Palo Alto Networks WildFire vs. Trellix Endpoint Security ENS

Palo Alto Networks Wildfire is well suited for pretty much anywhere that you need the latest and greatest network security. It is extremely good at protecting you from the latest malware threats that might pose a potential problem for your network/endpoints. We've been very please since we installed it and I would say cost of the Palo Altos is the only drawback. If money were no object I'd go with a Palo Alto with Wildfire every time. But unfortunately in some smaller branches it just doesn't make financial sense.

Incentivized

It provides great web security and will protect your devices against viruses and malware when paired with other security software and hardware. For instance, we have multiple layers of security set up so if McAfee misses something then one of our other barriers will catch the infection or intrusion before it reaches the network. I would not suggest using this product as a standalone agent because I do not think it will be as effective when working by itself. The dashboard also makes it convenient to manage devices, policies, and settings from wherever you are so it's an ideal solution for any IT department to use. I would just suggest using something else as a backup so your network isn't left vulnerable.

Incentivized

• This is could base and easily manageable for our collocation. While working within the could can review in live time potential treats that it has reported from other devices.
• Worked very well with existing Palo Alto devices.
• Another huge plus is the simplicity of managing and ease of scalability.
• Its cost is competitive with similar/like products available.

Incentivized

• Provides high fidelity alerting.
• Allows CSOC analysts to perform forensic triage and alert investigations through containment from a single pane of glass.
• Provides alert telemetry across on-disk and in-memory attacks.
• Supports many additional 'bolt-on' modules to provide additional alert context or capabilities.

Incentivized

• WildFire, like other sandboxes, has to stay up with malware sandbox evasion techniques, which necessitates larger file size limits.
• More file formats should be able to be submitted and scanned by WildFire, which needs improved initial administration and setup.
• It's quite pricey, and there's no warning choice for performance on the cloud.

Incentivized

• The amount of false detections especially the negative ones needed to be reduced.
• It requires more optimization. It tends to make the PCs slower.
• It almost doesn't have the ability to heal. This is very important as we need our sensitive data to be recoverable.
• It doesn't have any free scanning functionality. Our users using personal machines cannot scan in case of an incident. This could be added like Malwarebytes.

Incentivized

It works very well and takes care of protecting us from threats new and well-known. It's been a game changer in terms of threat detection & prevention.

Incentivized

Easy to use and works well. For the most part it's set it and forget it, but there's also some flexibility for high security environments and those with extra privacy concerns.

Incentivized

PAN support is very good. You can get the reasonable and timely support on any conditions. When the product is already integrated with the PAN firewalls, you can choose the severity levels based on the effect. The customer service/TAC is very helpful, they even have additional recommendations of advises for product usability. Local partners are also assisting the cases and give their expertise.

Incentivized

The support of product was very good when we initially implemented the solution. We were getting fats replies and could see the customer approach. After a while the level of support was not following the SLA's and the replies were getting very confusing and late.

Incentivized

We wanted a single device to handle numerous jobs, such as antivirus, antimalware, vulnerability detection, url filtering, etc. Palo Alto provides this, while TippingPoint IPS is a more dedicated product. Caveat: I used TippingPoint over 5 years ago, so things may have changed.

Incentivized

Unlike Trellix Endpoint Security Symantec Endpoint provides less information about events on the user side. Trellix give an opportunity to see information about virus detection on a user machine as quick as it possible, so we were able to catch the signs of virus propagation early and prevent the spread of damage

Incentivized

• As we all know the product of Palo Alto is little bit expensive but its performance is far better than any of its competitors. So as I previously mentioned, Palo Alto should not sell WildFire Licence seperately.
• If the firewall is internet facing then only we should buy WildFire Licence.
• WildFire Licence is not necessary for internal firewall. If you are planning to buy a firewall for internal network where your traffic is not going towards internet so no need to buy WildFire Licence.

• From an auditing standpoint, we can show that our workstations/servers are protected.
• Even though it cant identify more advanced/targeted malware, it is still good to identify the more obvious malware which occurs daily in my enterprise.
• Since it can be easily deployed, the products can easily get deployed on all systems in the environment for optimal anti-malware protection.

Incentivized