Trellix Endpoint Security Platform Reviews

I use this solution for system security protection.

McAfee has helped our organization by keeping all of our computer systems secure from viruses or other intrusions.

The most valuable feature is the centralized console where everything can be controlled by the administration. McAfee is always improving and is coming out with advanced cloud strategies, you can always rely on them now and for many years ahead.

There are times the solution has some additional software added that is not fully integrated properly, such as Exchange Group Shield. It is quite old and is not fully integrated properly and could be improved.

In an upcoming release, there could be an improvement in performance. There are times the solution can use a lot of resources on the local machines. This normally happens when the system is scanning, the end-user can really notice the performance change. After every new version that is released, there are improvements made. However, there is still room for improvement.

I have been using this solution for approximately 15 years.

The stability is good, whenever there is an issue there is an update or solution to fix it shortly after.

The scalability has been good for us, we have not expanded very much to know more.

The technical support could be improved. We currently have business support and this has been a lot better than the regular support. The business support is more responsive and the resolutions are more thorough. 

The price of the solution is fair, we have a complete security package.

The solution is very good but it is useful and important to have good experience with the endpoint testing machine.

I rate McAfee Endpoint Security nine out of ten.

Overall, we handle the implementation of the solution, taking into account the policy required to secure the network.

We primarily use McAfee Endpoint Security for data loss and endpoint protection.

An area in need of improvement involves the overview, which usually does not enable one to get the value in reports.

Upon receipt of the incident, the review is important. Based on this it is possible to construct a workflow for closing the case. 

It is crucial to keep the data inside the department. Receipt of the incident is a pain point since there is a need to engage one's system administrator as part of the data loss protection consent requirements and this involves sensitive information. However, nothing will be accomplished with a system administrator, only with a compliance administrator who is fully knowledgeable. 

The solution is not stable and the ecosystem enters the picture for those responsible. Each system is connected in a centralized manner to give a holistic view of one's endpoint and environment. This is how things are at present and it offers a great way of setting things up. But, it poses an issue that a person cannot translate the value of the information once the entire system is integrated into a single console. Nothing will be accomplished in the system if incidents are frequently received but with no correlation between them. There is a need for combining IP analytics with artificial intelligence in respect of these reports. 

The initial setup was complex and required too many servers.

A perpetual license is not an option with McAfee Endpoint Security or anyone else for that matter. 

The price of the solution is high in Asia, in contrast to Symantec, which gives you a 70% discount on the closing of the project. The issue at hand involves the people. McAfee did have some big clients in my country and region. However, it did not have many clients. 

The solution is deployed on-premises since it mostly involves a bank. 

Unfortunately, most clients have chosen to remove McAfee and have switched to Silence because of its ease of use. They are not interested in updates. 

I feel McAfee Endpoint Security is a good, mature product, although the price of the technology poses an issue. In Pakistan and Asia, there is a different kind of field environment than in Europe and the United States. While we cannot offer our clients managed services, which is what everyone wants, in Europe and the United States they can. 

I rate McAfee Endpoint Security as a six out of ten. 

I have found DLP to be a valuable feature.

When it comes to DLP or McAfee Security Encryption, with which I am happy, I like to make use of the solution for Vault, but find that the encryption is problematic. The system needs reforming. Suppose the solution is utilized on a laptop or desktop and the client wishes to make an assignment to another person but forgot his password. The data cannot be archived or backed up. 

I have been using McAfee Endpoint Security for the past five years.

The solution is reliable.

Previously, I used the solution for a single site consisting of nearly 300 users. However, as I found it to also be a good tool for DLP endpoint, I now use it for another client with nearly 700 users.

Counting from one to ten, this being the highest, I fully support the solution's technical services.

The initial setup is very simple, allowing a person to get the videos or documents on the internet. 

The deployment takes one to two days.

I do licensing on an annual basis and this is what I always recommend to my clients over the monthly option. This is because all my clients are long-term and do not wish to pay on a monthly basis, instead preferring licenses of, perhaps, three years with an additional one or two year option. 

I am using the latest version of the solution minus one. 

Some of our clients deploy the solution on-premises and others use clouds, such as AWS or IBM Cloud. I'm actually a service partner with IBM Cloud and the community manager with AWS Cloud.

We currently have two or three clients utilizing the solution and it can be said that it is a good product. 

The solution is really good and competitively priced, so someone wishing to secure his enterprise or make use of it in an inexpensive fashion should do so. 

I would rate it a seven out of ten. 

MVISION Endpoint is the management software for McAfee that manages the Windows Defender. It manages the Windows Defender anti-malware, Windows Defender Exploit Guard, and Windows Defender Firewall. These are the three main components that McAfee manages centrally from an ePO, and that ePO can be an on-premises ePO management server, or it can be an MVISION ePO management server on McAfee cloud. So, management can be both on the cloud and on-premises.

It's simple and very easy to use. Before MVISION Endpoint, McAfee had their own Endpoint Security software called ENS, which included their anti-malware engine. Even though ENS was a comprehensive product and a very good product as well, it was confusing for some professionals. 

In the times that we live in now, an IT personnel, even a specialized one, is a generalist. So you have an IT person who is managing the firewall and endpoint security, and also managing the ERP and backups, and the switches as well. Everything in the environment will be handed over to a single person.

A product like McAfee ENS is pretty extensive and allows for advanced configurations, especially for security professionals. However, IT personnel often fail to configure it properly. MVISION Endpoint is so much easier and so much simpler for the lay security personnel to handle. This is what I really like about it.

McAfee has an on-premises ePO server, which you can install on your environment. You can add your infrastructure and push the agents all from the console; so you literally don't have to do anything on your own. From the dashboard, you'll push the agents, install them, configure them, and manage them all from the console.

McAfee has several MVISION products. It will be really amazing if they could be consolidated into one dashboard. As of now, I know that this is on the roadmap and is expected to be released very soon. It'll unify the management of the various MVISION portfolios. It will be a great tool for improvement.

Instead of needing separate management consoles to manage some of the products in the portfolio, a unified console for MVISION Cloud, MVISION EDR, MVISION Endpoint, MVISION DLP, and the remaining MVISION portfolio would be great. I believe that McAfee is addressing this at present.

A drawback with the cloud MVISION ePO is that you can't push agents from the cloud portal. You need to download that agent, and you need to figure out a way to install that agent into the machines.

I'd like to see MVISION Endpoint for other platforms because MVISION Endpoint is only compatible with Windows 10 and Windows 2016 and above. If I were using a Linux operating system, I would not be able to use MVISION Endpoint.

I'd like to see it in the Mac operating system as well. I'd like to see cross-compatibility, which would be great. Even though McAfee has a simpler product for Androids and the iOS, it would be great to see the ease of use of MVISION Endpoint across the portfolio.

I've been using it for two years.

McAfee doesn't provide the security software. It manages the security software which is built in to the Windows 10 and Windows Servers 2016 and above. Unlike McAfee ENS, which uses its own software to do the scanning and its own signature database that could add lots of clutter to the operating system, MVISION Endpoint uses Windows Defender, so there's no added overhead for the machines. As a result, it is pretty stable.

In terms of scalability, you can deploy as many agents to as many machines and protect them from the ePO, whether it's an on-premises ePO or one on the cloud.

Technical support is great. I didn't have to interact with them that much, but they provided good support at the times when I had to reach them. They were responsive; that is, I'd get a response within the same day.

In my experience, the installation has been straightforward.

The only major issue is that if a client is going to have his ePO on the cloud, his management server will be on the cloud. So I will need to push agents to lots of machines. There is no automated deployment from the cloud to on-premises machines. That means that I need to download the McAfee agents and have to take care of the deployment and the automation on my own.

Customers would need to purchase a license. If a customer purchases an MVISION Endpoint license, he may use that license to install ENS. It's a flexible license where you have the option to either use the McAfee security software or the Windows Defender managed by McAfee, which is MVISION Endpoint.

With MVISION Endpoint, even if you don't know about cybersecurity, you can just turn on the protection checkbox. It's that easy. It was really relatable to my experience with Sophos because the configuration there was also that simple, so I really liked it.

For those who can't afford expensive cybersecurity professionals but are responsible for configuring the security of the organization, MVISION Endpoint is a good product to go with. It's flexible, and you can manage it from the cloud or on-premises.

At present, it is often used by small businesses because of its ease of use, configuration, and deployment.

It's been around on the market for a long time, and has undergone many improvements. So, on a scale from one to ten, I would rate McAfee MVISION Endpoint at eight.

We primarily use the solution for endpoint security.

The remote installation capabilities are very helpful for us. Its automatic installation is a good feature.

The malware detection is very good. 

The features, for the most part, are reliable. When installed as endpoint security, ransomware detected on any endpoint will be automatically quarantined there. It's then disconnected from the network and users are able to clean up that particular wireless area.

The initial setup isn't too difficult.

The solution scales well.

The solution offers good patches pretty regularly.

The solution takes up a high amount of memory and can cause the system to hang.

The malware detection, as good as it is, does not seem to be deployed correctly. It's not doing system quarantine. If a system gets attacked by ransomware, it's not going to be quarantined correctly.

If someone wants to filter or asks the system, "Please remove that antivirus we don't want it here," due to the fact that we don't want to work on a specific system, we get frustrated as it won't remove itself. It just starts scanning when we don't want it to and it begins to slow down everything when we need to do important work. 

We would like there to be better reports that we could take to management to have them be able to look at.

Recently, we have seen that Ransomware updating is starting with just SQL services. It would be nice if it was offered across the board.

I've been using the solution for about one year at this point. It hasn't been too long.

While the system is stable and we are getting malware protection, we've found that the one big thing is that we are getting performance issues. Every system goes slow. There is a significant slowdown when we install the McAfee agent. That's one of the big issues we're just facing continually.

The solution scales quite well. If a company needs to expand it, it can do so with ease.

We don't get any support from McAfee. If the endpoint server is down or something is not working, or the data is not connected, you may need technical support, however, in truth, we haven't had any type of these problems. From the server-side, it was working perfectly, providing the proper reports. We haven't had any real issues and therefore haven't needed to reach out.

I have some experience with Sophos and Trend Micro Apex One. I find them to be a bit better than McAfee in terms of capabilities.

The initial setup is pretty straightforward. It's not overly complex. A company shouldn't have any issues with the implementation process. It's pretty normal, pretty standard.

We're just a customer and an end-user.

We're doing the latest version of the solution. I do not have the version number on-hand.

50% of companies are facing ransomware issues right now. We have also faced that in the past. That's why we have looked into Apex One. We have installed that. All systems are under Apex One. Everything is updated, however, it's not protected as it's not continuously communicating with the data centers. They are not updating the algorithm as they should. They need to make improvements to that part. 

Overall, I would rate the solution eight out of ten.

I'd recommend the solution for companies just working with a few documents, however, if you are an enterprise, you might find that the solution slows down your system and it could affect your work in general.

I work for a company that is a McAfee partner. We sell the solution, and we have engineers that implement the solutions. Basically, I am part of the technical staff that implements the solution on-premise.

We use endpoint security for our clients. We configure policies to scan the computer every single day in some cases and every week or even every moment. Basically, it protects the endpoint, and we have policies to do advanced threat protection.

Thanks to the implementation of this tool, we have managed to avoid massive virus infection, have visibility into console events and be able to implement action plans to contain threats.

Threat prevention is valuable because most clients use other solutions like antivirus as part of web protection. I don't find that kind of solution useful. We use the firewall to protect the client's network or even blocks and some kind of traffic that the computer received. The ATP model, I think, is one of the most important features because it can protect the computer when an application doesn't work as expected. It will alert and send messages to the ePO, and we can see everything.

The local technical support could be better. It would also help if the engineers can develop some automation features for the on-prem ePO. For example, in the on-prem ePO, you can store the endpoint using the IP address or using text, or using the default version. But in the MVISION ePO, you don't have that kind of feature. It's complicated to sort the endpoint because you have to do it manually.

I also think the detailed level of the detection could be better. In some cases, it's very complicated to figure out which file is the one that is actually impacted, depending on the dashboard you see. The dashboard is one of the most important things in the ePO because it's where you can see everything in a central location. But sometimes, you need to change from one view to another view to find what you're looking for.

I have been using McAfee Endpoint Security for about three years.

It's very stable. It works as expected, and I am very happy with this solution.

This is a very flexible product. It can be installed on a single physical or virtual server, or well installed on a windows cluster, and if you want to explore other modes it can also be implemented in the AWS cloud or as a SAAS.

In some cases, if the report comes from India or America, it's basically an open and shut case. But if the support comes from Latin America, you probably have to scale that problem to another area or another region. You need a person that has more experience with the product.

No. 

The initial setup can be both straightforward or complex. Some documentation on clients is very slow. Basically, we spent time implementing the ePO version because sometimes the database from the ePO is too big, and we need to do some things to the database to shrink the space, and it doesn't always work as expected. Sometimes, we have to follow one, two, or three steps to get the data and various scenarios to increase the number of steps because troubleshooting wasn't working.

If we implement MVISION, eventually, it would take around three hours because we have to install the software on the server. We have to do all the upgrades and implement some upgrades to the ePO software. Basically, it's three hours, but it can take five to six hours, depending on the data's size.

We implement this solution for our customers. If you are an engineer, and you have the experience, you can do it. If someone doesn't have experience with the OS, with Windows, or with the product, you might need specialized engineers.

For the issue of implementation costs, you require that the partner you use has qualified personnel to carry out this activity or you can use the professional services of McAfee, but these can be somewhat expensive.

Our clients ask us about other solutions like Cylance. I have one client that uses CrowdStrike. If you compare Cylance and McAfee Endpoint Security, the main difference is support. 

McAfee is excellent. You can ask any questions, and with a couple of clicks, you will find the answer to the issue. If you don't find it, you can open a support ticket. Sometimes, the McAfee solutions are very complex to configure. Just in some topics, but on the other hand, very simple to configure.

I recommend that the client needs to be aware of what McAfee can do for them. If the engineer can implement the solution, he'll just follow the book, and he's not going to get the best experience from the product.

To not impact the computer or the endpoint's performance, you need to finetune the policies. If the engineer doesn't have that kind of experience, you won't get the best out of the product. The client needs to get an engineer with a lot of performance tuning experience to get the most out of the product.

On a scale from one to ten, I would give McAfee Endpoint Security a nine.

We use this product for endpoint server protection and content security.

What I like best is the integrated end-to-end security that works with the security information and events manager. It's a complete suite.

Technical support is an area that can be improved because sometimes, the response time is a bit slow and the explanation is short.

We have been using McAfee Endpoint Security for three years.

This is a stable product.

McAfee Endpoint Security is scalable. We have approximately 3,000 users.

We have used technical support in the past and I find that their response time can be a little bit slow. Also, they provide less of an explanation than we expect.

At this time, we use the complete suite of McAfee solutions. However, we used to use Trend Micro.

The initial setup is pretty straightforward because it comes with the central admin manager. This means that it can be deployed or pushed from this console.

It takes a couple of hours to roll this solution out to about 500 users.

My in-house team is responsible for deployment and maintenance. There are three people in our support team.

If the price of this product were lower then it would be much more attractive.

Since the maintenance is done by our own team, the price of the subscription should really be cheaper.

This is indeed a premium product when compared to others.

Feature-wise, I am happy with this product and we have no plans to change it at the moment. It is a product that I recommend.

I would rate this solution an eight out of ten.

We currently have around 50 servers. We aren't really a big company but we have 50 servers which we manage. We use McAfee for the web filtering portion of it. For example, if a user is doing a search on Google, there's a risk-rating web content filter built into McAfee. This alerts us if there are any threats present. 

We have licensed McAfee ENS on a per-server basis. As of now, from memory, I think we have 56 endpoints running McAfee — 56 servers in total.

From the McAfee side, I really like the ePolicy Orchestrator software that allows us to manage all of our endpoints. You can create the deployment policies and whenever there is a new update — a new version of the ENS Agent, or threat protection — we could test it out in the evaluation branch, and even test it on some of our servers.

It's quite easy to manage. Quite intuitive. I would say the dashboard of ePolicy Orchestrator software is quite intuitive and quite easy to understand and manage. 

I have been using this solution for 15 to 20 years.

We have had some issues from the performance side of things, especially when we were deploying new types of software. Sometimes the consumption of resources from McAfee was a bit high. Afterward, these problems were resolved gradually in future versions of McAfee. From what I've read from the release notes, in regard to the handling of memory, McAfee has been doing a better job, which wasn't really the case in the early years. 

It's easily scalable. If I need to deploy the Agent over 800 endpoints, I just have to script it and run a group policy to deploy it to all of our computers on the network — it's quite easy. 

For day-to-day management and ongoing queries, if ever I didn't have the solution to queries, I would just raise the case to the case management section of the McAfee website. Then the McAfee support team would help me out.

I was definitely satisfied with the support team. I really can't complain. They always sent me the correct knowledge-based article and they provided really insightful information to help me find a resolution to the issue. 

At the previous company that I worked for, we used Symantec Endpoint Protection. Now, we are working with CylancePROTECT and OPTICS.

The main reason that we moved from McAfee to Cylance is that McAfee is still a signature-based product. We moved to Cylance, a signatureless-based product, where everything is updated. What I was doing, from an ENS product point stance, I had set reminders to myself and my team to update the Agent and look into the software repository to see if there were any updates every month.

Indeed, every month we had software updates and fixing restrictions. It wasn't good but I now have less of a hard time looking into this from a Cylance perspective as the Cylance library doesn't push one-minute software updates per year. I would say at most, two or three software updates a year, which is very, very small from a software update perspective in comparison to McAfee.

They're both good products. I'm not saying McAfee is a bad product. It's a very, very good product. It's mainly for these reasons that we moved to Cylance.

The ePolicy Orchestrator console is good, but from my side, I would say Cylance has a better artificial intelligence module — the OPTICS module which I would say is the way to go. I haven't really seen the trend in terms of what other companies other than McAfee or Symantec are doing, but Cylance is doing a really good job with this artificial intelligence module. It's great when it comes to notifying the team when it detects something malicious.

With McAfee, if there is a zero-day vulnerability, you have to download the patch for it from the McAfee website, then apply it to your endpoint. With Cylance, it's not like that. Each agent does it by itself — it's like a self-healing application. This is something that signature-based antivirus solutions like McAfee and Symantec didn't have until now, unfortunately. That's why we moved towards Cylance.

It's quite easy to install agents. Deployment and product updates are quite easy, as well. It goes without saying that it comes with some, I would say, low-level training and upscaling but these are easily retrievable from the knowledge base of McAfee.

We manually downloaded their AMCore versions to keep all our endpoints up to date. This way, whenever we troubleshoot the root cause of an issue, we still keep our endpoints as updated as possible and keep our environment safe.

When we installed the Agent — let's say I am building a new VM and new server. When you run the frame package, it's really intense. I would say it takes roughly two minutes to install, then afterward, to install the ENS modules, like the threat protection and web filtering packages, you've got to go through the ePolicy Orchestrator management console. I would say, all in all, it takes roughly 10 minutes.

To get it up to date, to download everything, all the packages, the software updates, and all of the AMCore DAT files as well as the virus definitions, it's quite easy. It doesn't take much time at all.  

For deployment, I worked with one external consultant.

Initially, when I came to the company, I didn't really have a background or any experience managing McAfee. I came from more of a Symantec background but I gained some knowledge from one of our external consultants who really had a deep understanding of McAfee products and their deployment. We had some training sessions and then I could manage the McAfee forum on my own. After a week's worth of training, I could manage McAfee on my own.

We had McAfee on a year renewal. We purchased it initially and then we renewed it on a yearly basis. I think the only reason we are renewing the license is for support reasons. 

I would definitely recommend this solution to others. McAfee is a good product. I worked with Symantec, but personally, I think McAfee is better.

However, in my opinion, now having worked with CylancePROTECT and OPTICS, I think  CylancePROTECT and OPTICS are on another level. Still, we have been working with McAfee for nearly 10 years and I feel it's a very good product. 

Overall, on a scale from one to ten, I would give McAfee a rating of eight.