We performed a comparison between Cortex XDR by Palo Alto Networks and Trellix Endpoint Security (ENS) based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Additionally, when it comes to EDR, there are more tools available to assist with client work."
"Ability to get forensics details and also memory exfiltration."
"This is stable and scalable."
"It is stable and scalable."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The price is low and quite competitive with others."
"Palo Alto is constantly adding new features."
"If there are multiple alerts, the app will automatically create and rate an event instead of going through each one."
"Their XDR agent and their behavioral indicators of compromise (BIOC) are pretty nice. Their managed threat hunting is also pretty nice. They also have WildFire, which is a service for actively looking for malware. It's quite useful."
"We have a complete overview of all our PCs and it's very easy to handle and to use the interface. It has a lot of benefits for us."
"Traps is quite a stable product. Once it was properly deployed and configured, you have nothing to be worried about."
"After deploying Traps, we saw the performance of the network improve by 65 to 70 percent."
"We can use Cortex XDR to get the entire graph of the incidents from source to destination, and we can take remedial action."
"The one feature of Palo Alto Networks Traps that our organization finds most valuable is the App ID service."
"The most valuable features of McAfee MVISION Endpoint are advanced threat protection, web filtering, and removable storage devices in the DLP."
"The tool has contributed to improving our security posture. While it's just one part of our overall solution, it plays a crucial role. As we continue to evolve, we anticipate it becoming even more important alongside other aspects like network behavior and additional metrics."
"It's good that it periodically scans all my drives. I can stay up to date with the status of my drivers and update them if needed."
"The stability has been great."
"It is scalable and stable and the initial setup is the easiest part of using the product."
"The features we have found most valuable have been containment as well as the ability to triage agent activities."
"It's very stable and reliable."
"Provides protection against threats."
"The only minor concern is occasional interference with desired programs."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The solution should address emerging threats like SQL injection."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"FortiEDR can be improved by providing more detailed reporting."
"The licensing model is complex to understand. It requires expertise to explain how the licensing works. You need expertise to guide you through the subscription plan."
"It would be better if they could educate the customers more. Some sort of seminars and roadshows will help educate the customers and show what the product can do. The price could be better. It would also help if they had a team for deployment and support."
"The solution can never really be an on-premises solution based simply on the way it is set up. It needs metadata to run and improve. Having an on-premises solution would cut it off from making improvements."
"There are some false positives. What our guys would have liked is that it would have been easier to manipulate as soon as they found a false positive that they knew was a false positive. How to do so was not obvious. Some people complained about it. The interface, the ESM, is not user-friendly."
"In an upcoming release, the solution could improve by proving hard disk encryption. If it could support this it would be a complete solution."
"The tool needs to be improved in terms of integration and interface."
"It would be good to have a better way to search for a file within the UI."
"They have the worst support, as a company, that I have ever worked with, as they are difficult to get a hold of and keep on the phone. They don't know what they are talking about when you get them on the phone. They don't like to respond to messages when you send them to them. They like to "research problems" for weeks on end, then pass you off to somebody else."
"The way that signatures work when using this solution could be improved. They could be more user friendly. We would like the ability to select a client's signature from a menu or file share to save time."
"Looking at the current ePolicy orchestrator, and the transition of most vendors to the cloud, they need to do an improvement with the current dashboard or the overall aesthetic of their GUI."
"You do not have access to all the features when you use the Trellix web interface. For example, you cannot do device or drive encryption from the web interface. Also, when we're working with customers, it's sometimes challenging to get sales support. Delays mean we might lose an opportunity. Lastly, Trellix lacks some documentation about custom features."
"We'd like better UI on the management screen."
"Impacts performance of the servers quite negatively."
"The product is consolidating its portfolio into one product. It is difficult at the moment."
"Sometimes, one might face issues with the scalability of the product. The aforementioned area can be considered for improvement."
"There is room for improvement in the pricing. The price should be improved, it's high."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
More Trellix Endpoint Security (ENS) Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Endpoint Protection Platform (EPP) with 80 reviews while Trellix Endpoint Security (ENS) is ranked 18th in Endpoint Protection Platform (EPP) with 48 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Trellix Endpoint Security (ENS) is rated 7.6. The top reviewer of Cortex XDR by Palo Alto Networks writes "It provides a whole new level of visibility and integrates with most other vendors". On the other hand, the top reviewer of Trellix Endpoint Security (ENS) writes "Reliable with good independent modules and a straightforward setup". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and SentinelOne Singularity Complete, whereas Trellix Endpoint Security (ENS) is most compared with Trellix Endpoint Security, Microsoft Defender for Endpoint, CrowdStrike Falcon, Trellix Endpoint Detection and Response (EDR) and Fortinet FortiClient. See our Cortex XDR by Palo Alto Networks vs. Trellix Endpoint Security (ENS) report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.