We performed a comparison between Cisco Secure Network Analytics and Trellix Network Detection and Response based on real PeerSpot user reviews.
Find out in this report how the two Network Detection and Response (NDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Overall, the implementation is very good."
"From what I understand, you can encrypt and unencrypt traffic moving in transit. This is one of the features that we liked about it."
"Stability is the most valuable feature we have seen in this solution."
"We find that Stealthwatch can detect the unseen."
"The feature most valuable for us is to gain visibility of what is actually floating through, so we can stop it based on whether it's good or bad traffic."
"The most valuable features provided by this solution are visibility and information."
"This product alleviates the day-to-day headaches for us, in regards to metrics."
"The most valuable part is that Stealthwatch is part of a portfolio of security devices from Cisco. Cisco literally can touch every single end point, every single ingress and egress point in the network. Nobody else has that."
"Over the thirteen years of using the product, we have not experienced a single compromise in our environment. During the COVID period, we faced numerous DDoS attacks, and the tool proved highly effective in mitigating these threats."
"The product has helped improve our organization by being easy to use and integrate. This saves time, trouble and money."
"The installation phase was easy."
"The product is very easy to configure."
"We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement and that nothing else was infected. It helped us correlate the events and feel confident in our containment."
"The most valuable feature is MVX, which tests all of the files that have been received in an email."
"Its ability to find zero-day threats, malware and anything malicious has greatly improved my customer's organization, especially for protecting the users' browser."
"The scalability has not been a problem. We have deployed the product in very high bandwidth networks. We have never had a problem with the FireEye product causing latency issues within our networks."
"One area that could be improved in SNA is the integration with Cisco ISE for user and session details, which currently requires additional setup."
"I would like the search page available with Cisco Stealthwatch to be more intuitive. The previous release was better than the current one for the UI."
"It is time-consuming to set it up and understand how the tool works."
"I would like to see it better organized when I'm looking at it."
"The overall visibility into the actual device itself would be helpful. I don't just want support-specific data, but also to be able to see information such as CPU and other internal components or usage of the devices."
"There's a lot of traffic on our network that we don't see sometimes."
"We've run into some issues with the configuration."
"It's not great as a standalone solution."
"As far as future inclusions, it would be useful to display more threat intelligence, such as the actual area of the threat and the origin of the web crawling (Tor and Dark Web)."
"It would be great if we could create granular reports based on the protocols, types of attacks, regions of attack, etc. Also we would like to easily be able to add exceptions to rules in cases of false positives."
"The world is currently shifting to AI, but FIreEye is not following suit."
"Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier."
"If you want to search the hashes in the environment, you need to put in IOCs one by one, making it a very hectic job."
"I would love to see better reporting. Because you can't export some of the reports in proper formats, it is hard to extract the data from reports."
"It would be a good idea if we could get an option to block based upon the content of an email, or the content of a file attachment."
"They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules."
More Cisco Secure Network Analytics Pricing and Cost Advice →
More Trellix Network Detection and Response Pricing and Cost Advice →
Cisco Secure Network Analytics is ranked 3rd in Network Detection and Response (NDR) with 58 reviews while Trellix Network Detection and Response is ranked 7th in Network Detection and Response (NDR) with 37 reviews. Cisco Secure Network Analytics is rated 8.2, while Trellix Network Detection and Response is rated 8.4. The top reviewer of Cisco Secure Network Analytics writes "Increased the visibility of what is happening in our network". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Offers in-depth investigation capabilities, integrates well and smoothly transitioned from a lower-capacity appliance to a higher one". Cisco Secure Network Analytics is most compared with Darktrace, Cisco Secure Cloud Analytics, ThousandEyes, Vectra AI and Arista NDR, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Fortinet FortiGate, Zscaler Internet Access and Darktrace. See our Cisco Secure Network Analytics vs. Trellix Network Detection and Response report.
See our list of best Network Detection and Response (NDR) vendors.
We monitor all Network Detection and Response (NDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.