Trellix Endpoint Detection and Response (EDR) Reviews

As a user, I didn't have any concerns about technical aspects where I was working previously. Working together. So, we sell licenses of McAfee. We had a promotional activity in which when you buy a cell phone, you get a McAfee subscription for mobile, and we used to offer a license of McAfee with an internet connection.

Blocking browser navigation is a feature of the solution with which we have experienced success.

The fact that it is easy to manage by consumers, families, small businesses, or parents while blocking traffic is a valuable feature of the solution.

For Spanish users, it is necessary to have a knowledge base specifically designed for them, which is currently not available.

Blocking other browsers should be a feature introduced in the solution. At this time, you can control Safari and Microsoft Edge. But I don't know about the other browsers.

I have been using McAfee MVISION Endpoint Detection and Response for five years. We use the solution on mobile and in the cloud. Also, my company is a reseller.

There are issues with the solution on the other browsers. So, I don't know if any feature is enabled in the solution to resolve the issues.

We have been providing a lot of licenses, and we never had a problem. So, it is a scalable product. For personal use in my family, I may have plans to use it.

I rate the technical support a ten out of ten.

The solution's initial setup process was simple.

There has been a return on investment since it is a good business. Hence, we embedded the solution in our services. So, I know that this is a good investment.

My company does provide the solution at a good price for our customers. The solution needs to support their Spanish customers. Overall, I rate the solution a nine out of ten.

My company's clients use the solution to detect the early stages of attacks and to react to the strange things that happen on the endpoints.

Visualization of cyberattacks is one of the most valuable features of the solution.

It is tough to comment on what needs improvement in the solution. At the moment, it is difficult to recall and comment on what needs to improve in the solution.

The solution lacks the ability to integrate with external platforms. In future releases of the solution, I would like to see the solution increase its integration capabilities with external platforms. At this moment, I want the solution to integrate with more XDR tools. The solution should provide its users an ease of administration in future releases.

My company has spoken to McAfee about their solution being on the pricier side. So, McAfee is aware that there is room for improvement in its pricing strategy.

I have been using McAfee MVISION Endpoint Detection and Response for over two years. So, my company has a partnership with McAfee. Though I don't remember the version of the solution I am working on, it is the latest one since it is a common security practice to use the updated version of the tool.

It is a stable solution. Stability-wise, I rate the solution a nine out of ten.

I won't be able to comment on the solution's scalability since, at the moment, we do not need to consider scalability or expansion. However, it is probably easy to scale up since the solution is deployed on AWS. My company has clients who run small, medium, and enterprise-sized businesses. The number of uses using the solution depends upon the company or business size. So, there have been times when a client using the solution has over 1000 users using the tool.

I rate the solution's technical support team a nine and a half or ten out of ten.

Positive

The solution's initial setup process was easy and straightforward. On a scale of one to ten, where one is difficult and ten is very easy, I rate the solution's initial setup a ten out of ten. The solution is usually deployed on the cloud platform.

The solution is usually deployed on the cloud platform. Though unsure, I feel the solution is deployed using AWS since I am referring to the users in Europe. The deployment process took place over a few days. The deployment process is covered by the client and distribution services team. The deployment process involves fire and forget, wherein the agent is sent to the user. All the settings are within the agents, and only the installation needs to be done for the deployment process to be completed.

On a scale of one to ten, where one is low and ten is high, I rate the solution's pricing an eight out of ten. McAfee MVISION Endpoint Detection and Response is pricey compared to other solutions in the market.

Though I cannot remember the approximate licensing cost of the solution, it would definitely depend upon the customer, the overall pricing of the solution, and the additional features.

One needs to incur retention costs in addition to the standard licensing fees paid for the solution.

I would tell those planning to use the solution in the future that if they already have McAfee products, then they should go for it since the solution integrates well with other McAfee tools and with some endpoint protection platforms or DLP that are deployed on-premises.

The software will have bugs in them at some point, and bug-related issues are to be taken care of by technical support. Our company reports such issues, and the technical support team tries to resolve them. Presently, this process works well for us. Overall, I rate the product an eight out of ten.

This is more of a cloud-based clientless type solution, for file-based security. 

The solution is scalable and the product has a good strategy when everything is in place. 

One of their issues is that they were very much based on agents, whereas most of the other solutions are clientless. There were a lot of legacy issues and they needed to evolve to more of the current operating systems of Microsoft for endpoint systems and PCs. If you're clientless, your cloud-based applications sit on top of the operating system and are not built into it.

It's reasonably stable. They made some changes to the architecture and that always creates issues. 

The solution is scalable. 

They had pretty good tech support. I think a lot of what happened to McAfee, from my perspective, was everything went offshore to India and for US customers, there is a language barrier that created problems.

The initial setup was relatively complicated and used a lot of resources - CPU resources, memory, disk.

There are a lot of companies in this space now and they are all pretty close to each other in terms of what they offer. I think those that are more user-friendly, and have the agentless client have the advantage over the legacy companies with older architecture. 

They lost a lot of product managers and engineering managers in the breakup. That said, I think this is a good product with a good strategy, they just haven't quite reached maturity yet.  

I rate this solution eight out of 10. 

I'm a consultant. One of my clients was experiencing attacks on one of his endpoints, so we installed McAfee MVISION Endpoint Detection and Response, and we used it to check if the other endpoints were also being attacked. This is one of the uses cases of the solution: threat hunting.

Another use case is that McAfee MVISION Endpoint Detection and Response consolidates all the information back to the MVISION Insights, so that's threat intelligence information, and we match whatever IOC we have, together with the current attack campaign data in the McAfee databases.

The most valuable feature I found in McAfee MVISION Endpoint Detection and Response is the guided analytics or guided EDR investigation. Normally, when you use an EDR solution, you need to have an analyst to understand all the artifacts, then you come up with the question and come up with the answers. With the guided investigation feature in McAfee MVISION Endpoint Detection and Response, DoD is easier, because the tool does the analysis itself, based on the artifact, then it maps back into the MITRE Framework and gives us all the answers.

An area for improvement in McAfee MVISION Endpoint Detection and Response is the historical search. For example: when you have information on the artifact and a precedent, you want to do a search, and that is a bit lacking in the tool.

Another area for improvement is in the automation feature of McAfee MVISION Endpoint Detection and Response, because it still needs some work in terms of integration.

What I'd like in the next release of McAfee MVISION Endpoint Detection and Response is the ability to use it with a newer security platform. This means that the information you get from network parameters such as IPS and firewalls can be pumped back to the tool, so we can match all the information to do better threat hunting. Threat hunting is only on the endpoints, so if McAfee MVISION Endpoint Detection and Response could cover everything, that would be good.

We've been using McAfee MVISION Endpoint Detection and Response for a year, and we're using its latest version.

The stability and performance of McAfee MVISION Endpoint Detection and Response are quite good, especially because it's still using the same agent. It doesn't require hardware, as long as there's good internet connectivity, for example: the bandwidth of the customer in the office is quite good, so the tool seems okay. I don't see anything lacking in terms of its performance. It's quite a good tool.

Because McAfee MVISION Endpoint Detection and Response is deployed on cloud, scalability is not an issue. You have to look at scalability in terms of the endpoint agent. If the endpoint control panel is good enough or is large enough, scalability is good enough, so it won't be much of an issue.

McAfee technical support has been not that great in the past two months, and it could be because they just merged with another company. Their level of support was high previously, but now it's not so good, and it's not on par with what I expect. On a scale of one to five, I would rate their support a three.

We already have the baseline for the current endpoint, so deploying McAfee MVISION Endpoint Detection and Response was simpler.

I was the one who did the deployment for a customer, and it was quite straightforward. Because we already have the baseline and we used the same engine and the same integration, deployment of McAfee MVISION Endpoint Detection and Response took less than two days.

Pricing for McAfee MVISION Endpoint Detection and Response is not that expensive, but it's not something that a startup could buy. Pricing for it is for midsized businesses.

There's an additional payment if you want data retention for more than thirty days. They gave us data retention for thirty days. Then if you want longer data retention, they have the paid option for a three-month data retention period and for a one-year data retention period.

We don't use any backup protection, but previously, we used Commvault for backups.

In terms of maintaining the tool, you don't have to do a lot of fine tuning, because the fine tuning will happen on the endpoint protection, in particular, the tool will do all the hunting. What we just need to do is to monitor the data location and the database.

My rating for McAfee MVISION Endpoint Detection and Response is eight out of ten.

The solution is used to search the IOCs. We use it in our company when we are unable to search for multiple hashes at a time for a particular file. Without Trellix Endpoint Detection and Response (EDR), each hash needs to be executed individually in the search parameter. 

The investigation and rule detection feature of the solution has proven most useful for our company. 

The searching capabilities for the IOCs can be further improved in the product. 

I have been using Trellix Endpoint Detection and Response (EDR) for one year. 

I would rate the stability an eight out of ten. 

I would rate the scalability a five out of ten. The solution sometimes functions quite slowly, and at our company, we face multiple issues around which we regularly need to contact tech support. There are more than 1000 users of Trellix Endpoint Detection and Response (EDR) in our organization. I use the product daily in my company. 

In my previous organization, I used to work with Cybereason instead of Trellix Endpoint Detection and Response (EDR). My present company prefers to use Trellix Endpoint Detection and Response (EDR), so I switched. 

I would rate the initial setup an eight out of ten. 

Trellix Endpoint Detection and Response (EDR) handles security incidents but generates multiple false positive alerts. If the solution is fine-tuned from time to time, then true positive results can be expected accurately. 

After implementing Trellix Endpoint Detection and Response (EDR) in our organization, we have witnessed great security efficiency. 

I would recommend the solution to others as it's very easy to use. I would rate the solution a seven out of ten. 

We use the solution to detect different threats.

Trellix has a user-friendly interface.

Everything is normal, but it's not up to the mark compared to other solutions. It isn't easy to manage. The detection rate is also not reasonable. Trellix does not support Linux and Mac.

I have used Trellix Endpoint Detection and Response (EDR) for 1 year.

I rate the solution’s stability a six out of ten.

Earlier, 10,000 users were using this solution.

I rate the solution’s scalability a six out of ten.

Support is good. They provide a swift response.

I have used Symantec. It is a user-friendly solution with good performance and easy deployment. Support is also good.

The initial setup is easy. We use email deployment. Sometimes, we use third-party tools like SSCM to deploy.

The product has agent-based costs.

We need to get special training for maintenance. Maintenance is very easy, but it requires engineers.

Overall, I rate the solution a six out of ten.

We use this solution to protect our endpoints, meaning our workstation laptops.

The most valuable features of the solution are the ability to isolate or quarantine devices and block or detect Ransomware and other well-known tools that are used to exploit vulnerabilities on devices.

The dashboard and reporting features are not so user-friendly or intuitive, so they need some work.

In terms of being able to detect new threats, it would be good if the solution was not so dependent on a signature base, but instead offered a more rapid release for being able to detect zero-days. 

My company has been using McAfee MVISION Endpoint Detection and Response for about seven months. 

The solution is stable. 

The solution is easily scalable. 

Their technical support is better than some of the competitors in the space. To make a direct comparison, it's definitely better than Symantec Broadcom.

The initial setup takes a bit of work, but it can be done. It's not easy. It's not hard. It's in between.

I would rate this solution as a seven out of ten.

I have upgraded to EDR for endpoint protection.

Feature-wise, this product is similar to other EDRs.

The main drawbacks are resources and processing time, as it consumes a lot of CPU and RAM.

The alert system should be improved.

Technical support is in need of improvement.

The dashboard should be improved because it needs a fresh look.

Improvement in the centralized policy enforcement is needed.

I have been using this product for three years.

This is a stable product.

The scalability is okay, although not much more than that.

This is the worst technical support. Without OEM support, you can't handle this product. OEM support is mandatory, yet sometimes, they are not capable of installing and implementing the product properly.

I was using McAfee DLP for Endpoint protection, but it is not very strong. This is why I have upgraded to the EDR solution.

We did not have any issues with configuration. However, in terms of implementation, we had a lot of issues. There is complexity in policy aggregation. When you upgrade the client, there is a challenge in policy enforcement.

Initially, it will take about one month to deploy.

The cost is okay, compared to other products.

We have been looking at replacing McAfee with Trend Micro, but to change our setup is a big task. It is very complex and we need a plan, so are just upgrading instead of changing at this time.

My advice for anybody looking into implementing this product is to first look into who will be providing the support. If they do not have good capabilities and the support is not very strong, then do not choose this option.

I would rate this solution a three out of ten.

Please share how Trellix Endpoint Detection and Response has improved your organization. If it didn't, please explain why.

The solution should be more compatible with macOS.

The solution is stable. I rate it a nine out of ten.

The solution is scalable. Since we are from the banking industry, we have 10,000 users for the solution.

We have two architects, five engineers and two technical support personnel for deployment.

The pricing for Trellix Endpoint Detection and Response (EDR) is good.

I rate Trellix Endpoint Detection and Response a seven out of ten.