Trellix Endpoint Security Platform Reviews

• Easy installation and configuration
• Managed by ePolicy Orchestrator (ePO) for simplified management

It's provided us with a reduction of the attack surfaces used by malware. As an organization, we've decreased our threat visibility.

We have reports by users of machines being slow when the on-demand scan starts.

Recently, some cases of ransomware have been reported on managed systems without VSE detecting them.

I've used it for six years.

VSE 8.8 is managed by ePO for easy deployment.

Beta versions are released for extensive testing on the various platforms before RTW (Release to World) versions.

We have had no issues scaling it for our needs.

McAfee technical support is available 24/7 to assist with any calls logged.

I have worked with Symantec before. I chose McAfee because of the security-connected framework for synchronized security, which works well to mitigate risks and to enable a proactive approach to threat responses.

The initial setup of VSE is via the ePO. When checked in to the ePO, VSE can be deployed to the whole environment via the ePO silently without any user intervention.

The initial implementation was done by an in-house team comprised of highly-skilled McAfee experts since we are an Infosec company specializing in various vendor products. An in-house team can set it up, provided they are awarded adequate training.

With the rise of malware and, recently, ransomware cases, using VSE assures you a positive Return-on-Investment. The benefits surely outweigh the risks of a compromised environment.

Using McAfee provides you a single, integrated platform that helps you have an end-to-end visibility of the whole environment.

I personally really like what the folks at Intel did when creating the Endpoint Protection Suites. Running the EASI.exe installer from the .zip file simplifies the build process for newer administrators and engineers by installing a base-system tree, basic policies, and streamlining the installation process. 

What most don't seem to grasp is that Endpoint Protection is a Suite Install Package. There are 6 different versions of Endpoint Protection, each coming with different applications installed. Primarily, I usually install the Endpoint Protection Advanced Suite (EPA) & Complete Endpoint Protection Suite (CEE). I recommend installing SQL either on the same box as ePO if you're managing under 5000 endpoints, or on a separate SQL server if higher, overusing the SQL Express that comes with the Installer. The primary reason is that if you use SQL Express, you do not have access to SQL Management Studio. Having access to the data tables and being able to clean up the space on the SQL server over time will be a must. The Complete Endpoint Suite has certainly simplified the build procedure.

I have been installing ePO and the separate modules for years. I am a bit biased on Intel Security products as it is how I make my living as a Subject Matter Expert .

There are a few things I wish the folks at Intel would fix. 

The primary for me is with the ePO Query creation. Queries in ePO are powerful tools as they can be used to create dashboards, server tasks, and be exported or rolled up to Senior Management. In older versions of ePO (4.0 & 4.5) the Queries, gave a wide range of data. With ePO 4.6, 5.0, 5.1 & 5.3 the data could be pulled from various installed products to get the data that you were looking for, with the current versions of ePO you can only pull the fields listed in the "Result Type/Feature Group" and it is very limited.

A good example...If i wanted to try and create one report that shows all Common Configuration Enumeration (CCE) data (this data comes from Policy Auditor) while also showing what software is installed from each system  (this data comes from Application Control) and adding in fields such as IPv4, FQDN, OS version, Domain...Simplified, if I could pull Hardware Asset, Software Asset, CCE Data, and Policy Auditor Scoring all on one report, it would make my life so much easier. 

Alas, this cannot be done with the current Query Building setup. The fields that are available are limited to each application installed and are only for that application.

The most valuable feature for us is the central management – we can scale it up and dial back when we need to. It gives us a big picture, enterprise solution for our endpoint needs. We don’t have to go to three interfaces for the security picture as it's all in one shared space.

Endpoints are more than just customer laptops, they are also servers. Day-to-day, it’s a lot better when your solution is natively covering laptops, servers, and virtual servers.

It’s all organized and makes it much easier to follow up with individual issues or if there are breaches which need a start-to-finish investigation into IT security events, I can get one picture to follow the breadcrumbs.

A quicker turnaround with patches and updates would be good. Say there is a new patch or update, such as a new Apple OS, there is a bit of a lag between hot fixes. They are really good with Windows, so it may be an Apple thing more than Intel. If they are quicker with hot fixes with Apple OS, that would be an improvement.

We have been using this solution for the last three years.

It's not crashed once on me, and is up 99.99% of the time. It's only if there is an issue with the OS that it becomes unavailable, and there never an issue with the software end of things.

It's very easy to grow. We recently acquired another company, they did a whole new setup with no license and no new server, and they even have their own policy as they integrated into our system. There were no worries about our main policy. I didn’t need a second server for a small branch company as it collects all the data from the endpoints and then sends that back to our main server. It’s very easy to scale and Intel is great about that – even if you get an audit, it’s just to take care of you.

We're very happy with customer service. I can go on to the website and get live chat communication and in minutes -- maybe not even minutes -- I'll have the issue solved.

We're very happy with technical support. I can go on to the website and get live chat communication and in minutes -- maybe not even minutes -- I'll have the issue solved. The only issue that needs improvement is Mac or Linux support issues, but that’s not a regular occurrence. Even on the phone, I have been happy.

Initial setup was very straightforward and easy. Fine-tuning for your environment takes a little love and care, but that’s true for any product.

It's well worth the investment as we have a lot of laws governing us. In terms of security, it helps keep our environment clean. It recently caught an issue in the company with cryptolocker, and the amount of money it saved because we found that is huge. We didn’t have to pay fees to decrypt it and we were in the clear.

We looked at Norton and we used Gartner to see what players were in the space and looked at them all.

I can say that all the features of this product are most valuable for me, but I believe that Antivirus, McAfee Data Loss Prevention Endpoint, McAfee Device Control , Drive Encryption and Deep Command are the basic features that any business needs (Enterprise, Small or Medium).

One of the key features of this product, as seen by my customers, was the central administration from the ePO console. If the client needed new components, ePO helps them with a few clicks to bring the new products into the organization.

All the improvements I thought were needed, were implemented over time by the vendor.

I've used it for two years.

On the older ePO versions, there were some issues at the install, but with the latest version, the installation is smooth.

I didn’t have any stability issues.

There was no issue with the scalability. If a client needs a quick deployment, and doesn’t have a dedicated SQL Server, it can start with the Express version, and migrate later to a new instance.

10/10.

10/10.

I have worked with Symantec, and still do, as my firm is partner with both.

Best Practice from my point of view is to start small and go big. Install the server and all the components, enroll two to three endpoints (server,laptop,desktop), create the needed policies, and extend the deployment to other endpoints, and so on until you cover all the organization and you are sure that there are no issues with the server or endpoint performance.

I was the person that implemented the product.

The commercial value of the product depends of the firm that buys it. From my point of view, the ROI is 100% from the moment the client is fully protected from external attacks.

Try to take a bundle of needed McAfee products, as the price is more attractive.

I have evaluated Bitdefender, Kaspersky and Symantec.

This product is very easy to use and to extend after the installation. Look on McAfee Knowledge Base page and see the tutorials.

The central management solution by far.

There can be like a religious war between the large antivirus systems, but I do think that all of the larger competitors deliver good antivirus solutions.

The thing that separates them is:
- The way they are managed.
- The way they adapt to new threats.
- The products around the product that give you a higher value.

Every time I have installed this at a customer site they are most impressed by the central management, reporting, and options to do more.

Improvements are made all the time as the threats change.
I think the improvements on speed are the most important after actually finding the threats.

I have used this or the predecessor to this since 2002.

The polices and rules take time if you don’t know the product.
This is not unique to McAfee and it's not really an issue.

Not really with the antivirus part, but the application firewall and encryption can make functions stop working if not tested vastly before deployment.

No

10/10

10/10 (maybe not tier 1 but every one after)

I have used F-Secure, Symantec, Kaspersky Lab and Trend Micro.

It's all about planning and testing.
ePO can be complex but the antivirus is not that complex.

I am a consultant.

I have used F-Secure, Symantec, Kaspersky Lab and Trend Micro.

I think that in the enterprise space, this is by far the best solution and not because the actual antivirus. It's because of ePO.

We use the platform for managing and securing endpoints in our organization.

The solution's technical support services have a quick response time. It has been beneficial for our organization. 

The platform's most valuable features are AI capabilities and its quick updates. 

They could provide better integration capabilities for the product with other services.

We have been using Trellix Endpoint Security (ENS) for two to three years. We are using the latest version and regularly update it.

I rate the product's stability a seven out of ten. 

Our corporation has approximately 13,000 Trellix Endpoint Security (ENS) users. It is a scalable product.

The solution helps manage users easier and reduces the workload for the IT team.

The product pricing is high. 

We are evaluating Trellix Endpoint Security (ENS) features compared to others. 

I advise others to consider the specific requirements of users, such as personal devices that may not be supported before making a purchase decision.

I rate it an eight out of ten. 

We use the product mainly for security purposes.

The product’s stability and security features enhance user protection and organizational security.

The interface is complex.

The product could provide more web or application controls in future releases.

I have been using the solution for six months.

The solution is stable.

The product is easy to scale. More than 50 people in my organization are using the solution.

The product’s support is good.

Positive

The initial setup is easy. The solution is deployed on the cloud.

Three engineers can deploy the tool in three to four hours. The solution needs maintenance.

The product is expensive.

We are using the latest version of the solution. The solution is not that difficult to use. The security levels are good. Overall, I rate the product a nine out of ten.

I use certain features of the solution, although I am not using the latest version, even though my colleagues do so a lot. They also use MVISION, although I do not.

We make use of Endpoint host level data loss prevention.

The solution has some good firewall features, as well as those involving control and threat protection of the host. 

The software download features could stand improvement. This sometimes must be undertaken manually. 

The job hosting features should also be improved. 

I have been using McAfee Endpoint Security for three to four years.

The solution is reliable. 

I did not do much integration when it came to the installation of McAfee, although I did integrate with Forcepoint. 

Tech support is responsive. They're good, the very best. 

The initial setup is fine. 

People, naturally, go for a yearly license. 

I am happy with the pricing. 

The solution is primarily on-premises. 

Usage in our organization is vast. We have so many customers using the solution. 

The solution is good and we always recommend. It is perfect. 

I rate McAfee Endpoint Security as a nine out of ten.