Cisco Secure Network Analytics vs. Trellix Endpoint Security ENS

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Cisco Secure Network Analytics
Score 8.3 out of 10
N/A
Cisco Stealthwatch is a network behavior analysis product based on technology acquired by Cisco with its Lancope acquisition in 2015.N/A
Trellix Endpoint Security ENS
Score 8.1 out of 10
N/A
Trellix Endpoint Security (ENS) solutions apply proactive threat intelligence and defenses across the entire attack lifecycle to keep organizations safer and more resilient.N/A
Pricing
Cisco Secure Network AnalyticsTrellix Endpoint Security ENS
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Cisco Secure Network AnalyticsTrellix Endpoint Security ENS
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
Cisco Secure Network AnalyticsTrellix Endpoint Security ENS
Top Pros

No answers on this topic

Top Cons

No answers on this topic

Features
Cisco Secure Network AnalyticsTrellix Endpoint Security ENS
Endpoint Security
Comparison of Endpoint Security features of Product A and Product B
Cisco Secure Network Analytics
-
Ratings
Trellix Endpoint Security ENS
8.5
14 Ratings
0% below category average
Anti-Exploit Technology00 Ratings8.812 Ratings
Endpoint Detection and Response (EDR)00 Ratings8.013 Ratings
Centralized Management00 Ratings9.014 Ratings
Hybrid Deployment Support00 Ratings8.28 Ratings
Infection Remediation00 Ratings8.013 Ratings
Vulnerability Management00 Ratings8.311 Ratings
Malware Detection00 Ratings9.014 Ratings
Best Alternatives
Cisco Secure Network AnalyticsTrellix Endpoint Security ENS
Small Businesses

No answers on this topic

SentinelOne Singularity
SentinelOne Singularity
Score 9.1 out of 10
Medium-sized Companies
InsightIDR
InsightIDR
Score 8.5 out of 10
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.1 out of 10
Enterprises
InsightIDR
InsightIDR
Score 8.5 out of 10
BeyondTrust Endpoint Privilege Management
BeyondTrust Endpoint Privilege Management
Score 8.7 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Cisco Secure Network AnalyticsTrellix Endpoint Security ENS
Likelihood to Recommend
8.0
(11 ratings)
8.8
(25 ratings)
Likelihood to Renew
8.0
(1 ratings)
-
(0 ratings)
Usability
7.3
(1 ratings)
-
(0 ratings)
Availability
7.0
(1 ratings)
-
(0 ratings)
Support Rating
7.9
(2 ratings)
5.0
(6 ratings)
Implementation Rating
8.0
(1 ratings)
-
(0 ratings)
Ease of integration
8.0
(1 ratings)
10.0
(1 ratings)
User Testimonials
Cisco Secure Network AnalyticsTrellix Endpoint Security ENS
Likelihood to Recommend
Cisco
Few products operate off the Netflow or RAP/SPAN traffic versus the endpoint. Of those products, many operate from the aggregate traffic of uplinks/downlinks, whereas Secure Network Analytics focuses on viewing all traffic to give per-endpoint comprehensive data analytics. SNA is a great product for network visibility and detection, and to preserve that focus, other options such as remediation or quarantined are deferred to other products in the security ecosystem. SNA uses Machine Learning models to determine traffic behavioral compliance, which is a double-edged sword. On one hand, it mitigates zero day attacks changing traffic patterns, but conversely, it requires training to know acceptable traffic patterns. Unfortunately, many adopters of SNA do not spend the time giving it the user input and so the ML models never gets the correct weights and parameters to work from.
Read full review
Trellix (FireEye + McAfee)
It provides great web security and will protect your devices against viruses and malware when paired with other security software and hardware. For instance, we have multiple layers of security set up so if McAfee misses something then one of our other barriers will catch the infection or intrusion before it reaches the network. I would not suggest using this product as a standalone agent because I do not think it will be as effective when working by itself. The dashboard also makes it convenient to manage devices, policies, and settings from wherever you are so it's an ideal solution for any IT department to use. I would just suggest using something else as a backup so your network isn't left vulnerable.
Read full review
Pros
Cisco
  • A silent tool.
  • A great way to get visibility of all the conversations of the network.
  • Easy to find out the internal and the external threats.
  • Easy to track performance.
  • Network monitoring is very easy to understand and control.
  • Attacks can be easily detected along with encrypted traffic.
  • Historic records of the attack and reports make it even better.
Read full review
Trellix (FireEye + McAfee)
  • Provides high fidelity alerting.
  • Allows CSOC analysts to perform forensic triage and alert investigations through containment from a single pane of glass.
  • Provides alert telemetry across on-disk and in-memory attacks.
  • Supports many additional 'bolt-on' modules to provide additional alert context or capabilities.
Read full review
Cons
Cisco
  • There are things that you can search for a particular type of traffic, but you cannot create an alert to alert on that type of traffic. An example of that is a particular encryption type. So like RC4 encryption is prohibited within DHS. I can search for traffic using it, but I can't create a rule alerting on that traffic type.
Read full review
Trellix (FireEye + McAfee)
  • The amount of false detections especially the negative ones needed to be reduced.
  • It requires more optimization. It tends to make the PCs slower.
  • It almost doesn't have the ability to heal. This is very important as we need our sensitive data to be recoverable.
  • It doesn't have any free scanning functionality. Our users using personal machines cannot scan in case of an incident. This could be added like Malwarebytes.
Read full review
Likelihood to Renew
Cisco
Cisco Secure Network Analytics is a fantastic tool, but does require some setup and upkeep which may turn off smaller IT Security teams. However, once all the flows are set up and the product is functioning with the proper rules, the insight into your network is fantastic. For us, the product has a significant ROI and will be a product we keep up on.
Read full review
Trellix (FireEye + McAfee)
No answers on this topic
Usability
Cisco
Strong and complete tool which gives comprehensive methods to discover cyber security incidents and prevent data leakage. In case of common use of Cisco StealthWatch and Cisco ISE, you will receive [the] ability [to] not just discover cyber security incidents but also dynamically respond to them. This makes StealthWatch one of most valuable products through[out] [the] whole Cisco Security product portfolio.
Read full review
Trellix (FireEye + McAfee)
No answers on this topic
Reliability and Availability
Cisco
We haven't had too many issues with the uptime and availability of CSNA, but the application does have a lot of dependancies and we have seen issues after an upgrade that caused an outage for several hours.
Read full review
Trellix (FireEye + McAfee)
No answers on this topic
Support Rating
Cisco
Overall winner because it exceeds our expectations by answering all our requirements and at the same time empowers our operations thru other built-in capabilities it has. Visibility is a key to security operations and Cisco StealthWatch really gives us a magnifying glass to check all logs in the network for threat intelligence and threat hunting.
Read full review
Trellix (FireEye + McAfee)
The support of product was very good when we initially implemented the solution. We were getting fats replies and could see the customer approach. After a while the level of support was not following the SLA's and the replies were getting very confusing and late.
Read full review
Implementation Rating
Cisco
Implementation of the product can be tedious, especially fine tuning its rules to customize it to your environment. However, after that is done, CSNA is a very useful and flexible product that would enhance the security posture of any corporate network.
Read full review
Trellix (FireEye + McAfee)
No answers on this topic
Alternatives Considered
Cisco
After integrating and developing a lot of security features in MF NNM, we were not able to meet the requirements from the customer. After the alternative research, we got to know about this Cisco Secure Network Analytics tool and after implementing the same, we finally were able to win CSAT. MF NNM had a support-related issue as well. It took more than a month to solve for couple of issues frequently. Whenever there is a problem or need their support, reaching out to them has always been a challenge.
Read full review
Trellix (FireEye + McAfee)
Unlike Trellix Endpoint Security Symantec Endpoint provides less information about events on the user side. Trellix give an opportunity to see information about virus detection on a user machine as quick as it possible, so we were able to catch the signs of virus propagation early and prevent the spread of damage
Read full review
Return on Investment
Cisco
  • It is a little pricey - in my organization, with budget cuts, I eventually had to replace it with an open source product (NTOP). While it works well for visibility, it simply isn't the same. If you can afford it, don't bother looking anywhere else - just get it.
  • Being able to detect, pivot out, and remmediate from one console was awesome.
Read full review
Trellix (FireEye + McAfee)
  • From an auditing standpoint, we can show that our workstations/servers are protected.
  • Even though it cant identify more advanced/targeted malware, it is still good to identify the more obvious malware which occurs daily in my enterprise.
  • Since it can be easily deployed, the products can easily get deployed on all systems in the environment for optimal anti-malware protection.
Read full review
ScreenShots

Trellix Endpoint Security ENS Screenshots

Screenshot of The Monitoring workspace presents actionable endpoint threat detection without the noise.Screenshot of Automatically identify the key findings without requiring manual evaluation of each individual artifact.Screenshot of Visualization displays relationships and speeds analyst understanding.Screenshot of AI-guided investigations automatically provide answers to typical questions asked during a security incident and highlight the most relevant evidence.