We performed a comparison between Cisco Secure Network Analytics and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Network Detection and Response (NDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Cisco Secure Network Analytics has increased the visibility of what is happening in our network, and I think that's the most important reason to use it. We can see what is really happening instead of just looking at numbers from routers or switches."
"The solution reduces the amount of time it takes to detect and remediate threats."
"The most valuable feature we got out of Stealthwatch is to be able to, while troubleshooting, go deep into one of our interfaces and verify what the bandwidth is and if there's any activity there that's causing problems."
"Ease of deployment, once you get your ducks in a row."
"The most valuable feature is having visibility into the data segments throughout our network."
"It provides good visibility to the customers. People are still evaluating it, but it provides visibility and helps them to take action to remediate and mitigate the issues that are highlighted on the dashboard. It has good integration with the Cisco switching platform."
"Being able to graph and show data to management has improved our organization. We can show the data to the higher-ups. It shows them that it's picking up on these anomalies and doing its job."
"The most valuable features of this solution are its reporting and mitigation capabilities."
"The sandbox feature of FireEye Network Security is very good. The operating system itself has many features and it supports our design."
"Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser."
"I also like its logging method. Its logging is very powerful and useful for forensic purposes. You can see the traffic or a specific activity or how something entered your network and where it went."
"The most valuable feature is the view into the application."
"Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening."
"Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams."
"It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."
"It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us."
"The version with the Dell server had iDRAC problems. Often, it reported iDRAC failure."
"The configuration of the solution was quite complex."
"We determined that Stealthwatch wouldn't provide the machine learning model that we required."
"There's a lot of traffic on our network that we don't see sometimes."
"We had some trouble with the installation as we migrated from our previous solution."
"The initial setup is complex, as there is a lot to configure."
"The customizability of the UI should improve."
"They should include Citrix VDIs in the next release."
"It is not a very secure product."
"It would be a good idea if we could get an option to block based upon the content of an email, or the content of a file attachment."
"The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this."
"A better depth of view, being able to see deeper into the management process, is what I'd like to see."
"There is a lot of room for Improvement in the offering, from cost to functionality. It is pretty straightforward to implement which is an advantage. However, it falls short in pricing, detection capabilities, and, most importantly, reporting and policy management."
"It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning."
"I would love to see better reporting. Because you can't export some of the reports in proper formats, it is hard to extract the data from reports."
"Certain features in Trellix Network Detection and Response, such as using AL-type commands, may initially pose a challenge for those unfamiliar with such commands. However, once users become accustomed to the system, it becomes easier to use."
More Cisco Secure Network Analytics Pricing and Cost Advice →
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Network Analytics is ranked 3rd in Network Detection and Response (NDR) with 57 reviews while Trellix Network Detection and Response is ranked 7th in Network Detection and Response (NDR) with 37 reviews. Cisco Secure Network Analytics is rated 8.2, while Trellix Network Detection and Response is rated 8.4. The top reviewer of Cisco Secure Network Analytics writes "Increased the visibility of what is happening in our network". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Offers in-depth investigation capabilities, integrates well and smoothly transitioned from a lower-capacity appliance to a higher one". Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Arista NDR, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Fortinet FortiGate and Symantec Advanced Threat Protection. See our Cisco Secure Network Analytics vs. Trellix Network Detection and Response report.
See our list of best Network Detection and Response (NDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.