Trellix Endpoint Security Platform Reviews

The primary use case of this solution is for intrusion prevention.

We are service providers.

The most valuable features are the prevention layer that detects the signature value and prevents threats in the network.

The reporting could be improved, by providing more reporting features.

The resolution time should be faster.

I have been working with McAfee Endpoint for more than ten years.

We have experienced a few issues.

I have contacted technical support and they are good.

The initial setup was straightforward.

It takes two days to deploy.

We did not use a vendor or an integrator, we have our own team.

I have experience with multiple vendors and this is a product I recommend.

I would rate this solution an eight out of ten.

This is part of our network security solution. We have it running on different servers and workstations that are on different platforms.

McAfee EndPoint Security has a lot of good features that work well if they are implemented properly.

This solution is difficult to implement. There are lots of features but it has to be implemented the right way.

I would like this solution to do what Palo Alto traps does because I would only need to run this one product.

I have been using McAfee Endpoint Security for perhaps the last ten years.

It is stable, once it is configured and set up properly.

The technical support is good but the local people are bad.

On the workstation, the initial setup is easy.

For the server, it takes a long time for your people to implement it.

I would rate this solution an eight out of ten.

The most valuable feature is the integration between environments.

Something that needs to improve is the interface. I would also like to see simple processing and reporting online. 

The stability of the solution was not very good.

We had some issues with the scalability but it was taken care of. It can be improved, however. 

I will rate this solution an eight out of ten. In the next version I would like to see an improvement in the scalability and stability. 

FireEye Endpoint Security is positioned as an Endpoint Detection and Response (EDR) product. 

We are a distributor of the FireEye product. We offer a combination FireEye package. We offer the product in many sectors, like banking and government.

We use the latest version.

We offer it in a private cloud model for our customers who want to build a security operations centers in their environment.

The most valuable network security feature is the network sandbox solution. This sandbox feature works on traffic flow. Detects multi stages attacks based on MVX analytics engine which detects zero-day, multi-flow and other evasive attacks with dynamic, signature-less analysis in a safe, virtual environment. It stops infection and compromise phases of the cyber-attack kill chain by identifying never-before-seen exploits and malware.

It has capabilities like machine learning and endpoint protection as an antivirus.

The investigation and forensic analysis have been most helpful.

They could use a Host Intrusion Prevention System (HIPS) and application control module.

If you have another endpoint product running on the same machine, you have to fine tune functions from FireEye to avoid performance and user experience issues.

It is stable. There are zero false positive solutions, not like other solutions.

We plan to increase our usage.

They have a strong technical support.

Before FireEye, we used McAfee Endpoint Protection and Trend Micro.

The setup was straightforward.

Our deployment and implementation strategies have to remain agile. Every customer requirement is different. Some implementations require a direct connection and so it will take, for SMB customers, a day more or less. For larger enterprises according to the distribution and the need for more trenches with lots of internet gateways, it could take up to five days. E.g., the deployment could take two to three days with 500 users.

Our technical team does the implementation.

We require two to three people for deployment and maintenance.

The current pricing is much better than before because they now offer product-related promotions along with some changes in product licensing. The new pricing model is better than before.

It is a yearly subscription-based product, which includes the license and hardware. There is also a subscription for technical support up to five years.

It is inexpensive with a competitive price.

We also looked at Palo Alto Networks Traps and Trend Micro.

It offers protection from the latest threats.

We use this solution to enhance our internal defense system, protecting us against malware and advanced persistent threats.

We use the on-premises deployment model.

This solution has helped to protect our organization against security threats.

The most valuable feature of this solution is its simplicity. The triage process is quite effective, and it is compatible with many different systems.

We had a very large problem that has, unfortunately, not been solved. Simply put, when we start the computer the program will not start. We have encouraged FireEye to solve this problem because we have to manually start this product each and every time, and it affects almost thirty percent of our environment. From a security perspective, this is not stable.

After using various components in this solution, I get the feeling that not every part of the whole FireEye suite works perfectly with the other parts. Sometimes you have this functionality where the product has the ability to take data from one part of the solution and use it in different parts. Sometimes, however, you don't have this luxury. The solution needs more suitable dashboards that handle things from different perspectives. For example, a CEO and a technician from operations are completely different. The integration and display of the dashboards have to be done better.

We have had trouble with stability because the program fails to start when the computer does. 

This solution is very flexible and scalable.

This solution needs stronger support in Eastern Europe because of the time difference between, for example, Poland and the United States. It makes it difficult to contact technical support. In order to receive good support, we have to wait until 5:00 pm before we call. Essentially, the vender needs a better presence in more time zones, and 24/7 support would help to fix this.

Technical support has another problem, where the support from the US is better than the support elsewhere. The training and knowledge should be the same, no matter which tech support group you contact. This might be accomplished using a better internal knowledge sharing system.

We did use another solution prior to this, but because we have the entire FireEye suite, we decided to create a more monolithic approach to security using different products. These include FireEye EX and FireEye AX, which are used for malware protection, network protection, and sandboxing. We decided that if these were good enough then we would push more for the endpoints, which is why we adopted this solution.

The installation of this solution is straightforward from my perspective.

I like FireEye products, and they have a huge portfolio for this solution. However, this is not a magic bullet where you can install it and your problems will disappear. The problem is with the people, rather than the tool. From my perspective, you can install every tool, but you need to have a security operations team involved in the process of analyzing, sorting, and eliminating threats.

When we started our project, we had very few people and we have realized that this had to change. The system without human intervention is useless. We needed to build more complex security operation centers to handle false positives, the triage process, and eliminating threats.

The biggest lesson that I have learned from this solution is that people need to be ready and the business needs to be ready to use it. This is not a toy. It is a very mature solution to protect the internals of the organization and it should be treated in this way.

This is not the worse product that I have seen. I've seen many, many bad products. At the same time, this is not the best product that I have seen.

I would rate this solution an eight out of ten.

The solution is broken down into different components from the portals. Web filtering, which is an added feature has been great for us. Other than that, we also make use of other products under McAfee, so it was DLP, HIPS, as well. Rogue Detection is more for detecting and managing systems on our network. That worked very well for us. From an interface point of view, it's really simple and straightforward.

On the next release, they should build an easier way to see a repair option within the McAfee icon on your system tray. If there was an issue, you should be able to contact the user or just right-click on "repair". That would be a very good feature to add. That could be a place of improvement, just adding that button, or customizing it.

We have good compliance. Compliance is using it at the moment, so we work 90% plus. It works well. It's being used on a daily basis and runs very well.

The solution is simple to scale. In South Africa, we have about 12 to 18,000 deployed and over 18,000 Endpoint users. We have two servers as well. 

Installation was a bit complicated right in the beginning. We obviously had to use a different extension and some of the policy had to be modified, changed or migrated across, but there were no other issues.

I've been using the Complete Endpoint Protection for maybe a year and a half, but the other half of the McAfee Suite, the McAfee Virus Enterprise, I've used since 2012 and then it migrated to McAfee Endpoint.

From a customer point of view what they need to look out for is just mainly some of the products that they use to make sure the exclusions are correct. The processes that they need to exclude, as well, are done correctly. It is mainly on the exclusions to ensure they don't have any impact.

I would rate this solution eight out of 10.

In terms of features, its internet exchange is also perfect. I mostly like the powerful management tools. It's got a lot of detail, so it's powerful.

They don't have any gateway solution. In the past, they did. I think they need a gateway solution to control internet traffic. In the next solution, it will improve the total security, on the network security side if they add this. 

In Turkey, according to regulations, the main platform must stay on on-prem, not on the cloud. Most of the customers are still using the mail gateway solution but McAfee stopped developing mail gateway security. For us, it's one of the missing pieces on McAfee in Turkey. They're right, they saw that mail business is going to cloud but in closed countries, we need a gateway solution. McAfee is missing this.

In the next release, they should add something that converts the endpoint business switch for the endpoints. They can integrate side endpoints and try to add them to an existing endpoint, or maybe they can match all these add-ons on a single agent. 

All McAfee products are stable at the endpoint. That only changed when Microsoft announced a new update, and we can foresee compatibility problems. Normally if McAfee gives 1-gigabyte throughput in production, you will see the performance and stability. McAfee's products generally are stable, when I see the from the production angle. Approximately all of the products are stable.

It's very easy to scale. You can deploy a conservative amount easily. If there are other branches, McAfee is the best solution for that kind of implementation. Scalability is very high. With the cloud solutions available after McAfee acquired Skyhigh, they can also offer a solution on the cloud side. On-prem and also cloud allows McAfee to be a full solution for the customers.

Generally, in Turkey, support is very good. Soon they will open a call center in Turkey with a Turkish speaker with technical knowledge. Generally, when I was on the technical side, when I called the support team, in an hour or two maximum someone would connect to the system and start to investigate. In the end, most of my problems have been solved via the technical team.

The initial setup is complex. It is a very complex product. You must have experience with it. If not, installation can be disastrous. You must have experience with it because it's not easy. But if you install it perfectly everything can then be done automatically and it's more powerful.

Everything has been simplified. On the endpoint side, there is also a lot of improvement.

When Intel acquired McAfee they worked on the protocol so that all vendors can work on the same platform. It's a very big improvement in McAfee. All McAfee products talk to each other. Other vendor's products can join this platform as well so it makes it more powerful on the enterprise side for McAfee.

With a knowledgeable technician that has a lot of experience with the product, you won't have problems. If you work with a less experienced person, implementing the solution can become a problem.

I would rate this solution a nine out of 10.

Firstly, the Real-Time Protect and the dynamic application containment, are two great features out there. The endpoint features are also good. The new version is quite good as compared to the older version and interface. It's a replica of the VAC. It's good.

The solution could use better updates and fewer bugs.

It's quite stable. There are no performance issues or there is no concern that we have received so far. That's good.

It's easy to scale, but it depends upon your skillset as well. So if you have a good skill set, you can manage each and everything very easily.

For technical support, it depends upon which region you're connecting with. Most of the time, if you're in the Middle East and if you try to get the support it's really bad support. When you are in Asian countries, you get good support because of the experience in the region. For the US and UK, they have good support centers. So there is no issue with that.

The initial setup is straightforward, not complex.

We implemented the solution on our own.

For performance, they have introduced a new feature. McAfee decides what they want to scan and it reduces the performance of the system. So generally what happens is when McAfee scans a file, it stores the files in the cache. Next time, if there are any changes in the file, then only it will scan the file. Otherwise, it will not scan it. That's how they have increased in the performance inside.

I would rate this product eight out of 10.

In new units, the initial agenda, they are changing a lot of things and there are lots of bugs we normally we didn't use to see. Again, we had to rely on some updates, and the way that it appears, the mechanism, they have changed it. So lots of things involved like bugs and issues related to the different parts of the product are challenging. Otherwise, it's good.