Cylance, a Blackberry company since the early 2019 acquisition, developed their flagship business antivirus and endpoint protection software in CylancePROTECT, featured in business and home editions boasting artificial intelligence guided protection. BlackBerry Protect is a post-acquisition evolution of CylanceProtect.
N/A
Trend Micro Cloud One - Workload Security
Score 9.3 out of 10
N/A
Trend Micro Cloud One Workload Security (formerly Deep Security) is cloud security software suite, from Trend Micro, for hybrid cloud environments and virtualization security.
If I had to recommend an endpoint AV solution, [BlackBerry Protect (CylancePROTECT)] would be on the list...in fact at the top of the current list. It is a cost effective solution. When we did the bakeoff in our selection we built 3 generic W10 PCs. We located a Malware repository on the internet and downloaded a package of 100. The first solution stopped 80% from installing, the second stopped 100%, [BlackBerry (CylancePROTECT)] would not let the package download! Winner winner chicken dinner :)
Hypervisor based agentless security this product excels at. It provides thorough protection for your VM's. The web filtering product that comes with it also does a great job filtering out malicious websites from being accessed by users with a very user friendly prompt that they are going to a website which has been found to be malicious. This is particularly useful when it comes to VDI.
Fast and Unobtrusive, users hardly notice that Cylance is running on their computer, except when it detects something malicious
User interface is simple for end users, and the management interface is streamlined and easy to get started with. The management interface has a quick tutorial that comes up upon first login that explains all the different aspects of how to configure CylanceProtect.
Customer support is fantastic - in that if you get stuck or need help understanding a feature/setting, they are quick to respond and help to ensure that your configuration is set as optimal as possible for your scenarios.
It would be great if there was a way for an administrator to make a file as safe from the end user device when a false positive has occurred (which is rare). At present and administrator has to log into the web console, create an exception and then wait 60-120 seconds for this to be effective on the end user device, still great, but this can be frustrating for users that are urgently trying to use the file.
Executive reporting could be better. Just a single page dashboard report that could be included in other monthly reporting.
Trend Micro has very little room for improvement. I am using version 9.6 at this time and it is extremely reliable. Some of the upgrades were not completely intuitive, but in those cases Deep Security support came through with documentation that covered all the bases.
I have only used CylancePROTECT support one time and they were very fast and responsive with the answers that solved my issue. That is the only reason I gave them a 7 as I have only had one interaction with them.
Trend Micro's support is pretty decent, we have had issues in the past and they have been fairly responsive to us and our complaints. Depending on how severe the issue was. Any ticket that had a high priority was handled very shortly especially when we contacted our account rep even if it was after hours, we were still able to get support within a short time period.
Cylance, I believe is the only one that uses the predict and prevent execution of advanced threats and malware at the endpoint. Cylance is by far a superior product.
We selected trend micro to take the AV scans and filtering out of the hands of the Windows and Linux vm's we have deployed and move it to the hypervisor level. This has led us to be able to deploy only a single DSVA per host and can protect all VM"s that are on that hosts. This has allowed for more time being spent on other priority security tasks.
100% positive ROI. Without Deep Security we would have to leverage and endpoint protection management solution like Sophos or SEPM (Symantec). Although both are good products, from a cost perspective it would have hit us much harder. Trend Micro Deep Security scales very nicely.
Since Deep Security actually has zero (or at least unnoticeable) resource footprint on monitored VMs, it is a huge cost benefit for us. As previously mentioned, actual antivirus clients installed on each virtual machine (VM) would have significantly affected performance. This would have cost us much more additionally in paying for additional resources to allocate over VMs in the VMware environment. Deep Security is almost completely unintrusive from a resource perspective.
Also, from a layered security perspective, it helps us meet our goals; and since the price of Trend Micro Deep Security quite reasonable, it is that much easier to get approval for this specific internal layer of security.
