We performed a comparison between IBM Security QRadar and Trellix Endpoint Security (ENS) based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product's initial setup phase is very easy."
"The price is low and quite competitive with others."
"Forensics is a valuable feature of Fortinet FortiEDR."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The most valuable feature is the analysis, because of the beta structure."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The features that I have found most valuable in QRadar are its data enrichment, use case creations, and adding references - those kinds of features are very good. Also QRadar's event filtration and device integration are perfect."
"There are more than 120 extensions in QRadar, which are easy to install and configure. These can improve your analysis of events."
"The support is very good. We get support whenever we need it. Sometimes they respond immediately and sometimes it will be within 24 hours. We can ask them to please do it right away and they can get a request done within an hour or two."
"What's most valuable in IBM QRadar User Behavior Analytics is its higher availability than other tools."
"It is suitable for large companies with critical infrastructure. For our clients, robustness, availability at a high level, and the level of references and experiences connected to the solution are important."
"It does good correlation for events. It does good general analysis, and it has good apps as well."
"The solution is easy to use, manage, and review all incidents."
"Integrations are quite a useful and key feature of this solution. It has integration with the CVSS score, which is a central point for all the data and scores about the threats. There is an IBM Bluemix dashboard that is integrated with the CVSS score."
"The platform’s most valuable features are ease of use, integration, and deployment."
"It has a feature called Isolation. If a device is compromised, we can connect it to our SOC, and no one would be able to access it. This way we can limit the damage to the network while we are investigating."
"The independent modules are very good."
"Trellix Endpoint Security has a full suite of DLP."
"I have not received any complaints about the performance."
"I found the initial setup to be easy."
"It's a stable solution with good performance."
"The most valuable features of McAfee MVISION Endpoint are advanced threat protection, web filtering, and removable storage devices in the DLP."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The only minor concern is occasional interference with desired programs."
"The dashboard isn't easy to access and manage."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"Making the portal mobile friendly would be helpful when I am out of office."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"I need a solution which will send alerts in the event of any behavior."
"There is a shortage of skilled individuals with knowledge about the solution. There is training required."
"The user interface is a bit difficult to get used to."
"IBM technical support is always terrible."
"I don't give it a 10 because it is something we have to request. I would love it if UBA was included out of the box like Microsoft."
"The Indian tech support is not helpful."
"This solution is on-premise and many customers are moving to the cloud base solution."
"IBM Security QRadar lacks automated response. With this feature, there's no need to visit VirusTotal or other sites for IP reputation. There should be a small plug-in where users can click to retrieve details about the reputation and organization of public IP."
"Performance is a problematic area in the solution needing improvement."
"The product is consolidating its portfolio into one product. It is difficult at the moment."
"You do not have access to all the features when you use the Trellix web interface. For example, you cannot do device or drive encryption from the web interface. Also, when we're working with customers, it's sometimes challenging to get sales support. Delays mean we might lose an opportunity. Lastly, Trellix lacks some documentation about custom features."
"Search feature could be made more user-friendly."
"A policy-editing console should be added."
"If you have another endpoint product running on the same machine, you have to fine tune functions from FireEye to avoid performance and user experience issues."
"So far, McAfee MVISION Endpoint ticks off all of our boxes, but its pricing could always be better."
"The price of McAfee MVISION Endpoint could improve."
More Trellix Endpoint Security (ENS) Pricing and Cost Advice →
IBM Security QRadar is ranked 20th in Endpoint Detection and Response (EDR) with 198 reviews while Trellix Endpoint Security (ENS) is ranked 18th in Endpoint Detection and Response (EDR) with 49 reviews. IBM Security QRadar is rated 8.0, while Trellix Endpoint Security (ENS) is rated 7.6. The top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". On the other hand, the top reviewer of Trellix Endpoint Security (ENS) writes "Reliable with good independent modules and a straightforward setup". IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security, whereas Trellix Endpoint Security (ENS) is most compared with Trellix Endpoint Security, Microsoft Defender for Endpoint, CrowdStrike Falcon, Trellix Endpoint Detection and Response (EDR) and Open EDR. See our IBM Security QRadar vs. Trellix Endpoint Security (ENS) report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.