Trend Micro Deep Security Reviews

We recommend the use of this solution to our clients, both with virtual and traditional servers.

This has helped our customers keep up to date with security patches. Many customers do not patch their software after a new purchase has been released because there are a lot of other technologies and considerations to be carried out. It takes time to go through all of these, and some customers have not been patched for many years. Especially for those customers, this solution will protect them against those vulnerabilities.

The most valuable feature is the virtual patching. This offers protection of the application before it can be patched by the actual vendor.

Some areas for improvement are:

• There are new additions to the standard product that should be included with the Deep Security version.
• When implementing this solution, sometimes we have challenges with SQL migration.
• Some of our customers complain about the cost of this solution.
• I would like to see an AI component added to the next release of this solution.
• The agent-based version has performance issues and they have to make it more lightweight.
• The forensic analysis capability needs to be improved.

This is a stable and well-known solution in the market. It is especially well-known for use in virtualized server networks. 

We have not faced scalability issues whatsoever. This solution is commonly used for servers, and not in workstations. We only recommend it for the customer's servers.

There are different service levels available for technical support.

When a problem occurs then we collect the logs and submit them. There is some time lost here because we do not always immediately deal with somebody who has sufficient expertise with the solution. This is something that we would like to see change. 

Generally, reaching technical support is fine, but in terms of having problems resolved, it varies. Sometimes it can take three days, while other problems can take three months.

The complexity of the initial setup depends on the customer's environment. There are different methods of deployment. If it is an agentless deployment then there are prerequisites for that. The agent-based version is a bit easier to set up than the agentless version.

They have to go through setting up policies, which will take time to implement and fine tune. They have to make sure that the solution is communicating with the management server, and that there are no conflicts with other applications that are running. If there is anything that is broken or should not be running, then that is fixed. Once the initial application is perfectly up and running without any issues, and the policies have been fine-tuned, there should not be an issue.

Depending on the customer's environment, the deployment time varies. We have deployed some solutions in one day, while others have taken months to complete the fine-tuning. 

Generally, for any implementation, we will not use more than two staff. For cases with more than one hundred machines, this can be a challenge during deployment. 

We do the complete deployment and implementation of this solution for our clients.

We resell a variety of products, some of which are similar to the Trend Micro solution, but our recommendation depends on our customer's requirements. Some customers will demand a particular vendor, such as Trend Micro, while others will specify that they do not want to use solutions by a specific vendor. In these cases, we work on alternative solutions for our clients.

Some of the other options our clients consider are solutions by McAfee, Kaspersky, and Symantec. 

It is important to implement this kind of solution because many people do not have security on their servers. This includes the vulnerability patching that should be done.

This solution has improved over time. They have been introducing third-party plug-ins and integration, and there is a cloud version available as well. 

I would rate this solution a seven out of ten.

The HIPS feature, as well as the monitoring around the file integrity, are very valuable aspects of the solution. 

The vulnerability scanning reduces false positives by quite a bit.

The client can show as offline sometimes, and that becomes a bit difficult for troubleshooting. We end up basically redeploying the client. This is something that could be improved in the future.

It would be helpful if they added more machine learning into the solution in the future.

The solution is largely stable, except for the fact that when the client communication breaks, you end up troubleshooting and you sometimes have to redeploy to get the client to establish the connection again.

The solution is good from a scalability perspective. It doesn't take much effort.

Technical support is okay. I would rate them 7.5 out of ten. My experience with Trend Micro has been that if there are issues with respect to databases, it takes time for them to resolve the problem.

The initial setup is straightforward. From a deployment perspective, I would say all vendors are quite similar.

We largely work with enterprise-level organizations.

I advise others to make sure that any recommendations in terms of system requirements that have been given to them are followed properly. 

I would rate the solution 8.5 out of ten.

Our primary use case for this solution is to prevent DDoS and other types of attacks from internal or external sources.

This solution protects us against different types of attacks, including email phishing, and it includes spam filtering. There have been some spam cases that we found recently and Trend Micro had already detected them. It caught EXE files in email and we put policies in place to block Excel attacks.

There are daily updates and we can even protect the internal workstations from viruses.

The most valuable features are web security, email filtering, and content filtering. The user interface is very friendly, and it is easy to control things from the policy.

The support for email protection can be improved.

I have been using different Trend Micro products in 2009 or 2010. For me, this is the best on the market.

This product scales very easily. We have more than one hundred and thirty licenses and more than five thousand users.

The people who use this solution are experts in networking and cybersecurity. All of them are CCIE certified.

We will be increasing our usage by adding another site. Right now we are using an MDRC (Mobile Disaster Recovery Center), but within two or three months, we will have a PDC (Primary Data Center).

When we call technical support they respond immediately. They are local and we have met them three or four times in the last couple of months. After they visited our office, we had a discussion with them.

We get very good support from them, and we appreciate it.

We have been using Trend Micro products and we were happy with them so we went with this solution.

The initial setup for this solution is straightforward.

For the deployment, we are using three cybersecurity engineers and three network security engineers.

We implemented this solution using a local provider in Qatar. The support was amazing. Every day, we received updates from our representative.

I cannot predict the ROI at the moment because we are still planning to implement other areas, such as the PDC.

It is approximately three million Qatari Riyal ($820,000 USD) for our licensing fees. The cost is approximately six thousand Qatari Riyal ($1,650 USD) per user.

We did evaluate other options, including Kaspersky. I know that it does not have the capability that we need. We did use it for endpoints, but we were not happy with it at the time.

We would recommend this solution to others. This is based on our security implementation. We are strongly protected through Trend Micro.

I would rate this solution a nine out of ten.

We use it for virtual environment protection.

It has improved functions by bringing us complete security on our clients' virtual environment.

• Security capabilities in a Smart Scan Agent. 
• It provides full protection against vulnerabilities.
• It has the ability to assume and maintain several IT requirements.

It needs better global visibility of the virtual environment.

I would like more security tools which could fit into a DevOps environment.

We use it just for DevOps workloads.

We have used it to deploy a client's DevOps environment.

It has a perfect SaaS which integrates with AWS, offering flexibility to deploy quickly and easily in the cloud.

Purchasing this solution through the AWS Marketplace was secure and quick. We did it as a renewal license for one of our customers. AWS has good prices for a good product.

While it is a good security product, they have to develop better tools to manage it.

I have not tried to integrate it with other products.

Our primary use case is to provide endpoint security for our AWS EC2 instances, covering features, such as host-based firewall, IDS/IPS, anti-malware, and application control.

Deep Security has given us strong protection and configuration of our endpoint security and enables us to bridge the gap between patching windows using the Virtual Patching feature. This allows us to make sure full patching is tested properly in our testing environments before roll out. This especially helps when, like this month, a patch is released which can’t be used, due to stability/performance issues.

• IDS/IPS
• Host-based firewall

I am also currently looking into the newer integrations with our various other security tools.

The training needs improvement. It is expensive (classroom training), and it is often hard to find answers by yourself using the documentation.

I would like them to add EDR features, moving away from traditional signature-based anti-malware.

The product seems very stable. We have only ever had one incident which caused us concern, and Trend Micro identified a way to mitigate it for future occurrences. They also ensured the issue was patched.

It seems to work at the scale that we are currently using it at: Approximately 65 EC2 instances.

Customer service team are fantastic and help provide timely resolution to issues and questions

Configuration in our AWS environment is straightforward and policy-based with inheritance, e.g., making it easy to align with Active Directory. Event-based triggers can automate the correct policy implementation.

It is simple and cost-effective to purchase through the AWS Marketplace, which provides an easy understanding of the scale of the costs. Our organization purchased it through the AWS Marketplace because it is easier to track when added to our AWS bill and convenient purchasing model.

The AWS licensing model is scalable and easy to use, but could do with tiered discounts. I am not sure how well this model will scale when we start to use Auto Scaling with AWS resources.

It provides a comprehensive feature set and a strong security baseline for us with integrations into other security tools.

It integrates with AlienVault USM Anywhere and AWS GuardDuty in our environment.

There are compliance issues of legacy applications and after applying OS security patches. The product's HIPS (Host Intrusion Prevention System) modules do the job for you automatically, without any downtime.

• Hassle-free implementation, no downtime required and no scaling issues at all.
• Very user-friendly interface, easy to understand.

Reports. The default reports provided don't provide much insight.

No stability issues.

No scalability issues.

I would rate tech support in the range of six to eight out of 10. Time to provide solution could be improved.

There is no competition for this product, as no other product provides HIPS, host-firewall, and anti-malware together.

Very straightforward and very easy to implement.

Deep Security SaaS provides security for cloud-hosted servers for only INR 1 RS/hour/server.

I would rate this product at nine out of 10. There is always a chance that it can be improved.

Go for it without any hesitation.

It's made the security guy's life a lot easier. A lot of what it does is automated and it's simple. You put it into place and the security guy just uses it instead of trying to administer it.

The most valuable feature is the direct link to AWS to tell me if a new instance created is unprotected. That's just so valuable to me. When running reports, you see can whether or not your environment is covered.

It also has a full breadth of services that include not just antivirus, but also IDS/IPS and file integrity and vulnerability management. It's really meant for the cloud and is proactive on AWS.

I'd like to have the ability to manage heterogenous clouds so that, for example, AWS and Microsoft are protected with the same security patterns. It already does that, but I think they may have rolled it back recently.

Also, it has great IDS/IPS built in, but I'd like a way to visualize the traffic. This way, there's more of an artistic view of security and the ability to ask question about the data. That would be really beneficial.

We don't have any issues with stability. I will get alerts at times for problems that have already been addressed, but I wouldn't call that instability.

I haven't hit any thresholds that tell me that it's not scalable. We just add servers and agents and keep going. As far as I'm concerned, it'll scale for anything.

We had a little bit of trouble when we first implemented the tool. We couldn't configure something, but it was our own problem as we weren't reading the documentation. We ended up calling implementation support, and they were excellent. They were patient and walked us through the process. They didn't charge us a dime. Since then, we haven't had to use support other than providing our feedback to the product teams.

The initial setup was pretty straightforward. We were novices to the cloud anyways, so we were struggling with some of the ideas. But I think that if you're acclimated with AWS, it's pretty straightforward. We were struggling to learn cloud concepts and we couldn't understand how to ping horizontal scaling versus vertical scaling.

Think about it. It's for the cloud and not meant to be retro-fitted. You're not managing a core server and it's got elastic scalability up and down from a cost perspective. You just pay per agent. If you don't need a server anymore, you don't pay.

When you implement and install, really learn how to set up the dashboard. You have to have a good intimate knowledge of your environment. Take the time to learn the product; don't just plug it in because it's not meant for that.

It's used as a part of our managed solutions. Security is key for them because we have seen a lot of ransomware in the past. We do very well on security side, whether it is application network or a host-based security. This is one of the offerings that we offer to our customer by default.

As it is a core part of our managed services, it integrates with other products which revolve around patch management. We have our own IP which takes care of the actual patch management that we leverage. We also have a lot of monitoring platforms with a single, integrate dashboard taking the data from the APIs.

Previously, a lot of attacks happened. 

Sometimes, you have your files which you don't want anybody to change. With this product, you can monitor that very easily. Therefore, whenever someone tries to play with that file, you receive an alert.

For day-to-day efficiency, it provides a good dashboard, so our team can be active 24/7 instead of doing a lot of manual stuff. We just look at the dashboard, and it's all done.

• Anti-malware
• IPS
• IDS
• Prevention against the ransomware
• File integrated monitoring
• Virtual patching

Every module is important because it serves a different purpose.

Because a lot of vulnerabilities are coming out, we work with a lot of large enterprises using virtual patching. It is very difficult to patch, because you have to take approvals, and go through the cycle, as there is a proper process in place. However, if you have virtual patching, it makes it easier, and you are protected as soon as the patch is released.

It needs to improve its integration with a lot of other products. This should be in the road map because we have a lot of SaaS-based appliances which are not connected with each other. Thus, I'm looking forward to more integrations coming together as a part of the product.

Going forward, I would like to have more APIs and integration with more application monitoring intelligence platforms.

Stability-wise, it is one of the best in the market. However, since a lot of innovation is happening, it comes with a lot of risk as well. Certain times, we have seen where a customer is being attacked irrespective of if the product was there. The reason is that patch is not available. While I know the team who works on it does a lot proactively, sometimes things get missed out.

We have customers in five to six different regions, ranging from Japan, Korea, Singapore, India, and the U.S. We use it for a lot of our customers (about 90 percent). Their size ranges from 500 servers to thousands of servers. We work with a lot of enterprises, including Telco, retail, government sector, and media.

We are very well-connected with our technical support. Most of our team is quite trained on the product. 95 percent of the time, our team doesn't need the technical support team's help.

The integration and configuration in our AWS is user-friendly. When you work with enterprise, you have a multi-cloud strategy. We can deploy it in AWS and use it in other clouds as well. So, it is pretty robust.

In the case of ransomware, every time it happens, for every machine that you have, you have to pay something like $400 USD or more. With Trend Micro, you are paying a couple of dollars every month to save the environment, and you don't have to go into that part where you pay a hacker to get back your data. Therefore, it's a good ROI, though it's an investment.

We are an original partner with AWS, so a couple of customers chose to directly take it from AWS Marketplace. A couple of customers will want us to take care of the billing. So, it's a mixed type of reaction that we receive from the customer. Eventually, for us, it matters that customers are secure.

The customers can deploy in their environment and the licensing model goes through our reseller.

The price is reasonably good as compared to other products into the market.

There are products, like Symantec, but Deep Security from Trend Micro is quite helpful for us. It is being absorbed by a lot of customers, whether they belong to an enterprise or the public sector. It is highly adopted.

We went with Trend Micro because it was more cloud native, the architecture was more on the high availability side of it, and it had the the implementation that we wanted.

Do your evaluation well. After the core evaluation, choose what fits best for your customer.

I used to previously work with on-premise solutions and private cloud. Now, I work with AWS.