In my experience, the best features related to Trellix Collaboration Security concern the protection against threats. Trellix Collaboration Security has a good solution to protect based on behavior and threat intelligence, reputation, and other features. I appreciated being able to include a malicious hash in the console, and the console then disseminated this information to different databases internally to protect against threats, download of the file for web reputation, and check the malicious activities in the email according to the hashes included in the databases.

Regarding threat intelligence, it helped us with signatures, IOCs, or reports related to geolocation, where we could use it to create correlation in the XDR to block and create a campaign to block different malicious activities based on the historical data published in the threat intelligence and based on reputation. It is very important because it is integrated, so it is not necessary to contact VirusTotal or put the hash in VirusTotal. Instead, I use the database and the threat intelligence from Trellix Collaboration Security. In the past, it helped me a great deal with detecting and confirming whether something was malicious or not.

Another feature I believe is very important is the real-time response capability. It is possible to collect artifacts, run scripts, kill processes, and isolate machines all without leaving the interface. For me, this serves as a bridge between detection and reaction, and it truly makes a difference in the tool.

In my view, Trellix Collaboration Security and other XDRs can help the company elevate the trust in operations. Of course, it is necessary to create automations and integrations with pipelines with CSVs, inventory, normalization of data, and automatically raising incidents for the agents and endpoints. In my view, this reduced manual activities significantly and increased the precision of the indicators. Everything helped the operations team and the engineering team respond more quickly to malicious activities detected. It helped us reduce risks, avoid silent failures, and improve the health in general in the environment. Another important point is that we have an improved security posture because it is possible to treat the findings, adjust policies, and block malicious hashes. With that, we reduced the noise according to the detections, increasing the capacity of prevention and detection. We also improved the resilience of the security tools inside the company.

View full review »

In my opinion, the best features Trellix Collaboration Security offers include the firewall, the on-access scan, and the ability to obtain daily signatures for the latest malware. These daily signatures, referred to as content, ensure that we are protected against the most recent malware threats recognized by other companies.

Another feature I particularly enjoy is the capability to maintain different locations that can communicate with the fabric, or DXL fabric as I refer to it, allowing me to create something akin to an EDR for immediate responses to resolve issues.

The DXL fabric has helped my organization by enabling communication between different locations, such as one in Europe, another in South America, and one here. This fabric communicates with a broker that interacts with the TIE servers, which maintain the reputation of files, certificates, and known signatures from various regions including Europe, South America, and Canada. When something suspicious occurs, such as a certificate appearing malicious on an application, I can easily click and indicate that I trust this file, and through the fabric, I can apply an exclusion for that application across all locations simultaneously.

Other features I find valuable include the SSO integration with Trellix EPO, specifically SAML SSO, allowing people not to have to manage usernames and passwords if they already utilize an SSO service for SAML; I consider this functionality to be quite beneficial.

View full review »

I use Trellix Collaboration Security in my daily operations by utilizing different sites sensors and then integrating security manager, which controls network operations, traffic inspections, packet inspection, deep packet inspection, and SSL inspections.

The best features Trellix Collaboration Security offers include GTI threat intelligence and signatures upgrade database. Since I have integrated GTI and sensors along with network security manager, all sensors share information and reports effectively, allowing me to view attack reports from the dashboard easily.

I can customize dashboards in Trellix Collaboration Security to view information like top attacks, ransomware attacks, and critical high attacks. I can monitor sensor health, attacks, logs that generate, and customize these as per my needs, plus I can add emails and alerts.

I rely on Trellix Collaboration Security because the sensors are highly reliable and high-performance sensors that can handle traffic efficiently. CPU resources are effectively utilized while handling deep packet inspections and SSL inspections. Moreover, there are policies to be on networks, and there is a built-in firewall that I can use to block external attacks.

View full review »

Trellix Collaboration Security offers malware and link detection, automatic mail scanning, and secure file sharing as its best features in my experience.

Trellix Collaboration Security has helped our team by preventing phishing attacks and malware infections, keeping our systems secure through the detection of malicious emails. Secure file sharing has enabled our team to collaborate safely without risking sensitive data. For example, we avoided a potential data breach when a suspicious attachment was blocked before anyone could open it.

Trellix Collaboration Security has positively impacted my organization by improving security, making teamwork more effective, and ensuring collaboration has become smoother.

View full review »

The entire system is stable and delivers what the customer needs. Trellix Collaboration Security is valued for being a stable and comprehensive solution that fulfills customer needs. Despite not being able to use it for complete on-premises email security, it is effective for sandboxing and new threat coverage, working as a standalone solution without needing to integrate with other systems. View full review »

My experience with the product is good. One of the valuable features of the product stems from the fact that it is easy to implement the tool in our environment.

View full review »

One of the most valuable features is the protection against vulnerabilities, particularly through virtual patching. This ensures that I am safe from potential threats affecting database security. 

Another significant feature is the vulnerability assessment, which is effective for overall data protection.

View full review »

It is a good product. The product protects my email. It prevents APT attacks. It is easy to integrate the solution with other tools. My emails used to have some viruses or malicious threats. Now, I do not face such issues.

View full review »

I like FireEye's filtering, spam digests, and its advanced threat review of email flow. It also has a broad range of riskware rules you can deploy.

View full review »

We have had very good results from the use of FireEye Email Security. We are very comfortable with this technology, but I don't know if it's necessary to move into the cloud, we will check other technologies and study them. Additionally, the solution has good integration.

View full review »

FireEye Email Security is easy to use.

View full review »

The anti-spam features are the most useful features. With this product, they won't fill the user's inbox, even if it is not malicious. Users won't be getting that many unwanted emails. 

The product helps reduce the number of malicious emails reaching the user's inbox. 

The solution scales well.

The product is quite stable.

The solution is pretty much an out-of-the-box product.

The initial setup is easy.

View full review »

The auto-remediation feature is valuable and Riskware rules is also helpful.

View full review »

The solution offers almost every feature that customers need in one solution. For example, spam filtering, antivirus, et cetera.

There are almost zero false positives. One of my biggest customers said that after they had used the solution for almost one year or one and a half years, we didn't release any email regarding any false positive feedback. Other products, most of the time create false post followups or blocks some emails that shouldn't be blocked, et cetera. Here, there are almost zero false post rates.

There is a marketing engine on the product coming from FireEye. It's a completely in-house solution on the vendor side. That's why hackers or attackers can't resolve or can't understand the sandbox as easily as other sandbox solutions. It has very advanced features for catching malware, advanced attacks, ATPs, et cetera. It can also be very helpful for the customers.

The initial setup is simple.

View full review »

The accessibility is one of the features that I love. We can control it from the cloud and we can access it from anywhere. We don’t spend a lot of time in the office as our business is based on our customer client sites. If we find something quarantined, mis-quarantined, or something to investigate regarding the emails, we could perform any type of action from wherever we are.

View full review »

What I find most valuable with the solution is that it can integrate with cloud solutions, such as Google and Microsoft. Additionally, the solution is easy to use. 

View full review »

It is one of the greatest solutions to have or to complement any other security solution such as Proofpoint or IronPort. FireEye is good for malware depicting and security.

View full review »

The solution's most valuable feature is its simplicity. It's very user-friendly.

View full review »