We performed a comparison between Intercept X Endpoint and Trellix Endpoint Security based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Intercept X Endpoint combines two products into one solution, offering strong performance, server protection, and efficient threat management capabilities. Trellix Endpoint Security is highly valued for its easy administration options and reliability. Intercept X Endpoint could benefit from better integration with third-party vendors and improved support for virtual infrastructures. Reviews suggest that Trellix could reduce resource consumption and improve user-friendliness.
Service and Support: Some users found Intercept X Endpoint's support team knowledgeable and supportive, while others expressed dissatisfaction with responsiveness. Some users have found the support for Trellix Endpoint Security helpful and reliable, while others have encountered ineffective assistance and communication problems.
Ease of Deployment: Intercept X Endpoint has a straightforward initial setup, with quick installation and simple configuration and maintenance. Some users said they occasionally encountered issues that required reinstallation. The setup process for Trellix Endpoint Security varies in difficulty, depending on the user's experience with McAfee and general technical expertise.
Pricing: Intercept X Endpoint is generally seen as fairly priced, but some users think it’s on the higher end of the price scale. Some find Trellix’s price reasonable and competitive, while others believe it could be lowered.
ROI: Users say that Intercept X Endpoint offers exceptional defense against ransomware and zero-day threats, leading to a positive return on investment. Trellix Endpoint Security provides significant time savings.
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"Its most significant advantage lies in its affordability."
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"The product integrates security into one tool instead of having third-party security tools."
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"The most valuable feature of the solution is that it is less hash-based than competitors."
"There are additional security features in Sophos Intercept X as well as proxy rules and settings that help us in minimizing the sites that our agents can go to, even after their work hours."
"I consider the heuristics to be most valuable, the fact that the solution does not work solely on signatures."
"I am impressed with the tool's common dashboard feature. The solution is also easy to deploy and manage. Reporting is also easy with the software."
"Intercept X's smart prevention it's very good as so are its machine learning capabilities for troubleshooting channels and files."
"The most valuable features of Sophos Intercept X are the minimal configuration needed for the end user and the central view of all the endpoints. There are plenty of tools to control and manage the endpoints. Additionally, there is the capability of connecting the endpoint to the CLI."
"The pricing is fair. It's not too costly for our small organization."
"Anti-virus captures malicious threats and an aggressive next generation firewall."
"It's quite easy to install agents."
"The manageability of the product itself is its most valuable aspect. You have the underlying EPO, and on top of it, you can deploy the various components as you require. This is unlike other solutions like Symantec where you have to deploy everything or nothing. With this solution, you can choose to only deploy antivirus or only deploy a firewall, or only something else. I choose the components and that deployment is done through EPO. It makes manageability very flexible."
"The most valuable feature is ease of use."
"The product is quite user-friendly."
"The central management console is powerful. You can manage endpoints, DLP, encryption, and all the other features from a single console."
"The new central console is better than the earlier one."
"We really like the dashboard from Trellix and we've found that it's pretty informative."
"Automatic user recovery prior to Windows booting up."
"The solution does not offer a unified response and standard data."
"Advanced attacks could use an improvement."
"The support team is not competent or responsive."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"When we do investigations, it would be better if Microsoft could populate the host dashboard more. When we open any host for investigation, we want the entire timeline of what is happening on the host, including all the users logging in, their hardware, Windows version, etc."
"The after sales service and support could be improved."
"The number one thing I would like is if their support could be a little faster and it would be a little easier to get a hold of support when you need them."
"The security is good but the feature set is limited."
"There is some issue with the reporting and refreshing information on resources that have been eliminated."
"Installing Sophos Intercept X was not as straightforward, as we had to ask support and had to work with an integrator, though the process didn't take much time, e.g. it was completed within one hour."
"They should work on the logs and events. Sophos Intercept X needs to increase the interface test so that it can export to a live event."
"They might want to offer an MSP model for licensing, to offer the solution as a software as a service."
"It could be a bit easier to implement."
"Although they have increased the complexity, it has affected the scanning speed."
"Tech support is not as helpful as they were in the past."
"Users can just install software into their computers. We need some sort of application control system that, if there are any pieces of software that are not whitelisted, then the solution could flag it or maybe alert the administers. That would be very helpful."
"The price of the solution is high in Asia."
"It would be nice if the solution were to allow not just on-cloud management, but on-premises, as well."
"I would like to have the ability to have more control over the deployment in the next release. If you have this console in the cloud, you cannot make pilot groups for deploying the agents. We only have the current group. So, as soon as you inject the software, it will go directly into production, which doesn't work for us. We need to build up pilot groups slowly. We already requested to have this feature on the cloud, and we are still waiting."
"An area in need of improvement involves the overview, which usually does not enable one to get the value in reports."
"The DAC (Dynamic Application Containment) component of this product needs improvement."
Intercept X Endpoint is ranked 7th in Endpoint Protection Platform (EPP) with 101 reviews while Trellix Endpoint Security is ranked 10th in Endpoint Protection Platform (EPP) with 95 reviews. Intercept X Endpoint is rated 8.4, while Trellix Endpoint Security is rated 8.0. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Fortinet FortiClient, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Intercept X Endpoint vs. Trellix Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.