Trellix Endpoint Security Platform Reviews

The tool is primarily used for endpoint detection. When an event occurs on an endpoint, alarms are generated. Colleagues from my company then investigate these alarms based on a playbook. Depending on the playbook and the specific customer contract, actions may be taken, such as informing the customer or implementing endpoint containment measures.

The tool has contributed to improving our security posture. While it's just one part of our overall solution, it plays a crucial role. As we continue to evolve, we anticipate it becoming even more important alongside other aspects like network behavior and additional metrics.

The tool's most valuable feature is containment. Last year, a German company faced an external attack. We installed the product on every machine, totaling hundreds of endpoints. The Trellix agent collected information, allowing us to check the entire IT infrastructure. 

The product is consolidating its portfolio into one product. It is difficult at the moment. 

I have been using the product for three years. 

The solution's scalability is easy. If you have Trellix Endpoint Security on-premises, you need to define how many agents you will support and consider future scaling. Different appliances are available for various scenarios. If you plan to have hundreds or thousands of agents in the future, hardware considerations become important. However, if it is deployed in the cloud, scaling up or down is easily manageable.

My experience with the product's tech support is good. 

Trellix Endpoint Security (ENS)'s deployment is not difficult. There are different options available, such as using an on-prem hardware box or a virtual machine in the cloud. Setting up the virtual machine in the cloud is easy, requiring only a connection to the customer's system. 

If you plan to install the solution on-premises, you bring the box to the customer and connect it to their system. This involves some configuration, such as opening a port on the firewalls. Deploying agents on the endpoints is straightforward and can be done from a central management point. The entire process takes around a day to configure, and then you are up and running.

Microsoft Defender is not cheap and from a cost perspective, Trellix Endpoint Security (ENS) is a better option. 

We integrate the product into our system using API. The information, in the form of messages or alarms, is received in our system. We further process this information and incorporate it into our complete solution. 

I rate the product an eight out of ten. 

Customers use Trellix Endpoint Security as an anti-malware or antivirus solution that provides AI and machine learning features. The solution provides DAC (Dynamic Access Control) and HIPS (host intrusion prevention system) functionality in its firewall module. It also has a web control functionality, wherein we can allow, deny, or choose the category part and work it out.

Trellix Endpoint Security provides a single umbrella kind of architecture. A lot of different solutions come under a single umbrella and a single console. The most valuable features of the solution include DLP (data loss prevention), CASB (cloud access security broker) functionality, endpoint encryption, and cloud workload security. The solution also has features like application control, device control, and cloud DLP.

The solution's documentation is not streamlined and is in bits and pieces, which should be in a single format.

Trellix Endpoint Security should include the virtual patching feature in the next release.

I have been working with Trellix Endpoint Security for one year.

I rate Trellix Endpoint Security a nine out of ten for stability.

Trellix Endpoint Security has good scalability. Our customers for the solution are most enterprise businesses and government entities.

I rate the solution a nine out of ten for scalability.

The solution’s initial setup is easy.

I rate Trellix Endpoint Security ten out of ten for the ease of its initial setup.

The solution's deployment on the cloud is very fast because we give the requirement and get the solution. On-premises, the basic initial setup of the server takes about half an hour or one hour.

Trellix Endpoint Security is neither a cheap nor an expensive solution.

On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a four out of ten.

I am working with the latest version of Trellix Endpoint Security. We provide our customers with on-premises, on-cloud, and hybrid cloud deployment models for Trellix Endpoint Security.

Overall, I rate Trellix Endpoint Security an eight out of ten.

The product is fairly reliable. I have been using the DLP functionality a lot. It blocks all USB-connected devices but still allows charging external devices like phones. It keeps out any malware. It does a good job of protecting our network as an enterprise solution. I mainly use it as an antivirus and DLP solution.

The product is not easy to use. Moving around in it is cumbersome. I have heard other users saying that it is cumbersome to find things. Creating and deploying policies with DLP can be really cumbersome. It can be difficult if we don’t know how to use it. Sometimes, we have difficulty in communicating with clients. Sometimes, we have to go through troubleshooting to fix it.

I have been using the solution for 17 to 18 years. I am using the latest version of the solution.

I rate the product’s stability an eight out of ten.

I rate the solution’s scalability an eight out of ten.

It's pretty straightforward to deploy the product as an enterprise solution. I create a System Tree, and I break everything out between VMs, workstations, servers, and VLANs.

We have seen a return on investment.

I would definitely tell people to try the tool. They must go through and test out different solutions. Trellix Endpoint Security is fairly easy to use and manage for an enterprise solution. I'm in the process of getting more visibility for my service desk. The ability to lock it back down and only give what I want the service desk to see is valuable because it gives it a little bit more visibility without affecting what I've done as an enterprise admin. Overall, I rate the tool a nine out of ten.

My company uses Trellix Endpoint Security (ENS) for endpoint protection and scanning.

The most valuable feature of the solution is its advanced ability to search for threats.

Performance is a problematic area in the solution needing improvement. There are some weird problems in the endpoint protection or security of the solution.

I have been using Trellix Endpoint Security (ENS) for two years. I am an end user of the product.

Though it is a stable solution, we face performance issues with the solution in our company.

Considering my company's current scenario, there are around 5000 users of the solution.

The installation phase of the solution was very easy.

The deployment phase of the solution takes around an hour.

Only one IT person is required to install the solution.

My company contacts the product's local integrator for support.

Trellix Endpoint Security (ENS) is not a cheap solution. I don't know about the licensing course since my company uses the solution with the licenses provided by our central health center office, a public organization managed by the government. I don't think any costs are involved in the maintenance of the solution.

It is very easy to maintain the solution.

I suggest checking for the product's performance issues for those planning to use the solution.

I rate the overall solution a seven out of ten.

In my company, we use Trellix Endpoint Security for its endpoint security capabilities. Wherever there is a need for someone to comply with ISMS, we deploy Trellix Endpoint Security over there and support them in maintaining it.

The most valuable feature of the solution is that it allows our company to opt for single management for multiple products. The tool also supports DLP encryption or proxy can be managed by a single management console, which is a major advantage.

Trellix Endpoint Security doesn't support Mac devices. Trellix Endpoint Security doesn't offer full-fledged support for Linux.

In the future, I would like the product to support Mac and Linux.

When it comes to classification, Trellix has its own DLP solution. They do provide classification in Trellix Endpoint Security, but not at a full-fledged level. It would be good if Trellix Endpoint Security provided a full-fledged classification.

The solution's technical support should be improved since we faced a lot of issues with the support. There were some delays in responses from the technical support. Technical support also lacks in providing proper solutions to issues.

I have been using Trellix Endpoint Security for ten to twelve years. I use the solution's latest version. My company has a partnership with Trellix.

Stability-wise, I rate the solution an eight out of ten.

Scalability-wise, I rate the solution a seven out of ten.

I rate the technical support below five out of ten.

Neutral

I have used different products in the past. Since we are a consultant, we have to work with multiple vendors.

The initial setup of Trellix Endpoint Security was straightforward.

The solution is deployed on the hybrid cloud. Trellix Endpoint Security provides its tool as a SaaS product.

The deployment process can be done in around two hours.

Our company has around 40 engineers to deploy and manage the maintenance of the product.

There are some extra expenses for using the product, in addition to licensing related to the maintenance of the product.

The product is good, but that doesn't matter if the support is not proper.

I would definitely recommend the solution to those planning to use provided the support is good. If the support is not good, our company will have to state both the pros and cons of the product to its potential users, after which the customer can choose it if they find the pros to be favorable.

Overall, I rate the solution a seven out of ten.

We primarily use Trellix for drive encryption and malware prevention, but we also use some advanced features, such as centralized control and policy management. 

Trellix enables us to customize and centrally manage policies. We can set on-prem policies and synchronize them with the cloud. 

Trellix integrates well with most SIEM and data classification solutions.

You do not have access to all the features when you use the Trellix web interface. For example, you cannot do device or drive encryption from the web interface. Also, when we're working with customers, it's sometimes challenging to get sales support.  Delays mean we might lose an opportunity. Lastly, Trellix lacks some documentation about custom features. 

I would like to see Trellix add database activity monitoring. They don't have a plan for this, and there isn't a significant roadmap around it. They have an enterprise service manager, which is sort of like a SIEM, but there is no roadmap. I want to see a clearer roadmap for integrating specific critical solutions like PAM and other things, too.

I have used Trellix ENS for two to three years.

Trellix ENS is stable. 

Trellix is scalable with some limitations. I recommend it for small or medium-sized businesses.  The integration needs to be simplified for it to work in an enterprise with a large, complex environment.

I rate Trellix support six out of 10. They need more local presence in South Africa and a faster response. Other distributors work through a partner system. There are also some challenges due to the merger of McAfee and FireEye to form Trellix and some legacy issues around a lack of innovation. 

Standard support is included with the subscription, and there are layers of escalation when you open a ticket. You can pay extra to get premium support, which is priced separately. 

Neutral

Trellix is easy to deploy if you have enough skills. Some customers think they can do it alone without professional services, but the deployment doesn't go smoothly. They have misconfigurations, which become a problem. They have issues when they are renewing the license because they didn't scale sufficiently in the beginning. The deployment time can range from five days to three months, depending on the size and complexity of your environment. 

Trellix is reasonably priced, but the cost goes up by about 7 to 10 percent annually, so some of our customers complain at renewal time. The license is based on the number of devices. There are discounts as you add more devices, so you may pay $15 per device or up to $50 per device. 

Standard support is included with the subscription for the first year, but you'll pay for the deployment costs. In the next year, you'll pay only for the license and support.

Trellix is one of the best legacy endpoint protection solutions, but we're also looking at Crowdstrike. Other solutions have advantages over Trellix in brand awareness and local presence. 

The company needs to do more to build its presence in this country. I've never seen an account manager or sales rep show up to an in-person event in South Africa. Other companies like Trend Micro have offices here. 

I rate Trellix Endpoint Security six out of 10. I would give it a seven or an eight if not for the vendor's shortcomings in terms of support and local presence. The scale and speed of response make a difference. It's an excellent product that may not be perceived as such because of how it's supported and the awareness of potential customers. 

Before implementing Trellix, you should take time to understand the core use cases you want to achieve and match them to specific features. You should also do a limited proof of concept with the vendor or a distributor.

For some of our engagements, we have used MVISION, including data protection, threat intelligence, and DPP also.

We use McAfee MVISION primarily for endpoint protection, antivirus, and understanding the threat intel for end users. 

It is very stable.  

The independent modules are very good. 

For the most part, the setup and deployment are simple.

The only challenge we found is the integration with its product modules. It has a DPP. That integration, we felt, is slightly complex. The complexity of advanced modules can be improved. They could do some improvements so that it is easier to deploy the advanced modules.

We would like more in their advanced modules or ATP.

I've used the solution for a could of years.

The solution has been quite stable. It is reliable. There are no bugs or glitches. It doesn't crash or freeze.

I cannot comment on the scalability. I've never tried to scale the solution. 

For desktop support, they are pretty good. 

There are certain engagements where our customers are still using it. Now, however, we do see a common trend of people moving towards Defender service rather than using McAfee.

We also use Trend Micro. We would prefer Trend Micro and would rate Trend Micro top and then make McAfee next.

The basic modules are straightforward to set up. We don't see many challenges there. However, when we talk about going into advanced ATP modules, et cetera, we do see certain amounts of complexity.

I did not work on the implementation and cannot say how long exactly it took to deploy. Likely, it would take between three and six months.

We generally deal with annual licensing. 

I'd rate the solution seven out of ten. Having used Trend Micro as well, I would rate Trend Micro higher. However, I would still choose this product as a second option.

When we recommend a product, we would recommend something based on the fit of the product and customer requirements. We worked with Defender, we worked with Trend Micro, and we worked with McAfee. All of them almost overlap in multiple use cases. That said, we do see the customer IT strategy and where they're going, and they are adopting Azure more. We know there are certain limitations in their landscape where there may be some old legacy systems, and in that case, then we would either switch back to McAfee or Trend Micro instead of Defender.

We primarily use the solution for endpoint security.

One of the strengths of McAfee in general, not only in the Endpoint, is the ePolicy orchestrator. It's a single management platform for all the solutions and also a single agent. From my experience, with all other products, it becomes easy to use with multiple deployments. 

With McAfee, what you do is you just upload and download some packages for specific features. For example, with endpoint security, you get only the four features, the firewall, web control, the ATP, and then threat prevention. Should the client would want an additional feature, for example, device control, full-blown DLP, or application control, then we can add the packages for that and then easily deploy it with the client. 

Looking at the current ePolicy orchestrator, and the transition of most vendors to the cloud, they need to do an improvement with the current dashboard or the overall aesthetic of their GUI. They need to just keep up with the current trends. It's still a bit old-looking. That said, with the CASB, their other solutions their cloud solutions, they're already on the way with that. They are working on improving things. 

The initial setup can be a bit difficult. 

They should offer further application control. The way of doing the application control is based on an inventory scan. It would be great and it would be at par with other solutions if they would be able to improve that into a category-based application control.

I've used the solution for about three years. 

McAfee is one of my favorites. It's very stable and reliable. There are no bugs or glitches. 

We have been able to scale. For example, a client who wanted to migrate their on-premise solution and then move to the cloud found it to be pretty straightforward. With things like this, there is still room for improvement and there can be trouble doing that. However, with the experience that I had during the migration, it was pretty smooth and seamless.

I haven't had any experience with technical support. I'm working as a presales engineer, however, I have colleagues who've had a few experiences with McAfee technical support. Usually, it's all about clarifications around the licensing or loading of the license. For example, we have had experiences with the license already loaded to the client's account and we haven't received the email yet. When that happens, we have no way of accessing the account of the client. In those instances, we'd reach out to support. Beyond that, we don't really need help. 

I have experience with Trend Micro, Sophos, and McAfee.

The main difference is their single solution. There's one single pane of glass you're looking at which gets easier with the maintenance. The utilization is also great. It takes away the customer of having to deal with problems with the utilization. There's a balance between the performance of the agent as well as the operation of the client. You won't hear a client complaining that a McAfee solution.

The threat intelligence with respect to endpoint security is great too. With the threat intelligence and McAfee having been in the industry for so long, it has a better capability of protecting our endpoints.

For the setup, if you're not familiar with it, it can be a challenge. From my experience, when I just started working with McAfee, it was really hard to understand how the policies work, how the policies should be implemented and how would you assign them to certain groups. If you're just getting started, it's hard. However, if you're already familiar with how policy creation works and how you're supposed to assign it to certain groups or certain users, then it becomes easier over time.

For every 100 users, one person is enough in terms of handling maintenance tasks. Management is easy as you can manage everything from a single pane of glass. It doesn't require a lot of manpower. 

If you look from the Gartner perspective, and if we're only looking at the leaders' quadrant, McAfee is around five out of five in terms of price affordability. Among all other solutions, it has really a reasonable price. If you look at the entire Magic Quadrant, not only the leaders' quadrant, McAfee is even better. There are other solutions that have a more reasonable price, however, it also comes at the cost of the quality that we're offering.

I'm a reseller and solutions provider. 

It can be deployed in a virtualized environment or on the cloud. It depends on the client's requirements. I typically recommend the SaaS environment, however, in the Phillippines, it's mostly on-premises still. In that case, we may use a virtualized or physical server.

I'd rate the solution eight out of ten.

We use Trellix Endpoint Security for endpoint protection, including virus protection for desktops, laptops, and servers. The solution includes special dedicated modules, such as those for Microsoft SharePoint security.

Trellix Endpoint Security helps us support and secure a large number of endpoints efficiently. We have a lot of installations, supporting up to twenty thousand endpoints. With the central management system EPO, it has significantly improved our ability to manage security across these devices.

The EPO, the ePolicy Orchestrator, is the best endpoint protection central management system. 

Trellix Endpoint Security has a lot of special small modules that I like very much, such as access protection, adaptive threat prevention, exclusion capabilities, and logging capabilities. Together with disk encryption or file encryption, it provides a comprehensive solution.

The detection and response capabilities need to be improved. The product is not sharp enough in catching viruses, and we often have to use additional components alongside the pure endpoint security. Symantec, for example, might be better in this area.

We have been working with Trellix Endpoint Security for about 20 years.

The stability of the solution is very high, I'd rate it around eight or nine out of ten.

Scalability is high; I'd rate it 20 out of ten if possible.

Technical support is correct and absolutely helpful. We had some issues during the migration from McAfee to Trellix, particularly with account migrations, but generally, support has been good.

Positive

I have used Fortinet Endpoint Management, Symantec, Kaspersky, Check Point, and others. Among these, I find that the EPO system of Trellix is the best.

I like the initial setup very much because Trellix Endpoint Security has a lot of special small modules and configurations. It's flexible and allows for detailed customizations.

The pricing of the solution is correct and justified for the value it provides.

I'd rate the solution eight out of ten.

It serves as a comprehensive endpoint security solution that goes beyond traditional antivirus by incorporating features such as document scanning for sensitive information, approval workflows for document sharing, patch management, and advanced threat detection using AI and machine learning. It actively monitors various endpoints, including web interactions and email communications, to detect and prevent a wide range of attacks, even those that are not signature-based.

One of the standout features of this solution is its encryption capabilities and DLP functionality. It provides a robust defense against cybersecurity threats while offering user-friendly features like notifications and approval prompts. The encryption feature provides peace of mind in the event of a lost or stolen device, safeguarding sensitive conversations and data from unauthorized access. This level of protection significantly reduces the risk of extortion attempts or data breaches, making it a valuable asset for any organization. So far, I haven't experienced any security breaches or attacks.

I've encountered minor challenges related to encryption.

I have been using it for a year.

We have a user base of over one hundred individuals who use the software.

The decision to implement endpoint security software like Trellix is made at a company-wide level, involving discussions and agreements between various entities, including our parent company and potentially other subsidiaries like the one in Sweden. This decision isn't made independently by individual branches like Kenya; rather, it's coordinated and negotiated at a higher level.

I operate within a managed environment where the IT team handles the installation and setup of endpoint security software. Once installed, they provide me with the necessary details, such as login credentials and instructions for changing passwords. My role primarily involves using the machines provided to me, without needing to delve into the setup process.

Compared to the solutions, it helped us to save at least ten to twenty percent, if not more. 

I would emphasize its affordability rather than merely focusing on cheapness. It provides good value by striking a balance between cost-effectiveness and feature richness.

I would recommend conducting a proof of concept to explore the features firsthand. It's essential to understand what you currently have in place, as that will help determine whether the solution is the right fit for your needs. After that, ensure that the POC is conducted efficiently so that you can make an informed decision about whether to proceed with the solution or consider other options. Overall, , I would rate it an eight out of ten. It's a good solution that meets my needs satisfactorily.