What is our primary use case?
It's a good fit for organizations that follow strict data regulations and need to keep sensitive data on-premises. In Sri Lanka, for example, financial data cannot be used in the cloud. So, Deep Discovery is a good solution because it's an on-premises device. We can do the sandboxing on-site. This is a strong selling point.
We are distributors. A couple of our customers use this product. There are three customer references in Sri Lanka that use Deep Discovery.
How has it helped my organization?
There are some zero-day attacks that we cannot block with regular firewall rules. We need to execute the file to see whether it is truly an attack or not. Sandboxing helps to identify this by safely executing and analyzing suspicious files in an isolated environment.
Moreover, it has some features that stand out compared to other products. For example, we can get live snapshots and instant reports, and we can submit files manually for free.
It is effective at protecting against various threats.
What is most valuable?
The custom sandboxing capability is well-received by customers, who appreciate its performance and flexibility.
With the custom sandboxing feature, customers can replicate their own environment within the sandbox, allowing for more accurate threat detection and analysis.
So, the sandbox itself is a major factor. Additionally, the reporting is very good, providing detailed analysis in a short amount of time. It takes just a millisecond to analyze the file. It doesn't take much time.
Another thing is the integration capability with other Trend Micro products. We can integrate Deep Discovery with, for example, Trend Micro Vision One to gain insights and visibility into network threats and vulnerabilities.
What needs improvement?
The price range is a little high, which can deter customers from buying the product.
Additionally, cloud sandboxing features are valuable now, and their inclusion would be a significant improvement. These are points of concern that should be addressed with Trend Micro regarding pricing.
For how long have I used the solution?
I have experience with it for about three years now.
What do I think about the stability of the solution?
The product is stable. If you configure the product in the correct way, it runs smoothly without any issues. I can rate it a nine or ten for stability.
What do I think about the scalability of the solution?
I can rate it a ten out of ten for scalability.
How are customer service and support?
The first response time and accountability should be improved.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We worked with Sophos, BluVector Cortex and Kaspersky.
How was the initial setup?
There are no difficulties in the setup process.
The device comes with a preloaded sandbox. We can upload custom sandbox images to the device if needed. The installation is straightforward, documentation is available, and our team is certified as a Deep Discovery Analyzer.
The deployment time depends on the environment. The deployment can take a couple of days or be completed within a day. It depends on the customer providing the necessary resources.
From the beginning, we need redundant power, network configuration, port forwarding, and other requirements. So, it usually takes two to three days to complete the deployment.
Deployment resources: We can do it with two people. It is usually two to three people. My team and I, for example, have three people involved in the deployment.
What was our ROI?
Having a sandbox improves our security posture. Traditional security tools cannot detect all zero-day and sophisticated attacks.
We can't check the monetary value directly, but it can prevent ransomware attacks, spam attacks, and phishing attacks. It helps to avoid enormous losses, which is crucial for any organization.
What's my experience with pricing, setup cost, and licensing?
I would rate the pricing a three out of ten, where one would be very expensive, and ten would be very cheap.
What other advice do I have?
Overall, I would rate it a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: