Try our new research platform with insights from 80,000+ expert users

SonicWall Capture Advanced Threat Protection vs Trellix Network Detection and Response comparison

SonicWall and Trellix are both solutions in the Advanced Threat Protection (ATP) category. SonicWall is ranked #23 with an average rating of 9.0, while Trellix is ranked #12 with an average rating of 7.8. SonicWall holds a 1.6% mindshare in ATP, compared to Trellix’s 3.9% mindshare. Additionally, 100% of SonicWall users are willing to recommend the solution, compared to 97% of Trellix users who would recommend it.
SonicWall Capture Advanced ...
Read 9 SonicWall Capture Advanced Threat Protection reviews
  • 436 Views
  • 410 Comparison Views
100% willing to recommend
Trellix Network Detection a...
Read 40 Trellix Network Detection and Response reviews
  • 2,271 Views
  • 1,113 Comparison Views
97% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Dec 1, 2024

Trellix Network Detection and Response and SonicWall Capture Advanced Threat Protection are products competing in network security. Trellix appears to have an edge in threat intelligence integration and customer support satisfaction, while SonicWall leads in threat prevention capabilities.

Features: Trellix provides dynamic analytics, real-time data visualization, and effective threat intelligence integration. SonicWall offers cloud-based multi-engine sandboxing, comprehensive zero-day threat prevention, and robust firewall capabilities for enterprises.

Room for Improvement: Trellix could enhance its zero-day threat handling speed, expand its threat database for faster identification, and improve real-time response capabilities. SonicWall might improve its ease of configuration, reduce complexity in deployment, and offer more granular reporting features.

Ease of Deployment and Customer Service: Trellix ensures quick deployment and seamless integration with existing systems, backed by comprehensive support. SonicWall's deployment is more complex due to extensive configuration options but offers flexible network arrangements and strong support channels.

Pricing and ROI: Trellix is cost-effective, focusing on minimizing setup expenses while maximizing returns through efficient threat detection. SonicWall has higher initial costs justified by long-term threat prevention benefits, providing substantial ROI through its extensive protection features.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed SonicWall Capture Advanced Threat Protection vs. Trellix Network Detection and Response Report (Updated: December 2025).
Buyer's Guide
SonicWall Capture Advanced Threat Protection vs. Trellix Network Detection and Response
December 2025
Download the complete report
Helped 881,082 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SonicWall Capture Advanced ...
Ranking in Advanced Threat Protection (ATP)
23rd
Average Rating
8.0
Reviews Sentiment
7.4
Number of Reviews
9
Ranking in other categories
No ranking in other categories
Trellix Network Detection a...
Ranking in Advanced Threat Protection (ATP)
12th
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
40
Ranking in other categories
Network Detection and Response (NDR) (10th)
 

Mindshare comparison

As of January 2026, in the Advanced Threat Protection (ATP) category, the mindshare of SonicWall Capture Advanced Threat Protection is 1.6%, up from 0.9% compared to the previous year. The mindshare of Trellix Network Detection and Response is 3.9%, up from 3.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Advanced Threat Protection (ATP) Market Share Distribution
ProductMarket Share (%)
Trellix Network Detection and Response3.9%
SonicWall Capture Advanced Threat Protection1.6%
Other94.5%
Advanced Threat Protection (ATP)
 

Featured Reviews

Mohamed Fouad - PeerSpot reviewer
Mohamed Fouad
Cybersecurity Team Leader at EMAK For Integrated Solutions
Advanced sandboxing has protected our environment and stops unknown threats in real time
The most capable feature of SonicWall Capture Advanced Threat Protection is the accurate verdict of the file, and I have used many other types of sandboxing, but using SonicWall Capture Advanced Threat Protection is truly helpful for our organization. In my experience, the best features SonicWall Capture Advanced Threat Protection offers include accuracy for the submitted files, and one of the most valued features is its usability, as it is so usable and helpful to integrate with other solutions, making it a fantastic product overall. It is easy to set up and connect SonicWall Capture Advanced Threat Protection with other solutions, as it can be integrated with many products, supporting real-time memory inspection, rapid signature deployment, broad file type support, and block until verdict capability, along with flexible configuration, while providing comprehensive reporting. SonicWall Capture Advanced Threat Protection supports sandbox evasion techniques, which is important since sophisticated malware increases the evasion capability to detect and deceive sandboxing environments. SonicWall employs deception techniques simulating user interaction or fake high volume targets to determine when custom malware can still potentially bypass detection through environment-aware code. SonicWall Capture Advanced Threat Protection positively impacts our organization by helping us stop advanced persistent threats, as we have defined our targeted adversaries and increased security for our organization.
Read full review
Jose Vargas - PeerSpot reviewer
Jose Vargas
Agente De Servicios Técnicos at a computer software company with 11-50 employees
Has improved threat detection workflows and supports seamless customer monitoring
The best features Trellix Network Detection and Response offers include very good threat detection, and I believe that it is one of the best XDR tools. For example, ePO and XDR components are very comfortable and similar to many other tools for this type of monitoring, and I have received very good feedback for this tool. What makes Trellix Network Detection and Response stand out for me compared to other tools is the way you can detect threats. It is very easy and comfortable to use, and the detection shows clearly on the screen, which is very easy to understand. Regarding the features, I think that the integration with other platforms is very comfortable with the customer because we can integrate it with any switch or firewall, and it is comfortable to add this tool. Trellix Network Detection and Response has positively impacted my organization as I have improved my knowledge about detection and response. I have already used some other tools such as CrowdStrike and Umbrella, but Trellix is one of the best that I have tested. I believe that for my organization, Trellix has helped a lot with detection and supported our customers effectively. Trellix Network Detection and Response is a great tool that integrates with a lot of security tools such as Palo Alto, which is a good firewall. If you have these types of tools, your organization would benefit greatly.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"They have a large database of commonly known things that they can catch automatically, then they have anything which is questionable go to the sandbox and be examined there before going into our network."
"I like this setup for a firewall. You can set things up very easily and you can automate items as well. It's a very robust firewall solution for enterprise as well as small businesses."
"The ATP (Advanced Threat Protection) on scanning is the most valuable feature."
"In my experience, the best features SonicWall Capture Advanced Threat Protection offers include accuracy for the submitted files, and one of the most valued features is its usability, as it is so usable and helpful to integrate with other solutions, making it a fantastic product overall."
"We get alert messages whenever there is a new threat. We are notified at the firewall level that things are blocked, which keeps us in our comfort zone."
"It also has an easy configuration. The feedback that we get from our customers is that it's a good product."
"We use it for protection against viruses and ransomware attacks."
"The reporting that you get from it is the most valuable feature. You can see it via the appliance itself, and also via the MySonicWall account for the registered device. You are able to select the file if it's malicious, and you can select it in the reporting and see what triggered it, and things like that. I found that to be quite useful."
More SonicWall Capture Advanced Threat Protection pros
"Very functional and good for detecting malicious traffic."
"Initially, we didn't have much visibility around what is occurring at our applications lower level. For instance, if we are exposed to any malicious attacks or SQL injections. But now we've integrated FireEye with Splunk, so now we get lots of triggers based on policy content associated with FireEye. The solution has allowed for growth and improvement in our information security and security operations teams."
"The installation phase was easy."
"The features that I find most valuable are the MIR (Mandiant Incident Response) for checks on our inbound security."
"Trellix Network Detection and Response helps increase response to attacks. One benefit is increased visibility and simplicity in maintaining it. AI analyzes and relates data based on past performance over the last five days."
"The solution can scale."
"Over the thirteen years of using the product, we have not experienced a single compromise in our environment. During the COVID period, we faced numerous DDoS attacks, and the tool proved highly effective in mitigating these threats."
"Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening."
More Trellix Network Detection and Response pros
 

Cons

"If anything at all, it would be some very minor updates that need to be done, but in terms of changes, nothing comes to mind."
"SonicWall Capture Advanced Threat Protection needs to reconsider the pricing, especially in the cloud environment."
"I would say the solution needs a much simpler user interface, but the functionality of the firewall is quite extensive. You need the user interface to be that way. However, if there was a way to make the user interface a little easier, that would be great."
"Could provide online training to allow customers to learn more about the product."
"SonicWall had a recent layoff. This is a concern for us, because now we are missing the local presence from both the engineering and sales side."
"We would like to get immediate alerts from the alerting system without using third-parties."
"I would like to have better documentation before starting with deployment because the deployment is a bit complex."
"The setup needs improvement. It needs to be made more user-friendly."
More SonicWall Capture Advanced Threat Protection cons
"A better depth of view, being able to see deeper into the management process, is what I'd like to see."
"I would like to see in Trellix Network Detection and Response more explanation about some details of the threat, and I wish it had more actions that you can take to contain the host or move it somewhere else."
"Technical packaging could be improved."
"The initial setup was complex because of the nature of our environment. When it comes to the type of applications and functions which we were looking at in terms of identifying malicious threats, there would be some level of complexity, if we were doing it right."
"FireEye Network Security should have better integration with other vendors' firewalls or proxies, such as Palo Alto and Fortinet. Files that are being submitted should happen through the API or automatically."
"If you want to search the hashes in the environment, you need to put in IOCs one by one, making it a very hectic job."
"Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official distributor and partner of FireEye, and we have access to complete documentation about how to configure or implement this technology, but for customers, very limited documentation is available openly. This is the area in which FireEye should evolve. All documents should be easily available for everyone."
"Technical support could be improved."
More Trellix Network Detection and Response cons
 

Pricing and Cost Advice

"The best deal from SonicWall is to buy the HA pair. When you buy the initial one, you receive the second one at a significant discount. If there is an event and something happens to one firewall, then you have the second firewall to roll into. For the price, it's pretty to tough to beat and not a lot of other firewall vendors offer it. You battle for a discount on both. Where with SonicWall, if you buy one, the second one is at half price. It's pretty straightforward."
"It's thirty dollars per user and we have 30 users."
"We get our value for our money."
"When you compare it with other solutions, they are cheaper and more economical."
"We're partners with Cisco so we get a reasonable price. It's cheaper than Palo Alto in terms of licensing."
"Its price is a bit high. A small customer cannot buy it. Its licensing is on a yearly basis."
"The pricing is fair, a little expensive, but fair. We've evaluated other products, and they're similarly priced."
"Pricing and licensing are reasonable compared to competitors."
"It's an expensive solution."
"There are some additional services that I understand the vendor provides, but our approach was to package all of the features that we were looking to use into the product."
"Because of what the FireEye product does, it has significantly decreased our mean time in being able to identify and detect malicious threats. The company that I work with is a very mature organization, and we have seen the meantime to analysis decrease by at least tenfold."
"The pricing is a little high."
More Trellix Network Detection and Response pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Advanced Threat Protection (ATP) solutions are best for your needs.
See recommendations
881,082 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
No data available
Comms Service Provider
13%
Manufacturing Company
12%
Financial Services Firm
11%
Government
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise3
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise8
Large Enterprise19
 

Questions from the Community

What needs improvement with SonicWall Capture Advanced Threat Protection?
SonicWall Capture Advanced Threat Protection needs to reconsider the pricing, especially in the cloud environment. The product is good overall, but the GUI needs to be more stable. I chose nine out...
See all answers
What is your primary use case for SonicWall Capture Advanced Threat Protection?
My main use case for SonicWall Capture Advanced Threat Protection is that it helps us with sandboxing for analyzing and inspecting unknown files and URLs. A quick specific example of how I've used ...
See all answers
What advice do you have for others considering SonicWall Capture Advanced Threat Protection?
I advise others looking into using SonicWall Capture Advanced Threat Protection to consider that it is truly helpful and very important to have great sandboxing with advanced threat protection to s...
See all answers
What do you like most about FireEye Network Security?
We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement an...
See all answers
What is your experience regarding pricing and costs for FireEye Network Security?
My experience with pricing, setup cost, and licensing for Trellix Network Detection and Response is very great.
See all answers
What needs improvement with FireEye Network Security?
I would like to see in Trellix Network Detection and Response more explanation about some details of the threat, and I wish it had more actions that you can take to contain the host or move it some...
See all answers
 

Comparisons

Fortinet FortiSandbox vs SonicWall Capture Advanced Threat Protection Logo
Fortinet FortiSandbox vs SonicWall Capture Advanced Threat Protection
Compared 29% of the time
Microsoft Defender for Office 365 vs SonicWall Capture Advanced Threat Protection Logo
Microsoft Defender for Office 365 vs SonicWall Capture Advanced Threat Protection
Compared 28% of the time
Palo Alto Networks WildFire vs SonicWall Capture Advanced Threat Protection Logo
Palo Alto Networks WildFire vs SonicWall Capture Advanced Threat Protection
Compared 22% of the time
Red Canary vs SonicWall Capture Advanced Threat Protection Logo
Red Canary vs SonicWall Capture Advanced Threat Protection
Compared 21% of the time
More SonicWall Capture Advanced Threat Protection Competitors
Fortinet FortiSandbox vs Trellix Network Detection and Response Logo
Fortinet FortiSandbox vs Trellix Network Detection and Response
Compared 9% of the time
Palo Alto Networks WildFire vs Trellix Network Detection and Response Logo
Palo Alto Networks WildFire vs Trellix Network Detection and Response
Compared 8% of the time
Darktrace vs Trellix Network Detection and Response Logo
Darktrace vs Trellix Network Detection and Response
Compared 5% of the time
Trend Micro Deep Discovery vs Trellix Network Detection and Response Logo
Trend Micro Deep Discovery vs Trellix Network Detection and Response
Compared 5% of the time
Zabbix vs Trellix Network Detection and Response Logo
Zabbix vs Trellix Network Detection and Response
Compared 5% of the time
More Trellix Network Detection and Response Competitors
 

Product Reports

Buyer's Guide
SonicWall Capture Advanced Threat Protection
January 2026
SonicWall Capture Advanced Threat Protection reportDownload SonicWall Capture Advanced Threat Protection product report
Buyer's Guide
Trellix Network Detection and Response
January 2026
Trellix Network Detection and Response reportDownload Trellix Network Detection and Response product report
 

Also Known As

No data available
FireEye Network Security, FireEye
 

Overview

SonicWall Capture, a cloud based service available with SonicWall firewalls, revolutionizes advanced threat detection and sandboxing with a multi-engine approach to stopping unknown and zero-day attacks at the gateway, and with automated remediation. Customers benefit from high security effectiveness, fast response times and reduced total cost of ownership.

SonicWall

Detect the undetectable and stop evasive attacks. Trellix Network Detection and Response (NDR) helps your team focus on real attacks, contain intrusions with speed and intelligence, and eliminate your cybersecurity weak points.

Trellix
 

Sample Customers

Wonder Cement, Foster Clark Products
FFRDC, Finansbank, Japan Advanced Institute of Science and Technology, Investis, Kelsey-Seybold Clinic, Bank of Thailand, City of Miramar, Citizens National Bank, D-Wave Systems
Buyer's Guide
SonicWall Capture Advanced Threat Protection vs. Trellix Network Detection and Response
December 2025
Free Report: SonicWall Capture Advanced Threat Protection vs. Trellix Network Detection and Response
Find out what your peers are saying about SonicWall Capture Advanced Threat Protection vs. Trellix Network Detection and Response and other solutions. Updated: December 2025.
DOWNLOAD NOW
881,082 professionals have used our research since 2012.
See our SonicWall Capture Advanced Threat Protection vs. Trellix Network Detection and Response report.
See our list of best Advanced Threat Protection (ATP) vendors.

We monitor all Advanced Threat Protection (ATP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.