What is our primary use case?
My main use case for Trellix Collaboration Security is based on my experience with Trellix EPO and Trellix products, as I have over six years of experience managing Trellix EPO and all its features when it comes to antivirus protection, including its firewall and DLP functionality. You can also encrypt a drive instead of using BitLocker, integrate your whole network, deploy a fabric from Trellix, and this fabric serves as a private network that enhances secure communication. It becomes comparable to an EDR because you can integrate it with Trellix TIE services, a reputation service, and manage USBs for controlling data movement from the computer to the USB.
On top of that, you can run scans 24/7, which is called the on-access scan, or run on-demand scans whenever you prefer, perhaps once a day for a full scan. You have extensive management capabilities regarding the ports and IPs the computers communicate with, providing a lot of functionalities.
A specific example of how I have used Trellix Collaboration Security in my consulting work is in my current work environment, where I manage over 130,000 endpoints, allowing me to protect each endpoint with a firewall, which makes a significant difference because the entire network is not protected by a network firewall alone. Having an endpoint firewall is valuable, and being able to scan all applications for malicious content 24/7 with an on-access scan, which scans everything you click on in real-time, ensures effective security which I truly appreciate.
Day-to-day, we scan the endpoints once a week and conduct full scans weekly while also performing 24/7 scans through the on-access scans. We help people troubleshoot performance issues related to scanning and create exclusions for threat prevention, exploit prevention, and the on-access scan itself because a file, folder, or software may not need to be scanned continuously. My everyday tasks revolve around managing performance and connectivity, which may involve opening ports or ensuring domain reachability, as well as managing USBs, including creating new exclusions for new vendors of USBs. Additionally, you can integrate Trellix EPO with LDAP, which helps manage computers and users, enabling the creation of specific, more granular rules.
What is most valuable?
In my opinion, the best features Trellix Collaboration Security offers include the firewall, the on-access scan, and the ability to obtain daily signatures for the latest malware. These daily signatures, referred to as content, ensure that we are protected against the most recent malware threats recognized by other companies.
Another feature I particularly enjoy is the capability to maintain different locations that can communicate with the fabric, or DXL fabric as I refer to it, allowing me to create something akin to an EDR for immediate responses to resolve issues.
The DXL fabric has helped my organization by enabling communication between different locations, such as one in Europe, another in South America, and one here. This fabric communicates with a broker that interacts with the TIE servers, which maintain the reputation of files, certificates, and known signatures from various regions including Europe, South America, and Canada. When something suspicious occurs, such as a certificate appearing malicious on an application, I can easily click and indicate that I trust this file, and through the fabric, I can apply an exclusion for that application across all locations simultaneously.
Other features I find valuable include the SSO integration with Trellix EPO, specifically SAML SSO, allowing people not to have to manage usernames and passwords if they already utilize an SSO service for SAML; I consider this functionality to be quite beneficial.
What needs improvement?
Areas where Trellix Collaboration Security can be improved include the fact that it used to support OpenLDAP but now does not support it any longer; it only supports LDAP, which means open-source lightweight directories are not supported anymore.
While I find Trellix's support and performance to be satisfactory, I do have concerns. Sometimes Trellix uploads packages, identifies bugs, and removes them without notifying users, which requires us to wait for the next release or roll back, both undesirable situations. I need assurance that proper testing occurs before the release of new packages.
For how long have I used the solution?
I have been using Trellix Collaboration Security for approximately six years.
What do I think about the stability of the solution?
Trellix Collaboration Security can indeed be stable if you know how to manage its features effectively.
What do I think about the scalability of the solution?
Trellix Collaboration Security is very good when it comes to scalability, demonstrating impressive capacity for growth.
How are customer service and support?
I appreciate the customer support, particularly if you can effectively communicate the issue you are experiencing.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I have previously used SonicWall for antivirus and network firewalls; however, Trellix exceeds SonicWall's offerings, which are more aligned with a SaaS solution. The absence of an on-premise console with SonicWall was a significant factor that led me to choose Trellix.
What was our ROI?
I observe that the return on investment is hindered by the lack of adequate training opportunities, with Trellix's own training being quite costly, ranging from 2,000 to 4,000 dollars, which many small or medium-sized businesses cannot afford. I believe the educational materials can be enhanced, as Trellix does not explain certain concepts well in their training, and having completed the training, I feel I could offer better instructional support.
What's my experience with pricing, setup cost, and licensing?
The experience with pricing, setup costs, and licensing indicates that while Trellix Collaboration Security is a great product, it tends to be on the pricier side. I do not possess complete knowledge of all the pricing details for licensing or support as I am only somewhat involved in the purchasing process, but I know that larger enterprises, such as a bank I previously supported, invest in it as they have the financial resources. However, I believe it might be less accessible for small to medium-sized businesses, and I wish there were more affordable options available for them.
Which other solutions did I evaluate?
Before selecting Trellix Collaboration Security, I evaluated other options, including Trend Micro, which many individuals discuss. Though I personally have not used Trend Micro, it appears that it is popular for file servers, possibly enabling faster scans for zip files and specific files that can take Trellix longer to unzip.
What other advice do I have?
My advice for those considering using Trellix Collaboration Security is to ensure your budget accounts for investing over 100,000 dollars to hire someone to manage the product, as professionals with this expertise tend to come at a high cost. I give this product an overall rating of ten out of ten.
Which deployment model are you using for this solution?
On-premises