• Home
  • NetWitness XDR vs. Trellix Endpoint Security

NetWitness XDR vs Trellix Endpoint Security comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
Microsoft Defender XDR
Read 78 Microsoft Defender XDR reviews
6,000 views|4,488 comparisons
97% willing to recommend
NetWitness Logo
NetWitness XDR
Read 15 NetWitness XDR reviews
940 views|659 comparisons
87% willing to recommend
Trellix Logo
Trellix Endpoint Security
Read 95 Trellix Endpoint Security reviews
17,617 views|10,465 comparisons
92% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
NetWitness XDR vs. Trellix Endpoint Security
May 2024
Executive Summary
Updated on Jul 8, 2023

We performed a comparison between Trellix Endpoint Security and NetWitness XDR based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Features: Trellix Endpoint Security users like the ePolicy Orchestrator, the solution’s robust central management console. NetWitness XDR is commended for its prompt threat response, seamless integration capabilities, and user behavior analytics. Trellix could improve by reducing resource usage, enhancing stability, and making the solution more user-friendly. Users say NetWitness XDR could improve its threat intelligence and investigation. Some suggested updates to its reporting engine.

  • Service and Support: Some users say Trellix support is helpful and responsive, while others believe there is room for improvement in communication and resolution times. NetWitness XDR provides effective 24/7 technical support. While some were satisfied with the response times, others experienced delays of up to 48 hours.

  • Ease of Deployment: Setting up Trellix Endpoint Security is simple if the user has some expertise. Some users found the initial setup of NetWitness uncomplicated, but others faced challenges.

  • Pricing: Trellix Endpoint Security’s pricing is considered flexible, competitive, and about average compared to other solutions. The total cost of NetWitness XDR depends on the environment and the number of endpoints. Larger users can receive discounts, but users say the solution might be too pricey for smaller companies. NetWitness XDR provides various licenses, including some that feature premium support.

  • ROI: Users reported saving time by implementing Trellix Endpoint Security. NetWitness XDR has demonstrated positive outcomes by improving threat detection capabilities and facilitating digital forensics.

Comparison Results: Our users prefer Trellix Endpoint Security over NetWitness XDR. Users praised Trellix's extensive management capabilities, low resource usage, and reasonable price. NetWitness XDR receives mixed reviews for its slower performance, and complex licensing. Users also that NetWitness could improve its threat intelligence and user interface. Trellix Endpoint Security earned positive feedback for its customer service and support, while some NetWitness users were unsatisfied with response times.

To learn more, read our detailed NetWitness XDR vs. Trellix Endpoint Security Report (Updated: May 2024).
Download the complete report
771,157 professionals have used our research since 2012.
Featured Review
Benjamin Van Der Westhuyzen
Provides us with better insight into what's going on across our platform
It provides us with better insight into what's going on across our platform. It has also given us a very easy way to respond when threats or alerts... Read more →
Anonymous User
Advanced threat detection undermined by issues with blocking
NetWitness Endpoint has enabled us to detect attacks that bypass the first stage of cybersecurity, like zero-day and advanced attacks.
Anonymous User
Scalable and quickly deployable, but they should try moving away from the signature-based model
It's mainly for compliance. In terms of products in the market, it's probably not the best, but it's the one that is already paid for under the... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Microsoft 365 Defender is a good solution and easy to use.""The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management.""Microsoft 365 Defender is a stable solution.""The summarization of emails is a valuable feature.""It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment.""Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing.""Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP.""Microsoft Defender XDR is scalable."

More Microsoft Defender XDR Pros →

"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication.""RSA NetWitness does market analysis in a more granular form. It gives you full visibility.""We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues.""Ability to isolate the machine when there are malicious files.""The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good.""The interface of this solution is very flexible and easy to use.""NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console.""They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."

More NetWitness XDR Pros →

"The detection is great and the solution is constantly improving.""The most valuable features of the solution include DLP (data loss prevention), CASB (cloud access security broker) functionality, endpoint encryption, and cloud workload security.""One valuable feature is Threat Prevention with the on-demand scan.""The product’s stability and security features enhance user protection and organizational security.""McAfee EndPoint Security has a lot of good features that work well if they are implemented properly.""The performance is good.""We can manage everything from the central console and it is very easy.""It provides a robust defense against cybersecurity threats while offering user-friendly features like notifications and approval prompts."

More Trellix Endpoint Security Pros →

Cons
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera.""What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution.""The support could be more knowledgable to improve their offering.""Microsoft Defender XDR is not a full-fledged EDR or XDR.""Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful.""One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions.""The tool gives inconsistent answers and crashes a lot.""The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."

More Microsoft Defender XDR Cons →

"The threat intelligence could improve in RSA NetWitness Endpoint.""The contamination feature could be improved.""RSA NetWitness Network could improve on integration with non-native application integration.""The initial setup requires a high level of skill.""The solution lacks a reporting engine.""This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available.""I would like to see Security Orchestration and Response Automation (SOAR) integration.""When analyzing something, you have to click several times. It requires a lot of effort to find something."

More NetWitness XDR Cons →

"The security of this solution needs improvement.""It can be quite complicated to learn McAfee Endpoint Security and to feel comfortable with the environment.""The product could do more to keep administration alerted to detected threats on endpoints.""I've encountered minor challenges related to encryption.""There are certain shortcomings in the features concerning DLP in Trellix, where certain additions must be made in the future.""When it runs in the background of the endpoint, the devices get slowed down for some applications.""Signatures to protect against new attacks.""We know that McAfee isn't the best antivirus and it can't protect us 100%, although we are okay with the level of protection that it gives us."

More Trellix Endpoint Security Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."

    • More Microsoft Defender XDR Pricing and Cost Advice →

  • "With RSA, there is flexibility in choosing the service, products, and the range that meets your requirement, as well as they are flexible in terms of pricing."
  • "They can easily adjust if you have the requirements which are required. If you have a budget cut or a budget constraint, they can bend."
  • "It is highly scalable. It can be bought based on your requirements."
  • "I do not have any opinion on the pricing or licensing of the product."
  • "The cost depends on the number of endpoints that you want to monitor, but it is not expensive."
  • "It is an expensive product."
  • "The price of the solution depends on the environment. If the environment is large then it will cost more. However, the larger the environment with more endpoints, you will receive an increased discount. If the environment is very small, then you might think it is expensive. It is always better to buy in bulk to receive a discount. The minimum number of assets is usually 500, with discounts on 1000 and 2000."
  • "The pricing is not very economical. It is a quite costly product for India. One thing is that when you purchase it, you have to purchase a module separately."

    • More NetWitness XDR Pricing and Cost Advice →

  • "The initial price is very good as they give good initial discounts, but it seems a little expensive once you renew the license."
  • "Pricing is fair."
  • "No comment."
  • "The pricing is comparable to other solutions on the market."
  • "This product is costly."
  • "It's fairly priced compared to other products on the market."
  • "Pricing is reasonable and runs at a cost per user per year."
  • "It is not that expensive. There is no additional cost. We got the entire bundle together."

    • More Trellix Endpoint Security Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
    See Recommendations
    771,157 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Microsoft 365 Defender?
    Top Answer:The integration, visibility, vulnerability management, and device identification are valuable.
    Read all 38 answers   →
    What is your experience regarding pricing and costs for Microsoft 365 Def...
    Top Answer:There is the cost of the license, and there is the cost of implementation services. Only by enabling a license for your… more »
    Read all 29 answers   →
    What needs improvement with Microsoft 365 Defender?
    Top Answer:The web filtering solution needs to be improved because currently, it is very simple. It is very important. Integrations… more »
    Read all 37 answers   →
    What do you like most about NetWitness XDR?
    Top Answer:Technical support is knowledgeable.
    Read all 15 answers   →
    What is your experience regarding pricing and costs for NetWitness XDR?
    Top Answer:The solution is expensive. I'd rate it at a one or two out of five. They need to adjust it to keep up with the… more »
    Read all 10 answers   →
    What needs improvement with NetWitness XDR?
    Top Answer:I have no real complaints about the solution. Threat detection could be better. They need to enhance their threat… more »
    Read all 14 answers   →
    How does McAfee Endpoint Security compare with MVISION?
    Top Answer:The flexible manageability of McAfee Endpoint Security is one of our favorite aspects of this solution. You can deploy… more »
    Read all 2 answers   →
    What do you like most about McAfee Endpoint Security?
    Top Answer:It provides a robust defense against cybersecurity threats while offering user-friendly features like notifications and… more »
    Read all 53 answers   →
    What is your experience regarding pricing and costs for McAfee Endpoint S...
    Top Answer:I would emphasize its affordability rather than merely focusing on cheapness. It provides good value by striking a… more »
    Read all 32 answers   →
    Comparisons
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    RSA ECAT, NetWitness Network
    McAfee Endpoint Security, McAfee Complete Endpoint Protection, McAfee Endpoint Protection, Total Protection for Endpoint, Intel Security Total Protection for Endpoint, MCAFEE Complete Endpoint Protection
    Learn More
    Microsoft
    NetWitness
    Video Not Available
    Trellix
    Overview

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    Using a centralized combination of network and endpoint analysis, behavioral analysis, data science techniques and threat intelligence, NetWitness XDR helps analysts detect and resolve known and unknown attacks while automating and orchestrating the incident response lifecycle. With these capabilities on one platform, security teams can collapse disparate tools and data into a powerful, blazingly fast user interface.

    Trellix Endpoint Security provides aggressive robust protection for every endpoint in an enterprise organization. Trellix uses dynamic threat intelligence and mounts a superb defense across the complete threat lifecycle. This solution will keep your organization more secure and resistant to any possible threat of risks. Trellix offers an amalgamated suite of next-generation endpoint security tools. These tools give users the benefit of machine learning, intuitive intelligence, and greater assistance to ensure their networks are being protected non-stop against threats - potential or realized - and can stop attacks before they happen. Trellix uses MDR (managed detection and response) and XDR (extended detection and response) to give users a comprehensive endpoint security solution.

    Trellix Endpoint Security Benefits

    • Intuitive Protection: Trellix Endpoint Security learns and matures to ensure organizations are continuously protected in today’s aggressive threat environment. Users have full visibility and greater control of all endpoints and are able to utilize Trellix Endpoint Security’s potent threat detection, prevention, investigation, and response to keep their enterprises safe and secure.

    • Streamlined Security Protection: Users have a single view of full transparency into how their networks are performing and the overall effectiveness of the security. Users can access the solution from anywhere and manage automated workflows. The solution allows for a streamlined security process to improve the overall reliability of the organization's security and can effortlessly scan through hundreds of thousands of endpoints in minutes.

    • Robust Risk Management: Stop attacks before they occur and keep abreast of potential threats with intuitive threat prioritization. Receive easy to understand risk assessment and repair guidance without delay to prevent any possible lapses in security. Test scenarios will allow users to see how the organization would respond to a threat scheme.

    Trellix Endpoint Security Top Features

    • Consolidated Management: Trellix offers numerous deployment options. The unique consolidated management process provides full transparency, cost-effective processes, improved IT functionality, and streamlined operations.

    • Intuitive Processes: Trellix can identify zero-day threats using machine learning and develop workable risk assessment to prevent attacks. Trellix intuitively creates protocols to recognize problematic processes that could lead to future attacks.
    • Reduced Impact on Resources: Trellix learns to focus on suspicious or anomalous activities by quickly identifying trusted activities to greatly reduce CPU consumption.

    Reviews from Real Users

    “It has a great console. We can manage everything from the central console and it is very easy. Every year we are getting the benefits of legacy also. It's easy to set up.” - S Fazlul H., IT Lead Engineer, Information Technology at Banglalink

    “There is a new feature where you can set thresholds for all the CPU consumption allowing for no consumption on the servers when the scans happen. It is a separate plugin or addon, and if we have it on all the virtual machines it automatically checks the resources, and based on that, it will schedule the scans. That is something that I have not seen in other antivirus solutions, such as Symantec.” - Sabari K. Senior Engineer at a comms service provider

    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    ADP, Ameritas, Partners Healthcare
    inHouseIT, Seagate Technology
    Top Industries
    REVIEWERS
    Manufacturing Company18%
    Computer Software Company13%
    Financial Services Firm13%
    Government10%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government8%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company15%
    Government8%
    Manufacturing Company7%
    REVIEWERS
    Computer Software Company22%
    Financial Services Firm20%
    Comms Service Provider9%
    Government9%
    VISITORS READING REVIEWS
    Educational Organization37%
    Government9%
    Computer Software Company8%
    Manufacturing Company7%
    Company Size
    REVIEWERS
    Small Business42%
    Midsize Enterprise22%
    Large Enterprise36%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    REVIEWERS
    Small Business59%
    Midsize Enterprise24%
    Large Enterprise18%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise16%
    Large Enterprise67%
    REVIEWERS
    Small Business42%
    Midsize Enterprise22%
    Large Enterprise36%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise45%
    Large Enterprise41%
    Buyer's Guide
    NetWitness XDR vs. Trellix Endpoint Security
    May 2024
    Free Report: NetWitness XDR vs. Trellix Endpoint Security
    Find out what your peers are saying about NetWitness XDR vs. Trellix Endpoint Security and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    771,157 professionals have used our research since 2012.

    NetWitness XDR is ranked 41st in Endpoint Protection Platform (EPP) with 15 reviews while Trellix Endpoint Security is ranked 10th in Endpoint Protection Platform (EPP) with 95 reviews. NetWitness XDR is rated 8.0, while Trellix Endpoint Security is rated 8.0. The top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Microsoft Defender for Endpoint, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our NetWitness XDR vs. Trellix Endpoint Security report.

    See our list of best Endpoint Protection Platform (EPP) vendors and best Extended Detection and Response (XDR) vendors.

    We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.