Trend Micro Deep Discovery Reviews

It's a good fit for organizations that follow strict data regulations and need to keep sensitive data on-premises. In Sri Lanka, for example, financial data cannot be used in the cloud. So, Deep Discovery is a good solution because it's an on-premises device. We can do the sandboxing on-site. This is a strong selling point.

We are distributors. A couple of our customers use this product. There are three customer references in Sri Lanka that use Deep Discovery.

There are some zero-day attacks that we cannot block with regular firewall rules. We need to execute the file to see whether it is truly an attack or not. Sandboxing helps to identify this by safely executing and analyzing suspicious files in an isolated environment.

Moreover, it has some features that stand out compared to other products. For example, we can get live snapshots and instant reports, and we can submit files manually for free.

It is effective at protecting against various threats.  

The custom sandboxing capability is well-received by customers, who appreciate its performance and flexibility.

With the custom sandboxing feature, customers can replicate their own environment within the sandbox, allowing for more accurate threat detection and analysis.

So, the sandbox itself is a major factor. Additionally, the reporting is very good, providing detailed analysis in a short amount of time. It takes just a millisecond to analyze the file. It doesn't take much time. 

Another thing is the integration capability with other Trend Micro products. We can integrate Deep Discovery with, for example, Trend Micro Vision One to gain insights and visibility into network threats and vulnerabilities.

The price range is a little high, which can deter customers from buying the product. 

Additionally, cloud sandboxing features are valuable now, and their inclusion would be a significant improvement. These are points of concern that should be addressed with Trend Micro regarding pricing.

I have experience with it for about three years now.

The product is stable. If you configure the product in the correct way, it runs smoothly without any issues. I can rate it a nine or ten for stability.

I can rate it a ten out of ten for scalability.

The first response time and accountability should be improved.

Neutral

We worked with Sophos, BluVector Cortex and Kaspersky.

There are no difficulties in the setup process. 

The device comes with a preloaded sandbox. We can upload custom sandbox images to the device if needed. The installation is straightforward, documentation is available, and our team is certified as a Deep Discovery Analyzer.

The deployment time depends on the environment. The deployment can take a couple of days or be completed within a day. It depends on the customer providing the necessary resources. 

From the beginning, we need redundant power, network configuration, port forwarding, and other requirements. So, it usually takes two to three days to complete the deployment.

Deployment resources: We can do it with two people. It is usually two to three people. My team and I, for example, have three people involved in the deployment.

Having a sandbox improves our security posture. Traditional security tools cannot detect all zero-day and sophisticated attacks.  

We can't check the monetary value directly, but it can prevent ransomware attacks, spam attacks, and phishing attacks. It helps to avoid enormous losses, which is crucial for any organization.

I would rate the pricing a three out of ten, where one would be very expensive, and ten would be very cheap.

Overall, I would rate it a nine out of ten.

It's been useful in checking network traffic.

The performance and stability are great.

We've been using it to detect any malicious traffic. It confirms any malicious traffic that is detected from other products. It informs us whenever we need to remediate or lock or quarantine or block or disable a workstation. It provides us with the threat analysis, the CVEs. 

The initial setup is easy.

The scalability is sometimes limited. 

I've used the solution for five years. 

The solution is okay. It's been stable for the longest time. There's little degradation of performance. We've been able to maximize the bandwidth allocated to us. The Trend Micro vendor really provided us with good steps in computing the bandwidth that we need and also where to place all the missing sniffing ports. Strategically, they've been very, very helpful to us. The DVI really, really works well for us.

Part of the limitation is the switches. If you want to sniff traffic from a certain segment, you have to have an integrator. There's something where you can put your DDI in the middle of the connection so that you can intercept traffic. You have to purchase that part of the solution.

While the scalability could be better, it depends on the design of our network. The DDI is there. If you want to sniff more segments, you have to have the DDI, however, you have to also calculate your ports and switches, and you have to purchase additional switches if you want more segments to be sniffed.

The solution's technical support is okay. The solution works well, however, and we're benefitting from that aspect of it. 

We get premium support of Trend Micro, so we have no problems with them.

I'm not sure if we previously used a different solution. 

The solution is easy to implement. It's very straightforward. We just deploy the machine. We plug in all the sniffing ports. Then we added another dirty line for the sandboxing, that's it. We're able to get logs from it with no problem.

For Deep Discovery, the deployment took around one to two weeks.

Our vendor handled the deployment for us. 

We're seen a pretty good ROI. Considering the cost incurred if you are infected, it stabilizes cybersecurity and helps save money.

I'm not sure about the licensing aspect of the solution. 

We have an enterprise license and then we just renew it as needed. 

We are not quite at version 5.5.

I'd recommend the solution to others. 

The relationship our company has with Trend Micro is very, very good. They've been very, very supportive of us. We are prioritized whenever we have a problem. 

I'd rate the solution nine out of ten.

Trend Micro Deep Discovery is a very specific product for threat intelligence with smart protection. Trend Micro Deep Discovery is a very good product from a security point of view.

Trend Micro Deep Discovery is a very expensive solution, making it very hard to sell. The solution's initial setup could be made easier for the end users.

I have been working with Trend Micro Deep Discovery for about one year.

I rate Trend Micro Deep Discovery a nine out of ten for stability.

I rate Trend Micro Deep Discovery an eight out of ten for scalability.

Overall, the solution's technical support is pretty good. The solution has a 3-tier system, where one is partner support, then distributor support, and then Trend Micro support. You can purchase the support directly from Trend Micro, where you don't have to open a ticket with the partner or distributor. You just have to open a ticket with Trend Micro, and they will handle the issue. The technical support team's response time is very fast, and they are quite quick.

Positive

The solution's initial setup is not complex, but you must have training or a certified engineer to do it.

Trend Micro Deep Discovery is quite expensive compared to other endpoint security products.

Feature-wise, Trend Micro can add other products to one product or get a new product on top of the security.

Users need to train their IT support department on Trend Micro, especially on the products they buy. If they are not trained, it's very hard for them to understand and run or manage the product. They have to call someone every time they have even small issues. Since users do not always purchase the support directly from Trend Micro, resolving issues takes time, which hurts them.

Overall, I rate Trend Micro Deep Discovery a nine out of ten.

We use the product for signature-based user behavior analysis. It helps us detect threats in virtual environments as well.

The platform provides all essential features for discovery and administration. There is no need for customization options as the features are designed with a user-centered approach. We can identify the root cause of the problem and share the results with the users.

The product's security features need enhancement.

We have been using Trend Micro Deep Discovery for ten months.

I rate the product's stability an eight out of ten.

I rate Trend Micro Deep Discovery's scalability an eight out of ten. We use it 24/7.

The technical support team replies on time in case of any issues.

Positive

The initial setup process is easy. It doesn't require a lot of experience for implementation. It needs five executes for deployment and maintenance.

I recommend Trend Micro Deep Discovery to others and rate it an eight out of ten. I advise others to implement it in a test environment if they use it for IPS and IDS purposes.

I work for a distribution partner company. We use the on-prem, physical model of this solution.

It's intuitive and has a user-friendly interface. It's also flexible. We can put files, web links in this solution through other Windows.

The most valuable feature is that the user can customize images of virtual machines in the sandbox functionality. The other vendors only use images that were created by the vendor but not the customer, end-user or partner. This helps to detect advanced threats and attacks. It helps to clone the internal structure, IT structure of some companies. So you could clone the computer of the director or the financial department and place it to the sandbox. The bad guys who are looking for a way to get into your organization when they get to a computer, they think that it's a real computer. They see software or something connected with finance and they think that this is a real computer and not a laboratory or a sandbox so they run the bad script and think that they're stealing some important information or encrypting some important information. Antivirus solutions can stop attacks when they know how these attacks play out. If we don't know how the attack is going to go, we can't identify it. It customizes the images and Trend Micro helps to identify these unknown attacks.

Different parts of the organization can quickly receive information about the bad scripts. It helps to protect the organization's infrastructure from these attacks. 

We'd like to see more video guides. I'd also like for them to increase the numbers of different virtual images. Now the solution can use only three different images. For example, it's Windows 7, Windows 10, and the Windows servers are 2016. Only three of them at the same time. It would be more useful if the solution can operate with around five or six different images like Windows 7 2019, Windows 8.1. I would like the ability to analyze all files in our internal network, at the same time on different operating systems. Not just three of them, but as many as possible.

It's very stable.

It's a solution for enterprise antivirus protection. It's not for small companies. The price of this solution corresponds to its class.

In my company only I use this solution. It's a stand-alone laboratory. It's a stand-alone server that analyzes files, URLs, and messages from all IT infrastructure in an organization. It's not a solution for one person or 10 people. It's a solution for all employees inside an organization.

We haven't had the need to contact technical support. It's very easy to use. 

The main difference from other solutions is that it uses customized images inside sandboxes. They're similar in functionality. All of them run, scan, and notice every change that some files, some scripts, some links do inside the system. The environment is imported inside the sandbox and in this way, Trend Micro is the leader in the world's markets of sandbox solutions.

The initial setup was straightforward and very easy. You don't need special knowledge or courses to complete an installation of this solution. It's very easy.

We implemented it ourselves. 

I would rate it a ten out of ten. 

Our primary use case of Deep Discovery is as a sandbox. It sorts the DDAN, our on-premise Deep Discovery Analyzer solution, so if Deep Security or Trend Micro isn't able to find out whether a particular file or memory is a threat or not, they will send that file signature or file to the DDAN. The DDAN will then deploy that file inside their virtual sandbox, analyze the implications, and return the result to the concerned agent. We mainly use it for zero-day vulnerability protection. 

Deep Discovery is deployed on-premise. 

One of the most valuable features is the performance, since, so far, we have not faced any issues with Deep Discovery. 

This solution could be improved with faster technical support and cheaper licensing prices. 

We have been using Deep Discovery for a couple of years. 

I'm satisfied with the stability and performance of Deep Discovery. So far, we have not faced any issues. 

In our organization, we have around one thousand licenses for Trend Micro. Whether or not we increase our usage will depend on business requirements. 

Trend Micro's technical support could be better and faster. 

The installation was done by a Trend Micro implementation partner. It took about one or two weeks. 

For deployment and maintenance, we have a team of two engineers and a few managers. 

We implemented Deep Discovery through a Trend Micro partner. 

The licensing cost is a bit pricey. We pay a yearly subscription. 

I rate Deep Discovery an eight out of ten. I would recommend Deep Discovery to others. If people are ready to invest as a capital, then I can recommend a Deep Discovery license. Otherwise, they can go with their cloud-based solution. 

Normally we use the solution to send the traffic. We get traffic on it and once I get the traffic, I get the SPN diagnosis and all the network services diagnostics and whatever else that I run in the office file server. It scans through that. For example, when we download some files, in our portal we are uploading some of the activity documents, as well as Excel and Word documents, etc. They get scanned through and we have DDI Rules that are enabled for the file management. 

Basically, any uploading, downloading, etc. of items from our website server get scanned and analyzed. 

The HTML file sandboxing is very good.

Their technical support is very good and extremely responsive.

The solution, overall, offers very good features.

The licensing costs could be improved and simplified.

If they could integrate the solution with the endpoint agent, that would be ideal. I understand that's not possible currently.

Since this is a technical device, it would be great if they could just allow us to integrate it with some of the existing VMs or our existing devices. These are all central devices. If they can offer the solution on VM boxes, like virtual systems, that would be great. That way, our hardware costs, electricity costs, and database space costs and all can be lowered.

Currently, a solution called Apex One is on the market and it has features that allow for more integrated security. They should try to emulate this a bit more. It has better bundles.

The stability of the solution could be improved. It should be 100% stable, but it's not there right now.

I've been using the solution for more than one and a half years.

Sometimes there needs to be a stability test done. We did tests and checked up to around 20 or 25 samples. Out of those tests, two missed. There were two things that the solution didn't detect but were later detected on the endpoint. It's therefore not completely stable. It misses things.

The scalability of the solution is okay. It's fast.

All of our users are currently on the solution.

The technical support is good. They're immediately in contact with us the moment we reach out to them. That's never been a problem. We've been quite satisfied with the level of service they've provided.

We previously used McAfee.

The solution doesn't have a very common setup. The initial implementation is a bit different. However, anyone can handle it as long as they review the necessary documentation. They just need to read the manual, and then they can handle the implementation. I would suggest it has a medium level of difficulty.

For us, deployment took about three days. That includes configuring the solution as well.

I handled the implementation and the configuration myself with the assistance of the solution's manuals.

I don't handle the licensing. I don't know what the costs are for the solution.

I haven't evaluated the solution, but something called Apex One is now on the market, and it offers better bundles and better integrations in comparison to Trend Micro.

The solution is very nice, but I would suggest to others that they test as many use cases as they can at the beginning.

I'd rate the solution seven out of ten.

We use the solution for its security features. Trend Micro has an MSP portal where you can create customer accounts, assign some licenses, and make your customers use those licenses from a portal. Trend Micro is ahead of its competitors in providing MSP services to customers.

Trend Micro Endpoint Encryption is stable and easy to use. It's very useful for an MSP company, making it easy and efficient to work with.

Security features could be improved.

I have been using Trend Micro Endpoint Encryption for one year.

The product is very stable.

The solution is scalable because it doesn't require an on-premise server installed. Everything is being monitored and managed from the cloud portal, irrespective of the number of agents. You can manage all from one portal.

Vendors are locally present in our country. We contact them via email, etc. We are very flexible with vendor support.

The initial setup is straightforward. One person is enough for it.

An MSP company creates customer accounts from Trend Micro's MSP portal. Then, the customer gets the key. After that, they can log in to the Trend Micro portal. They will see the agent to be downloaded for Windows and Linux. It takes about two or three minutes to deploy.

Deployment can be done by yourself.

The MSP's model and licensing is global and has very reasonable prices. Also, the perpetual license model is reasonable. It's cheap for the assembly companies. Licensing is very straightforward.

Around five to ten technical persons are using the support. We will be able to sell those agents to more than 20 companies.

Only one technical person is enough for a large company for the installation and the management. In terms of management, many logs, alarms, and entries are happening in the portal.

Trend Micro can be a viable option for SMBs looking for a basic EDR or PRT solution. However, for larger organizations or those with highly complex security needs demanding advanced services and sophisticated department knowledge, Trend Micro's capabilities might not be sufficient.

Overall, I rate the solution a seven out of ten.