"The visibility and insight this solution gives you into threats is pretty granular. It has constant monitoring. You can get onto the device trajectory to look at a threat, but you can also see what happened prior to the threat. You can see what happened after the threat. You can see what other applications were incorporated into the execution of the threat. For example, you have the event, but you see that the event was launched by Google Chrome, which was launched by something else. Then, after the event, something else was launched by whatever the threat was. Therefore, it gives you great detail, a timeline, and continuity of events leading up to whatever the incident is, and then, after. This helps you understand and nail down what the threat is and how to fix it."
"The entirety of our network infrastructure is Cisco and the most valuable feature is the integration."
"The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices."
"One of the best features of AMP is its cloud feature. It doesn't matter where the device is in regards to whether it's inside or outside of your network environment, especially right now when everybody's remote and taken their laptops home. You don't have to be VPNed into the environment for AMP to work. AMP will work anywhere in the world, as long as it has an Internet connection. You get protection and reporting with it. No matter where the device is, AMP has still got coverage on it and is protecting it. You still have the ability to manage and remediate things. The cloud feature is the magic bullet. This is what makes the solution a valuable tool as far as I'm concerned."
"The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."
"The most valuable feature is signature-based malware detection."
"Device Trajectory is one of the most valuable features. We're able to dig in and really understand how things came to be and where to focus our efforts."
"If somebody has been compromised, the question always is: How has it affected other devices in the network? Cisco AMP gives you a very neat view of that."
"The most valuable feature is the centralized console where everything can be controlled by the administration."
"The detection is great and the solution is constantly improving."
"There is a new feature where you can set thresholds for all the CPU consumption allowing for no consumption on the servers when the scans happen. It is a separate plugin or addon, and if we have it on all the virtual machines it automatically checks the resources, and based on that, it will schedule the scans. That is something that I have not seen in other antivirus solutions, such as Symantec."
"I have found the most valuable features to be the ability to manage the solution from anywhere and having an overview of the companies security."
"The DLP and user interface are the most valuable feature."
"Technical support is always available and very helpful."
"The solution is reliable."
"The most valuable features are the prevention layer that detects the signature value and prevents threats in the network."
"The traceback feature in XDR is amazing. You can trace back an attack. You can playback where an attack actually occurred and see how the attacker moved. We can easily show this to management, and it makes it easy to make them understand and convince them, which is the best thing."
"The performance is good."
"The most valuable feature of this solution is the virtual path function, which is the reason we chose to implement it."
"The customer service/technical support for this solution is very fast."
"It is stable and we have not faced any challenges during the rolled out"
"The solution is quite secure."
"Aside from the basic antivirus features, there are additional features such as vulnerability protection, firewall, etc. which are helpful."
"Deep Security provides us with a lot of reassurance about security threats. You don't have to worry about a patch not being there in the software. You're confident that all the patches and vulnerabilities are taken care of."
"The room for improvement would be on event notifications. I have mine tuned fairly well. I do feel that if you subscribe to all the event notification types out-of-the-box, or don't really go through and take the time to filter out events, the notifications can become overwhelming with information. Sometimes, when you're overwhelmed with information, you just say, "I'm not going to look at anything because I'm receiving so much." I recommend the vendor come up with a white paper on the best practices for event notifications."
"The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. Instead of paying a license for one computer, I have to license two computers until I manually go in, search for all the duplicate entries, and clean them out myself."
"The connector updates are very easily done now, and that's improving. Previously, the connector had an issue, where almost every time it needed to be updated, it required a machine reboot. This was always a bit of an inconvenience and a bug. Because with a lot of software now, you don't need to do that and shouldn't need to be rebooting all the time."
"The GUI needs improvement, it's not good."
"...the greatest value of all, would be to make the security into a single pane of glass. Whilst these products are largely integrated from a Talos perspective, they're not integrated from a portal perspective. For example, we have to look at an Umbrella portal and a separate AMP portal. We also have to look at a separate portal for the firewalls. If I could wave a magic wand and have one thing, I would put all the Cisco products into one, simple management portal."
"I would like to see integration with Cisco Analytics."
"In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through."
"We have had some problems with updates not playing nice with our environment. This is important, because if there is a new version, we need to test it thoroughly before it goes into production. We cannot just say, "There's a new version. It's not going to give us any problems." With the complexity of the solution using multiple engines for multiple tasks, it can sometimes cause performance issues on our endpoints. Therefore, we need to test it before we deploy. That takes one to three days before we can be certain that the new version plays nice with our environment."
"The solution needs to offer better local technical support."
"The solution takes up a high amount of memory and can cause the system to hang."
"Some agents become old and then they don't communicate well any longer."
"I would like to see more integration with third-party products."
"It would be helpful if the controlling of connections coming to the PC could be done from McAfee's side so that we can block those connections."
"There are more secure featured solutions from McAfee on the market but for smaller companies like ours, they are too expensive."
"It didn't work well for some of the use cases. We have different use cases for each entity. Their support is also not good and needs improvement."
"An area in need of improvement involves the overview, which usually does not enable one to get the value in reports."
"Deep Security's reporting functionality could be improved."
"The cost is very high."
"The licensing structure could improve."
"The problem with this solution is that if you go on large sites you have to have an external database, which would increase the cost."
"They need to build in a central console because central integration is not very good right now."
"f it had the capability of generating retroactive alerts it would be helpful."
"Some of the reporting and integrations could be more robust."
"I think more work could be done on Deep Security's ability to handle dynamic threat scenarios."
Trellix Endpoint Security is ranked 15th in Endpoint Protection for Business (EPP) with 39 reviews while Trend Micro Deep Security is ranked 1st in Virtualization Security with 25 reviews. Trellix Endpoint Security is rated 8.0, while Trend Micro Deep Security is rated 8.4. The top reviewer of Trellix Endpoint Security writes "Protect your business against a wide variety of threats". On the other hand, the top reviewer of Trend Micro Deep Security writes "Scalable and secure with an easy initial setup". Trellix Endpoint Security is most compared with McAfee MVISION Endpoint, Microsoft Defender for Endpoint, Symantec Endpoint Security, Cortex XDR by Palo Alto Networks and Tanium, whereas Trend Micro Deep Security is most compared with Trend Micro Apex One, CrowdStrike Falcon, Microsoft Defender for Endpoint, Symantec Endpoint Security and Kaspersky Endpoint Security for Business.
We monitor all Endpoint Protection for Business (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.