We performed a comparison between Microsoft Defender for Endpoint and Trellix Endpoint Security based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Microsoft Defender for Endpoint excels in file protection, encryption, and ransomware defense. It integrates seamlessly with other Microsoft security products. Users appreciate its user-friendly interface and scalability. Trellix Endpoint Security is highly valued for its easy administration options and reliability. Users say Microsoft Defender for Endpoint should improve its central console and auto-recovery feature. Users also requested better reporting capabilities and integration with third-party platforms. Reviews suggest that Trellix could reduce resource consumption and improve user-friendliness.
Service and Support: Microsoft customer service garnered mixed feedback. Some praised the fast response times and expertise of the support engineers, while others were dissatisfied with slow replies and a lack of coordination among the support teams. Some users have found Trellix support helpful and reliable, while others have encountered ineffective assistance and communication problems.
Ease of Deployment: Microsoft Defender for Endpoint's setup is straightforward, especially when it’s preloaded on Windows 10. While it can be more complex for larger organizations, it is generally considered simple, particularly for smaller companies or those familiar with Microsoft environments. The setup process for Trellix Endpoint Security varies in difficulty, depending on the user's experience with McAfee and general technical expertise.
Pricing: Reviewers say Microsoft Defender for Endpoint is fairly priced, noting that it is typically included for free with Windows or Microsoft Office 365 subscriptions. However, some users believe that Microsoft's pricing could be more affordable, and others noted that their licensing models can be complex. Some find Trellix’s price reasonable and competitive, while others believe it could be lowered.
ROI: Microsoft Defender for Endpoint delivers cost savings, enhanced efficiency, and heightened threat management. Trellix Endpoint Security provides significant time savings.
"The stability is very good."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The most valuable feature is the analysis, because of the beta structure."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"It is stable and scalable."
"We can react to threats faster and stop them from spreading from one machine to another. It protects from suspicious email attachment downloads. It will lock down the SOC and the workstations."
"It's an enterprise solution that provides a centralized console and it supports all the platforms that we use, including Windows, Linux, Mac, iOS, and Android."
"I've started to test it from the security point of view. There are plenty of features that are interesting, but at this time, the XDR functionality is most valuable. It is endpoint security on steroids."
"This solution definitely increases our security posture. When you are reviewing your existing fleet or endpoints and based on the configuration that you put out of your Defender for Endpoint, you then receive a security score from Microsoft. Depending on what rules you have configured, what policies you have deployed, and what attack surface reduction rules that you have set up and deployed, it is almost gamifying information security in the sense that you are always trying to achieve a higher score. The more hardening you perform on your endpoints, the better score you receive. This generally tends to give you a better peace of mind, but also makes you secure at the same time."
"It's a very solid security system, and the advanced hunting and everything really lets you dive deep into things."
"It's one of the best antiviruses on the market."
"One of the valuable features of the solution is the small updates that keep my machine relatively clean from any infections."
"The most valuable feature is its ability to effectively detect threats. It has the EDR feature, endpoint detection and response, and that is very good."
"One valuable feature is Threat Prevention with the on-demand scan."
"The endpoint protection and disk encryption features are the most valuable."
"The reporting capabilities are a valuable feature. In enables more visibility on our network."
"The detection is great and the solution is constantly improving."
"Trellix Security Endpoint can promptly isolate any host machines directly from the console. If alerts are received and isolation is necessary, it can be accomplished through the console. The console itself holds significant value, accessible through a browser and allowing remote actions via cloud login."
"The most valuable features are the adaptive tech on McAfee."
"It's quite easy to install agents."
"It has improved my organization because it helps with visibility, in terms of security. We can see the actual attack and can contain it. The antivirus can detect that."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"We'd like to see more one-to-one product presentations for the distribution channels."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"It takes about two business days for initial support, which is too slow in urgent situations."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"Making the portal mobile friendly would be helpful when I am out of office."
"It needs to improve the cybersecurity for lateral movements. For example, when a hacker tries to enter a machine, they try to get the password by doing a lateral movement."
"Notifications are always popping up — I hate that."
"Microsoft Defender for Endpoint does not offer default templates for alerts, requiring us to configure everything ourselves to avoid numerous false positives."
"I want Microsoft Defender to have the ability to deal with some issues automatically, so I don't need to address that issue manually."
"There are alternative solutions that offer a greater range of dashboard insights when compared to Microsoft Defender for Endpoint."
"The interface could be improved."
"Cortex... has good investigation capabilities, out-of-the-box, in case there is an event that you'd like to investigate. It's quite convenient. Microsoft has those capabilities as well, but you need a bit more training on the product to get the basic information that you can get out-of-the-box with Cortex."
"If the solution could be integrated more with Defender for Cloud, to be more unified, that would help. It is good now, but even more integration could be done with Defender for Cloud. We see two different portals. If Defender for Endpoint could be ported to the CSPM, Defender for Cloud, that would make things even easier for us."
"The user interface could be improved by making it more user-friendly. There are multiple solutions and there is no clear line differentiating all of them. There is a centralized console where we manage everything but most of the administrators feel a little confused when it comes to managing multiple products from a single place."
"Tech support is not as helpful as they were in the past."
"Signatures to protect against new attacks."
"The DAC (Dynamic Application Containment) component of this product needs improvement."
"One of the drawbacks is that it is not 100% secure."
"Trying to move away from the signature model for antivirus and malware blocking is something that would be nice. Instead of having to update every day, which is signature-based, moving to more of a kernel or architecture-based model would probably be beneficial."
"An area in need of improvement involves the overview, which usually does not enable one to get the value in reports."
"McAfee GW Security and McAfee Child Safety need some improvement as they are relatively new."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews while Trellix Endpoint Security is ranked 12th in Endpoint Protection Platform (EPP) with 94 reviews. Microsoft Defender for Endpoint is rated 8.0, while Trellix Endpoint Security is rated 8.0. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, CrowdStrike Falcon, SentinelOne Singularity Complete and Fortinet FortiClient, whereas Trellix Endpoint Security is most compared with Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks, Trend Micro Deep Security and Cisco Secure Endpoint. See our Microsoft Defender for Endpoint vs. Trellix Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.