Trellix Intrusion Prevention System Reviews

We do not use Trellix Intrusion Prevention System; rather, we sell the Trellix Intrusion Prevention System solution.

The typical use case for our clients is to find out what vulnerable files exist. In Trellix Intrusion Prevention System, all virus signatures are stored. Whenever a file comes, they match this extension value, or the hash value with the signatures that are on the Trellix Intrusion Prevention System side. Once they match, if a virus is found, they will block this file; otherwise, they will allow that file. It is a different box that gets embedded with the firewall itself, so whenever a file comes, it can match the hash value of that particular file, and they can see whether there is a virus attached to that file or not.

Trellix Intrusion Prevention System helps organizations by providing comprehensive file scanning and threat detection. The system stores virus signatures and matches incoming files' hash values against these signatures to identify and block malicious content.

The solution's advanced features, including ATP (Advanced Threat Protection), behavior analysis, and machine learning, enable organizations to stop zero-day exploits and advanced persistent threats. The system's ability to track and collect data from APTs allows organizations to monitor and manage malicious files entering their environment effectively.

The best features of Trellix Intrusion Prevention System include advanced ATP (Advanced Threat Protection), which uses signatures, behavior analysis, and machine learning to stop zero-day exploits and malware advanced persistent threats (APTs). They track and collect data from APTs, which allows them to track malicious files entering the environment.

The system offers inline prevention and real-time automatic blocking of malicious packets before they reach the network. It integrates with the Trellix ecosystem and provides application visibility and control.

The solution provides deep insight into network traffic, applications, and protocols for better information. All packets coming through the application are analyzed and reported. They share intelligence updates regularly to protect from different malicious files and sector-specific threats. It supports both on-premise and cloud environments.

Trellix Intrusion Prevention System does not provide virtual patching. Patching involves updates on the OS side to address vulnerabilities, which is a different functionality.

Trellix Intrusion Prevention System already has the best features available. The only area that could be improved is everything except the firewall.

Trellix Intrusion Prevention System is stable, and that is why people choose to purchase it.

Trellix Intrusion Prevention System is a scalable solution that can be scaled up according to network traffic requirements. Additional IPS can be added, though it requires a new box rather than extending the existing IPS.

Technical support from Trellix rates as good. The threat intelligence platform which Trellix has is Mandiant, which is also used by Google. They have the best Intrusion Prevention System in the world because they have all the threat intelligence in their IPS signatures. I would rate it an eight.

Positive

I have experience working with other tools, specifically Trellix solutions such as DLP, EDR, and MDR, as well as with other Imperva tools.

My team has worked with Trellix Intrusion Prevention System for more than a decade, while I have been working with the solution for the last two and a half years. I am a partner of Trellix, working as a Large Account Manager at Softcell Technologies Limited. I have been working in cybersecurity for more than five years.

Overall rating for Trellix Intrusion Prevention System: 7 out of 10.

One of our main use cases includes supporting one of the big banks in Brazil that uses the Trellix Intrusion Prevention System. They have six or eight licenses for IPS. For this client, we don't have the operation, but we use it for support when they have problems, when they need to upgrade, or for maintenance. We support them, and it's working fine and good.

The best feature of the Trellix Intrusion Prevention System is the rules that Trellix provides. I think that's the best value from IPS.

I have utilized the application awareness capabilities.

The zero-day protection is an important feature for the Trellix Intrusion Prevention System, but with some customers, we have difficulty implementing this in production operation because they are afraid of potential impacts. However, it remains a very important feature.

I haven't seen threat intelligence and machine learning for predictive threat analysis in the Trellix Intrusion Prevention System yet.

For Trellix IPS, AI improvements are an area where it can improve. It's a significant feature.

Regarding the Trellix Intrusion Prevention System's flexibility for catering to our organization's specific infrastructure requirements, we have only on-premises and virtual appliances, but it's acceptable. The access and platform could potentially integrate with SaaS. Similar to when you put the EPO in mode integration with SaaS, you can connect with a local credential and with an X Console credential. Another possibility would be to connect with an integration login with the X Console. We have this with EPO on-premise, but with IPS, we don't have it.

I have extensive experience, specifically 10 years with the solution.

I rate their support with Trellix as a nine out of ten. Many times, we didn't need the support for IPS because we have another person who knows a lot about IPS. For us, it's not a problem because we have extensive knowledge.

Positive

The initial setup for Trellix IPS is not difficult.

The customizable dashboard and the detailed reports of the Trellix Intrusion Prevention System are satisfactory. I rate this solution a 9 out of 10.

We use the firewalls and the sandbox.

The solution is effective. There have been many attacks because most of our clients are very big. They face attacks every day.

The real-time capabilities are very good because there are a lot of attacks every day. We have a SOC that monitors the solution every day, every hour. The threat intelligence updates are very accurate. The attacks have been zero.

Network Threat Behavior Analysis must be improved. The technical support must be improved. The support team must provide better help with configurations of devices and enabling NTBA.

I have been using the solution for two years.

The tool’s stability is very good. I rate the stability a nine out of ten.

The solution is very scalable. I rate the scalability an eight to nine out of ten. We have around 7000 to 8000 people in our organization.

I rate the ease of setup a seven or eight out of ten. The platform functions very well. We need technical support to make improvements to the platform. The deployment takes eight months. We need two or three system engineers and one electronic engineer specialized in Trellix platforms to deploy the tool. We need only one system engineer to maintain the product.

The tool is competitively priced. I rate the pricing a six out of ten.

I have used Check Point IPS.

We are partners. Overall, I rate the solution an eight out of ten.

I use Trellix IPS to find and fix security issues. This involves getting alerts about vulnerabilities in financial systems and sharing information with a partner organization in Sri Lanka. We also use Trellix IPS to spot other vulnerabilities and then block harmful data. 

The solution has been highly beneficial at work as it is user-friendly.

The most valuable feature of Trellix IPS is the automated signature updates. It is a great and convenient feature.

One challenge in Sri Lanka is the lack of available learning materials for Trellix products. We rely on our experience rather than formal training or guides, which can be a major challenge when configuring Trellix since there are limited resources for configuration guidance.

I have been using Trellix Intrusion Prevention System for a year.

It is very stable and one of the best products I have used.

It is a very scalable solution. I would rate it as a ten out of ten in terms of stability. We have approximately 6,000 users of the solution.

The technical support is good.

I would rate the easiness of the initial setup as a ten out of ten. Deployment takes two days and a team of two people. We start by updating the IPS, setting it up, and then testing it in our network for a few weeks to make sure it is working well. Once we are sure it is doing its job, we smoothly bring it into our production network without any problems.

I would definitely recommend the Trelix IPS to others. It is user-friendly, straightforward, and seems like a good fit for our needs. Overall, I would rate it as a ten out of ten.

I use Trellix Intrusion Prevention System in my company as an intrusion prevention. I don't have hands-on experience with the solution, but I deal with its implementation phase. My company's customers use the product for network security.

The most valuable features of the solution stem from the fact that it is a good product for dealing with DDoS attacks and for the inspection of network traffic.

The area of concern where the tool needs improvement is how the product prompts users at a network level that helps prevent any wireless network attacks through alerts and notifications.

I have been using Trellix Intrusion Prevention System for two and a half years. In my organization, I provide in-house support for the product. I operate as an implementer of the solution.

Stability-wise, I rate the solution a ten out of ten.

It is a scalable solution. Scalability-wise, I rate the solution a ten out of ten.

My company's clients who use the tool are enterprise-sized businesses.

I rate the technical support a ten out of ten.

Positive

I rate the product's initial setup phase a five or six on a scale of one to ten, where one is a difficult setup phase, and ten is an easy setup phase.

The solution is deployed on the hybrid cloud.

From an ROI perspective, everything is fine when it comes to the product.

I recommend the product to those who plan to use it.

The solution's support and everything is fine. Even though I don't know the product's price, I know that Trellix offers products at a cheap price, along with on-time support.

I rate the overall tool a ten out of ten.

We use Trellix Intrusion Prevention System as a signature-based system for capturing zero-day attacks.

The platform’s GUI could be the latest.

We have been using Trellix Intrusion Prevention System for five years. At present, we use the latest version.

I rate the product’s stability an eight out of ten. We have encountered some technical problems which our engineers are trying to fix.

The product is suitable for medium and enterprise businesses. I rate its scalability a ten out of ten.

The initial setup is easy and takes a few hours to complete. I rate the process a nine out of ten.

The product is worth the investment.

I rate the product’s pricing an eight out of ten.

I rate Trellix Intrusion Prevention System a seven out of ten.

McAfee Network Security Platform is our intrusion prevention system.

McAfee NSP is much more stable than Cisco.

The technical support has room for improvement.

I have been using the solution for over one year.

I give the stability an eight out of ten.

I give the scalability an eight out of ten.

I give the initial setup an eight out of ten.

I give the solution a seven out of ten. Mcafee NSP is a stable solution but I would recommend Palo Alto NTP.

Cisco and McAfee IPS architecture are likely to be the same. We must manage the McAfee sensor through the NSM. McAfee is aware of the security manager. Additionally, they can both control the signature at a granular level, which is not an issue.

The solution is used mostly for perimeter protection. It's to protect the client and server site. It offers basic but effective Smart Blocking. We've tested it in a product environment and it performed rather well.

The solution is quite easy to set up. You can just do everything online and then do some basic configurations. It's easy.

The solution, in general, is pretty effective.

The product has a good reputation.

The sensors and signatures can be updated.

There's a good dashboard you can drill down into. It helps you easily locate intrusions and the source of attacks.

We have encountered some glitches from time to time.

Some of the documentation is not as straightforward as it could be. It's much too general - especially in areas related to updates. They need to do a better job of explaining things. If you need a specific configuration, they should be able to provide the necessary details. It's something they can really improve upon if they wanted to.

What I would like to see more on the roadmap for McAfee is the compatibility of high availability in terms of the virtual machine.

They could make an interchangeable model that could serve the throughput requirements of the client. Right now, if you are not under the same mold there, although you have the same version, you are not able to do a proper deployment on it.

I'm not continuously working with the product. It depends on the demands of the customers for the most part. It's on and off. It's likely been about one to two years or so.

The solution is quite stable. The performance is reliable. There are no bugs or crashes or anything of that nature.

I haven't done any HA on it. I'm trying to make an HA on my Lab, however, due to my busy schedule, I haven't made the time. That said, the product appears very scalable. You can cascade the product and it does support a big number of throughput.

We've reached out to technical support in the past. You can email them and make a ticket or you can call them by phone. It depends on the severity of the assistance you need. However, they seem to be quite responsive and knowledgeable. We've been happy with their level of support.

The initial setup is quite straightforward. It's not complex. You can manage the process online, and the configuration of the solution is easy. It doesn't take long at all.

That said, I have not fully deployed the product into a client environment.

We pay for licensing on a yearly basis.

I'm not sure of the exact pricing, however, it's my understanding that they are competitive. When it comes to security, the more you need, the higher the costs tend to run.

We are a distributor of McAfee. We're partners.

We don't have a customer right now. We just have a version we use for inquiries. We have a demo server on-premises.

I'd recommend the solution to other organizations.

It's stable and scalable. It's definitely more effective compared to the next-generation firewall that has a built-in IPS. However, they really do need to reform their documentation. We'd also like to see a bit more of their roadmap.

Overall, I would rate the solution at a ten out of ten.

We use the solution for security purposes. It allows our organization to detect a variety of malicious attacks such as malware and viruses, et cetera.

The signature-based content is very powerful. 

I like the fact that we have the ability to write our custom signatures based on McAfee-made signatures. 

The Malware engines are very powerful. These engines are getting information from the McAfee global intelligence services,

It offers good mobile intelligence services. On the behavioral side of the signatures are very good.

The initial setup is straightforward.

We've found that the solution to be quite stable.

The system isn't fool-proof. Sometimes, based on the network or other reasons, McAfee cannot detect the actual attack. This rarely happens. It's only been the case maybe one or two times.

The solution could improve some aspects of detection. If they implemented some machine learning technique, they might be able to better detect abnormal occurances. 

I've been using the solution for six years or so. It's been a while at this point. 

The solution is very stable. It's reliable. There aren't bugs or glitches. It doesn't crash or freeze. It's very good.

While we haven't needed to expand the product yet, it's my understanding that the new features of McAfee will be easy to expand. It shouldn't be a problem to scale.

We have around six people in our organization using the solution.

We're partners. We often give support to our clients.

The initial setup is quite straightforward. It's not complex. A company should be able to implement it easily. 

The deployment doesn't take too long. It's pretty quick. This is especially true if you have an abundance of experience.

The pricing of the solution is okay.

Licensing is paid on a yearly basis.

We are McAfee partners. We have a business relationship with the company.

We tend to use a variety of different versions. The solution tends to have a lot of versions.

I would recommend the solution to other organizations. For the most part, we have had positive experiences. However, it's a good idea for those considering the solution to do their own research to see if the product would suit them. There are advanced levels of the solution. It can be a fit for many companies.

In general, I would rate the solution at a seven out of ten.

It has a lot of functions, such as firewall. We are administrators, and we create some rules to protect our network. We also monitor the traffic in and out and have disk encryption on-premises. When we detect malware, we scan for the virus on the PC. We can then delete or block the malware.

We would like to have a simpler version. Some settings and functions on the McAfee console are complex and complicated. I want the management console to be simpler.

I have been using this solution for about six months.

It is quite stable, but we have some issues with the latest version. When we install the latest version, the traffic of the network is quite low.

It is scalable. We have around 500 users.

Their technical support is good. It is better than Symantec.

We were using Symantec. We switched because Broadcom bought Symantec, and their support was not very good.

I implemented it myself.

I would recommend this solution to others. It is a very good solution.

I would rate McAfee Network Security Platform a nine out of ten.