We performed a comparison between Trellix Endpoint Security and NetWitness XDR based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Trellix Endpoint Security users like the ePolicy Orchestrator, the solution’s robust central management console. NetWitness XDR is commended for its prompt threat response, seamless integration capabilities, and user behavior analytics. Trellix could improve by reducing resource usage, enhancing stability, and making the solution more user-friendly. Users say NetWitness XDR could improve its threat intelligence and investigation. Some suggested updates to its reporting engine.
Service and Support: Some users say Trellix support is helpful and responsive, while others believe there is room for improvement in communication and resolution times. NetWitness XDR provides effective 24/7 technical support. While some were satisfied with the response times, others experienced delays of up to 48 hours.
Ease of Deployment: Setting up Trellix Endpoint Security is simple if the user has some expertise. Some users found the initial setup of NetWitness uncomplicated, but others faced challenges.
Pricing: Trellix Endpoint Security’s pricing is considered flexible, competitive, and about average compared to other solutions. The total cost of NetWitness XDR depends on the environment and the number of endpoints. Larger users can receive discounts, but users say the solution might be too pricey for smaller companies. NetWitness XDR provides various licenses, including some that feature premium support.
ROI: Users reported saving time by implementing Trellix Endpoint Security. NetWitness XDR has demonstrated positive outcomes by improving threat detection capabilities and facilitating digital forensics.
Comparison Results: Our users prefer Trellix Endpoint Security over NetWitness XDR. Users praised Trellix's extensive management capabilities, low resource usage, and reasonable price. NetWitness XDR receives mixed reviews for its slower performance, and complex licensing. Users also that NetWitness could improve its threat intelligence and user interface. Trellix Endpoint Security earned positive feedback for its customer service and support, while some NetWitness users were unsatisfied with response times.
"Microsoft 365 Defender is a good solution and easy to use."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"Microsoft 365 Defender is a stable solution."
"The summarization of emails is a valuable feature."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"Microsoft Defender XDR is scalable."
"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."
"RSA NetWitness does market analysis in a more granular form. It gives you full visibility."
"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."
"Ability to isolate the machine when there are malicious files."
"The most valuable feature of RSA NetWitness Network is the single unified dashboard from which you can manage all the different products of RSA. Additionally, the integration with native applications is good."
"The interface of this solution is very flexible and easy to use."
"NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"The detection is great and the solution is constantly improving."
"The most valuable features of the solution include DLP (data loss prevention), CASB (cloud access security broker) functionality, endpoint encryption, and cloud workload security."
"One valuable feature is Threat Prevention with the on-demand scan."
"The product’s stability and security features enhance user protection and organizational security."
"McAfee EndPoint Security has a lot of good features that work well if they are implemented properly."
"The performance is good."
"We can manage everything from the central console and it is very easy."
"It provides a robust defense against cybersecurity threats while offering user-friendly features like notifications and approval prompts."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"The support could be more knowledgable to improve their offering."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"The tool gives inconsistent answers and crashes a lot."
"The cost can be high if you want to build custom license packages. Another area for improvement is the policies. In Azure, we need to implement policies in JSON format, but in 365 Defender 365, it would be helpful to use a different format so we can customize the platform."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"The contamination feature could be improved."
"RSA NetWitness Network could improve on integration with non-native application integration."
"The initial setup requires a high level of skill."
"The solution lacks a reporting engine."
"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"The security of this solution needs improvement."
"It can be quite complicated to learn McAfee Endpoint Security and to feel comfortable with the environment."
"The product could do more to keep administration alerted to detected threats on endpoints."
"I've encountered minor challenges related to encryption."
"There are certain shortcomings in the features concerning DLP in Trellix, where certain additions must be made in the future."
"When it runs in the background of the endpoint, the devices get slowed down for some applications."
"Signatures to protect against new attacks."
"We know that McAfee isn't the best antivirus and it can't protect us 100%, although we are okay with the level of protection that it gives us."
NetWitness XDR is ranked 41st in Endpoint Protection Platform (EPP) with 15 reviews while Trellix Endpoint Security is ranked 10th in Endpoint Protection Platform (EPP) with 95 reviews. NetWitness XDR is rated 8.0, while Trellix Endpoint Security is rated 8.0. The top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Microsoft Defender for Endpoint, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our NetWitness XDR vs. Trellix Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.