Endpoint Protector Reviews

I work for a financial services company. As a consequence, we work with multiple lenders and lender clients; essentially banks and building societies. There's a requirement in this industry for tight controls from an information security point of view. For many years we've had industry requirements to deploy a number of technical controls to secure things like device control.

Prior to using Endpoint Protector, we used Ivanti Device Control. However, from the UI point of view, it was a bit of a dated product, and some of the functionality wasn't brilliant. We also took a recommendation from our service provider, who had been using this product with other customers, and as such we deployed CoSoSys Endpoint Protector. We primarily have one single purpose, which is to secure all of our endpoints, mostly laptops. We have a very small number of client computers as well, but we primarily use it to block all removable media and all USB points on the laptops.

As a business, we don't enable and support the use of removable media. We do have a small number of use cases where that is allowed, primarily within our IT team, but they are the exception. As such, every single USB port is blocked across the business with Endpoint Protector to mitigate the risk of somebody intentionally, accidentally, or for whatever reason being tricked into inputting their USB drive into our network which would then cause potentially a risk to the confidentiality, integrity, and availability of our data.

We have a contractual requirement for us to have a tool like CoSoSys. It mitigates risk for us as a business by enabling us to be sure that no one can exfiltrate data from our company via USB media or be infected by malware by plugging a device into an endpoint.

We only use that one particular feature. I believe there are other features available but I don't believe we pay for the other elements of functionality of the software. There are other features like DLP within the software, however, we have a suite of additional tools within our business to control those other elements so we use CoSoSys exclusively for device control.

We only use it for a very small use case. It certainly has a wide range of functionality, although, we don't use the vast majority of the functionality because we don't pay for it or because we have other tools in place that are specific for a certain purpose.

The granularity of the policies that we can create is good. We block USB media. One of the reasons we left our previous provider is because of the lack of this functionality. We have built some custom rules to make exceptions for staff members that should be able to use USB media. Of course, the ability to amend and write policies is far more granular than the previous product that we used. Switches, disabling and blocking Bluetooth, weren't available with our previous supplier. 

The feature that locks down USB devices means that if you plug removable media into any of our USB drives, it blocks it. As we block, we blacklist all the types of USB devices, and the cloud running trail blocks that. If someone puts the USB drive in, it will block them from opening that drive or even registering that drive. If they want to make an exception, they have to make a formal request to do so, and that can be made either by email or through an application to our IT desk.

The versatility regarding the exit point Endpoint Protector supports in making sure that important data doesn't leave our organization is vital for us. In the industry that we're in, data breaches are a significant concern. While our staff is contractually required to maintain confidentiality and they're all very aware that they shouldn't try and transfer company data of different classifications elsewhere to non-company devices, there's a risk. If we didn't have Endpoint Protector in place, they could plug in a USB drive, copy a file onto the USB drive, and then take that onto their personal computer or share it externally, whether that be with the press or the public, etc. This tool stops that from happening. It means employees are unable to share files and exfiltrate data via that channel.

We have other controls to stop other channels. One of the biggest concerns for us as a business is employees sharing data via the internet, dragging files and confidential information from our computer drives into Dropbox or into Webmail, et cetera. We have other controls and tools to stop that. But Endpoint Protector is used exclusively to stop USB media.If we didn't have Endpoint Protector in place, they could plug in a USB drive, copy a file onto the USB drive, and then take that onto their personal computer or share it externally, whether that be with the press or the public, etc. This tool stops that from happening. It means employees are unable to share files and exfiltrate data via that channel.

We have other controls to stop other channels. One of the biggest concerns for us as a business is employees sharing data via the internet, dragging files and confidential information from our computer drives into Dropbox or into Webmail, et cetera. We have other controls and tools to stop that. But Endpoint Protector is used exclusively to stop USB media.

I have been using Endpoint Protector for 18 months.

The stability is very comfortable. We have no qualms or concerns. There have not been any incidents or issues with it not working, or any problems that I'm aware of. Any kind of such problems would be raised to my attention and discussion review, and there haven't been any concerns raised by users or with our IT service desk. There has been no concern there.

Scalability is about the policies. We could deploy it simply to larger groups of people as and when required. There's a procedure where we deploy using an RMM tool. It's easy to deploy.

At present, we don't have plans to increase usage. We have a number of different controls and requirements, and we have specialist tools for each of the different requirements. We're also trying to move towards a Microsoft stack where possible because we have so many different tools in use. Microsoft doesn't do device control. 

I have never personally been involved with technical support. There was joint deployment with our MSP. There have been no problems, so I think it's fairly positive.

We were previously using Ivanti.

The setup was quite straightforward and didn't cause any issues. But I wasn't involved. Our IT system team deployed it around 18 months ago. I was quite new to the business at the time. It went relatively smoothly, there were no hiccups, and there were no deployment problems.

It took under a few weeks to implement. It was not a couple of weeks of solid work. We deployed it slowly within a UAT testing environment and only on a small number of laptops. Once we were comfortable that the config was working as expected, then we deployed our tool to other users. We deployed the end client to all endpoints using an RMM tool we use from SolarWinds.

We have a managed service provider who we use to support some of our IT needs. They were the ones who recommended the products and they would have been the ones who actually implemented the product and do much of the actual deployment with our IT service desk.

The implementation required around 2-3 staff members. It was one person from the MSP and two people in-house who would have worked on that project to deploy it. It was a normal project team for the deployment of that size.

Day-to-day maintenance only requires one or two employees. We don't have somebody looking at it daily, but our service desk will review it, update it, and amend things within the tool as and when required. It really runs by itself, it's not a huge amount of maintenance, which is a good thing.

ROI is very hard to quantify but Endpoint Protector is ultimately priceless. If device control wasn't in place, any single data breach that could occur as a consequence of a USB device being able to transfer data externally could result, for us as a business, in considerable loss, and considerable fines. There are massive fines for data breaches in the UK.

Data breaches could have a very significant reputational impact on our business. It's very difficult to quantify, but we haven't had any of these breaches. If we didn't have Endpoint Protector in place, we would be at a higher risk.

The pricing is very fair. No concerns. We don't have massive budgets, we're quite a small company, but we don't have small budgets either. I think it's quite competitive.

I don't believe there are additional costs in addition to standard licensing. 

We reviewed Ivanti Device Control, which is the previous tool we were using, and we compared it with Endpoint Protector's product set. Then we compared the prices and compared the features, and decided to go with Endpoint Protector over the previous supplier.

We have a third-party that automatically encrypts confidential data transferred to USB storage devices. That's not a use case for us with Endpoint Protector.

We exclusively use Windows. We do have instances of Linux, but from an endpoint point of view, it is exclusively Windows. 

As a business, we're never going to move into a Mac OS environment, so the fact that it supports Windows, Mac, and Linux wouldn't be one of our prerequisites. We looked at Endpoint Protector to make sure it supported Windows but the fact that it supports all platforms wasn't that important to us. Obviously, if it didn't work with Windows we wouldn't have used it, but from that point of view, it's not important for us now.

We also don't use it to search for keywords that are important to our business. We have a third-party tool we've had in use for several years that classifies all our data and ensures that we have visibility of where data is and what type of data is at risk.

I would rate Endpoint Protector an eight out of ten. I'm by no means an expert on the tool, however, it does appear to offer quite a large range of different functions within the toolset. Sometimes, it should try to focus on one thing rather than multiple things. Endpoint Protector does device control very well, which is why we use that particular function.

The main reason that we brought this solution into our ecosystem is that we work with a number of financial institutions who value all of their data, whether it's marketing material, all the way up to client data, which we don't really handle as data.

Because we do promotional stuff, we need to adhere to what our clients are asking us to do to lock down the ability to lose data. We use Endpoint Protector to limit our employees' access to removing data off of company computers.

We are running the current version of the server, which I updated recently. We are running different versions of the client on different machines because we're currently doing some testing to see whether our software has conflicts with theirs.

We are a smaller company and at this point, we don't have a whole lot of concern about losing data. So, in that sense, using Endpoint Protector has not really improved anything. On the other hand, we've had a couple of hiccups where some employees have had issues with operations like attaching documents. In this regard, it's given us a slight burden, although we've been able to resolve such issues fairly quickly.

As time goes on and we become more familiar with the system, this will change. For example, as we run tests, and as we've done certain implementations, we've discovered some bugs here and there in the process and we have resolved them.

Endpoint Protector absolutely gives us the ability to lock down a wide variety of USB devices and it is extremely important to us. We have multimedia machines, and these machines are used for editing video. We use external devices as caching services or caching drives, and giving certain people access to external devices like that is a risk. However, locking down other flash drives gives us flexibility. It means that our media department can use their external devices while other people cannot.

The versatility in terms of exit points and making sure that important data doesn't leave our organization is something that I find extremely useful. It's been able to do exactly what we needed to have done so that we're adhering to our clients' standards. It's extremely valuable because it's blocking everything that we need to have blocked.

Because we're a smaller company, most of us don't typically use flash drives or other external devices to move data. However, what we really enjoy is the ability to lock down different applications, such as a cloud storage app or even its related website. This means that nobody can move data from a machine to a cloud-based system, such as Dropbox, for example. We can lock down the Dropbox app and the website so it prevents people from moving data via the cloud to it. Another example is blocking FTP transfers and all of those types of situations.

This product has the ability to search for keywords to help make sure that specific data doesn't leave the organization, although we have not used it. At some point in the future, we may get to that level of granularity. However, from a business standpoint, this is not a significant concern at this point. This implementation is primarily in place so that we are satisfying our clients that specifically ask for this type of protection for their data. Thus far, this level of granularity has not been brought up.

The most valuable features are the ability to prevent access to external devices, and also site blocking. We have two of the main features that we enjoy the most, which are device control and then Content-Aware Protection (CAP).

In terms of policy creation, you can get extremely granular. The ability to have multiple departments and having the ability to assign computers on top of specific users is fantastic. We don't utilize that section, but if we had a centralized computer that multiple people would use, I really enjoy that I could specify which user gets which policy. It's the same computer, but it's based on a user-level granularity. It's not just global rights on the computer. I really do enjoy that, although I don't use it.

We are not currently using the functionality for the automatic encryption of confidential data transferred to USB storage devices, although it is on our to-do list. This is something that we need to test in the future.

Endpoint Protection provides a single platform to support Windows, macOS, and Linux, and so far, managing DLP in our hybrid environment has been seamless. I don't see much of a difference between the operating systems in terms of what can and cannot be done. This is extremely important to us because we are 95% Mac-based, with just a few Windows machines. Our Linux machines have just been retired since we've gone 100% remote.

With respect to the feature parity between Windows and Mac, they're identical. On the user side, I don't see a difference between Windows and Mac because what you can do on the client-side is quite limited. On the backend, or server-side, they're identical.

This product provides zero-day protection for macOS, although I'm currently dealing with an issue on the most recent rollout of the Endpoint client that doesn't seem to be fully functioning. It is absolutely important to me, but it has not been successful. This is something that they are definitely working on resolving. I've had multiple IT consults where we've brought on a couple of developers to try and figure out what's going on with the Mac's most recent update versus their most recent update.

We have been using Endpoint Protector for between five and seven months.

Stability has been fantastic and I have had zero downtime. Once we solved the hardware issues, rolling out updates to the server has been flawless. So far, I've rolled out two updates and there has never been a software issue. The only problem was at the very beginning, and it was a hardware issue.

We have not had to scale the system. The software needed a decent machine to run it, and that was it. There are three people who have access to the server-side. There is me on the technical side, one is the office admin, and the other is the VP of marketing.

We don't have plans to increase our usage at this time, but rather it will maintain where we're at right now.

Technical support has been fantastic. They get back to me quickly. They're willing to schedule video conferencing so that I can share my screen. They're willing to bring on a level-two support technician to look at the details. They're able to supply everything for me support-wise.

We did not have another DLP in place prior to this one.

The initial setup was complex. I was not informed at the beginning of purchasing the software that they needed a cloud-based solution. They either hosted it at a cost or you needed your own dedicated server for it. I had been under the impression that they hosted the platform to then roll out updates, but didn't realize that it was a cost to it all.

It took more than a month to deploy because I had to source all of the equipment. They have a very good "how-to" document on deploying the software but once we got to that point, it was not the software causing a problem but rather, it was a hardware compatibility issue.

It was just me in charge of deployment, so you don't need a dedicated implementation team, although I did ask the technical support team questions. During this, their support was amazing.

There are other people in the organization who use the product but technical-wise, it is just me.

As of right now, we don't see ROI explicitly. However, the value is that when our clients ask if we're doing specific things, we can answer and make sure that we're in compliance with what they want us to do, which is keeping their data safe.

For what it's doing, the cost is somewhat high for us, but it's the cost of doing business with the clients that we have. Equivalent-wise, for what it can do, it's fairly close to the other competitors.

During the evaluation, we looked at Jamf and others. Jamf was a more Mac-based deployment software but they offered some of the things that we were looking for. There was a solution by Cisco but the price tag was so high that we didn't look at it further. We also looked at a Microsoft product, but they didn't offer anything on the Mac side.

What sets this system apart from everyone else is that it's one solution for multiple operating systems. Some products do really well in Mac environments but don't really have a good solution for Windows, and vice versa. This is one that covers the three operating systems that we need.

The biggest lesson that we have learned from using this product is that it can keep our computers and data from leaving the organization. That's extremely valuable for us, and I can see how it would be so for other companies, as well.

My advice for anybody who is looking into implementing this product is to make sure that they understand the requirements for the environment ahead of time. Our biggest hurdle at the very beginning was that piece of hardware. You have to make sure that you have either the cost evaluated within the budget to have Endpoint host that solution, or alternatively, that extra piece of hardware to house an internal machine.

In summary, this is a good product and I don't have any suggestions for improvement. We're new to the software and it is quite detailed. I've been able to do everything that I need to have done.

I would rate this solution an eight out of ten.

Currently, we are using it only for the media access restriction. We're not like a bank or financial sort of organization, so we're not using EPP for DLP.

We have only Windows clients in our environment. We don't have macOS or Linux in our environment.

We were facing multiple issues when we were using a different solution. For example, for upgrading the software, if there was a new agent, we had to first remove the agent, but we used to face issues when an end-user was outside the organization. That solution required some sort of active link between the agent and the service to be able to remove the agent. With EPP, there is OTP, and we can put a password on the agent. Management is much easier. Upgrades are also easier.

If an end-user, who is not on our premises and is in a different country or location, needs to access the media, he or she can send us an email providing the information about the device. We can then provide an OTP. So, our IT department has less headache now. Overall, it's much better for our organization. Our management might be seeing the same or even more cost with EPP, but even if we are paying a little bit more than other solutions, in the end, the headache that our department IT used to have previously is gone.

All of the features are good if somebody has the budget. Our budget is limited and our purpose is just for media access. That's why we went only for this feature, but it has other features such as DLP or reporting.

It is fantastic in terms of the granularity of the policies. It has many built-in policies, and we can add or create more policies as well. It is perfect, and it gives us more options. We have some users who go outside and then come inside. With EPP, we can even control those users who are outside. If they need to access the media that we are using right now, we can provide OTP messages so that they can access the media even when they are outside of their organization. With our previous solution, we were facing some issues in doing this.

It provides us with the ability to lock down a wide variety of USB devices. It is better to have more options than having no options.

We are using it to only apply media restrictions. When we are installing a new agent, we have to install EPP manually on a device. It would be great if the installations can be done from the server instead of me going to each PC or device to implement EPP or using a policy. They should have some sort of system so that a domain admin can install EPP on all PCs from a central manager. 

After EPP is installed, the upgrade can be done from the EPP console, but they don't always work. Sometimes, there are minor issues with upgrades, but we are able to sort them with the help of their support. The EPP support is great.

We started using this solution last year. This is the second year.

In terms of the stability of the software, I have not faced any issues in the last two years. It was never down or had any other problem. It has been working perfectly fine for the last two years.

We never faced any issues. We have 520 to 530 endpoints.

Their technical support is perfect. They were awesome whenever I had an issue and contacted them.

We were using DeviceLock DLP. We were using it for quite a long time, maybe around 10 to 12 years. When we came across EPP, it was just a quick migration from that one to this one. We had the demo, and we were amazed. The options were amazing. That's why we quickly decided to migrate from the old one to this one. 

Its initial setup is really easy. It is just like an appliance. We just have to install the appliance and configure it. We can install it either through a policy or one by one on our PCs. It was just a matter of time to install it for our organization. Overall, it didn't take more than two or three days.

In our organization, we have some sort of policy that everything should be done by some sort of vendor. So, a vendor was here, but I can definitely say that the vendor did not do anything that we wouldn't have been able to do. I had to stand by the vendor, and I saw everything. It is clearly easy. There is nothing serious. We just had to import the appliance inside our VMware, and then we just had to go with the steps for the installation of the appliance.

It doesn't require any maintenance. We take the backup with the VM itself. Within the VM itself, there is an option to schedule a backup. We just need to update the appliance from time to time for any new updates. If we do an update, we also have to update the agents, but such upgrades and everything else can be done from the EPP console.

From my perspective, I would say that we have seen an ROI, but I have no idea of what the manager will say. The management would see the cost side and whether we are spending the same amount of money or more, but from a technical perspective, it has provided an ROI. It has been helpful in terms of time savings and ease of management. 

We have a really small team. Earlier, some of our users used to send us an email to open the CD or USB for them. We didn't have much control and information about who's asking for what or for how much time they need the access. We used to open it, and that's it, but now, with OTP, we know to whom are we providing access and for how many hours. Report-wise, we get to know whether a particular user used that OTP or not. If the end-user forgot to access the OTP, the OTP stays with him for, let's say, two weeks. They can use it anytime they want during that period. So, it is not like old solutions.

Now, nobody contacts us and says, "Kindly open this media now." They know everything goes through the OTP. Things are more systematic now, and the headache of the IT team is gone. We have control over who is using what sort of media or what exactly they are transferring to the media. Our control has improved. So, overall, we are able to see a return on this investment, at least for our IT department.

We have a limited budget for our media section. When we purchased it last year, we migrated from a different solution to this solution, and at that time, they told us that the cost will remain the same, but this year, they increased the price by 20% or something like that. I am not sure about the exact price, but let's say from 8,000, it increased to 10,000. It was a huge gap, and we couldn't bear this cost because we have a limited budget. When we spoke to them, they understood our problem and reduced it to the same price that we had last year.

We only compared EPP with our previous solution. We did not evaluate any other solution.

You won't face many issues with EPP. Based on my experience, I've not faced any issues other than those related to the upgrade. Sometimes, you might face minor issues for agents, but their support is awesome. They can easily fix an issue if you contact them.

I would rate Endpoint Protector a nine out of 10.

Our primary use case is for data loss prevention. 

The most valuable features are:

• The OS platforms that it is capable of running on.
• The ability to detect source code as well as file types for the policies. 
• The SIM integration. 

These were identified previously as key features in a DLP program and Endpoint Protector had them. They are a business need.

The granularity of the policies that you can create is pretty good. I would give it an eight out of ten. It's very granular, but there are still more possibilities for granularity. There's still work to be done, but it's very granular.

Endpoint Protector offers the ability to lock down a wide variety of USB devices. That is a key feature. It was one of the main features we were looking for.

We plan to use the EasyLock USB-enforced encryption app to automatically encrypt confidential data transferred to USB storage devices. 

I would rate the versatility regarding the exit points an eight out of ten. The exit points are pretty diverse, cover the majority, and are constantly updated, but there are still some application types and categories that we would like to see in there. They are responsive to our feature requests and are quick to add applications to the list and categories to the list of exit points.

The cross-platform management is good. I understand that there are some features that won't exist because of the technical limitations that are presented based on Linux, for instance, versus Windows. There are some things you can't do in Linux that you can do in Windows. EasyLock, for example, is a technical limitation that they have because of the nature of Linux. There's work to be done there but I understand why there are technical limitations.

We use the clipboard granularity feature to monitor copying and pasting to specific exit points in a limited capacity. It wasn't one of the main use cases, so it hasn't affected our DLP implementation too much.

The search for keywords is very important in our security operations because one of the key use cases we had was for the ability to search keyword-based on an internal database of keywords that have been submitted by other project managers within the company that's around intellectual property. The ability to search on keywords was part of that.

Endpoint Protector provides a single platform to support Windows, macOS, and Linux devices. There is some improvement that is needed there. The policies must be created per OS and in a large deployment with the diverse OS platform use case which can get a little bit unwieldy. Room for improvement there could be a way to clone a policy and map the old policy to the new policy on a new OS. Right now, you would just have to open it up on two different screens and map it manually, but a way to clone it to a new OS and map the differences or map the similarities would be room for improvement.

I would rate the role-based access features for administrators a six out of ten. There's work to be done on the granularity of roles that can be assigned to an administrator but there is role-based administrator access present. That's why it's not a zero rating.

We would probably make better use of tier1 support texts and give them granular abilities within the user interface to help us administer it and then move it to a different tier 2 tech support if the role-based permissions were more granular.

A feature request would be treating a deny list as an exit point. We'd also like to have the ability to tie an allow list to a group rather than a policy so that the allow list follows the group of users or computers. Whatever policy they hit they're always allowed certain URLs. That would be a nice feature for management purposes. 

It could also use some minor UI improvements. There's a little bit of inconsistency in the UI that takes some getting used to.

We've been using Endpoint Protector for about four months in production. Before that, it was about six months in the POC environment.

Due to the diversity of our use cases, we found a few stability issues during the POC and pilot phases. We weren't too concerned about it. Endpoint Protector has given us wonderful attention and they've considered us a partner in developing our product. The stability issues were resolved quickly.

Scalability needs some work. There's probably a better way to manage policies. We only have 30 policies or so, but if we were to get into the hundreds of policies, it would be the way it's presented in the UI. That part could use a rework. 

In terms of scalability as far as deployment, there are no issues there. Policy creation is the only issue. Determining the effective rights of a machine needs some work. Needing to run a report every time is a bit cumbersome. An easier way to see the effective rights of a user or computer without having to run a report would be nice. Those are all scalability issues because as you get more complicated and deploy it out to more users and computers, those types of issues start to manifest.

It requires more administrators than we have due to the complexity that we have. We have two dedicated administrators and we're rolling it out pretty slowly. It depends on how fast they want to roll out. A team of five or so would, with one architect and two tier 1 and two tier 2-type support folks would probably do it for a deployment our size. The admins are IT security engineers.  

I would give their support a ten out of ten. I have nothing but good things to say about them. They have good availabliity. 

We supplemented our current DLP. The current DLP we had was within the Google Suite and Proofpoint through email. So we supplemented our DLP program with an endpoint solution, which was Endpoint Protector.

The initial setup was straightforward. It was just an installer that we sent out through our configuration management software and once machines got sucked into that, we were able to group people through active directory sync.

We're a big company with over 20,000 endpoints. There were about eight months of POC and pilot. After the POC and pilot, we were able to deploy it to 20,000 endpoints in about two months.

CoSoSys helped with questions we had, but it was all the internal workforce that did the deployment.

We also looked at Forcepoint, ObserveIT, Digital Guardian, SecureCircle, and CoSoSys. ObserveIT hit a lot of our requirements, except it couldn't do any blocking. All it could do was monitoring and warning. Their approach was a bit different. I don't think SecureCircle was a mature enough product for what we needed.

My advice would be to do an extensive test on the DPI and detour features to make sure they're compatible with your environment before deploying to the whole company. Do an extensive pilot with all features turned on, and then evaluate the results based on performance decreased and accessibility restrictions or limitations. Deep packet inspection tends to break some of the internal capabilities.

I would rate Endpoint Protector an eight out of ten. 

We bought it because we had a specific need for a single Macintosh computer. We're a defense contractor, so we have to meet very rigid compliance requirements, and Macintosh caused a lot of problems for our mainly Windows domain infrastructure. So, we found the Endpoint Protector tool and tested it, and it did what we wanted it to do. 

We bought it for the Macintosh environment, but because we liked it, we rolled it out to our Windows environment as well.

The key point is that it allowed us to meet a complex cybersecurity requirement mandated by the government, and it was cost-effective. It is critical to our business because if we're not compliant, we can't bid on contracts.

It provides the ability to lock down a wide variety of USB devices. We've actually done it for pretty much everything that could potentially be an issue, such as keyboards, mice, USB devices, and CD-ROMs. This functionality is critical for us.

The device control is a big deal for us because we can actually lock out removable drives and different types of hardware. It allows us to have better control over what end-users plug into their computers, and we can have deny lists and tighten our security posture.

In terms of the granularity of the policies, it is fine. It does exactly what we need. It is granular enough, but it is not too much where it is impossible to tune. It has a nice balance.

In terms of ease of managing DLP in a hybrid environment, it has been very easy to use. It's a very intuitive product. There were no issues trying to figure stuff out.

The reports and analysis could be improved. There could be a little more data, and the logs could be a little more granular, but it's nothing major. It does what it needs to do, and it's fine. 

The alerts could be a little bit more intuitive, but again, it's not a big deal. It's just if I had to choose something, that's what it would be.

We have not been using it for very long. We bought it about four or five months ago.

It has been rock solid. It has never crashed or blown up on us.

We haven't gotten that far yet. We're using it for the initial rollout, and then in the future, we do plan to look more into the Content Aware Protection module to see if this is another add-on module in which we would be interested. After we start playing with the Content Aware Protection module and add modules, we'll know more about scalability, but right now, I don't have any input on that.

In terms of its usage, we currently have about a hundred devices.

They were excellent. They were very responsive and helpful.

We have had other things. One of the solutions that we used to use was GFI, but it got extremely expensive and over-complex, and it wasn't stable.

It was easy. From deployment to config, it wasn't overly involved or overly complex. The lady we talked to at Endpoint helped us very quickly. We had a licensing issue with something, and their support was good.

Its deployment did not take very long. It took less than a day. 

In terms of the deployment plan, it is simple enough where you don't need anything too complex. We just have a process that we follow. To add any new software, we have to try it first on a dirty network and validate it, and if all is good, then we put it in production.

In terms of its maintenance, primarily, our network engineer is responsible for configuring, reviewing, maintaining, and upgrading it. The rest of us look at the reports and the alerts from it.

I can't provide a specific return on investment. The return on investment is that this is a lot cheaper than if someone plugs in a USB key with malware and pollutes the whole network.

From what we've seen, their pricing is a lot lower than the other stuff we've looked at. I actually don't have any concerns with their pricing. They were probably the most reasonable company out there for the features that were offered.

It was pretty straightforward in terms of licensing, and you just pay for the license.

We looked at some of the other options. I don't remember their names, but the costs were outrageous. They were just unobtainable for a small business like ours. The cost was a big driver for going for Endpoint Protector, and its features worked. 

Some of the other solutions offered more in terms of data leakage protection, but again, they were too much for a small business. The cost was a big factor as well.

It is critical to test it out. I would advise doing the trial first to make sure it absolutely works for what you need it to do. Being able to test it without paying is a big deal, and it lets you really drive it.

We don't use the EasyLock USB Enforced Encryption app to automatically encrypt the confidential data transferred to the USB storage. We don't allow USB storage. We use it purely to lock the device, and our encryption is handled by another tool.

In terms of role-based access features for admins, I don't handle a lot of the technical side of it. My network engineer handles it, so I don't have any input to provide, but I haven't heard any complaints.

For zero-day protection, we have other tools. I don't think we're using this feature.

I would rate Endpoint Protector an eight out of 10. It pretty much did what they stated it did. There were no surprises.

We use this product to protect our Mac and Windows 10 endpoints.

Our main purpose is to block the uploading of Excel and PowerPoint files. We also use it to block USB devices and other peripherals that users connect to the system. 

This product performs well and multiple things have been blocked by it.

By raising discovered issues with our team members, they are doing their part in terms of resolving them.

Endpoint Protector provides a single platform to support our Windows and Mac machines. We do not have any Linux machines in our environment. Managing DLP for our machines in this hybrid environment is pretty simple, as the product is user-friendly and we can easily find what we need.

The fact that this solution supports different operating systems is very important to us because we want to ensure that there is no data leakage.

We have one or two Macs in our organization, with the majority of people using Windows 10 machines. We haven't seen any difference in the support that this product offers for either operating system.

The Device Control feature and tools are very nice. It can also be used for containers. We have blocked multiple financial components using these features and rely on the upload and block policies. For example, we have blocked Google Drive uploads, as well as the upload functionality for other cloud spaces.

The interface is pretty user-friendly, neatly explained, and simple to use.

We are able to lock down a wide variety of USB devices, which is important to us because none of our users can connect a USB drive or other device to the machine. By preventing this, there won't be data leakage. We have experienced this in the past and we are now able to control it through the use of device policies. 

The technical support that they provide works well.

We use the RDP remote desktop option to prevent copy and paste operations to remote systems. If anyone tries to copy and paste between a remote system and a local system then they will not be able to do it. This works well and it makes our operations more secure.

We are currently facing an issue where it is blocking the Winman software, which is something that we don't want to happen because we use it in our accounts department to pay taxes.

There is no option or support available for DriveHQ. 

We have been using Endpoint Protector for between seven and eight years.

This product is pretty stable.

It is easy to scale. Across the organization, we have more than 900 users with Endpoint Protector deployed on their machines.

We plan to soon increase the number of licenses that we have. Our intention is to start deploying on our laptops, which will bring us to a total of approximately 1,500 licenses.

We have been in touch with technical support and our experience has been pretty nice.

This solution was easy to deploy but it was implemented before I joined the company so I don't know how long the process took.

No major upgrades have been required since I have been working with it.

We have an in-house person who is responsible for servers, and he deployed Endpoint Protector. The process is not complex and only one person is required.

We have three system engineers, three senior system engineers, and one assistant manager in charge of maintenance.

We looked at a DLP product by Forcepoint but our current solution was working pretty well, so we opted not to switch.

This is a product that has improved over time. For example, in the past, there was no option to view the ports that were not added to your list. This is now supported and some of the problems we were facing have been stopped. Another example is that we are now able to block Teams and it works pretty well, whereas, in the past, we could not block uploads or downloads with Teams.

Endpoint Protector has other features that we do not use, such as encryption. Instead, we deployed Sophos Encryption approximately six months ago for this purpose.

The biggest lesson that I have learned from using this product is how to block uploads and downloads, as well as how to lock devices on users' machines. My advice for anybody who is considering it is that it is pretty simple to use. It's a friendly environment and it's easy to block devices, uploads, and other security issues.

In summary, we have not faced many issues with Endpoint Protector and it is fulfilling our requirements, as we wanted.

I would rate this solution a nine out of ten.

We use Endpoint Protector as our data loss prevention solution for Windows, Linux, and Mac machines. Our clients work from outside of our building and in different locations, and we need to use this product to keep our data secure.

There are many benefits to using this solution.

In terms of the granularity of policies that we can create, this is a good product. We have created two policies that are used on Windows, Linux, and our Mac machines. The first is related to screen sharing, and the second is responsible for blocking files in email attachments.

This functionality is important to us. At the end of the day, we get reports about files, the users, and what they are doing. Preventing screen sharing with unknown people, or accepting files from somebody who is not known, are both things that I want to prevent.

We get detailed reports that identify our clients and we can see how each of them is spending their day at the office. Essentially, we have good visibility of the traffic on our endpoints.

To this point, I have not needed to lock down a variety of different USB devices. I have not used, for example, a card reader. I have only used it to lock down USB storage devices. In the future, I may use more of these features.

I have had no difficulty with using this solution in our hybrid environment that includes Windows, Linux, and Mac machines. There is no difference in features between the different platforms. There are differences such as the web browser that is used. For example, in Windows, we use Chrome, whereas, with Mac, we use Safari. Certain things are different based on the software but otherwise, everything is the same.

The most valuable feature is device control. If you have the wrong devices connected to the network then it may cost you, and this product allows you to control them. For example, you can prevent users from using an external hard disk, which is something that I like.

There is a clipboard feature to ensure that a user cannot print their screen or take a screenshot. This is one of the reasons that we feel secure when using this product.

The users are happy with using this solution on a daily basis. 

I would like to see an alert feature that when a system is started, it checks to make sure that the client has the most up-to-date policies. Before the policies are updated, nothing can be done on the system.

We have been using Endpoint Protector for one year.

This is a stable product and we haven't had any problems with it.

We have between 50 and 60 people in our organization.

Within the past month or two, I have experienced problems and contacted technical support by email. They immediately responded and gave me suggestions on how to improve our security.

Normally, I send the support team an email and they answer within 24 hours. They analyze the problem and try to determine why it has occurred. They ask end-to-end questions such as what I was doing at the time, which allows them to assess and analyze all of the relevant points.

This is the first DLP solution that we have used.

The initial setup is very easy and there is nothing difficult about it.

Our deployment took one month and we didn't know anything about the product in advance. We didn't know exactly how it would work or which features would be added. The vendor explained everything to us after that.

The minimum number of licenses they sell is 50 or 150 users. They do not sell, for example, a package of 10 licenses. It would be helpful if you could purchase a smaller number of licenses at one time.

We did not evaluate other such solutions before selecting this one.

My advice for anybody who is considering this product is that it's user-friendly, and everyone can easily understand the details about how it works.

I am 100% confident in the security that I get from this product.

Overall, I think that our requirements for basic control, including application control, have been met. I'm happy with the current product and I like the feature set. That said, if they provide additional features in the future then we will use them.

I would rate this solution a ten out of ten.

We store graphics files on our computers and they are confidential, so we implemented this product to block all of the computers from being able to send the data outside of our organization.

We use it to block USB ports so that people cannot connect an external hard drive, flash drive, or anything else that people can use to take files off of the system. Essentially, it blocks data transfer.

We only have two policies. The first is to block everything and the second one allows for Wi-Fi and Bluetooth connections.

This product does give us multiple choices for blocking data exit points. Without giving specifics, I can say that I know we have better security because of it.

We have Mac and PC machines, and it is very easy to manage both types. There is no noticeable difference in features between Mac and Windows machines.

We use role-based access for administering this solution, but as we are a small company, it is only insofar as having an administrative role that can perform any of the functions when needed. Some people can unblock certain policies, but we have a single administrator that can do everything.

The most valuable feature is blocking data transfer.

The software is easy to use and the dashboard is intuitive.

I have been using Endpoint Protector since I joined the company five years ago. I believe that they were using it for one or two years prior to that.

Stability-wise, it is very good and very safe. It seems to work fine.

We have approximately 117 endpoints and for the time being, I don't think that we will be expanding. We already have all of our computers.

I have not used technical support often, but every time I have, it was perfect. They have good support and they have helped me very well.

Several years ago, we used ESET but we found that it only logged the files that were transferred via the ports. This was not what we wanted to do, so we canceled the license and implemented Endpoint Protector instead for blocking the ports.

When I last renewed the license it was for a two-year term, and they gave me the second year at half price. It was a very nice gesture. Normally, I renew my license annually and I was happy to get a discount for committing to two years. There are no costs in addition to the standard licensing fees.

It would be helpful if they offered discounted pricing for long-term contracts to serve customers who are interested in committing for periods of three years, five years, or longer. I have been with the same company for five years, it was installed when I arrived, and we are going to continue using it in the future. Perhaps after a company has completed their first year, they should propose longer contracts to them.

My advice for anybody who is considering this product is that if they want something to protect data on both Macs and PCs then this is a very good choice. I have never worked with a product that is this easy to use.

In summary, this is a good product and for now, I think that it has everything we need. It seems to be a perfect match for us.

I would rate this solution a ten out of ten.