutral

We worked with Sophos, BluVector Cortex and Kaspersky.

There are no difficulties in the setup process. 

The device comes with a preloaded sandbox. We can upload custom sandbox images to the device if needed. The installation is straightforward, documentation is available, and our team is certified as a Deep Discovery Analyzer.

The deployment time depends on the environment. The deployment can take a couple of days or be completed within a day. It depends on the customer providing the necessary resources. 

From the beginning, we need redundant power, network configuration, port forwarding, and other requirements. So, it usually takes two to three days to complete the deployment.

Deployment resources: We can do it with two people. It is usually two to three people. My team and I, for example, have three people involved in the deployment.

Having a sandbox improves our security posture. Traditional security tools cannot detect all zero-day and sophisticated attacks.  

We can't check the monetary value directly, but it can prevent ransomware attacks, spam attacks, and phishing attacks. It helps to avoid enormous losses, which is crucial for any organization.

I would rate the pricing a three out of ten, where one would be very expensive, and ten would be very cheap.

Overall, I would rate it a nine out of ten.

As a security product, managing threats is crucial for my clients. 

According to feedback from my client base, Trend Micro has good threat detection capabilities and offers flexibility for hosting options. It also includes features like an advanced scan engine – those are definitely strong benefits. Additionally, its virtual analysis feature is quite useful.

Sometimes, our customers face challenges like console management and report generation. Also, some of their end users may not be technically proficient, so they occasionally face problems due to a lack of knowledge. 

Beyond these issues, we've had positive experiences with Apex One, Deep Discovery, and even Vision One. 

I have been familiar with this tool for about five months. 

My clients are mostly government and large enterprise organizations.

We also have some SMB and SME clients among our enterprises, so it depends on the specific business.

The customer service and support are good. Trend Micro team provides good support to us. 

The setup's complexity depends on the project's scale, specifically the number of endpoints to be implemented. 

Our team sizes and the client's requirements, such as the number of endpoints and servers, determine the deployment timeframe. We'd create a project plan and timeline accordingly. It could take anywhere from one to two months, or potentially less.

My team and I are very experienced in implementing Trend Micro products and find them to be quite good. 

The pricing is okay for some, and sometimes, some people find it expensive. 

It can definitely be more expensive than Sophos. 

However, it is not very expensive. OEMs also include support charges. 

 Overall, I would rate the solution a ten out of ten. 

I use the solution in my company, but there is nothing to work on the tool. In our company, we just installed Trend Micro Deep Discovery on our servers, and that is it, after which we forgot about it.

The slow nature of the product and the tool's detection area is of concern, as there are a lot of configurations that should be configured by default when you install it at your endpoint. Ultimately, my company had to seek help from an official from Trend Micro to resolve the issue, but unfortunately, the problem couldn't be resolved.

In the future, the product should include some DLP features. There is a device block feature in it, but it is only for a single device, like a USB. With Trend Micro Deep Discovery in place, there shouldn't be any need to buy another DLP solution and install another agent on the endpoint, as it should be consolidated in one agent.

The product's scalability feature needs to be improved, as it is an area in the product with certain shortcomings.

I have been using Trend Micro Deep Discovery for a year.

It is a stable solution. Stability-wise, I rate the solution a seven out of ten.

Scalability-wise, I rate the solution a six to seven out of ten.

The tool was used in a financial organization with 65 exchange branches, including the money exchange branch and the property branch. It was a group of finance-oriented companies where I was working earlier, which had multiple business entities. Even in my current organization, we use Trend Micro Deep Discovery, but we are not happy with it, to be honest.

In my previous company, around 40 or 50 people out of the 1,000 employees used to use the tool. I don't know about the current number of uses of the solution since my company's setup is in Australia, and we have outsourced the service to a third party.

I have experience with Kaspersky, which is a good solution.

I rate the product's initial setup phase an eight or nine on a scale of one to ten, where one is a difficult setup phase, and ten is an easy setup phase. The product's initial setup phase was not difficult.

The solution is deployed on an on-premises model.

Compared to its competitors, Trend Micro Deep Discovery is a little expensive.

There are no costs attached to the solutions apart from the licensing charges.

If we discuss endpoint protection for servers, there are many features that many endpoint solutions, like Kaspersky, Sophos, or Bitdefender, offer for servers.

I would suggest that those who plan to buy the solution in the future do some research and compare the products available in the market before choosing the best solution for their organization.

I rate the overall tool a six to seven out of ten.

Positive

Our primary use case for Deep Discovery revolves around its ability to manage Windows updates and maintain security without necessitating frequent reboots of our servers. One of the standout features we leverage is virtual patching, which significantly minimizes downtime by eliminating the need for immediate updates and reboots.

The solution has substantially improved our organization by providing robust security measures accepted by various audit teams, including those from the IT and financial sectors. Previously, we faced observations related to outdated Windows servers during audits. However, these concerns have been alleviated with Deep Discovery's virtual patching, as the servers are deemed secure without needing constant updates.

They could improve the product's ability to control normal traffic and prevent attacks like SQL injection and cross-site scripting. Additionally, better scanning capabilities for third-party applications would ensure comprehensive security without the need for exclusions. This would enhance overall protection by allowing us to scan and manage third-party applications more effectively.

We have been using Trend Micro Deep Discovery for almost six months now.

The product is stable and reliable. We haven't encountered any significant bugs or issues related to stability.

The solution is scalable. We have managed to cover a significant portion of our protection servers and plan to expand further. We have implemented perpetual protection server licenses, adding more access points per our budgetary constraints. This year, we plan to increase the number of licenses to accommodate our expanding needs.

Although we have yet to contact customer support frequently, our local vendor has been very supportive. We also find the online documentation and community forums valuable for troubleshooting and solutions.

The initial setup was straightforward. Having used Trend Micro products for three years, we were familiar with the dashboard and the setup process. We initially tested the solution in a non-production environment to understand its impact and later deployed it in production without significant challenges.

Overall, Trend Micro Deep Discovery has proven to be a reliable solution that enhances our security posture while minimizing operational disruptions. Regular updates and improvements can further solidify its effectiveness in various IT environments.

The endpoint detection capabilities are particularly effective, especially in identifying malware and antivirus threats. Integration with our existing systems was straightforward, requiring minimal effort beyond configuring IP addresses.

I rate it an eight out of ten. There is always room for improvement in any product or service. Given the current market conditions, with new technologies and emerging threats, it's essential to implement updates and enhancements continuously. It ensures that the product remains effective against new challenges. Despite its robust features and reliable support, no solution is perfect, and that's why there is always potential for further improvement. This ongoing need for innovation and adaptation is why I rated it an 8, reserving the remaining points for future enhancements.

The solution is used for server protection. 

It is basically a combination of antivirus, intrusion prevention, host-based firewalls, and a lot of other features. There is no downtime or server vulnerability with this solution.

In addition, we can patch the operating system OEM. We can also reboot the server and evaluate scheduled downtime for the same, which is very valuable.

The solution needs improvement in terms of pricing. Its Duo Desk Hyperion system is also weak. 

I have been working with Trend Micro Deep Discovery for six years. 

It is a stable solution. I rate the stability an eight out of ten. 

It is a scalable solution. I rate the scalability a ten out of ten. Twenty customers are using the solution in the SMB environment. 

You will need a team of engineers who know the ins and outs of the solution or a solution similar to Deep Discovery.

It is not a plug-and-play solution. A lot of fine-tuning is required when doing the installation. We faced a lot of problems when installing the solution's data centers. A lot of the servers and applications stopped working. We then needed to do a lot of fine-tuning and understand why the solution was not properly working. When the application does not work properly, the security is down. 

We do the maintenance for our customers and five to six people are required. We have a team of engineers who maintain and remotely manage the solution for our customers.

Overall, I would rate Trend Micro Deep Discovery an eight out of ten.