Trellix Network Detection and Response and Fortinet FortiSandbox both operate in the cybersecurity realm, focusing on advanced threat detection and response. Trellix seems to have the upper hand in investigative depth and visibility, whereas Fortinet excels in integration with its product ecosystem.
Features: Trellix Network Detection and Response offers in-depth analysis tools, including the MVX engine and sandboxing technology, enabling advanced threat detection and forensic capabilities. It provides real-time investigation potential and integrates with other security measures for comprehensive security coverage. Fortinet FortiSandbox is known for its seamless integration with other Fortinet products and provides robust sandboxing environments for analyzing malicious files, along with the capability to emulate various operating systems, making it valuable for threat hunting.
Room for Improvement: Trellix Network Detection and Response could improve in managing false positives, customizing virtual environments, and better integrating with third-party solutions. Suggestions also include more straightforward analytics and simplified setup processes. Fortinet FortiSandbox users seek more virtual environment options and better integration beyond the Fortinet ecosystem. Enhancements in ease of using license management and speeding up analysis are also desired.
Ease of Deployment and Customer Service: Both products offer flexible deployment options, whether on-premises, hybrid, or cloud. Trellix is recognized for its responsive technical support and extensive documentation, offering a variety of support contact methods. Fortinet is praised for effective technical support, but its deployment complexity can present challenges. Trellix's proficiency in support contrasts with Fortinet's focus on installation clarity.
Pricing and ROI: Trellix Network Detection and Response is viewed as expensive, but its ROI is justified due to its advanced threat prevention capabilities, making the price barrier acceptable given the security it provides. Fortinet FortiSandbox is usually regarded as reasonably priced, though its licensing can be complex. Both solutions report significant ROI in threat prevention, with Fortinet having a competitive pricing edge despite Trellix's higher cost being backed by its comprehensive capabilities.
Sometimes the technical engineer is very good and helpful, and sometimes we go through many processes until it gets escalated to a higher level or to another advanced technical engineer.
Technical support needs improvement as sometimes engineers are not available promptly, especially during high-severity incidents.
The customer support for Trellix Network Detection and Response is great.
Fortinet FortiSandbox works fine, is easy to manage, and functions well.
I think Fortinet FortiSandbox could introduce more automation tools and AI tools.
There should be improvements in AI intelligence, faster decision-making, and a more responsive technical support team.
I would like to see in Trellix Network Detection and Response more explanation about some details of the threat.
The cost is in the mid-range.
The smooth integrations between Fortinet FortiSandbox and other Fortinet solutions such as FortiWeb and FortiFirewall and with other Fortinet environments are what I really appreciate.
What makes Trellix Network Detection and Response stand out for me compared to other tools is the way you can detect threats. It is very easy and comfortable to use, and the detection shows clearly on the screen, which is very easy to understand.
Trellix NDR provides an essential defense by automatically responding to network incidents that firewalls may not catch.
| Product | Market Share (%) |
|---|---|
| Fortinet FortiSandbox | 5.2% |
| Trellix Network Detection and Response | 3.6% |
| Other | 91.2% |
| Company Size | Count |
|---|---|
| Small Business | 15 |
| Midsize Enterprise | 13 |
| Large Enterprise | 9 |
| Company Size | Count |
|---|---|
| Small Business | 20 |
| Midsize Enterprise | 8 |
| Large Enterprise | 19 |
Fortinet FortiSandbox is a behavior-based threat detection solution that prevents and detects malicious code in files transferred within the organization. It is integrated with FortiGate firewalls and FortiMail for threat protection and can be used for monitoring and reporting. The solution inspects files in a virtual environment with different types of virtual machines and can block or quarantine files based on their score.
The most valuable features include dynamic behavior analysis, manual scan features, easy management and configuration, fast scanning, scalability, customization, and ICAP protocol. The solution is cost-effective and faster than other sandbox solutions, with a good user interface.
Detect the undetectable and stop evasive attacks. Trellix Network Detection and Response (NDR) helps your team focus on real attacks, contain intrusions with speed and intelligence, and eliminate your cybersecurity weak points.
We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
