We performed a comparison between CrowdStrike Falcon and Trellix Endpoint Security (ENS) based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The stability is very good."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"This is stable and scalable."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"The solution was relatively easy to deploy."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The 10 hours a week that we are freeing up from having to manage and monitor our AV solution has really allowed us to focus on other areas of the business. This has been a huge return on investment."
"The managed services are distinguished, responsive, dynamic, flexible, and assertive when taking action."
"The feature I like the most is the solution's detection."
"CrowdStrike enables the infrastructure managers to visualize all the events and get information about the network."
"I value the overall behavior analysis of CrowdStrike. The engine of this product is what drew us to this solution."
"I like the Overwatch feature the most."
"It has an extremely low footprint, so it has got minimum impact on the user end points in terms of CPU and memory usage."
"The most valuable aspects of CrowdStrike Falcon for me are its device observability, identification, and software and OS recognition."
"The response part of EDR was most valuable. We used that to separate the endpoint from the network. We utilized the solution during the instant response. We were also utilizing advanced malware detection capabilities, but we benefited the most from its help with the response."
"The performance is good."
"The most valuable feature is user-based policy provision."
"The stability has been great."
"The most valuable features of McAfee MVISION Endpoint are advanced threat protection, web filtering, and removable storage devices in the DLP."
"A great console with a user-friendly GUI."
"It is very valuable in finding out unknown malware."
"The threat scanning is excellent. It uses predictive technology and I can utilize attack data to help us fine-tune our systems and network infrastructure. This protects us against current and future attacks."
"The SIEM could be improved."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"The solution should address emerging threats like SQL injection."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"The solution is not stable."
"FortiEDR can be improved by providing more detailed reporting."
"CrowdStrike Falcon could improve the logs by making them free to the API."
"The dashboard area must be improved. We have integration with Splunk, and we are creating a dashboard there. Their dashboard area must be up to date. It should have more details and more options to create the reports and things like that."
"Some of Falcon's features are a bit pricey."
"We have had to open a case with the technical support to get some issues and bugs resolved."
"I would love to see more investment in Insight because CrowdStrike have an opportunity to potentially displace some of the vulnerability management vendors with the visibility they can see over time. I want to see them continue to evolve, e.g., what other things can they disrupt which are operational things we have to continue to do as an organization."
"CrowdStrike Falcon by itself does not supply in-depth reporting."
"The detection time has room for improvement."
"It does take more time to scan than other solutions."
"A policy-editing console should be added."
"If you have another endpoint product running on the same machine, you have to fine tune functions from FireEye to avoid performance and user experience issues."
"One suggestion is they should reduce the constant notifications. Whenever I open my laptop, there are too many notifications from McAfee, and it gets annoying."
"The solution lacks device control."
"Intrusion detection and intervention seem to be falling behind the competition."
"Looking at the current ePolicy orchestrator, and the transition of most vendors to the cloud, they need to do an improvement with the current dashboard or the overall aesthetic of their GUI."
"The integration and display of the dashboards have to be done better."
"You do not have access to all the features when you use the Trellix web interface. For example, you cannot do device or drive encryption from the web interface. Also, when we're working with customers, it's sometimes challenging to get sales support. Delays mean we might lose an opportunity. Lastly, Trellix lacks some documentation about custom features."
More Trellix Endpoint Security (ENS) Pricing and Cost Advice →
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 105 reviews while Trellix Endpoint Security (ENS) is ranked 18th in Endpoint Protection Platform (EPP) with 48 reviews. CrowdStrike Falcon is rated 8.8, while Trellix Endpoint Security (ENS) is rated 7.6. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Trellix Endpoint Security (ENS) writes "It integrates well with other solutions, but the vendor needs more of a local presence and faster response". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Trellix Endpoint Security (ENS) is most compared with Trellix Endpoint Security, Microsoft Defender for Endpoint, Trellix Endpoint Detection and Response (EDR), Open EDR and SentinelOne Singularity Complete. See our CrowdStrike Falcon vs. Trellix Endpoint Security (ENS) report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Hello, I think it doesn't make sense to just compare device protection and automated response security solutions, it's missing to protect identities, devices, and insider access. I think: The best and most valuable option is Microsoft.
Microsoft 365 Defender is a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks.
With the integrated Microsoft 365 Defender solution, security professionals can stitch together the threat signals that each of these products receive and determine the full scope and impact of the threat; how it entered the environment, what it's affected, and how it's currently impacting the organization. Microsoft 365 Defender takes automatic action to prevent or stop the attack and self-heal affected mailboxes, endpoints, and user identities.
Microsoft 365 Defender services includes:
1. Microsoft Defender for Endpoint, is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.
2. Microsoft Defender for Office 365, Plan 1 protects email and collaboration from zero-day malware, phish, and business email compromise, Plan 2 adds post-breach investigation, hunting, and response, as well as automation, and simulation (for training).
3. Microsoft Defender for Identity, a cloud service that helps protect your enterprise hybrid environments from multiple types of advanced targeted cyber-attacks and insider threats.
4. Microsoft Cloud App Security, is a Cloud Access Security Broker (CASB) that operates on multiple clouds. It provides rich visibility, control over data travel, and sophisticated analytics to identify and combat cyber threats across all your cloud services.
If the end customer already has Microsoft 365 in companies or educational institutions, they already have the collaboration tools, only the security and endpoint management tools should be added, all with Microsoft 365 E5/A5, no more investment is being made, it is being consolidated, visibility is gained, responses are automated, the fatigue of operating so many security events that you do not have the time or personnel to review them decrease.
I hope this has generated value for you.