Trellix Network Detection and Response and Fortinet FortiSandbox both operate in the cybersecurity realm, focusing on advanced threat detection and response. Trellix seems to have the upper hand in investigative depth and visibility, whereas Fortinet excels in integration with its product ecosystem.
Features: Trellix Network Detection and Response offers in-depth analysis tools, including the MVX engine and sandboxing technology, enabling advanced threat detection and forensic capabilities. It provides real-time investigation potential and integrates with other security measures for comprehensive security coverage. Fortinet FortiSandbox is known for its seamless integration with other Fortinet products and provides robust sandboxing environments for analyzing malicious files, along with the capability to emulate various operating systems, making it valuable for threat hunting.
Room for Improvement: Trellix Network Detection and Response could improve in managing false positives, customizing virtual environments, and better integrating with third-party solutions. Suggestions also include more straightforward analytics and simplified setup processes. Fortinet FortiSandbox users seek more virtual environment options and better integration beyond the Fortinet ecosystem. Enhancements in ease of using license management and speeding up analysis are also desired.
Ease of Deployment and Customer Service: Both products offer flexible deployment options, whether on-premises, hybrid, or cloud. Trellix is recognized for its responsive technical support and extensive documentation, offering a variety of support contact methods. Fortinet is praised for effective technical support, but its deployment complexity can present challenges. Trellix's proficiency in support contrasts with Fortinet's focus on installation clarity.
Pricing and ROI: Trellix Network Detection and Response is viewed as expensive, but its ROI is justified due to its advanced threat prevention capabilities, making the price barrier acceptable given the security it provides. Fortinet FortiSandbox is usually regarded as reasonably priced, though its licensing can be complex. Both solutions report significant ROI in threat prevention, with Fortinet having a competitive pricing edge despite Trellix's higher cost being backed by its comprehensive capabilities.
Investigations are generally faster because analysts have immediate access to relevant network context instead of manually piecing together information from multiple sources.
The time was reduced because of the automated detections.
If a threat can enter any endpoint that is exposed to the internal network, there is a potential gateway for hackers, leading to a loss of production or significant financial impact to the network.
Sometimes the technical engineer is very good and helpful, and sometimes we go through many processes until it gets escalated to a higher level or to another advanced technical engineer.
The support team was responsive and knowledgeable.
Technical support needs improvement as sometimes engineers are not available promptly, especially during high-severity incidents.
They were constantly relaying our message to the engineering team and the engineering team was looping that back to them and then to us.
The scalability of Trellix Network Detection and Response is easy; I just have to add another license in the same cloud, and I can easily increase the number of endpoints.
Trellix Network Detection and Response has handled that growth while continuing to provide consistency, visibility, threat detection, and investigation capabilities.
The connectors were always out of sync and we have had multiple noise floods from these connectors which were not configured well.
Fortinet FortiSandbox works fine, is easy to manage, and functions well.
In my day-to-day use, it has consistently provided the visibility and detection capabilities we rely on for security monitoring and investigations.
In our experience, it has had a positive impact on our production environment and has proven to be a dependable part of our security operations.
I encounter no issues with health or reliability when the recommended specifications are met.
I think Fortinet FortiSandbox could introduce more automation tools and AI tools.
There should be improvements in AI intelligence, faster decision-making, and a more responsive technical support team.
It would be best if Trellix Network Detection and Response sensors were converted into a next-generation firewall with built-in capabilities for routing, switching, and Layer 7 functionality, as most next-generation firewalls today include these features.
Regarding needed improvements for Trellix Network Detection and Response, there is always room for enhancement in terms of AI capability to include proactive triggers based on historical data, enabling AI to learn patterns and detect threats before they manifest.
The cost is in the mid-range.
Trellix Network Detection and Response is an enterprise-grade security solution, so it represents a significant investment, but we believe that the value it provides in terms of threat detection, network visibility, and incident response justifies the cost.
The pricing model is not transparent, as they do not provide pricing ranges upfront, complicating the evaluation of costs across regions.
My experience with the pricing, setup cost, and licensing of Trellix Network Detection and Response is that they are very good and affordable for the customer range.
The smooth integrations between Fortinet FortiSandbox and other Fortinet solutions such as FortiWeb and FortiFirewall and with other Fortinet environments are what I really appreciate.
Per day we used to have 70 to 80 alerts and those could be reduced up to 40 to 30 a day. This is almost a 40 to 50% decrease.
Trellix Network Detection and Response has positively impacted my organization by addressing performance issues, specifically by offloading heavy traffic inspection and SSL inspection through sensors due to the limitations of the firewall.
Visibility is very important as it empowers users to understand what is happening; therefore, detection is one of the strongest features of Trellix Network Detection and Response.
| Product | Mindshare (%) |
|---|---|
| Fortinet FortiSandbox | 4.8% |
| Trellix Network Detection and Response | 4.1% |
| Other | 91.1% |
| Company Size | Count |
|---|---|
| Small Business | 16 |
| Midsize Enterprise | 13 |
| Large Enterprise | 9 |
| Company Size | Count |
|---|---|
| Small Business | 35 |
| Midsize Enterprise | 11 |
| Large Enterprise | 23 |
Fortinet FortiSandbox is a robust cybersecurity platform featuring advanced threat detection and dynamic behavior analysis. It integrates seamlessly with Fortinet systems, offering both on-premises and cloud deployment options to enhance protection across networks.
FortiSandbox is a powerful tool for organizations seeking to strengthen their cybersecurity posture. By providing comprehensive protection against threats like ransomware, it ensures that malicious files are effectively scanned and quarantined. It integrates with FortiGate and FortiMail, enhancing email and endpoint protection. The platform facilitates analysis of suspicious activities, safeguarding network data and ensuring efficient handling of zero-day attacks. While offering customization options and AI-driven insights, challenges such as complex deployment, price considerations, and support response times are acknowledged. Improvements in third-party integration, endpoint protection, and email scanning capabilities are areas for growth.
What are the key features of Fortinet FortiSandbox?Industries implementing Fortinet FortiSandbox commonly value its malware detection and network security benefits. It's crucial for companies needing to inspect file threats and analyze suspicious activities, especially in sectors dependent on secure email and data transfer. Its ability to integrate with existing Fortinet solutions makes it an attractive prospect for those aiming to strengthen network integrity and avert potential cyber threats efficiently.
Trellix Network Detection and Response provides robust threat protection with advanced detection of zero-day attacks and APTs. Its user-friendly dashboard and real-time response capabilities enhance security and visibility across networks.
Trellix Network Detection and Response stands out with its MVX engine, leveraging virtual machines for comprehensive behavioral analysis. The solution supports detection of advanced cyber threats through features like sandboxing and application filtering, offering real-time response and packet capture for detailed contextual insights. Companies benefit from seamless integration with other platforms, enhancing usability and overall protection. User-friendly interfaces improve network visibility, while stability and ease of configuration safeguard against both signature-based and signature-less threats.
What key features does Trellix offer?Companies in sectors like finance, healthcare, and enterprise security utilize Trellix Network Detection and Response for tasks such as network intrusion detection, endpoint protection, and securing data transmission paths. It aids in threat investigations, pre-sales demos, and network forensics, reducing risks by protecting against cyber threats like phishing.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
