Top Rated
43 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 9 out of 100
10 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener'>trScore algorithm: Learn more.</a>
Score 8.9 out of 100

Attribute Ratings

  • Cisco Identity Services Engine (ISE) and Trellix Network Security are tied in 1 area: Likelihood to Recommend

Likelihood to Recommend

9.0

Cisco Identity Services Engine (ISE)

90%
18 Ratings
9.0

Trellix Network Security

90%
1 Rating

Usability

7.3

Cisco Identity Services Engine (ISE)

73%
2 Ratings

Trellix Network Security

N/A
0 Ratings

Support Rating

5.9

Cisco Identity Services Engine (ISE)

59%
8 Ratings

Trellix Network Security

N/A
0 Ratings

Likelihood to Recommend

Cisco

Overall, management is not terrible if you have a stable network that is not overly complex. If you don't, this product will take considerable time to plan for an effective solution. I will say support is not very helpful, so if you need assistance after the initial sales rep assisted setup, good luck and be prepared to spend hours on the phone.
Read full review

Trellix (FireEye + McAfee)

It’s a dedicated Network Advanced Threat Detection and
Prevention solution. Easy maintenance and low operating costs fit perfectly for
SMEs. Variety of appliance selection makes NX the perfect choice for large
enterprises. As it’s a dedicated solution with its own appliance, price is higher
compared to NGTP add on solutions. FireEye is an ecosystem therefore when you’ve
the EX or HX vice versa, you should be looking to NX. Otherwise, you’re missing
the threat intel exchange on the network side reverse is the true. Sizing is
important before the purchase, if you select a low end model for a busy network
you lose your initial investment. For multiple NX deployments I highly
recommend CMS. Without CMS you’ll lose the threat intel exchange and this will
negatively reduce the risk scores.
Read full review

Pros

Cisco

  • Manage high-privilege access to communications equipment. It allows to be granular in the permissions, to have it integrated with the LDAP users and, most importantly, to audit what tasks each user performed.
  • Profile users and devices and assign privileges and access levels based on that combination. It greatly improves the user experience, since it does not depend on the network it is in, but on the access levels it has depending on the device. It also allows self-managed guest access with approval flow, which is essential for our business.
  • It has also allowed us to automate actions based on findings from StealWatch, Umbrella, AMP, etc.
Read full review

Trellix (FireEye + McAfee)

  • Advanced detection of targeted attacks.
  • Mandiant team effort is a big plus.
  • Inline mitigation capabilities particularly well.
  • Different deployment models for specific needs.
  • License and information sharing selection 1 way or 2 way mode.
  • Frequent updates.
  • Low false positive rates.
  • FireEye sandboxing is immune to sandboxing attacks.
  • Central management (CMS) capabilities for managing several NX's.
  • Extra IPS/IDS functionality in the product.
  • Smartvision specific to lateral movement detection.
  • Upgrades and updates with zero down time.
  • Local FireEye support is superb.
  • Multiple deployment scenarios (span, inline) in the same NX for different interface pairs.
  • SSL inspection support.
  • No need to maintain, build or updates the images. It's highly automatic.
Read full review

Cons

Cisco

  • ISE could really make improvements on software updates and patches. The updates and patches typically take a very long time to install.
  • ISE could improve some of its technical documentation on how to implement certain features that ISE can offer.
Read full review

Trellix (FireEye + McAfee)

  • Very first detected APT sample can pass the NX even it's inline blocking mode.
  • Performance optimization for busy networks is cumbersome.
  • CMS does not provide all the management capabilities, CLI or local config. Should be done for advanced customization.
  • Constant limitations of tcpdump/ packet capture for 10G interfaces.
  • IPS functionality is a bit cumbersome, not a full feature IPS, lack of signatures and customization of IPS signatures.
  • It's not a full NDR solution or a UBA solution.
  • Lack of device or user mapping.
  • Forensics is based on the specific APT. May not provide the whole story and need some additional tools.
  • You cannot make manual submission to NX (needs AX).
  • You cannot access the kernel directly for deep analy[sis] or troubleshooting (assist from FireEye Support should be taken).
Read full review

Pricing Details

Cisco Identity Services Engine (ISE)

Starting Price

Editions & Modules

Cisco Identity Services Engine (ISE) editions and modules pricing
EditionModules

Footnotes

    Offerings

    Free Trial
    Free/Freemium Version
    Premium Consulting/Integration Services

    Entry-level set up fee?

    No setup fee

    Additional Details

    Pricing Info

    Trellix Network Security

    Starting Price

    $0 per appliance/ per mbps

    Editions & Modules

    Trellix Network Security editions and modules pricing
    EditionModules
    SmartVision01

    Footnotes

    1. per appliance/ per mbps

    Offerings

    Free Trial
    Free/Freemium Version
    Premium Consulting/Integration Services

    Entry-level set up fee?

    Optional

    Additional Details

    Pricing Info

    Usability

    Cisco

    For us the solution is very easily useable on its own. Perhaps that has to do because we started using ISE in the 1.2 days and have seen it grow during the years. Policy creation, etc. is all very visible and thus easy to use. Deployment of multiple nodes is also incredibly easy and flexible. You can easily add or remove nodes as you wish.
    Read full review

    Trellix (FireEye + McAfee)

    No answers on this topic

    Support Rating

    Cisco

    Cisco support is second to none, both in terms of how you access support but also the knowledge of the individual support teams. If you focus on one technology and provide "manufacturer support" then you can rest assured that you are accessing Cisco's top individuals. I feel like this is a USP for Cisco support.
    Read full review

    Trellix (FireEye + McAfee)

    No answers on this topic

    Alternatives Considered

    Cisco

    Aruba ClearPass and Cisco ISE are very similar in nature. The biggest differentiator that I have seen is the Cisco ISE ecosystem around native Adaptive Network Controls, programmable interfaces, pxGrid, and Cisco TrustSec environment. Due to the span of products Cisco has in its portfolio, the integrations between these products is both robust and native to each product.
    Read full review

    Trellix (FireEye + McAfee)

    FireEye NX is a solid product. It gives you sustainable
    security throughout the organization. NX detection engines are more capable
    compared to others. Its catch rate is higher, FP rate is lower, [and] speed is
    awesome. NX can work for highly regulated environments with 1 way solution.
    Operation costs are much lower. Software quality is very good. It may have bugs, but these bugs do not compromise the security in general. SOC team loves the
    FireEye NX for its pinpoint detection capabilities. Local and partner support
    is exceptional.
    Read full review

    Return on Investment

    Cisco

    • ISE has allowed us to handle the sticky problem of giving IoT/gaming student devises network access. It allows hands-off management for roughly 2,000 users.
    • Attempting to get posturing and profiling working consistently has been a bear. The workflow is so convoluted it took dozens of man-hours to get it working in a test environment.
    • Centralized TACACS access to NADs has shaved 10-20% of our time spent configuring various boxes.
    Read full review

    Trellix (FireEye + McAfee)

    • As [a] financial company on the digital markets, we need to be safeguard for 0days and targeted attacks. FireEye NX provides the best updated protection with its enhanced capabilities.
    • Security score based on detection/prevention metrics [is] very high ensuring the highest level of security.
    • APTs in our region successfully detected and mitigated by the NX.
    • For the ROI, in a six month period FireEye is paying off its [investment].
    • One negative thing, especially with increasing network bandwidths, [is that] you need to make [the] investment every two or three years.
    Read full review

    Screenshots

    Add comparison