Coming October 25: PeerSpot Awards will be announced! Learn more

FireEye Endpoint Security OverviewUNIXBusinessApplication

FireEye Endpoint Security is #12 ranked solution in EDR tools. PeerSpot users give FireEye Endpoint Security an average rating of 8.2 out of 10. FireEye Endpoint Security is most commonly compared to CrowdStrike Falcon: FireEye Endpoint Security vs CrowdStrike Falcon. FireEye Endpoint Security is popular among the large enterprise segment, accounting for 65% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 19% of all views.
FireEye Endpoint Security Buyer's Guide

Download the FireEye Endpoint Security Buyer's Guide including reviews and more. Updated: September 2022

What is FireEye Endpoint Security?

FireEye Endpoint Security is an integrated endpoint solution that detects, prevents and responds effectively to known malware and threats traditional anti-virus endpoint security products miss. It expands endpoint visibility and provides contextual frontline intelligence to help analysts automate protection, quickly determine the exact scope and level of any attack activity and adapt defenses as needed.

FireEye Endpoint Security Customers

Tech Resources Limited, Globe Telecom, Rizal Commercial Banking Corporation

FireEye Endpoint Security Video

Archived FireEye Endpoint Security Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Deputy Technical Manager (SOC Operations) at a tech services company with 1,001-5,000 employees
Real User
Top 5
Comes with useful protection features, but lacks Linux support
Pros and Cons
  • "The exploit guard and malware protection features are very useful. The logon tracker feature is also very useful. They have also given new modules such as logout backup, process backup. We ordered these modules from the FireEye market place, and we have installed these modules. We are currently exploring these features."
  • "The Linux support is very poor. I use base detection. Currently, they are providing malware protection and logon track features in Windows and Mac. These features aren't available in Linux. It will be helpful to extend these capabilities to Linux. We would also like assets grouping and device lock protection features, which are included in their roadmap."

What is our primary use case?

We want more protection for our servers. We would like to know if a real incident or something compromising is happening. Therefore, we have deployed this EDR solution.

What is most valuable?

The exploit guard and malware protection features are very useful. The logon tracker feature is also very useful. 

They have also given new modules such as logout backup, process backup. We ordered these modules from the FireEye market place, and we have installed these modules. We are currently exploring these features. 

What needs improvement?

The Linux support is very poor. I use base detection. Currently, they are providing malware protection and logon track features in Windows and Mac. These features aren't available in Linux. It will be helpful to extend these capabilities to Linux.

We would also like assets grouping and device lock protection features, which are included in their roadmap.

For how long have I used the solution?

We have been using FireEye Endpoint Security for the past two years.

Buyer's Guide
FireEye Endpoint Security
September 2022
Learn what your peers think about FireEye Endpoint Security. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
632,611 professionals have used our research since 2012.

What do I think about the stability of the solution?

The current version is more stable than the previous ones.

What do I think about the scalability of the solution?

It is easily scalable.

How are customer service and support?

My experience was 50/50. Sometimes, it was good. Sometimes, they took some time.

Which solution did I use previously and why did I switch?

We were using McAfee AV. We switched to FireEye Endpoint Security because we had some performance issues with McAfee AV. We are not facing those issues with FireEye Endpoint Security.

How was the initial setup?

It is easy to deploy. It took us a month to deploy. 

Deployment may take more time based on the architecture and the environment. With some vendors, it took us some time to analyze because there were things that we wanted to monitor, which depended on the production. Therefore, we installed it step by step, not in one step at full force.

What other advice do I have?

If you are deploying on Windows or Mac, there will be minimal issues, and you can go for this solution. With Linux, you need to understand a few features. What you expect from Windows and Mac is not available in Linux. If your main technologies are open source, then probably rethink about FireEye Endpoint Security. You can go for FireEye Endpoint Security after they have the same capabilities in Linux. Most of the features are there in their roadmap.

We mostly faced issues with Linux support. In the past, we also had issues related to communication between an agent and an endpoint where they didn't communicate, the communication got stopped automatically, or the data communication time didn't sync properly. In the later versions, they improved and resolved these issues.

I would rate this solution a seven out of ten. It's gradually growing, and a few features that we require are not there. If these requirements are satisfied, I would rate them nine or ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
IT Security Engineer at Miltec
Reseller
Offers good integration between the environments

What is most valuable?

The most valuable feature is the integration between environments.

What needs improvement?

Something that needs to improve is the interface. I would also like to see simple processing and reporting online. 

For how long have I used the solution?

I've been using this solution for six months now.

What do I think about the stability of the solution?

The stability of the solution was not very good.

What do I think about the scalability of the solution?

We had some issues with the scalability but it was taken care of. It can be improved, however. 

What other advice do I have?

I will rate this solution an eight out of ten. In the next version I would like to see an improvement in the scalability and stability. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
PeerSpot user
Buyer's Guide
FireEye Endpoint Security
September 2022
Learn what your peers think about FireEye Endpoint Security. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
632,611 professionals have used our research since 2012.
product manager at MCS
Reseller
Detects malicious behavior across all common and controlled traffic throughputs
Pros and Cons
  • "The most valuable network security feature is the network sandbox solution. This sandbox feature works on traffic flow."
  • "The investigation and forensic analysis have been most helpful."
  • "They could also increase or improve the scalability because to my knowledge the biggest bandwidth can only support up to 10 gigs of input."
  • "If you have another endpoint product running on the same machine, you have to fine tune functions from FireEye to avoid performance and user experience issues."

What is our primary use case?

FireEye Endpoint Security is positioned as an Endpoint Detection and Response (EDR) product. 

We are a distributor of the FireEye product. We offer a combination FireEye package. We offer the product in many sectors, like banking and government.

We use the latest version.

We offer it in a private cloud model for our customers who want to build a security operations centers in their environment.

What is most valuable?

The most valuable network security feature is the network sandbox solution. This sandbox feature works on traffic flow. Detects multi stages attacks based on MVX analytics engine which detects zero-day, multi-flow and other evasive attacks with dynamic, signature-less analysis in a safe, virtual environment. It stops infection and compromise phases of the cyber-attack kill chain by identifying never-before-seen exploits and malware.

It has capabilities like machine learning and endpoint protection as an antivirus.

The investigation and forensic analysis have been most helpful.

What needs improvement?

They could use a Host Intrusion Prevention System (HIPS) and application control module.

If you have another endpoint product running on the same machine, you have to fine tune functions from FireEye to avoid performance and user experience issues.

What do I think about the stability of the solution?

It is stable. There are zero false positive solutions, not like other solutions.

What do I think about the scalability of the solution?

We plan to increase our usage.

How are customer service and technical support?

They have a strong technical support.

Which solution did I use previously and why did I switch?

Before FireEye, we used McAfee Endpoint Protection and Trend Micro.

How was the initial setup?

The setup was straightforward.

Our deployment and implementation strategies have to remain agile. Every customer requirement is different. Some implementations require a direct connection and so it will take, for SMB customers, a day more or less. For larger enterprises according to the distribution and the need for more trenches with lots of internet gateways, it could take up to five days. E.g., the deployment could take two to three days with 500 users.

What about the implementation team?

Our technical team does the implementation.

We require two to three people for deployment and maintenance.

What's my experience with pricing, setup cost, and licensing?

The current pricing is much better than before because they now offer product-related promotions along with some changes in product licensing. The new pricing model is better than before.

It is a yearly subscription-based product, which includes the license and hardware. There is also a subscription for technical support up to five years.

It is inexpensive with a competitive price.

Which other solutions did I evaluate?

We also looked at Palo Alto Networks Traps and Trend Micro.

What other advice do I have?

It offers protection from the latest threats.

Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor.
PeerSpot user
Hubert Luberek - PeerSpot reviewer
Information Technology Security Architect at a financial services firm with 5,001-10,000 employees
Real User
A simple to use, yet effective solution for protecting us against malware and other threats
Pros and Cons
  • "The most valuable feature of this solution is its simplicity."
  • "The integration and display of the dashboards have to be done better."

What is our primary use case?

We use this solution to enhance our internal defense system, protecting us against malware and advanced persistent threats.

We use the on-premises deployment model.

How has it helped my organization?

This solution has helped to protect our organization against security threats.

What is most valuable?

The most valuable feature of this solution is its simplicity. The triage process is quite effective, and it is compatible with many different systems.

What needs improvement?

We had a very large problem that has, unfortunately, not been solved. Simply put, when we start the computer the program will not start. We have encouraged FireEye to solve this problem because we have to manually start this product each and every time, and it affects almost thirty percent of our environment. From a security perspective, this is not stable.

After using various components in this solution, I get the feeling that not every part of the whole FireEye suite works perfectly with the other parts. Sometimes you have this functionality where the product has the ability to take data from one part of the solution and use it in different parts. Sometimes, however, you don't have this luxury. The solution needs more suitable dashboards that handle things from different perspectives. For example, a CEO and a technician from operations are completely different. The integration and display of the dashboards have to be done better.

For how long have I used the solution?

We have been using this solution for less than two years.

What do I think about the stability of the solution?

We have had trouble with stability because the program fails to start when the computer does. 

What do I think about the scalability of the solution?

This solution is very flexible and scalable.

How are customer service and technical support?

This solution needs stronger support in Eastern Europe because of the time difference between, for example, Poland and the United States. It makes it difficult to contact technical support. In order to receive good support, we have to wait until 5:00 pm before we call. Essentially, the vender needs a better presence in more time zones, and 24/7 support would help to fix this.

Technical support has another problem, where the support from the US is better than the support elsewhere. The training and knowledge should be the same, no matter which tech support group you contact. This might be accomplished using a better internal knowledge sharing system.

Which solution did I use previously and why did I switch?

We did use another solution prior to this, but because we have the entire FireEye suite, we decided to create a more monolithic approach to security using different products. These include FireEye EX and FireEye AX, which are used for malware protection, network protection, and sandboxing. We decided that if these were good enough then we would push more for the endpoints, which is why we adopted this solution.

How was the initial setup?

The installation of this solution is straightforward from my perspective.

What other advice do I have?

I like FireEye products, and they have a huge portfolio for this solution. However, this is not a magic bullet where you can install it and your problems will disappear. The problem is with the people, rather than the tool. From my perspective, you can install every tool, but you need to have a security operations team involved in the process of analyzing, sorting, and eliminating threats.

When we started our project, we had very few people and we have realized that this had to change. The system without human intervention is useless. We needed to build more complex security operation centers to handle false positives, the triage process, and eliminating threats.

The biggest lesson that I have learned from this solution is that people need to be ready and the business needs to be ready to use it. This is not a toy. It is a very mature solution to protect the internals of the organization and it should be treated in this way.

This is not the worse product that I have seen. I've seen many, many bad products. At the same time, this is not the best product that I have seen.

I would rate this solution an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Executive Officer at a tech services company with 10,001+ employees
Real User
The solution is very precise for detecting risks, but the operational quality has some issues
Pros and Cons
  • "It is very valuable in finding out unknown malware."
  • "I hope the solution can be used in cloud systems going forward."

What is our primary use case?

The primary use case is to locate unknown malware.

How has it helped my organization?

The solution made it possible for us to have visibility into the amount of malware and threats which were coming into our company.

The solution has helped to increase staff productivity.

What is most valuable?

It is very valuable in finding out unknown malware.

What needs improvement?

I hope the solution can be used in cloud systems going forward.

What do I think about the stability of the solution?

The stability is not so bad, but also not so good.

What do I think about the scalability of the solution?

The scalability is good.

How are customer service and technical support?

We have our technical teams who can do PoCs. Also, our local vendor can support us.

Which solution did I use previously and why did I switch?

We did not use a solution prior to this one.

How was the initial setup?

The initial setup was straightforward.

What about the implementation team?

We used a reseller who was good for the first stage of the implementation. However, for the operational phase, they were not so good. The QA time takes too much time. Their response time was lacking.

What was our ROI?

We have seen a 50 percent decrease in the meantime when detecting a response to threats.

Which other solutions did I evaluate?

We did look at other vendors, like Cylance. We chose FireEye because they have a long history, which results in stability.

What other advice do I have?

First, implement it. Then, see what is going on in your company. You will see that there are many risks which you have never seen.

The product is not bad, but there may be somethings that need to be modified. The solution is very precise for detecting risks, but the operational quality has some issues.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Jitu Mani Das - PeerSpot reviewer
Information Security Manager at SPXFLOW
Real User
All the features of HX give the administrator control over the managed devices

What is our primary use case?

We moved on to FireEye HX as an endpoint solution. Mainly, this is the next-generation endpoint protection where it protects the endpoints not just from the office network but also from roaming. Its capability seeing today's threat actors is the best one.

How has it helped my organization?

This gives us a more secure and completely scalable zero-day model security product to the endpoint. We manage not only the software but also the next-gen AV.

What is most valuable?

All the features of HX give the administrator control over the managed devices:

  • Managing is easy
  • The different threat actor based signature
  • Behavioural analysis
  • Malware protection
  • Zero-day protection

IOC based detections are really the best ones. However, the enterprise search option is a hunting option given to the admin.

What needs improvement?

  • AV management based on manual scan
  • Manual scan feature is not easily done
  • A long way of setting hostname set, and
  • Scheduling over policy which is time taking and I don't feel comfortable. 

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Excellent.

What do I think about the scalability of the solution?

Performance wise, it's good. The agent does not consume much process or CPU.

How is customer service and technical support?

Great support, a well technology-minded guy with a proactive and ready-to-resolve easy attitude.

How was the initial setup?

The deployment was easy.

What about the implementation team?

In-house, and sometimes getting help from the product vendor.

What was our ROI?

Though it's expensive, it gives the security required to be trusted with the product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free FireEye Endpoint Security Report and get advice and tips from experienced pros sharing their opinions.
Updated: September 2022
Buyer's Guide
Download our free FireEye Endpoint Security Report and get advice and tips from experienced pros sharing their opinions.