We performed a comparison between Microsoft Defender XDR and Trellix Endpoint Security (ENS) based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Forensics is a valuable feature of Fortinet FortiEDR."
"The product detects and blocks threats and is more proactive than firewalls."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The solution was relatively easy to deploy."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"The most valuable feature is the network security."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"It is a really strong solution for endpoint security."
"The technical support services are good."
"FireEye Endpoint Security is easy to use and lightweight compared to others."
"It has a feature called Isolation. If a device is compromised, we can connect it to our SOC, and no one would be able to access it. This way we can limit the damage to the network while we are investigating."
"The extendability is great."
"A great console with a user-friendly GUI."
"The most valuable feature of this solution is its simplicity."
"Provides protection against threats."
"It takes about two business days for initial support, which is too slow in urgent situations."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"I haven't seen the use of AI in the solution."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"At times, there may be delays in the execution of certain actions and their effects."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"The data recovery and backup could be improved."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"The complexity of advanced modules can be improved."
"The price of McAfee MVISION Endpoint could improve."
"Search feature could be made more user-friendly."
"Sometimes, one might face issues with the scalability of the product. The aforementioned area can be considered for improvement."
"The product needs to reduce the usage of RAM and CPU."
"One suggestion is they should reduce the constant notifications. Whenever I open my laptop, there are too many notifications from McAfee, and it gets annoying."
"The solution lacks device control."
"The solution needs to work on memory consumption. It is too high."
More Trellix Endpoint Security (ENS) Pricing and Cost Advice →
Microsoft Defender XDR is ranked 7th in Endpoint Detection and Response (EDR) with 78 reviews while Trellix Endpoint Security (ENS) is ranked 18th in Endpoint Detection and Response (EDR) with 49 reviews. Microsoft Defender XDR is rated 8.4, while Trellix Endpoint Security (ENS) is rated 7.6. The top reviewer of Microsoft Defender XDR writes "Includes four services and four products, which can help organizations a lot". On the other hand, the top reviewer of Trellix Endpoint Security (ENS) writes "Reliable with good independent modules and a straightforward setup". Microsoft Defender XDR is most compared with CrowdStrike Falcon, Microsoft Defender for Cloud, Microsoft Purview Compliance Manager, Wazuh and Microsoft Entra ID, whereas Trellix Endpoint Security (ENS) is most compared with Trellix Endpoint Security, Microsoft Defender for Endpoint, CrowdStrike Falcon, Trellix Endpoint Detection and Response (EDR) and Open EDR. See our Microsoft Defender XDR vs. Trellix Endpoint Security (ENS) report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.