Trend Micro Deep Security Reviews

Patch management is most valuable. The major selling point of Deep Security is that it is based on the cloud. Deep Security is for the servers and databases of data centers, and generally, for patch management, you have to shut down the machines, and then you have to restart them. So, they need shutdown time, which is a cost. Big enterprises don't want to shut down their database or their data center for any kind of patch. Deep Security creates a wall and downloads all patches. You install it on the cloud. So, it saves your server from any kind of intrusion or any kind of penetration, and whenever you get a chance or time, in six, eight, or nine months, you can physically download or install all those patches in one go. So, it saves you time. It also saves your shutdown time and keeps your data center safe.

Along with patching, they also provide antivirus protection on the servers.

It should have XDR and EDR integration. It would be nice if they can tie it up with an XDR or EDR.

Its price is also quite high. It is more expensive than other products for patching. So, it would be nice if they lower its price.

We have been providing this solution for about two to three years.

It is very stable. That's why it is doing so well. They have already captured 90% of the financial market in our country.

I won't say that it is scalable. It is the final product, but it has a few add-ons. You can add other products of Trend Micro, for example, XDR or EDR, along with DDI, but you can't scale Deep Security to another level. It is the final product.

It is a very expensive solution, so it has mostly been used at an enterprise level. Around 90% of the customers belong to the financial sector, and around 95% of banks in Pakistan are using it.

They have a pretty good support system. The best part is that they have their support team on the ground in Pakistan. They also have a support team back at their headquarters. Along with that, they have built a support team at the distributor level. They have also trained the partners. So, support is quite good and efficient.

Its installation is pretty easy. You can do the installation remotely because it is on the cloud, so you have access from anywhere.

Installation duration depends on how many servers you have, but it normally takes about four to five days. It is not just the installation. After installing it, you also have to do testing and other stuff.

You do need certified engineers for it.

It is a very expensive solution. It would be nice if they lower its price.

Its license is based on the machines.

I recommend Deep Security to almost all of my customers. It is a very good product. I would rate Deep Security a nine out of 10.

The most valuable feature for us is mainly the fact that we can control what the PC or server is doing protection-wise, even remotely. We use this protection feature all the time.

The main benefit it provides us is that it will show what the issues might be and it's scalable. It allows us to know that if we have an issue somewhere on one device or endpoint, we can correct it or get down to a level where we can find out what the problem is. For example, we can apply exclusions to set policies for a certain type of group that can scale for a lot of environments, whether it's Linux or Windows servers or Windows 10 endpoints.

I'd like to see some sort of database out-of-the-box. Deep Security uses its own database, with which we have some issues, but we just go right to SQL or another database. Right now, the standard database as to be converted to SQL or Oracle, but that's something that should be out-of-the-box standard.

We've used it for four years.

We've had no issues with deployment, other than the database issue.

We had one failure, but it came back up within twenty minutes, so we've really had no downtime.

Yes, it's been scalable. In the coming year, we're going to be testing many more policies and deploying it out in our system.

The setup was a little complex on the security side. But the endpoints -- desktops, laptops, were pretty easy. The server environments were a little more complicated and in-depth.

We implemented with a vendor team.

We very much have an ROI, and although I don't have numbers, I can see that we've been able to catch problems before they happen.

Make sure you perform thorough testing as there were different situations that came up for us that we didn't account for. I think that a POC would really be worth the investment because you can find out what the structure can do and what it can't. That's really important.

It gives clients an additional view of what's happening in their data centers.

Deep Security is on-prem at this stage, but it has got cloud workload protection that has similar functionality in the cloud.

In addition to providing our clients a view of what's happening in their data centers, it also does virtual patching in the data center. It enhances the security in the data center big time.

What this product lacks at this stage is the ability to have automated workbooks to do the response. At this stage, the response is more manual, and it is not automated. If there is a response functionality in Deep Security, similar to what we have in EDR these days, to automatically respond to some of the threats, it would be cool. So, we'd like to have an automated response. There should be a response functionality.

We have been providing this solution for a few years.

It is stable.

It is scalable, but it is fairly expensive.

In terms of its usage, we're not using it internally. We have three clients at the moment. They are fairly big clients.

Their technical support is good.

It is a bit more difficult because it needs a bit of hardware, etc. Deep Security is more complex to set up than web security. Implementing Deep Security properly is usually about a week's worth of work because of the change control in the company. It is the change control that's an issue.

In terms of people required for its deployment, one engineer is usually enough.

Most of it is annual at this stage.

I would definitely recommend it for medium enterprises. 

I would rate it a seven out of ten.

We primarily use the solution for security purposes. 

I cannot speak to any specific feature that has wowed me. 

It serves its purpose and works well.

The initial setup is easy. 

The stability of the product has been good over the last 12 months. 

We have found that the solution scales well.

The cost is very high. it would be ideal if they would work on the pricing.

Technical support could be much better.

The product should be able to host a vulnerability scanner. Right now, we need to pay extra. It would be ideal if they could do a vulnerability scan of my endpoints. 

I've been using the solution for 12 months or so. It's been about a year. 

The stability has been very good in the year that we have used it. I haven't found any issues. There are no bugs or glitches. It doesn't crash or freeze.  It's reliable.

The scalability is very good. If a company needs to expand its usage, it can do so. 

Technical support has been below expectations. They don't seem to be as helpful or responsive as we need them to be. 

The price of the product is high. It's expensive. 

I'd rate the solution at a seven out of ten. It's been an okay solution, however, there still needs to be more done in certain areas. 

Virtual Patching (part of Integrity Monitoring module) is the most valuable because it shields vulnerabilities in critical systems until an actual patch is available and deployed reducing the downtime, and protecting unpatchable systems extending the life of legacy systems and applications. Also, the possibility to know which files have been changed in the host machine.

The possibility to extend the security of the datacenter to cloud using API integration to AWS, vCloud, Azure and others in a single management console is also valuable.

In the past, we had to search for a window of time to patch the OS and some applications and it took a long time up a virtual machine and make it available for our needs because its update process was very slow. Now, we don’t have to wait for this process because when we need a VM we can just boot one up and run and patch the VM at an opportune time.

We use it to help a large payment company in Brazil to process millions of credit card transactions a day, and others company with similar challenges.

It needs real-time anti-malware support for Amazon Linux and an option that allows you to classify and mark reports using tags like Top Secret or Confidential which are missing in Deep Security 9.5 but are in v9.6, which was released in January. We're still homologating 9.6 version with this new feature.

An improvement on its Control Manager integration is also needed because it's insufficient for individual and granular management. Control Manager is a console that integrates all Trend Micro products.

I've been using it since it was first released in 2010 and have used it in two different ways. At my own company, it's used to protect about 40 VMs on two hosts using VMware. It's also used for installing and supporting 36 clients over 250 servers and millions of transactions per day.

I'm one of the founders of company and I've been working as a technician from the beginning, my role was design, deployment planning and pre-sales support until the end of the last year with our support team. Now, I'm dedicating my time to executing our vision as CEO.

We have had no issues deploying it, especially when following the guides.

It has been stable in our deployments.

We have no issues scaling it when we need to.

Trend Micro has a Channel Partner ecosystem highly prepared to solve any questions and they work very closely with Trend Micro support services to deliver the best experience to their customers.

We did not have anything in place previously.

The deployment depends on how you set up your VMware environment and what features you’re using. Following the steps described in the Administrator and Deployment guides helps you to avoid any complications.

The implementation team was formed with inside analysts and vendor specialists. It's strongly recommended to use someone with the necessary skills to work with VMware and have someone familiar with infrastructure and security analysis.

Start with a small group of servers and the most important modules for your company. Depending on the way you buy the product, you have the benefit of renewing discounts up to 50% in the next year.

It's a hybrid platform with about five modules that will help you to manage and secure your datacenter and cloud initiative with multi-platform support. To get the same solution, you may have to contract at least four different vendors.

Deep Security is a server protection product. We use it for virtual patching and file integration. You can use this with your cloud or an NX environment, virtual services, VMware, etc. 

Deep Security is a good product for managing a few servers.

I've been using Deep Security for more than five years.

Performance is fine. You need to keep an eye on the new files getting detected, or so you have to keep on applying those file folders. So you have to keep monitoring, or else it is not going to help. So especially for the file integrity model and all. 

I don't know about the scalability, but it's good for few servers where you can manage. 

There is a local Trend Micro team in Mumbai that we call for support or to log a ticket.

Deployment and post-deployment implementation are a little complicated. We can't touch servers, and we can't modify the settings. It should be automated, and Trend Micro should make the process more intelligent. The scope is broad, and you have to manually monitor the file scans and respond whenever there is a detection. 

The deployment itself is not that difficult because it's client based. So you want to install clients on each of those servers, and then you have to keep monitoring and adding features. You check the server's performance, and if everything is fine, you can keep adding servers. But post-implementation is time-consuming. You have to do monitoring, and that takes time. After you set up everything, it's not a full-fledged implementation. You have to keep on monitoring and configuring. 

And there are times when the malware protection or some other virtual patching is working fine, but you need a technician to get all the more advanced features to work. It takes around two or three technicians to implement. Our team is responsible for security while a different team handles server management. Then there are one or two people who manage the security console. And then, there are OEM support and SI support.

We have a subscription. It's not a surface subscription. It's only the AMC part.

I rate Trend Micro Deep Security six out of 10. I would recommend it. It depends on the other security controls you have in place. If you're using the entire Trend Micro suite, then you have a PT web gateway. So if you have the whole suite, you have tight integration with your APT and firewall story. In that case, Trend Micro Control Manager is there. So you have everything tied to a single console, so security and everything play as a complete story.

It is being used for our servers. It has many features such as firewall, IPS, anti-malware, and antivirus.

It provides security and protection. The endpoint firewall is valuable.

Their support should be improved. We need support in the UAE, but it is always going to some other country or region, and the time schedule is not suitable for us. 

I have been using Trend Micro Deep Security for six years, but I have started to use Trend Micro Apex One recently.

Its stability is good.

Scaling is possible. We're scaling up. We have about 40 servers.

I have used SentinelOne.

It is easy. It takes about two hours.

It was implemented in our company. Our security team manages it. We have two people on the team.

I would rate it a 10 out of 10.

Our primary use case is for endpoint protection and email as well as web protection. We are stacking our servers once a month and vulnerabilities are checked every day. I'm a senior director in the company and we're a customer of Trend.  

Automated virtual patching would be the most valuable feature. Deep Security has an option called recommendation scans. Once that feature is enabled, it scans the endpoints for these vulnerability questions and the tool can implement the rules to prevent the vulnerability found in this batch.

This is a very good tool but I don't find it to be a particularly user friendly solution, a lot of trouble shooting is required. I believe it needs simplification, without that they will run into continual problems. For now the solution requires spending a lot of time on module issues and anti-malware modules. We also have issues with scaling and this area could be improved. Adding one additional end point means you need to re-input all the other end points. If you have 1,000 users, that is not possible in real time. Each time we deploy new managers we need to connect with all endpoints and they need to be re-entered. 

I've been using this solution for three years. 

This solution is stable. 

The scalability is very good and as we grow we are expanding our tool networks.

The setup is straightforward. We initially procured the tool for 50 people and we've now implemented it for 200. There are many new customers coming in so we're looking to scale it to 1000 plus endpoints.

I am completely satisfied with this tool but we still plan to implement with the Symantec Endpoint Protection for the upgrade segment. We want to use a different tool for endpoint security because if there are any bugs in Trend Micro or any other tool we use then we're in trouble so we've decided not to have multiple tools from the same vendor. 

I would rate this solution an eight out of 10.