We compared Trellix Endpoint Security and VMware Carbon Black Endpoint based on our users reviews in five parameters. After reading the collected data, you can find our conclusion below:
Comparison Results: Trellix offers a comprehensive management console and easy setup process, with a wide range of features. However, it could improve in terms of agent communication and user experience. In contrast, VMware Carbon Black Endpoint has a more challenging initial setup but excels in continuous monitoring, incident detection and response. It could benefit from improvements in areas such as GUI, integration, and support. Overall, Trellix may have an advantage in user-friendly setup and management, while Carbon Black stands out in threat detection and response capabilities.
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"Ability to get forensics details and also memory exfiltration."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"The most valuable feature is the analysis, because of the beta structure."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"When Intel acquired McAfee they worked on the protocol so that all vendors can work on the same platform. It's a very big improvement in McAfee. All McAfee products talk to each other. Other vendor's products can join this platform as well so it makes it more powerful on the enterprise side for McAfee."
"The DLP and user interface are the most valuable feature."
"The most valuable feature of Trellix Endpoint Security is containment, which takes less than a minute."
"A big advantage of McAfee Endpoint Security is the ability to manage very big environments. We are supporting environments with 200,000 to 300,000 endpoints. The ability to manage with one single console is very important for us. McAfee has phenomenally improved in terms of detection. It provides real-time detection and response with the error, Real Protect, and reputations. It is not only based on signatures but also on behavior analytics, artificial intelligence, or machine learning. We have environments that never had issues with ransomware in the last 20 years. McAfee has a very good performance in this field."
"Initially, the DLP was very valuable for disabling access to USB drives."
"Trellix Endpoint Security offers robust access protection, addressing major concerns in prevention. It provides both application control and user access control within its access protection features."
"The thing that I like is that they have gathered almost all the products in one management server, the ePolicy Orchestrator."
"Would benefit with the addition of DLP features."
"The EDR and reports were helpful in improving our organization."
"The initial setup was fairly easy."
"The data analysis is the most valuable because of the whitelist database. It is different than standard IDS solutions."
"The most valuable asset is the time-lining capability for any breach activity."
"Once the solution is installed and configured correctly it does not require a lot of hands-on attention until you need upgrading."
"The solution is extremely scalable."
"The most valuable feature of the solution stems from the support it provides."
"Behavioral Monitoring stops known malicious events before they even begin."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"Detections could be improved."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The support needs improvement."
"FortiEDR can be improved by providing more detailed reporting."
"The SIEM could be improved."
"The solution should address emerging threats like SQL injection."
"The dashboard isn't easy to access and manage."
"Recently, Trellix has introduced a CDR, which involves more manual response than automatic. I believe they should enhance the system by adding features like automated response and the ability to create custom playbooks. This is crucial for an EDR solution, and currently, Trellix lacks this feature while other products offer it."
"It would be helpful if the controlling of connections coming to the PC could be done from McAfee's side so that we can block those connections."
"Tech support is not as helpful as they were in the past."
"We’re facing remote installation issues sometimes:"
"There are two main areas that require improvement. One is the size of the packages. Although I'll admit manageability is good, if I want to deploy, let's say just the antivirus or just the firewall, each of those package sizes are quite large. They are sometimes as big as 200MB or 250MB. When I have operations in remote areas where connectivity is always poor, it's difficult. To deploy such a package in a remote location over the internet or something like that is always challenging."
"The initial setup isn't so easy. You need to know what you are doing."
"Currently, Trellix Endpoint Security can't find the running mutexes, while other open-source products can do it."
"I would like to have the ability to have more control over the deployment in the next release. If you have this console in the cloud, you cannot make pilot groups for deploying the agents. We only have the current group. So, as soon as you inject the software, it will go directly into production, which doesn't work for us. We need to build up pilot groups slowly. We already requested to have this feature on the cloud, and we are still waiting."
"The endpoint machines need improvement."
"The product's stability could be improved."
"The feature set for the firewall needs improvement."
"Performing a malware scan usually takes a lot of time, more than 24 hours."
"The GUI and reporting should be addressed and the product's administration features need fine tuning."
"Occasionally, we'll have issues with the latest version and they'll basically tell us that they will improve it in the next iteration. They need to work on their version release quality."
"This solution could have greater granular control on how certain applications work."
"It would be nice to have additional forensic tools that you can build into the back end."
Trellix Endpoint Security is ranked 12th in Endpoint Protection Platform (EPP) with 94 reviews while VMware Carbon Black Endpoint is ranked 17th in Endpoint Protection Platform (EPP) with 61 reviews. Trellix Endpoint Security is rated 8.0, while VMware Carbon Black Endpoint is rated 8.0. The top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". On the other hand, the top reviewer of VMware Carbon Black Endpoint writes "Centralization via the cloud allows us to protect and control people working from home". Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Cisco Secure Endpoint, whereas VMware Carbon Black Endpoint is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Cortex XDR by Palo Alto Networks. See our Trellix Endpoint Security vs. VMware Carbon Black Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.