Trellix Endpoint Security Platform Reviews

Our company just started evaluating the solution for endpoint protection. We have tested it in a POC environment but have not deployed it to the production environment. 

The solution includes a good combination of features for both signature and signature-less detection. Based on types of threats, we can opt to use either or a combination of both. 

Good progress has been made with integrations for McAfee and FireEye but more work has to be completed because the feature is still pending. Down the line with these integrations, the solution will be very good product. 

The solution could provide open XDR in addition to EDR.

Adding MDR makes sense instead of just being on the EDR and DXDR fronts. 

I have been using the solution for a couple of weeks. 

The solution is stable. 

The solution is SaaS so should be fully scalable but we have not yet tested scalability. 

Technical support could be improved. Our team worked with the product reps to coordinate requirements and deploy.

The setup is quite easy and only takes a few minutes because it is a SaaS solution. 

We implemented the solution in-house for our POC environment. 

We use several products simultaneously and are using the solution in a test case. It might take two or three months to confirm if we plan to deploy to our production environment. 

The solution meets customer expectations and is a good product. I rate the solution an eight out of ten. 

We primarily use the solution for endpoint security.

One of the strengths of McAfee in general, not only in the Endpoint, is the ePolicy orchestrator. It's a single management platform for all the solutions and also a single agent. From my experience, with all other products, it becomes easy to use with multiple deployments. 

With McAfee, what you do is you just upload and download some packages for specific features. For example, with endpoint security, you get only the four features, the firewall, web control, the ATP, and then threat prevention. Should the client would want an additional feature, for example, device control, full-blown DLP, or application control, then we can add the packages for that and then easily deploy it with the client. 

Looking at the current ePolicy orchestrator, and the transition of most vendors to the cloud, they need to do an improvement with the current dashboard or the overall aesthetic of their GUI. They need to just keep up with the current trends. It's still a bit old-looking. That said, with the CASB, their other solutions their cloud solutions, they're already on the way with that. They are working on improving things. 

The initial setup can be a bit difficult. 

They should offer further application control. The way of doing the application control is based on an inventory scan. It would be great and it would be at par with other solutions if they would be able to improve that into a category-based application control.

I've used the solution for about three years. 

McAfee is one of my favorites. It's very stable and reliable. There are no bugs or glitches. 

We have been able to scale. For example, a client who wanted to migrate their on-premise solution and then move to the cloud found it to be pretty straightforward. With things like this, there is still room for improvement and there can be trouble doing that. However, with the experience that I had during the migration, it was pretty smooth and seamless.

I haven't had any experience with technical support. I'm working as a presales engineer, however, I have colleagues who've had a few experiences with McAfee technical support. Usually, it's all about clarifications around the licensing or loading of the license. For example, we have had experiences with the license already loaded to the client's account and we haven't received the email yet. When that happens, we have no way of accessing the account of the client. In those instances, we'd reach out to support. Beyond that, we don't really need help. 

I have experience with Trend Micro, Sophos, and McAfee.

The main difference is their single solution. There's one single pane of glass you're looking at which gets easier with the maintenance. The utilization is also great. It takes away the customer of having to deal with problems with the utilization. There's a balance between the performance of the agent as well as the operation of the client. You won't hear a client complaining that a McAfee solution.

The threat intelligence with respect to endpoint security is great too. With the threat intelligence and McAfee having been in the industry for so long, it has a better capability of protecting our endpoints.

For the setup, if you're not familiar with it, it can be a challenge. From my experience, when I just started working with McAfee, it was really hard to understand how the policies work, how the policies should be implemented and how would you assign them to certain groups. If you're just getting started, it's hard. However, if you're already familiar with how policy creation works and how you're supposed to assign it to certain groups or certain users, then it becomes easier over time.

For every 100 users, one person is enough in terms of handling maintenance tasks. Management is easy as you can manage everything from a single pane of glass. It doesn't require a lot of manpower. 

If you look from the Gartner perspective, and if we're only looking at the leaders' quadrant, McAfee is around five out of five in terms of price affordability. Among all other solutions, it has really a reasonable price. If you look at the entire Magic Quadrant, not only the leaders' quadrant, McAfee is even better. There are other solutions that have a more reasonable price, however, it also comes at the cost of the quality that we're offering.

I'm a reseller and solutions provider. 

It can be deployed in a virtualized environment or on the cloud. It depends on the client's requirements. I typically recommend the SaaS environment, however, in the Phillippines, it's mostly on-premises still. In that case, we may use a virtualized or physical server.

I'd rate the solution eight out of ten.

I'm working on a project for the Hong Kong library system under the Hong Kong government. They provide workstations in the library for citizens to access the Internet. The ENS needs to be installed on all the PCs in the library. Another part involves the CSWA for the server farm. They are upgrading the entire library system, including the rental system, book search, eBooks, multimedia, and other services. The CSWA modules are primarily for the backend servers, including Linux and Windows.

Detection and response functionality meet our requirements, but the support is poor.

HIPS protects server files from being modified or deleted by unauthorized users. It's primarily deployed in the web tier.

It is a bit technical. The user interface has some significant limitations, mainly when using HIPS on the server side, to protect files from being changed or deleted by hackers, users, or administrators. The UI only allows for the inclusion of files using wildcards. 

For example, it can protect an entire directory or a subdirectory, but it doesn't let you select specific files within a directory.

I have been using Trellix Endpoint Security (ENS) as an implementor for two years.

We haven't had any system crashes or problems in most cases. SolidCore is not compatible with some kernels, which is causing problems. Endpoint, HIPS, and anti-theft are working fine so far. 

I rate the solution’s stability as seven out of ten.

We use one ePO server to manage around four thousand endpoints, including servers. This single server effectively handles this load.

It is suitable for medium and large enterprises.

I rate the solution’s scalability as seven out of ten.

Support is poor. A module called Solidcore needs to match with the OS kernel in one area. The support for this module has been slow because it doesn't match the latest OS. As a result, we haven't been able to upgrade our OS because McAfee does not support the latest version. We've also encountered issues where the product can't be upgraded or installed successfully. We're managing over 300 servers and 3,000 workstations. Upgrading has been a nightmare with this setup.

It provides a slow response. Sometimes, getting feedback takes a few days, and that is also not to the point.

Positive

The initial setup is easy and straightforward. Determining specific modules and functions often involves a lot of trial and error. Deployment takes only a couple of days.

Overall, I rate the solution a seven out of ten.

The solution is used, especially by those who want an antivirus product. It is also useful for those looking for tools that offer endpoint detection and response features. The product offers multiple features, one of which is endpoint security.

Sometimes, one might face issues with the scalability of the product. The aforementioned area can be considered for improvement.

I have been using Trellix Endpoint Security (ENS) for five years. I operate as a system integrator of the product in my company.

Stability-wise, I rate the solution an eight out of ten.

Scalability-wise, I rate the solution a seven out of ten.

My company caters to the needs of small, medium, and large-sized businesses.

I rate the technical support a ten out of ten.

Positive

The product's initial setup phase was straightforward.

The solution is deployed on the cloud and on an on-premises model.

The time required for the deployment of the product can vary, and it also depends on whether the company has been actively using the product.

The price of the product is similar to the ones in the market that offer the same features.

The product has improved its malware protection features since it provides a couple of features that no other solution does. The tool is helpful for multiple companies.

The tool streamlines the incident response process.

The most effective part of the product for threat prevention is related to the tool's rollback feature.

Trellix Endpoint Security (ENS) is like an antivirus tool, but it doesn't alone provide the rollback feature since it is something that is possible with Trellix Endpoint Detection and Response (EDR).

The tool does provide adaptive threat protection features.

I recommend the product to those who plan to use it.

I rate the tool a seven to eight out of ten.

The tool is primarily used for endpoint detection. When an event occurs on an endpoint, alarms are generated. Colleagues from my company then investigate these alarms based on a playbook. Depending on the playbook and the specific customer contract, actions may be taken, such as informing the customer or implementing endpoint containment measures.

The tool has contributed to improving our security posture. While it's just one part of our overall solution, it plays a crucial role. As we continue to evolve, we anticipate it becoming even more important alongside other aspects like network behavior and additional metrics.

The tool's most valuable feature is containment. Last year, a German company faced an external attack. We installed the product on every machine, totaling hundreds of endpoints. The Trellix agent collected information, allowing us to check the entire IT infrastructure. 

The product is consolidating its portfolio into one product. It is difficult at the moment. 

I have been using the product for three years. 

The solution's scalability is easy. If you have Trellix Endpoint Security on-premises, you need to define how many agents you will support and consider future scaling. Different appliances are available for various scenarios. If you plan to have hundreds or thousands of agents in the future, hardware considerations become important. However, if it is deployed in the cloud, scaling up or down is easily manageable.

My experience with the product's tech support is good. 

Positive

Trellix Endpoint Security (ENS)'s deployment is not difficult. There are different options available, such as using an on-prem hardware box or a virtual machine in the cloud. Setting up the virtual machine in the cloud is easy, requiring only a connection to the customer's system. 

If you plan to install the solution on-premises, you bring the box to the customer and connect it to their system. This involves some configuration, such as opening a port on the firewalls. Deploying agents on the endpoints is straightforward and can be done from a central management point. The entire process takes around a day to configure, and then you are up and running.

Microsoft Defender is not cheap and from a cost perspective, Trellix Endpoint Security (ENS) is a better option. 

We integrate the product into our system using API. The information, in the form of messages or alarms, is received in our system. We further process this information and incorporate it into our complete solution. 

I rate the product an eight out of ten. 

Customers use Trellix Endpoint Security as an anti-malware or antivirus solution that provides AI and machine learning features. The solution provides DAC (Dynamic Access Control) and HIPS (host intrusion prevention system) functionality in its firewall module. It also has a web control functionality, wherein we can allow, deny, or choose the category part and work it out.

Trellix Endpoint Security provides a single umbrella kind of architecture. A lot of different solutions come under a single umbrella and a single console. The most valuable features of the solution include DLP (data loss prevention), CASB (cloud access security broker) functionality, endpoint encryption, and cloud workload security. The solution also has features like application control, device control, and cloud DLP.

The solution's documentation is not streamlined and is in bits and pieces, which should be in a single format.

Trellix Endpoint Security should include the virtual patching feature in the next release.

I have been working with Trellix Endpoint Security for one year.

I rate Trellix Endpoint Security a nine out of ten for stability.

Trellix Endpoint Security has good scalability. Our customers for the solution are most enterprise businesses and government entities.

I rate the solution a nine out of ten for scalability.

The solution’s initial setup is easy.

I rate Trellix Endpoint Security ten out of ten for the ease of its initial setup.

The solution's deployment on the cloud is very fast because we give the requirement and get the solution. On-premises, the basic initial setup of the server takes about half an hour or one hour.

Trellix Endpoint Security is neither a cheap nor an expensive solution.

On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a four out of ten.

I am working with the latest version of Trellix Endpoint Security. We provide our customers with on-premises, on-cloud, and hybrid cloud deployment models for Trellix Endpoint Security.

Overall, I rate Trellix Endpoint Security an eight out of ten.

The product is fairly reliable. I have been using the DLP functionality a lot. It blocks all USB-connected devices but still allows charging external devices like phones. It keeps out any malware. It does a good job of protecting our network as an enterprise solution. I mainly use it as an antivirus and DLP solution.

The product is not easy to use. Moving around in it is cumbersome. I have heard other users saying that it is cumbersome to find things. Creating and deploying policies with DLP can be really cumbersome. It can be difficult if we don’t know how to use it. Sometimes, we have difficulty in communicating with clients. Sometimes, we have to go through troubleshooting to fix it.

I have been using the solution for 17 to 18 years. I am using the latest version of the solution.

I rate the product’s stability an eight out of ten.

I rate the solution’s scalability an eight out of ten.

It's pretty straightforward to deploy the product as an enterprise solution. I create a System Tree, and I break everything out between VMs, workstations, servers, and VLANs.

We have seen a return on investment.

I would definitely tell people to try the tool. They must go through and test out different solutions. Trellix Endpoint Security is fairly easy to use and manage for an enterprise solution. I'm in the process of getting more visibility for my service desk. The ability to lock it back down and only give what I want the service desk to see is valuable because it gives it a little bit more visibility without affecting what I've done as an enterprise admin. Overall, I rate the tool a nine out of ten.

My company uses Trellix Endpoint Security (ENS) for endpoint protection and scanning.

The most valuable feature of the solution is its advanced ability to search for threats.

Performance is a problematic area in the solution needing improvement. There are some weird problems in the endpoint protection or security of the solution.

I have been using Trellix Endpoint Security (ENS) for two years. I am an end user of the product.

Though it is a stable solution, we face performance issues with the solution in our company.

Considering my company's current scenario, there are around 5000 users of the solution.

The installation phase of the solution was very easy.

The deployment phase of the solution takes around an hour.

Only one IT person is required to install the solution.

My company contacts the product's local integrator for support.

Trellix Endpoint Security (ENS) is not a cheap solution. I don't know about the licensing course since my company uses the solution with the licenses provided by our central health center office, a public organization managed by the government. I don't think any costs are involved in the maintenance of the solution.

It is very easy to maintain the solution.

I suggest checking for the product's performance issues for those planning to use the solution.

I rate the overall solution a seven out of ten.