Trellix Endpoint Security Platform Reviews

The solution is specifically used at the endpoints. We do a lot of integrations with various clients. 

A single agent can cover multiple units.

The installation is pretty straightforward. 

The solution can integrate into other products.

The solution is not really stable. 

Every time we open a ticket with McAfee, their response differs and they are not consistent. For example, they might say the issue will be addressed in the next release. Then, the release comes, and it is not available. Basically, we don't get a resolution from support.

This version is not very effective in our region.

The functionality of the product needs to improve the way it addresses zero-day threat levels.

We've been using the solution since 2003.

The stability isn't so great. We've had issues with it in general and have reached out to technical support for help. 

We have three to five people that use the product right now. In Pakistan, we have three offices in all three major cities and set up the solution for clients. We also use it in the offices.

Technical support is ineffective. Instead of dealing with the issue head-on, they tell us that the problem at hand will be fixed in the next release. They do not help at all.

However, our organization also offers technical support to our clients and we have a good experience - almost 20 years with McAfee and other solutions. We're good at troubleshooting.

We started using Symantec, then we adopted different technologies including McAfee and SSP, which includes Microsoft Defender. We keep changing based on the price structure in the market.

The initial setup is not overly complex or difficult. It's pretty simple and rather straightforward. 

That said, I didn't handle the installation myself. We had a team that did it.

We did the installation with the main product that integrated with McAfee Endpoint Security. Between the two, the installation took a whole day, however, just the McAfee section takes about two or so hours. 

You do need to pay for a license. It's not a good idea to try and get a pirated copy.

We've looked into and worked with McAfee, Trend Micro, Kaspersky, and Symantec.

We, at one time, were the official service partner for Symantec. We still provide support to the Pakistan market on behalf of Symantec.

While the solutions we use are on-premises, the latest upgraded services that we use are moving into the cloud, and the endpoints are on-premises. Now it's sort of a hybrid solution.

I'd rate the solution at a six out of ten.

I'd choose McAfee as maybe the third-best option, based on the experience I've had with it and the issues we've faced.

We are using McAfee Endpoint Security for network security.

There is a new feature where you can set thresholds for all the CPU consumption allowing for no consumption on the servers when the scans happen. It is a separate plugin or addon, and if we have it on all the virtual machines it automatically checks the resources, and based on that, it will schedule the scans. That is something that I have not seen in other antivirus solutions, such as Symantec.

The user interface could be improved by making it more user-friendly. There are multiple solutions and there is no clear line differentiating all of them. There is a centralized console where we manage everything but most of the administrators feel a little confused when it comes to managing multiple products from a single place.

In a future release, McAfee could improve by having a fewer resource-consuming agents. When you bundle up all the solutions with an agent, it becomes heavy for the endpoint to handle. This is one drawback that they should improve because some of their competitors, such as Trend Micro and Symantec both have low-consumption agents available.

McAfee has multiple solutions that can be combined together into a single product. There is no need to have this many solutions.

I have been using McAfee Endpoint Security for approximately 10 years.

McAfee Endpoint Security is stable. However, the way we implement it can impact stability sometimes. The stability can fluctuate because of the configuration that we have, or the different types of policy that we have on the endpoints. The configurations can be tweaked and tuned to make it becomes stable again.

The solution is scalable. We have approximately 80,000 endpoints on a single console. If we wanted to increase the number of endpoints it can scale higher.

The support from McAfee is far better than other vendors, such as Trend Micro and Symantec.

I have previously used Symantec and Trend Micro.

The initial setup for an experienced administrator should be easy. The setup can also be easy if you follow the very detailed guide which they call the KB guide that they provide. You can receive good support from the professional services team from McAfee. That is how many organizations usually do the initial setup.

I would advise others that are wanting to implement McAfee Endpoint Security to initially use help from the professional service team at McAfee, it will help a lot by making sure they do all the scalability and enviroment requirements. Additionally, they can ask questions based on their expectation and receive suggestions and answers. As an alternative, if you have an experienced person who is well-versed with implementations then I would use them, if not, I would always recommend using the professional service team at McAfee.

I rate McAfee Endpoint Security a seven out of ten.

We use McAfee Endpoint Security as a solution for workstations and laptops.

Some of McAfee Endpoint Security's main features are it has benefits over normal conventional antivirus solutions because it works much faster. 

The solution learns which piece of software is running on the computer and compares it to a white list or black list database, if it is on the white list it allows the application and if it is on the black it does not.

McAfee Endpoint Security uses fewer computer resources than many competitors making it less of a burden on the performance of the computer. 

We have had some of our clients not happy with McAfee Endpoint Security because it blocks some of the applications they are trying to use. They should make it easier to unblock applications.

In a future release, McAfee Endpoint Security and all other endpoint solutions should reduce the number of resources needed to run their solution, such as hard drive space and CPU processing. The fewer resources the solution uses the better the performance of the hosting computer will have.

I have been using McAfee Endpoint Security for approximately 15 years.

The solution is stable.

McAfee Endpoint Security is cloud-based making it scalable.

We have approximately 100,000 users using the solution in my organization.

I can log into the McAfee portal and get support. We have not had any problem with the support and we have never had an interruption or a case of software failing.

The installation was very easy and quick. It only takes a few minutes.

We can do the implementation of the solution. Customers can do it by themself or in a corporate environment it can be pushed from the central server to each individual computer.

The maintenance of the solution is done by an outside vendor.

For each computer that is connected to the server McAfee charges us for each computer based on our license agreement.

We are in the process of moving away from McAfee Endpoint Security and replacing it with Cylance.

The solution is great by itself. However, it is important how management is organized within the company and how quick of response the teams can apply white list and other security measures.

I would recommend this solution to others.

I rate McAfee Endpoint Security an eight out of ten.

We've only got two or three machines. The solution is simply used as an antivirus, however,  we've rolled it out to all of our customers and we use it as a managed service.

The solution has reduced false positives for our clients and ourselves.

It's got quite good ransomware detection.

The product can be deployed across mobile devices.

It has a managed service push deployment where we can push cloud tasks into policies. 

It's a really good product. It's stable and scalable. It offers good flexibility, has a small footprint, offers a minimal effect on performance, and is from a trusted brand.

We have found the deployment to be very fast.

Technical support is excellent.

We're still looking for weaknesses. The product is still quite new for us. That said, so far, every time I have thought, "I wonder if it can do this or it can do that." I've been able to do it.

McAfee has also asked us for feedback, and we noticed when we gave them suggestions, they worked to implement them. For example, we asked for the ability to leverage Windows Defender instead of creating an endpoint. They've just put that in so you can choose now what you want to do. You can change that deployment and push it out without any intervention by the client as well.

The initial setup can be a bit complicated for those unfamiliar with the product.

We have been using the solution for about four or five months at this point. 

The stability is good. There are no bugs or glitches and it doesn't crash or freeze.

The companies we work with range in size from small to large. 

The solution is very easy to scale.

I would rate technical support at a ten out of ten. They have been great. We have found them to be helpful and responsive. My personal interaction with them was absolutely brilliant.

The initial setup can be difficult the first time. You have the flexibility to give all sorts of setup options. You need to know, for example, do you want this, do you want that, do you want these exclusions? Do you want these exploit preventions? et cetera. There are a lot of components. It's going to be complicated initially, however, once you've done that and set it up for a customer, then it's very simple just to deploy it and roll it out.

We rolled out another customer on Friday, and that's 35 sites we've done so far - and I was able to do the whole lot remotely. It's quick to deploy. For clients, in terms of the deployment, I just simply send them a link to their emails and they just go click on it and it goes.

Once the product is deployed, there isn't any maintenance necessary. It's all controlled from a SaaS portal.

The pricing is okay. It's in the middle and there are actually surveys out and they all say that as well.

There's a couple of license options. You can choose a single license or you can choose what we call a MV2 license. Every single license gives you the ability to install a product on five other devices - including mobile. You get a Windows license and that enables you to install it on a tablet, iPhone, or Android device (up to five) as well.

We're a McAfee partner.

We are using the SaaS version. It's my understanding that we are on the latest version of the solution. 

We would recommend the solution to other companies. We actually sell it and provide it to all our clients.

I'd rate the solution at a ten out of ten.

We are using the latest version at the moment because I'm managed by the MVISION tenants.

In the past, many people had issues with the utilization of detections and resources. ENS is actually very good for detection. When properly configured, especially when the prevention feature is activated, it integrates very well with the ATP, in respect of the endpoint. ATP offers very good protection and is a rich solution which helps to remove ransomware. I've been using the product for a while now and been able to secure a lot of environmental ransomware attacks, as well as some others, by integrating the ATP with the ENS. 

It is of primary importance that the solution does not cripple my system. When an endpoint is sitting on one's computer a struggle ensues involving resources, since the endpoint is actually scanning. At present, it either does not do so or is not noticeable. The detection rate is very high and one can be certain that he is not getting false positives, since he can see if the policy is properly configured. 

The detection is great and the solution is constantly improving. 

It would be nice if the solution were to allow not just on-cloud management, but on-premises, as well. 

I have been using McAfee Endpoint Security for a couple of years. I started with Virus Scan and moved to MVISION when it was introduced. I used ENS when it was made available. While I cannot remember for certain, I believe I have been using the solution since 2015 or 2016. I still use it. 

The solution is very stable. Proper configuration means that we have not had issues with the stability. When all is said and done, the landscape is shifting towards one involving EDR, which is necessary for one to feel he has complete endpoint protection. 

The solution is scalable. 

While there is a need to utilize technical support, I feel it to be fair. Overall, support will point one in a certain, or appropriate, direction, although they will occasionally ask that the person solve the problem on his own. The process may take longer if the issue involves the product. Proper escalation can shorten the resolution process. While I have occasionally had to solve the problem by myself, more often than not the support is very helpful and reliable, especially of late. 

The deployment is simple and very straightforward, including when one wishes to deploy in the cloud.

Deployment can be handled on one's own. Most deployments are the same. When deploying in the cloud, there is only a need to click several times on the link that is sent. There's nothing to it. Anybody can actually do the installation. It's very straightforward.

We are distributors although, as an engineer, I handle everything, including integration. 

McAfee's prices are flexible and can be quite competitive, although there are other solutions that are even more so. Most end-users don't focus on which solution is better, but on which one is most cost-effective. 

Our customers must pay for the licensing involved in using the solution, which they do so annually. Yet, the majority of our customers deploy the solution on-premises, which means their licenses are perpetual. There is still a need to pay for support, however, and this must be renewed annually. 

The solution does a fine job of integration. 

It is deployed in the cloud. 

My organization is very big. Like I said, we're systems integrators. As we are a distribution company, I am in a position to speak from a technical point of view. I've actually seen environments that reach 16,000. I did the deployment for a bank in Ghana, which is under the management of the Pan-African Bank and is responsible for management throughout all of Africa, save for Nigeria. This involved around 15,000 nodes. There is another bank in Nigeria with between 4,000 to 6,000 nodes and still others with around 12,000. 

I would definitely recommend this solution to other users. Leaving aside the fact that I sell this solution, when it comes to endpoint security solutions the world over, McAfee is one of the best, if not the best. 

I use this solution for system security protection.

McAfee has helped our organization by keeping all of our computer systems secure from viruses or other intrusions.

The most valuable feature is the centralized console where everything can be controlled by the administration. McAfee is always improving and is coming out with advanced cloud strategies, you can always rely on them now and for many years ahead.

There are times the solution has some additional software added that is not fully integrated properly, such as Exchange Group Shield. It is quite old and is not fully integrated properly and could be improved.

In an upcoming release, there could be an improvement in performance. There are times the solution can use a lot of resources on the local machines. This normally happens when the system is scanning, the end-user can really notice the performance change. After every new version that is released, there are improvements made. However, there is still room for improvement.

I have been using this solution for approximately 15 years.

The stability is good, whenever there is an issue there is an update or solution to fix it shortly after.

The scalability has been good for us, we have not expanded very much to know more.

The technical support could be improved. We currently have business support and this has been a lot better than the regular support. The business support is more responsive and the resolutions are more thorough. 

The price of the solution is fair, we have a complete security package.

The solution is very good but it is useful and important to have good experience with the endpoint testing machine.

I rate McAfee Endpoint Security nine out of ten.

It can be used for ransomware detection and data exfiltration. It is also able to detect Remote Access Trojan (RAT).

It is easy to use, flexible, and stable. Because it is a cloud-based solution and it integrates all endpoints of the cloud, we can do an IOC-based search. It can search the entire enterprise and tell us the endpoints that are possibly compromised.

It has a feature called Isolation. If a device is compromised, we can connect it to our SOC, and no one would be able to access it. This way we can limit the damage to the network while we are investigating.

Malware detection can be better. It doesn't have support and detection for the recent malware, but it has a compensatory control where it can do the behavior-based assessment and alert you when there is something malicious or unexpected. For example, when a certain user is executing the privilege command, which is not normal. These dynamic detections are good, and they compensate for malware detection.

It has very good integrations. However, its integration with Palo Alto was not good, and they seem to be working on it at the backend. It is not very resource-hungry, but it can be even better in terms of resource utilization. It could be improved in terms of efficiency, memory sizing, and disk consumption by agents.

They have something called Managed Detection and Response. They get intel from their customers, and that intel is shared with the rest of FireEye's customers. I want to subscribe to their intel, but that is not available to us.

I have been using this solution for two years.

It is stable. The FireEye team monitors it, and in case it goes down, we get an alert saying that the device is down. We either get their help or troubleshoot it ourselves to get it up and running.

It is quite scalable. We have scaled it according to their sizing recommendations. They have devices for different bandwidths, models, and offices.

We have about 4,000 people who are using this product. In terms of our plans to increase its usage, we are currently studying two options. One of them will basically scale up to about 40,000 instances.

Their technical support is good. For each region, they seem to have got local support that takes care of all problems. They have support teams in Singapore, India, and North America.

Its initial setup was straightforward. I have done one installation that took about 90 minutes. Virtual installations are straightforward. Physical installations have got some networking interfaces, and one needs to go through the documentation to do it. If you have got the right configuration, it is straightforward.

We have about five people within SOC. We manage the engineering and deployment aspects of it. It is not very resource-hungry.

For its deployment, we just needed about four people. We deployed about 14 appliances and one cloud-based instance. We have automated the deployment. We deployed it via Puppet, so the installation was fast.

We also use CrowdStrike Falcon, which is also endpoint security. At that time, we chose the best option based on our study. Both Falcon and FireEye were doing good in the market, so we basically went ahead with what was the best at that time. We buy the licenses for both of these and then do the deployment.

We also use Sophos, but it is signature-based. We have licenses for the normal management control software of Sophos and the agents. We have not used Sophos Intercept X. My understanding is that it is an EDR, and we look forward to doing a study on it.

Based on my two years of experience with this solution, I would comfortably recommend this solution.

I would rate FireEye Endpoint Security an eight out of ten.

We basically use the solution for threat detection. It's for security purposes.

The solution is pretty good for threat prevention, web protection, adaptive threat protection, and other tasks.

The solution is very stable.

We have had a good experience dealing with technical support.

The product is quite user-friendly.

Currently, we have the threat prevention as well as the web protection, and the McAfee firewall, which we were using before, however, we have not installed it on any of our machines. We have disabled it due to the fact that a lot of stuff was being blocked, it was blocking a lot of internal stuff, which meant it needed some fine-tuning. We were supposed to fine-tune it so that we can recognize our items, however, we're still working on that.

We wanted an EDR solution, and our first option was McAfee as the EDR would go hand in hand with the Endpoint integration. We'd like McAfee to offer stronger security. It's not that it isn't strong right now, however, it needs to continue to improve as attacks are always evolving. We are concerned some attacks may be able to find a way to bypass McAfee. If the solution offered something that could detect better, it would be ideal. It would add more value to what is already in place.

I know that they have application control and all the like. The one feature that maybe is lacking is a different module for the antivirus, however, we have a lot of applications that are running in our environment that were not authorized. 

Users can just install software into their computers. We need some sort of application control system that, if there are any pieces of software that are not whitelisted, then the solution could flag it or maybe alert the administers. That would be very helpful.

I joined the organization a little while back in 2016 and when I got here they were already using McAfee product. Therefore, I've been using the solution for a few years now.

We've found the solution to be quite stable. It doesn't crash or freeze. There are no bugs or glitches. It's quite reliable.

We haven't tried scaling it to as normally the license that we buy, we buy for 650 Rand and at this point, we haven't even tried adding more to try and scale it to that.

The tech support has been superb. You log a call. Sometimes we are in a different time zone when we log a service request. However, they are very responsive. I was on the line with them a few hours ago and they were helping me with an issue I was having. We are currently in the process of consolidating our SQL servers. We want them to be running from a centralized server instead of having different SQL servers scattered all over the place. Technical support is really great at helping us with the process.

While I wasn't at the company for the original implementation, looking at it, it's not that complex of a process. When I got here, we were using the lower version and then we've just upgraded it and used a higher version level. The process wasn't difficult. We upgraded to 10.5, 10.6, now we are on 10.7.

We pay 650 Rand for a license. It is a perpetual license which we normally run for two years. It will be expiring sometime in July and our renewal is normally for two years.

When we are looking at the pricing, nobody will ever say the pricing is bad. Normally what we do is we'll take quotes from different local partners, as McAfee doesn't allow us to buy direct from them. Therefore, we typically deal with resellers.

We are customers and end-users. We don't have a business relationship with McAfee.

We are a central bank and one of the things that we haven't really experienced or gone into is putting our solutions into the cloud - even though everything is moving in that direction. We are moving slowly in that direction as well. We'll get there one day.

I have found this solution easy to use. When you need support, you get it. Even in terms of protection, it's fine. I would recommend it to other users.

I'd rate the solution at an eight out of ten.

We currently have around 50 servers. We aren't really a big company but we have 50 servers which we manage. We use McAfee for the web filtering portion of it. For example, if a user is doing a search on Google, there's a risk-rating web content filter built into McAfee. This alerts us if there are any threats present. 

We have licensed McAfee ENS on a per-server basis. As of now, from memory, I think we have 56 endpoints running McAfee — 56 servers in total.

From the McAfee side, I really like the ePolicy Orchestrator software that allows us to manage all of our endpoints. You can create the deployment policies and whenever there is a new update — a new version of the ENS Agent, or threat protection — we could test it out in the evaluation branch, and even test it on some of our servers.

It's quite easy to manage. Quite intuitive. I would say the dashboard of ePolicy Orchestrator software is quite intuitive and quite easy to understand and manage. 

I have been using this solution for 15 to 20 years.

We have had some issues from the performance side of things, especially when we were deploying new types of software. Sometimes the consumption of resources from McAfee was a bit high. Afterward, these problems were resolved gradually in future versions of McAfee. From what I've read from the release notes, in regard to the handling of memory, McAfee has been doing a better job, which wasn't really the case in the early years. 

It's easily scalable. If I need to deploy the Agent over 800 endpoints, I just have to script it and run a group policy to deploy it to all of our computers on the network — it's quite easy. 

For day-to-day management and ongoing queries, if ever I didn't have the solution to queries, I would just raise the case to the case management section of the McAfee website. Then the McAfee support team would help me out.

I was definitely satisfied with the support team. I really can't complain. They always sent me the correct knowledge-based article and they provided really insightful information to help me find a resolution to the issue. 

At the previous company that I worked for, we used Symantec Endpoint Protection. Now, we are working with CylancePROTECT and OPTICS.

The main reason that we moved from McAfee to Cylance is that McAfee is still a signature-based product. We moved to Cylance, a signatureless-based product, where everything is updated. What I was doing, from an ENS product point stance, I had set reminders to myself and my team to update the Agent and look into the software repository to see if there were any updates every month.

Indeed, every month we had software updates and fixing restrictions. It wasn't good but I now have less of a hard time looking into this from a Cylance perspective as the Cylance library doesn't push one-minute software updates per year. I would say at most, two or three software updates a year, which is very, very small from a software update perspective in comparison to McAfee.

They're both good products. I'm not saying McAfee is a bad product. It's a very, very good product. It's mainly for these reasons that we moved to Cylance.

The ePolicy Orchestrator console is good, but from my side, I would say Cylance has a better artificial intelligence module — the OPTICS module which I would say is the way to go. I haven't really seen the trend in terms of what other companies other than McAfee or Symantec are doing, but Cylance is doing a really good job with this artificial intelligence module. It's great when it comes to notifying the team when it detects something malicious.

With McAfee, if there is a zero-day vulnerability, you have to download the patch for it from the McAfee website, then apply it to your endpoint. With Cylance, it's not like that. Each agent does it by itself — it's like a self-healing application. This is something that signature-based antivirus solutions like McAfee and Symantec didn't have until now, unfortunately. That's why we moved towards Cylance.

It's quite easy to install agents. Deployment and product updates are quite easy, as well. It goes without saying that it comes with some, I would say, low-level training and upscaling but these are easily retrievable from the knowledge base of McAfee.

We manually downloaded their AMCore versions to keep all our endpoints up to date. This way, whenever we troubleshoot the root cause of an issue, we still keep our endpoints as updated as possible and keep our environment safe.

When we installed the Agent — let's say I am building a new VM and new server. When you run the frame package, it's really intense. I would say it takes roughly two minutes to install, then afterward, to install the ENS modules, like the threat protection and web filtering packages, you've got to go through the ePolicy Orchestrator management console. I would say, all in all, it takes roughly 10 minutes.

To get it up to date, to download everything, all the packages, the software updates, and all of the AMCore DAT files as well as the virus definitions, it's quite easy. It doesn't take much time at all.  

For deployment, I worked with one external consultant.

Initially, when I came to the company, I didn't really have a background or any experience managing McAfee. I came from more of a Symantec background but I gained some knowledge from one of our external consultants who really had a deep understanding of McAfee products and their deployment. We had some training sessions and then I could manage the McAfee forum on my own. After a week's worth of training, I could manage McAfee on my own.

We had McAfee on a year renewal. We purchased it initially and then we renewed it on a yearly basis. I think the only reason we are renewing the license is for support reasons. 

I would definitely recommend this solution to others. McAfee is a good product. I worked with Symantec, but personally, I think McAfee is better.

However, in my opinion, now having worked with CylancePROTECT and OPTICS, I think  CylancePROTECT and OPTICS are on another level. Still, we have been working with McAfee for nearly 10 years and I feel it's a very good product. 

Overall, on a scale from one to ten, I would give McAfee a rating of eight.

We use this product for our endpoint security.

The most valuable features are:  

- reporting facility using the ePO console for conformity and threat identification  

- using the advanced threat protection (ATP) 

- MNE module for customising and securing Windows Bitlocker.

We know that McAfee isn't the best antivirus and it can't protect us 100%, although we are okay with the level of protection that it gives us. I don't think that the problem lies in the antivirus, but rather, it's the user. Users are not happy with the antivirus and they try to solve the issue on their own, and that causes very big problems.

The is an incompatibility problem between Mcafee and Linux subsystem for Windows, another that has to do with Outlook and scripts. McAfee knows that, but the problem can't be solved at this time so we try to minimize the effect.

We have been using McAfee Endpoint Security for ten years.

In terms of stability, we haven't had many problems.

We use that solution for more that 10k station and servers, and we have space to grow...

The support that we get from McAfee is excellent.

We tried Bitdefender, F-Secure, and many other products before settling on McAfee. When our central agency switched to McAfee, we all adopted it.

The price of this product is good.

One of our subsidiaries has tried to switch products, although I don't know the reason why. Ultimately, the project was aborted.

My advice for anybody who is looking at McAfee Endpoint Security is simply to use it.

I would rate this solution an eight out of ten.