Trellix Endpoint Security Platform Reviews

We used it for a compromise assessment. That would be for our client. We deployed the agents. It was for endpoint security.

We had been using the solution previously for one of the clients. We were using it for six months, and we did a compromise assessment based on the FireEye Endpoints that were deployed across the group. At that point in time, there were a lot of ransomware attacks in the environment, and it was impossible to identify the source of the attack and where it came from. The tools didn't point to that visibility. We had to deploy these agents across the environment and also monitor the environment using the network security appliances provided by FireEye just to monitor.

We did monitor it for six months, so it was an assessment. In those six months, we did not have another ransomware attack. It was proven the environmental assessment was clean. That was the whole objective of the compromise assessment - to find out if there are any indicators or anything that has gained a foothold in the environment, trying to fend advanced persistent threats from that standpoint.

It is a great solution. The way it exchanges the information between the entire ecosystem, all the endpoints, as well as the network ATP, can trigger the blocking even if it is seen by some other device. If the network has seen something, we can use that to put a block to all the endpoints.

It works in an ecosystem. Centrally, from just one console, you can block malicious attacks across your environment. It provides you with the ability to respond to threats better.

The solution can be expensive.

If it could provide a little more in terms of automating things, for example, in response and automatic playbooks wherein you define whatever it is if you see this kind of a threat. You define the actions that need to be followed. If a playbook could be automated and run without even requiring manual involvement, that is the future we want, and they should look into how to make that happen. That is the kind of capability we want them to build.

In terms of reporting, also, if they could provide a little bit more information from where it started, how it progressed; a complete workflow, how that had progressed from where it was picked up; what was the target stage, what was the next stage, and what was the final stage, that would be very helpful. If they could pick up in a simple pictorial way of representing analysis just like the Cisco ASA Packet Analyzer used to do, that would be really helpful.

We used the solution for six months.

The stability has been very good. There are no bugs or glitches and it doesn’t crash or freeze. It’s reliable.

The product can scale. It’s not an issue at all. 20,000 users were using the solution with no problems.

We have contacted tech support. Tech support was brilliant. They were very knowledgeable, very skillful, and very responsive, and they knew the subject matter. They knew what we were asking for.

The agent installation was okay. It was just a package that was installed. It also provides options to customize and fine-tune based on the system's performance. It's not too heavy on the systems or the servers.

On the network side of things, I think there were challenges to getting that working. We had to do a couple of alterations in terms of making it work, mainly since the appliance's model was provided using a special-purpose SFP, and the compatible SFP was not available in the client environment at that one point. We had to procure it specifically for that assessment.

It’s very costly.

I’d recommend the solution to others.

I would rate the solution eight out of ten.

We use the product for EDR purposes.

The product has robust integration with ePO (ePolicy Orchestrator), offering centralized management capabilities. It also allows multifunctionality within a single platform. They offer endpoint and NLP protection as well.

The platform needs improvement in terms of handling heavy databases. We encounter database unavailability for a prolonged period. Its integration capabilities with security platforms like FireEye could be enhanced.

We have been using Trellix Endpoint Security for over a decade.

It is a stable product.

We manage around 20,000 endpoints for our enterprise customers. It is a scalable product.

The technical support works fast and is knowledgeable and customer-friendly.

We have to follow a step-by-step process to implement Trellix Endpoint Security. It can be deployed in the cloud and on-premises.

I recommend product deployment assistance from a consultant, distributor, or reseller.

Trellix Endpoint Security is an inexpensive platform.

I recommend Trellix Endpoint Security to people looking for endpoint protection. I rate it a nine out of ten.

We use the solution for security purposes.

The solution is valuable for security aspects.

The solution should respond faster. Whenever Trelix runs, the system slows down.

I have been using Trellix for two years. We are using the latest version of the solution.

The product’s stability is good.

I rate the solution’s stability a seven out of ten.

The solution is scalable. Around 3,000 users are using this solution.

I rate the solution’s scalability an eight out of ten.

Technical support is good. They respond faster.

The initial setup is simple.

Ten people are required for maintenance.

You should monitor how efficiently the solution functions, how it will impact your system, and how many files will be processed. The more files your system has, the more security time is needed to scan them daily. Due to this, your system may become slower. Trelix ensures the system does not slow down even when Trelix runs in the background.

Overall, I rate the solution a seven out of ten.

In my company, we use Trellix Endpoint Security for its endpoint security capabilities. Wherever there is a need for someone to comply with ISMS, we deploy Trellix Endpoint Security over there and support them in maintaining it.

The most valuable feature of the solution is that it allows our company to opt for single management for multiple products. The tool also supports DLP encryption or proxy can be managed by a single management console, which is a major advantage.

Trellix Endpoint Security doesn't support Mac devices. Trellix Endpoint Security doesn't offer full-fledged support for Linux.

In the future, I would like the product to support Mac and Linux.

When it comes to classification, Trellix has its own DLP solution. They do provide classification in Trellix Endpoint Security, but not at a full-fledged level. It would be good if Trellix Endpoint Security provided a full-fledged classification.

The solution's technical support should be improved since we faced a lot of issues with the support. There were some delays in responses from the technical support. Technical support also lacks in providing proper solutions to issues.

I have been using Trellix Endpoint Security for ten to twelve years. I use the solution's latest version. My company has a partnership with Trellix.

Stability-wise, I rate the solution an eight out of ten.

Scalability-wise, I rate the solution a seven out of ten.

I rate the technical support below five out of ten.

Neutral

I have used different products in the past. Since we are a consultant, we have to work with multiple vendors.

The initial setup of Trellix Endpoint Security was straightforward.

The solution is deployed on the hybrid cloud. Trellix Endpoint Security provides its tool as a SaaS product.

The deployment process can be done in around two hours.

Our company has around 40 engineers to deploy and manage the maintenance of the product.

There are some extra expenses for using the product, in addition to licensing related to the maintenance of the product.

The product is good, but that doesn't matter if the support is not proper.

I would definitely recommend the solution to those planning to use provided the support is good. If the support is not good, our company will have to state both the pros and cons of the product to its potential users, after which the customer can choose it if they find the pros to be favorable.

Overall, I rate the solution a seven out of ten.

We build our own use cases and those provided by the vendor for specific upcoming attack scenarios. Configuring the rule set using Trellix Endpoint Security is very much flexible based on the IOCs.

Trellix Endpoint Security is good for doing containment immediately. We can get visibility of processes or services running all over the enterprise, where the agent gets information on a particular end-user system. Since Trellix Endpoint Security keeps the data for three months, we can get a complete picture of the files downloaded from the end user mission. So Trellix Endpoint Security is very helpful when you do forensics. The only drawback is that we cannot change its format, and there is no workaround currently.

The most valuable feature of Trellix Endpoint Security is containment, which takes less than a minute. It also has a dual containment feature. Trellix Endpoint Security is also useful for taking the triage image, which takes roughly thirty minutes. So it's pretty fast, and we have multiple configuration sets. We can precisely take a triage image based on what you want, like endpoint logs, antivirus logs, or the RAM.

Currently, Trellix Endpoint Security can't find the running mutexes, while other open-source products can do it. Mutex is something like a malware user. Secondly, the solution should support multiple output formats for the triage image. Currently, the solution has only Mandiant format, where you can't use tools like volatility to analyze the memory image.

It would be good if Trellix Endpoint Security had a good visualization like other products, such as SentinelOne and Carbon Black.

I have been using Trellix Endpoint Security for one year and six months.

I rate Trellix Endpoint Security a seven out of ten for stability because it crashes frequently and requires a lot of maintenance.

I rate Trellix Endpoint Security a nine out of ten for scalability. We have plans to increase the usage of the solution in the future.

I rate Trellix Endpoint Security an eight out of ten for ease of initial setup.

I rate Trellix Endpoint Security a nine out of ten for pricing.

I am using the latest version of Trellix Endpoint Security. Using Trellix Endpoint Security depends upon the user's organizational needs. If their only concern is containing and taking the triage image, and if they are comfortable doing forensics with a deadline, then they can use Trellix Endpoint Security. But if some companies want to integrate their in-house or third-party tools, Trellix Endpoint Security is not a good option.

Overall, I rate Trellix Endpoint Security a nine out of ten.

We primarily use the solution as a basic antivirus. It's for protection. We centralize the management of 50 computers. 

The solution offers us more security and less chance of getting a virus. So far, we have had no viruses. 

So far, the experience has been positive. 

The pricing is good. It is very reliable. 

It offers good centralized management.  

The solution is scalable.

It is stable. 

I found the initial setup to be easy. 

We'd like better UI on the management screen. It could be a bit simplified, which would make it easier to use. 

I've used the solution for a while. I've used it for two years so far. 

The solution has high stability. It doesn't crash or freeze. There are no bugs or glitches. The solution has been reliable. 

The solution has a high level of scalability. It is easy to expand as needed. 

I've never used technical support at all. I cannot speak to how helpful or responsive they would be. 

I also used Kaspersky. I used it for two years and then replaced it with McAfee. 

The setup was straightforward. I did not find the process to be complex at all. 

I have not measured any ROI at this time. 

The pricing is reasonable. I'd rate it nine out of ten. It is quite affordable. 

I am an end-user. 

I'm using the latest version of the solution. 

The pricing has been very useful so far. I'd rate it nine out of ten. 

We use Trellix Endpoint Security for pattern-based scanning. We use it on all our handsets. We also use it for behavior-based adaptive threat prevention; it's a solution that will recognize malicious behavior.

I like trap prevention DNS and threat prevention.

I would like to have the ability to have more control over the deployment in the next release. If you have this console in the cloud, you cannot make pilot groups for deploying the agents. We only have the current group. So, as soon as you inject the software, it will go directly into production, which doesn't work for us. We need to build up pilot groups slowly. We already requested to have this feature on the cloud, and we are still waiting.

I have been working with Trellix Endpoint Security for about 15 years.

Trellix Endpoint Security is mostly stable. I haven't had any false positives in the last few years.

On a scale from one to ten, I would give stability a nine.

Trellix Endpoint Security is very scalable. Our company has three users, but we have more than 3000 devices.

Technical support is good, and that's an important thing to have. They are very helpful and care about our needs. The best thing is that they speak German, and we can talk to them naturally in our language.

The initial setup is quite straightforward.

Trellix Endpoint Security is best suited for large companies. I would tell potential users to find an excellent partner to configure and build a basic policy setup. A third-level contact is also essential if it's not part of your daily responsibility. 

On a scale from to ten, I would give Trellix Endpoint Security a nine.

We use Trellix to secure our customers' endpoint devices and the cloud. It was a McAfee solution before the Trellix acquisition. Trellix has a full portfolio for local and cloud protection. McAfee MVISION products are managed on the cloud, but some customers need an on-premise local management console.

The central management console is powerful. You can manage endpoints, DLP, encryption, and all the other features from a single console. 

Trellix lacked email protection when it was a McAfee product. They added this feature during the merger with FireEye, but it hasn't been fully integrated. The core features will be integrated into the next release. FireEye has several solutions for EDR and sandboxing. 

I have used Endpoint Security for more than 10 years.

I rate Trellix nine out of 10 for stability. 

I rate Trellix 10 out of 10 for scalability. 

I rate Trellix support nine out of 10. 

Positive

I have always used McAfee, but I know a little about Symantec. I used it more than a year ago. 

I rate Trellix seven out of 10 for ease of setup. It is a complex tool, but you can use many of the new features while you're installing it. The deployment time varies depending on the number of endpoint accounts and how the client is distributed. It typically takes less than a day for a large enterprise. If nothing goes wrong, you can finish in a few hours. One person is enough to deploy and maintain it. 

I rate Trellix five out of 10 for affordability. It isn't cheap, but not expensive.

I rate Trellix Endpoint Security nine out of 10.