Trellix Endpoint Security Platform Reviews

The fact that the three components have been provided under one platform helps to simply perform product management.

Also, the virus definition file size is 40% smaller, which reduces the amount of bandwidth required to update all the endpoints.

There are three valuable components to Endpoint Security 10.1: First, there's threat prevention, which is for anti-virus and anti-malware detection. Second, there's firewall, which replaces the Windows firewall when activated. Third, there's web control which is used for endpoint web filtering.

The threat prevention feature is the most valuable because it provides protection against malware.

I would like the product deployment to be made simpler. The current deployment requires creating tasks to install each component.

The product is quite stable. We haven't had any issues with instability.

The scalability is great. We've been able to scale it for our needs.

Intel Security technical support is very efficient, although the wait times on the customer support line can be quite long.

I previously used Kaspersky. However, the management console does not match up to the functionality of the ePolicy orchestrator management console provided by Intel Security.

The setup was very straightforward. The EPO server deployed the McAfee agent and then we were able to deploy Endpoint Security.

Implementation was done through the vendor. My advice is to ensure all the requirements that are provided prior to implementation to avoid any delays.

The return on investment has been very encouraging. Ask the vendor to give you as much information as possible on all the suites so you can get a package that suites your environment.

Endpoint Protection 10.1 is a very complete endpoint protection solution that gives complete protection for endpoints. It is easy to deploy and can be a very useful endpoint protection suite for small, medium, and large-scale environments.

• Easy installation and configuration
• Managed by ePolicy Orchestrator (ePO) for simplified management

It's provided us with a reduction of the attack surfaces used by malware. As an organization, we've decreased our threat visibility.

We have reports by users of machines being slow when the on-demand scan starts.

Recently, some cases of ransomware have been reported on managed systems without VSE detecting them.

I've used it for six years.

VSE 8.8 is managed by ePO for easy deployment.

Beta versions are released for extensive testing on the various platforms before RTW (Release to World) versions.

We have had no issues scaling it for our needs.

McAfee technical support is available 24/7 to assist with any calls logged.

I have worked with Symantec before. I chose McAfee because of the security-connected framework for synchronized security, which works well to mitigate risks and to enable a proactive approach to threat responses.

The initial setup of VSE is via the ePO. When checked in to the ePO, VSE can be deployed to the whole environment via the ePO silently without any user intervention.

The initial implementation was done by an in-house team comprised of highly-skilled McAfee experts since we are an Infosec company specializing in various vendor products. An in-house team can set it up, provided they are awarded adequate training.

With the rise of malware and, recently, ransomware cases, using VSE assures you a positive Return-on-Investment. The benefits surely outweigh the risks of a compromised environment.

Using McAfee provides you a single, integrated platform that helps you have an end-to-end visibility of the whole environment.

I personally really like what the folks at Intel did when creating the Endpoint Protection Suites. Running the EASI.exe installer from the .zip file simplifies the build process for newer administrators and engineers by installing a base-system tree, basic policies, and streamlining the installation process. 

What most don't seem to grasp is that Endpoint Protection is a Suite Install Package. There are 6 different versions of Endpoint Protection, each coming with different applications installed. Primarily, I usually install the Endpoint Protection Advanced Suite (EPA) & Complete Endpoint Protection Suite (CEE). I recommend installing SQL either on the same box as ePO if you're managing under 5000 endpoints, or on a separate SQL server if higher, overusing the SQL Express that comes with the Installer. The primary reason is that if you use SQL Express, you do not have access to SQL Management Studio. Having access to the data tables and being able to clean up the space on the SQL server over time will be a must. The Complete Endpoint Suite has certainly simplified the build procedure.

I have been installing ePO and the separate modules for years. I am a bit biased on Intel Security products as it is how I make my living as a Subject Matter Expert .

There are a few things I wish the folks at Intel would fix. 

The primary for me is with the ePO Query creation. Queries in ePO are powerful tools as they can be used to create dashboards, server tasks, and be exported or rolled up to Senior Management. In older versions of ePO (4.0 & 4.5) the Queries, gave a wide range of data. With ePO 4.6, 5.0, 5.1 & 5.3 the data could be pulled from various installed products to get the data that you were looking for, with the current versions of ePO you can only pull the fields listed in the "Result Type/Feature Group" and it is very limited.

A good example...If i wanted to try and create one report that shows all Common Configuration Enumeration (CCE) data (this data comes from Policy Auditor) while also showing what software is installed from each system  (this data comes from Application Control) and adding in fields such as IPv4, FQDN, OS version, Domain...Simplified, if I could pull Hardware Asset, Software Asset, CCE Data, and Policy Auditor Scoring all on one report, it would make my life so much easier. 

Alas, this cannot be done with the current Query Building setup. The fields that are available are limited to each application installed and are only for that application.

The most valuable feature for us is the central management – we can scale it up and dial back when we need to. It gives us a big picture, enterprise solution for our endpoint needs. We don’t have to go to three interfaces for the security picture as it's all in one shared space.

Endpoints are more than just customer laptops, they are also servers. Day-to-day, it’s a lot better when your solution is natively covering laptops, servers, and virtual servers.

It’s all organized and makes it much easier to follow up with individual issues or if there are breaches which need a start-to-finish investigation into IT security events, I can get one picture to follow the breadcrumbs.

A quicker turnaround with patches and updates would be good. Say there is a new patch or update, such as a new Apple OS, there is a bit of a lag between hot fixes. They are really good with Windows, so it may be an Apple thing more than Intel. If they are quicker with hot fixes with Apple OS, that would be an improvement.

We have been using this solution for the last three years.

It's not crashed once on me, and is up 99.99% of the time. It's only if there is an issue with the OS that it becomes unavailable, and there never an issue with the software end of things.

It's very easy to grow. We recently acquired another company, they did a whole new setup with no license and no new server, and they even have their own policy as they integrated into our system. There were no worries about our main policy. I didn’t need a second server for a small branch company as it collects all the data from the endpoints and then sends that back to our main server. It’s very easy to scale and Intel is great about that – even if you get an audit, it’s just to take care of you.

We're very happy with customer service. I can go on to the website and get live chat communication and in minutes -- maybe not even minutes -- I'll have the issue solved.

We're very happy with technical support. I can go on to the website and get live chat communication and in minutes -- maybe not even minutes -- I'll have the issue solved. The only issue that needs improvement is Mac or Linux support issues, but that’s not a regular occurrence. Even on the phone, I have been happy.

Initial setup was very straightforward and easy. Fine-tuning for your environment takes a little love and care, but that’s true for any product.

It's well worth the investment as we have a lot of laws governing us. In terms of security, it helps keep our environment clean. It recently caught an issue in the company with cryptolocker, and the amount of money it saved because we found that is huge. We didn’t have to pay fees to decrypt it and we were in the clear.

We looked at Norton and we used Gartner to see what players were in the space and looked at them all.

I can say that all the features of this product are most valuable for me, but I believe that Antivirus, McAfee Data Loss Prevention Endpoint, McAfee Device Control , Drive Encryption and Deep Command are the basic features that any business needs (Enterprise, Small or Medium).

One of the key features of this product, as seen by my customers, was the central administration from the ePO console. If the client needed new components, ePO helps them with a few clicks to bring the new products into the organization.

All the improvements I thought were needed, were implemented over time by the vendor.

I've used it for two years.

On the older ePO versions, there were some issues at the install, but with the latest version, the installation is smooth.

I didn’t have any stability issues.

There was no issue with the scalability. If a client needs a quick deployment, and doesn’t have a dedicated SQL Server, it can start with the Express version, and migrate later to a new instance.

10/10.

10/10.

I have worked with Symantec, and still do, as my firm is partner with both.

Best Practice from my point of view is to start small and go big. Install the server and all the components, enroll two to three endpoints (server,laptop,desktop), create the needed policies, and extend the deployment to other endpoints, and so on until you cover all the organization and you are sure that there are no issues with the server or endpoint performance.

I was the person that implemented the product.

The commercial value of the product depends of the firm that buys it. From my point of view, the ROI is 100% from the moment the client is fully protected from external attacks.

Try to take a bundle of needed McAfee products, as the price is more attractive.

I have evaluated Bitdefender, Kaspersky and Symantec.

This product is very easy to use and to extend after the installation. Look on McAfee Knowledge Base page and see the tutorials.

The central management solution by far.

There can be like a religious war between the large antivirus systems, but I do think that all of the larger competitors deliver good antivirus solutions.

The thing that separates them is:
- The way they are managed.
- The way they adapt to new threats.
- The products around the product that give you a higher value.

Every time I have installed this at a customer site they are most impressed by the central management, reporting, and options to do more.

Improvements are made all the time as the threats change.
I think the improvements on speed are the most important after actually finding the threats.

I have used this or the predecessor to this since 2002.

The polices and rules take time if you don’t know the product.
This is not unique to McAfee and it's not really an issue.

Not really with the antivirus part, but the application firewall and encryption can make functions stop working if not tested vastly before deployment.

No

10/10

10/10 (maybe not tier 1 but every one after)

I have used F-Secure, Symantec, Kaspersky Lab and Trend Micro.

It's all about planning and testing.
ePO can be complex but the antivirus is not that complex.

I am a consultant.

I have used F-Secure, Symantec, Kaspersky Lab and Trend Micro.

I think that in the enterprise space, this is by far the best solution and not because the actual antivirus. It's because of ePO.

We just run it in the background and potentially scan any wireless or malicious file. It must be the same setup.

Maybe the performance could be better. I noticed that it slows down a bit when I start it up in the morning.

We have had this solution for over three years now. It's enterprise security. We use the latest version. 

It's stable. It's just that I don't have to use it very often. I can go weeks without having to deal with any issues. If something does pop up, it's usually pretty easy to fix. I just let the people who know what they're doing handle it.

It's scalable enough for our needs. I don't see any problems right now. There are about 55 users in two branches of our company.

We haven't needed to use tech support. We are an IT company, so we usually take care of our own devices.

The setup is not that complex. It takes five to ten minutes to set up. It's mostly this is our old devices.

It's a self-deployable solution, so we don't need any technical staff for deployment.

We do need to pay for a license.

Overall, I would rate the solution a six out of ten. 

We use the product mainly for security purposes.

The product’s stability and security features enhance user protection and organizational security.

The interface is complex.

The product could provide more web or application controls in future releases.

I have been using the solution for six months.

The solution is stable.

The product is easy to scale. More than 50 people in my organization are using the solution.

The product’s support is good.

Positive

The initial setup is easy. The solution is deployed on the cloud.

Three engineers can deploy the tool in three to four hours. The solution needs maintenance.

The product is expensive.

We are using the latest version of the solution. The solution is not that difficult to use. The security levels are good. Overall, I rate the product a nine out of ten.