Senior technical consultant at Hitachi Systems Micro Clinic
Real User
Top 10
2024-04-04T07:21:18Z
Apr 4, 2024
We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement and that nothing else was infected. It helped us correlate the events and feel confident in our containment.
Over the thirteen years of using the product, we have not experienced a single compromise in our environment. During the COVID period, we faced numerous DDoS attacks, and the tool proved highly effective in mitigating these threats.
Learn what your peers think about Trellix Network Detection and Response. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
Sr Technical Consultant at a tech services company with 51-200 employees
Real User
2021-05-18T20:31:56Z
May 18, 2021
It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye.
IT Senior Consultant at a manufacturing company with 1,001-5,000 employees
Consultant
2019-06-04T07:43:00Z
Jun 4, 2019
If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution.
Information Security Consultant at a financial services firm with 1,001-5,000 employees
Consultant
2019-04-23T08:23:00Z
Apr 23, 2019
Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams.
CEO at a tech services company with 1-10 employees
Real User
2019-03-11T07:21:00Z
Mar 11, 2019
The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks.
We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up.
System Engineer at a tech services company with 1,001-5,000 employees
Real User
2019-02-25T08:45:00Z
Feb 25, 2019
Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser.
Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities.
Technical lead at a tech services company with 51-200 employees
Real User
2019-02-10T10:06:00Z
Feb 10, 2019
Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening.
Detect the undetectable and stop evasive attacks. Trellix Network Detection and Response (NDR) helps your team focus on real attacks, contain intrusions with speed and intelligence, and eliminate your cybersecurity weak points.
We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement and that nothing else was infected. It helped us correlate the events and feel confident in our containment.
Over the thirteen years of using the product, we have not experienced a single compromise in our environment. During the COVID period, we faced numerous DDoS attacks, and the tool proved highly effective in mitigating these threats.
The installation phase was easy.
The product is very easy to configure.
Support is very helpful and responsive.
The solution can scale.
The sandbox feature of FireEye Network Security is very good. The operating system itself has many features and it supports our design.
Very functional and good for detecting malicious traffic.
It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye.
It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities.
The most valuable feature is the network security module.
The server appliance is good.
The most valuable feature is MVX, which tests all of the files that have been received in an email.
If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution.
The product has helped improve our organization by being easy to use and integrate. This saves time, trouble and money.
Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams.
The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks.
It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us.
The most valuable feature is the view into the application.
We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up.
Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser.
Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities.
Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening.
The features that I find most valuable are the MIR (Mandiant Incident Response) for checks on our inbound security.