Trend Micro Deep Discovery Reviews

We use Trend Micro Deep Discovery to identify ransomware attacks.

The most valuable feature of Trend Micro Deep Discovery is its complete end-to-end visibility of threats.

Trend Micro Deep Discovery's technical support could be improved, and it could be made more active.

I have been using Trend Micro Deep Discovery for four to five months.

Trend Micro Deep Discovery's initial setup is easy.

Trend Micro Deep Discovery's interface and threat mechanism are very proactive.

Overall, I rate Trend Micro Deep Discovery a nine out of ten.

Normally we use the solution to send the traffic. We get traffic on it and once I get the traffic, I get the SPN diagnosis and all the network services diagnostics and whatever else that I run in the office file server. It scans through that. For example, when we download some files, in our portal we are uploading some of the activity documents, as well as Excel and Word documents, etc. They get scanned through and we have DDI Rules that are enabled for the file management. 

Basically, any uploading, downloading, etc. of items from our website server get scanned and analyzed. 

The HTML file sandboxing is very good.

Their technical support is very good and extremely responsive.

The solution, overall, offers very good features.

The licensing costs could be improved and simplified.

If they could integrate the solution with the endpoint agent, that would be ideal. I understand that's not possible currently.

Since this is a technical device, it would be great if they could just allow us to integrate it with some of the existing VMs or our existing devices. These are all central devices. If they can offer the solution on VM boxes, like virtual systems, that would be great. That way, our hardware costs, electricity costs, and database space costs and all can be lowered.

Currently, a solution called Apex One is on the market and it has features that allow for more integrated security. They should try to emulate this a bit more. It has better bundles.

The stability of the solution could be improved. It should be 100% stable, but it's not there right now.

I've been using the solution for more than one and a half years.

Sometimes there needs to be a stability test done. We did tests and checked up to around 20 or 25 samples. Out of those tests, two missed. There were two things that the solution didn't detect but were later detected on the endpoint. It's therefore not completely stable. It misses things.

The scalability of the solution is okay. It's fast.

All of our users are currently on the solution.

The technical support is good. They're immediately in contact with us the moment we reach out to them. That's never been a problem. We've been quite satisfied with the level of service they've provided.

We previously used McAfee.

The solution doesn't have a very common setup. The initial implementation is a bit different. However, anyone can handle it as long as they review the necessary documentation. They just need to read the manual, and then they can handle the implementation. I would suggest it has a medium level of difficulty.

For us, deployment took about three days. That includes configuring the solution as well.

I handled the implementation and the configuration myself with the assistance of the solution's manuals.

I don't handle the licensing. I don't know what the costs are for the solution.

I haven't evaluated the solution, but something called Apex One is now on the market, and it offers better bundles and better integrations in comparison to Trend Micro.

The solution is very nice, but I would suggest to others that they test as many use cases as they can at the beginning.

I'd rate the solution seven out of ten.

We use the solution for its security features. Trend Micro has an MSP portal where you can create customer accounts, assign some licenses, and make your customers use those licenses from a portal. Trend Micro is ahead of its competitors in providing MSP services to customers.

Trend Micro Endpoint Encryption is stable and easy to use. It's very useful for an MSP company, making it easy and efficient to work with.

Security features could be improved.

I have been using Trend Micro Endpoint Encryption for one year.

The product is very stable.

The solution is scalable because it doesn't require an on-premise server installed. Everything is being monitored and managed from the cloud portal, irrespective of the number of agents. You can manage all from one portal.

Vendors are locally present in our country. We contact them via email, etc. We are very flexible with vendor support.

The initial setup is straightforward. One person is enough for it.

An MSP company creates customer accounts from Trend Micro's MSP portal. Then, the customer gets the key. After that, they can log in to the Trend Micro portal. They will see the agent to be downloaded for Windows and Linux. It takes about two or three minutes to deploy.

Deployment can be done by yourself.

The MSP's model and licensing is global and has very reasonable prices. Also, the perpetual license model is reasonable. It's cheap for the assembly companies. Licensing is very straightforward.

Around five to ten technical persons are using the support. We will be able to sell those agents to more than 20 companies.

Only one technical person is enough for a large company for the installation and the management. In terms of management, many logs, alarms, and entries are happening in the portal.

Trend Micro can be a viable option for SMBs looking for a basic EDR or PRT solution. However, for larger organizations or those with highly complex security needs demanding advanced services and sophisticated department knowledge, Trend Micro's capabilities might not be sufficient.

Overall, I rate the solution a seven out of ten.

We are using this solution for network security.

The most valuable features are monitoring for advanced persistent threats, the system runs in a sandbox allowing for effective zero-day exploits management, and the Inspector has a built-in sandbox.

The solution needs to be able to integrate better with third-party infrastructure.

I have been using this solution for approximately five years.

The solution is stable.

We have customers that are small and enterprise-sized companies using this solution.

The initial setup is at a moderate level of difficulty. However, we are qualified and for somebody quite new to the solution it could be more difficult. It is not usual for the end-user to start the process themselves. Usually, they are assisted with a partner or with Trend Micro themself. It is not a matter of how complex the solution is, but how much experience they have with the setup.

The price of the solution is lower compared to the competition.

I have recently evaluated Darktrace.

I would recommend this solution.

I rate Trend Micro Deep Discovery a nine out of ten.

This solution can be used as threat protection and to block phishing emails.

We are using version 6.0.

There are 15 people using this solution in my organization.

The solution could be more secure.

It's stable.

It's scalable.

We are using local technical support. We haven't had any problems with it.

Initial setup is easy. It can be done by yourself.

I would rate this solution 9 out of 10.

I would recommend this solution to anyone who wants to start using it.

We are integrators. We work on integrated systems.

Our clients use this solution to know what is happening in the network and to analyze it. 

Trend Micro is a good solution and our clients are happy with it.

I like the sales operations testing and support.

The ecosystem is good, it's the best. It's also simple to manage.

I would like to see integration with third-party tools to improve the visibility of the dashboards.

I have been working with Trend Micro Deep Discovery Inspector for two years.

The stability is good. We have not experienced any issues.

Scalability with Trend Micro Deep Discovery Inspector is very good. We are satisfied with the scalability.

We do not have users in our company, we use the systems with our clients.

The technical people are good.

We don't have any issues with technical support. 

Local technicians and global support are very good.

We also use one other solution.

The initial setup can be simple, and at times it can be complex when changing the solution.

It is less than a week to deploy Trend Micro, but it can change per the solution type. 

For some solutions, it can take a week, and for others solutions with complex projects, it can take a month. 

Depending on the client's requirement, it can be cheap and at times, more expensive.

Overall, the price is good.

For others who are interested in using this solution, I would recommend it.

I like working with this solution. I would rate Trend Micro Deep Discovery Inspector a nine out of ten.

The primary use case of this solution is to protect the equity, command, and control and botnet infections.

The most valuable features are the protection and that it is fast.

I would like to see them create a rule where It could integrate with the network and start mitigating with auto-detection.

I have been working with this solution for six months.

This solution is stable we have not had any issues.

We have plans to scale it to FortiGate. We have checked it to 10GB and it was fine.

I am the only user.

I have not contacted technical support.

Previously, we have tried an open-source SIEM solution. SIEM is a traffic analyzer, and conflicts can be fixed. With Trend Micro, you can only categorize it.

The initial setup was easy.

This solution can be deployed in two days.

I did not use a vendor to implement this solution. I did it myself.

We are trying this solution as a POC.

It's a nice product and it has really helped limit the attacks.

I would rate this solution a nine out of ten.

Ease of use, just connect to a span port on your core switch and you're ready to go. Of course, you will see a bunch of white noise, but the built-in auto tuning system does a great job of detecting legitimate services and devices on the network, and from there you white-list the ones which you've confirmed to be known goods. Built in sandboxing provides an additional layer of defense to shake out suspicious objects and processes. This works especially well if you're running Trend Micro's Office Scan Endpoint Protection, where DDi is able to generate a new virus definition via the sandbox, and push it out to the Office Scan AV engine to provide protection across your network.

DDi rapidly discovers C2 traffic and pinpoints the offenders, source and recipient. It also provides a set of eyes to keep track of suspicious lateral movements between nodes. The out of the box rule set does a great job of hunting down previously unflagged threats, but can easily be customized for those that like to tweak and refine.

Not too much to complain about, really. There were a few instances where legitimate traffic (WPAD) was flagged as C2 communication. There were some challenges in white-listing it, which resulted in a bunch of alerts/noise.

2 years

No

Never

It can get expensive if you wish to monitor all core switches across many satellite offices. My suggestion is to put one or more DDi appliances at core switches nearest to where your critical data is housed.

Customer service is very good.

Very good.

FireEye. Fire Eye is incredibly expensive, and requires multiple appliances which together, scan far less protocols than DDi. It also hasn't fared so well in terms of detection rates, in independent tests against competing products.

Straightforward setup.

Implemented in-house along with Trend's team.

Be sure to implement Trend's Control Manager module (free) for more flexible reporting, along with integration with other Trend products (strongly suggest using this along with Office Scan and Deep Discovery Endpoint Sensor, which is an EDR solution).