Trellix Endpoint Security Platform Reviews

We use this solution to enhance our internal defense system, protecting us against malware and advanced persistent threats.

We use the on-premises deployment model.

This solution has helped to protect our organization against security threats.

The most valuable feature of this solution is its simplicity. The triage process is quite effective, and it is compatible with many different systems.

We had a very large problem that has, unfortunately, not been solved. Simply put, when we start the computer the program will not start. We have encouraged FireEye to solve this problem because we have to manually start this product each and every time, and it affects almost thirty percent of our environment. From a security perspective, this is not stable.

After using various components in this solution, I get the feeling that not every part of the whole FireEye suite works perfectly with the other parts. Sometimes you have this functionality where the product has the ability to take data from one part of the solution and use it in different parts. Sometimes, however, you don't have this luxury. The solution needs more suitable dashboards that handle things from different perspectives. For example, a CEO and a technician from operations are completely different. The integration and display of the dashboards have to be done better.

We have had trouble with stability because the program fails to start when the computer does. 

This solution is very flexible and scalable.

This solution needs stronger support in Eastern Europe because of the time difference between, for example, Poland and the United States. It makes it difficult to contact technical support. In order to receive good support, we have to wait until 5:00 pm before we call. Essentially, the vender needs a better presence in more time zones, and 24/7 support would help to fix this.

Technical support has another problem, where the support from the US is better than the support elsewhere. The training and knowledge should be the same, no matter which tech support group you contact. This might be accomplished using a better internal knowledge sharing system.

We did use another solution prior to this, but because we have the entire FireEye suite, we decided to create a more monolithic approach to security using different products. These include FireEye EX and FireEye AX, which are used for malware protection, network protection, and sandboxing. We decided that if these were good enough then we would push more for the endpoints, which is why we adopted this solution.

The installation of this solution is straightforward from my perspective.

I like FireEye products, and they have a huge portfolio for this solution. However, this is not a magic bullet where you can install it and your problems will disappear. The problem is with the people, rather than the tool. From my perspective, you can install every tool, but you need to have a security operations team involved in the process of analyzing, sorting, and eliminating threats.

When we started our project, we had very few people and we have realized that this had to change. The system without human intervention is useless. We needed to build more complex security operation centers to handle false positives, the triage process, and eliminating threats.

The biggest lesson that I have learned from this solution is that people need to be ready and the business needs to be ready to use it. This is not a toy. It is a very mature solution to protect the internals of the organization and it should be treated in this way.

This is not the worse product that I have seen. I've seen many, many bad products. At the same time, this is not the best product that I have seen.

I would rate this solution an eight out of ten.

The solution is broken down into different components from the portals. Web filtering, which is an added feature has been great for us. Other than that, we also make use of other products under McAfee, so it was DLP, HIPS, as well. Rogue Detection is more for detecting and managing systems on our network. That worked very well for us. From an interface point of view, it's really simple and straightforward.

On the next release, they should build an easier way to see a repair option within the McAfee icon on your system tray. If there was an issue, you should be able to contact the user or just right-click on "repair". That would be a very good feature to add. That could be a place of improvement, just adding that button, or customizing it.

We have good compliance. Compliance is using it at the moment, so we work 90% plus. It works well. It's being used on a daily basis and runs very well.

The solution is simple to scale. In South Africa, we have about 12 to 18,000 deployed and over 18,000 Endpoint users. We have two servers as well. 

Installation was a bit complicated right in the beginning. We obviously had to use a different extension and some of the policy had to be modified, changed or migrated across, but there were no other issues.

I've been using the Complete Endpoint Protection for maybe a year and a half, but the other half of the McAfee Suite, the McAfee Virus Enterprise, I've used since 2012 and then it migrated to McAfee Endpoint.

From a customer point of view what they need to look out for is just mainly some of the products that they use to make sure the exclusions are correct. The processes that they need to exclude, as well, are done correctly. It is mainly on the exclusions to ensure they don't have any impact.

I would rate this solution eight out of 10.

In terms of features, its internet exchange is also perfect. I mostly like the powerful management tools. It's got a lot of detail, so it's powerful.

They don't have any gateway solution. In the past, they did. I think they need a gateway solution to control internet traffic. In the next solution, it will improve the total security, on the network security side if they add this. 

In Turkey, according to regulations, the main platform must stay on on-prem, not on the cloud. Most of the customers are still using the mail gateway solution but McAfee stopped developing mail gateway security. For us, it's one of the missing pieces on McAfee in Turkey. They're right, they saw that mail business is going to cloud but in closed countries, we need a gateway solution. McAfee is missing this.

In the next release, they should add something that converts the endpoint business switch for the endpoints. They can integrate side endpoints and try to add them to an existing endpoint, or maybe they can match all these add-ons on a single agent. 

All McAfee products are stable at the endpoint. That only changed when Microsoft announced a new update, and we can foresee compatibility problems. Normally if McAfee gives 1-gigabyte throughput in production, you will see the performance and stability. McAfee's products generally are stable, when I see the from the production angle. Approximately all of the products are stable.

It's very easy to scale. You can deploy a conservative amount easily. If there are other branches, McAfee is the best solution for that kind of implementation. Scalability is very high. With the cloud solutions available after McAfee acquired Skyhigh, they can also offer a solution on the cloud side. On-prem and also cloud allows McAfee to be a full solution for the customers.

Generally, in Turkey, support is very good. Soon they will open a call center in Turkey with a Turkish speaker with technical knowledge. Generally, when I was on the technical side, when I called the support team, in an hour or two maximum someone would connect to the system and start to investigate. In the end, most of my problems have been solved via the technical team.

The initial setup is complex. It is a very complex product. You must have experience with it. If not, installation can be disastrous. You must have experience with it because it's not easy. But if you install it perfectly everything can then be done automatically and it's more powerful.

Everything has been simplified. On the endpoint side, there is also a lot of improvement.

When Intel acquired McAfee they worked on the protocol so that all vendors can work on the same platform. It's a very big improvement in McAfee. All McAfee products talk to each other. Other vendor's products can join this platform as well so it makes it more powerful on the enterprise side for McAfee.

With a knowledgeable technician that has a lot of experience with the product, you won't have problems. If you work with a less experienced person, implementing the solution can become a problem.

I would rate this solution a nine out of 10.

Firstly, the Real-Time Protect and the dynamic application containment, are two great features out there. The endpoint features are also good. The new version is quite good as compared to the older version and interface. It's a replica of the VAC. It's good.

The solution could use better updates and fewer bugs.

It's quite stable. There are no performance issues or there is no concern that we have received so far. That's good.

It's easy to scale, but it depends upon your skillset as well. So if you have a good skill set, you can manage each and everything very easily.

For technical support, it depends upon which region you're connecting with. Most of the time, if you're in the Middle East and if you try to get the support it's really bad support. When you are in Asian countries, you get good support because of the experience in the region. For the US and UK, they have good support centers. So there is no issue with that.

The initial setup is straightforward, not complex.

We implemented the solution on our own.

For performance, they have introduced a new feature. McAfee decides what they want to scan and it reduces the performance of the system. So generally what happens is when McAfee scans a file, it stores the files in the cache. Next time, if there are any changes in the file, then only it will scan the file. Otherwise, it will not scan it. That's how they have increased in the performance inside.

I would rate this product eight out of 10.

In new units, the initial agenda, they are changing a lot of things and there are lots of bugs we normally we didn't use to see. Again, we had to rely on some updates, and the way that it appears, the mechanism, they have changed it. So lots of things involved like bugs and issues related to the different parts of the product are challenging. Otherwise, it's good.

I find the endpoint management feature the most valuable. I like the exploit blocking, the anti-exploit.

The solution is getting better. The new central console is better than the earlier one. Earlier it was too complex to find out which option was there. So, if there was a search menu for certain things and if I wanted to enable or disable something, I couldn't. Now there's a search menu that I can type into and I can navigate through the menu to where I want to go.

There are still too many options but it is better now.

Sometimes, while installing the ePO we get many errors and I don't know why they happen. So I just want them to work on that part. So that during the implementation there will be fewer errors.

I'm not sure if McAfee supports patching. They could add vulnerability scanning as a feature. I know the setting is already there, but if they could add a feature of vulnerability scanning and patching that would be great.

Technical support is very good. I'll say in the Middle East, I don't know about other divisions, but in the Middle East, it's good. If I have a ticket they follow up and give a call. I don't know where support is set up for the Middle East, if it's in the area, but those guys are very nice.

I would like to recommend the solution. It's better, and pricing wise, it's worth it. It's really worth it as compared to other advanced malware security solutions in the market. They are costly, like anything. And the technical support good, even though the solution is new. The solution is not yet mature. Pricing is fairly affordable for all enterprises, big or small. 

I would rate this solution an 8.5 out of 10. Because sometimes it makes machines really slow. There are a lot of features. I enabled all the layers but it sometimes makes systems slow. The solution keeps on adding engines and engines. If they can add everything in one engine instead of having multiple engines, then I would really say the system would work faster. I'd say it's not that bad, but it's not that good. The speed is still better than other versions in the past that came out.

Controlling and Monitoring Change
Change control processes are often reactive and require manual responses, an ineffective approach to combating today’s threats and handling the growing number of devices in the IT infrastructure. The Security Connected approach from McAfee ensures that every desktop, server, application, network device, and database is in the scope of a change control solution, giving you critical visibility into who is using your systems and what activities are taking place.

Enabling Consumerization of the Workforce
A flood of iPhones, iPads, Android devices, and employee-owned laptops is hitting the workplace, bringing better productivity but also new security risks. Learn how businesses can effectively and securely enable the use of consumer-owned devices in the enterprise by protecting how data is being manipulated and controlling network access across mobile devices, laptops, desktops, and virtual desktops.

Managing Security and Risk
Limit your exposure to security risks that reveal customer data and internal assets. This solution guide addresses the importance of implementing a strategic security and risk management program focused on prevention and protection — helping you reduce incidents and risks throughout your entire IT infrastructure.

Obtaining Benefit from PCI
McAfee helps enterprises take a formal, strategic approach to meeting PCI DSS requirements — an implementation that can yield other cost saving and operational benefits to the business. McAfee compliance solutions automatically assess compliance status, proactively respond to any issues or potential violations, and continuously monitor controls across the enterprise.

Protecting Information
Your company’s sensitive information, including intellectual property, financial records, and personal information about employees and customers, is an attractive target for cybercriminals. The Security Connected approach from McAfee helps you secure sensitive information on databases, file servers, smartphones, email servers, and USB drives — while keeping it accessible to multiple users and groups.

Protecting Information from Insider Threats
Don’t overlook the threats to your data and network from company insiders. To address these risks, McAfee provides a new level of visibility into your organization with security controls that work together across endpoints, networks, and data to improve incident detection, protection, and response capabilities.

The following are the main features of the McAfee Suite:

1. Threat/risk protection at the core level: All of the components , including the antivirus and exploit functionalities, all communicate with each other on a real-time basis.
2. Machine learning: The McAfee Suite consists of sophisticated learning algorithms in order to precisely identify and confirm the presence of any malware, primarily based on their signature profiles.
3. The containment of applications: With this feature, your IT security staff can mitigate the damaging impacts of malicious files (such as those found in phishing emails) and other types of malware by blocking them from entering further into your network infrastructure, and from there, isolating them.
4. Endpoint Detection and Response (EDR): EDR is now fully integrated into the McAfee Suite and is completely automated. Any risks and threats can be curtailed by just a few clicks of the mouse.
5. Centralized management: The McAfee ePolicy Orchestrator is a specific tool that allows for your IT Security staff to a get a much greater visibility and insight into your network infrastructure with easy-to-use and understandable at-a-glance dashboards.
6. Proactive learning analysis: With machine learning algorithms, the McAfee Suite can quickly create models of your organization’s cyber-threat landscape and what potential malware attack vectors could like in the future.
7. Sophisticated levels of anti-malware protection: The engine that drives the McAfee Suite is updated on a 24-7 basis via the McAfee Global Threat Intelligence feeds.
8. Advanced threat forensic capabilities: With this functionality, your IT security staff can quickly determine where the malware resides in your network infrastructure, how they evolved and penetrated your lines of defense, and how long they have stayed in your systems.
9. Malware behavior monitoring: This tool of the McAfee Suite can actually record the “behavior” of the malware in question while also studying its Attack Techniques and Procedures (TPPs). It comes with a comprehensive alert system and can even provide a sophisticated review (or “playback”) for the network administrator.
10. Migration assistant: This functionality allows for your IT security staff to quickly migrate network security policies from legacy platforms into the McAfee Suite.

Business Support some times lazy but once they on board they will get the job done.

With McAfee ePO software, you can scale your network vertically or horizontally.

• Vertical scalability — Adding and upgrading to bigger, faster hardware to manage larger and larger environments. Scaling vertically is accomplished by upgrading your server hardware, and installing McAfee ePO on multiple servers throughout your network, each with its own database.
• Horizontal scalability — Increasing the size of the environment that one McAfee ePOserver can manage. Scaling horizontally is accomplished by installing additional Agent Handlers, all sharing a single database.

  Make sure the McAfee ePO infrastructure is scaled to handle major peaks in outbreak situations.

Technical support is getting better now, but previously, the support was not optimum or not available.  when we opened a case, the engineer took too much time to listen to us and then they collect all the information. But then he never came back to us. Sometimes, five days, three days, sometimes even two months would pass and nothing would happen. But now I can see that the tremendous change. From the moment you open a case, in the next hour, you will get a response from the technical support, so now I'm feeling that the support is getting better.

Installing McAfee products is very easy. Not only at the endpoint. Any McAfee product, because of the Product and Installation guide available with good detailing,and the availability in the community & knowledge base articles. Most of the blogs you find even outside of the McAfee community, which help me in the deployment of McAfee products. So installation never seems to be hard for me.

Experts

20 Months or less depending on each organization

There are many other endpoint security solutions that are available today, but McAfee Suite has several distinct advantages when you make a procurement decision. For example:

• All of the information, data, malware signature profiles, intelligence gathering, alerts, warnings and so on can be accessed and viewed very easily from just one console
• You do not have to overspend on security technology, because all of the features described earlier comes as one unified, cohesive set. McAfee Suite also leverages all of the existing security features of the operating systems and virtualized environments also previously mentioned. So in the end, there is really nothing more that you need to add on
• McAfee Suite can work as a single security solution for all kinds and types of device hardware and software such as workstations, servers, wireless/mobile devices, containers, virtual instances, and even those objects found in the Internet of Things (IoT)
• McAfee Suite has been comprehensively tested by certified third parties and has proven itself in the real world

McAfee Complete Endpoint Protection is mature, tested, and usual: this is our policy. We don't go for the latest releases. We go for the release which is before the last.

We have approximately 800 people using McAfee Complete Endpoint Protection. These are mainly end-users.

The feature I like the most in McAfee Endpoint Protection is when I get reports of unmanaged devices. These are kind of issues that alert me to address a problem. 

I need to find out how we can eliminate these devices which are connected to our network and not managed by McAfee.

In my experience, the main part of McAfee Complete Endpoint Protection that needs to be improved or simplified to make the platform better is the scanning features. 

Sometimes when it runs in the background of the endpoint, the devices get slowed down for some software applications.

The reporting should be used to enhance our analysis. There are some dashboards for user management. There is still improvement required with them.

McAfee Complete Endpoint Protection is stable. We don't have any bugs being reported.

For the scalability of McAfee Complete Endpoint Protection, it is easy to add more processes or add more users to the platform.

The solution's technical support is satisfactory, but there are some hiccups. Sometimes it is required to escalate to the second level. That was only one incident. 

So far, we are getting the expected customer support that we needed from McAfee.

McAfee Complete Endpoint Protection is the only endpoint solution we've used.

We have not seen a return on investment. We don't do this kind of exercise to see a return on investment. Since it is working and there are not any security issues, we are safe. 

This is what we consider our return on investment for McAfee Complete Endpoint Protection.

We recommend McAfee Complete Endpoint Protection. We watch threat reports for McAfee and search Gartner's Reports to see whether they are doing well or not.

On a scale from one to ten, I would rate the platform an eight. We were expecting more. They need to enhance the dashboard and scanning features.

I am using McAfee Complete Endpoint Protection to control bandwidth. Any network administrator can do that easily. Control is the best part of Mcafee.

I need to be able to allow the amount of data used on an authorized user account., i.e. the amount of web data someone uses before a limit. I use other tools for that now.

The most valuable features are the adaptive tech on McAfee.

In our experience, McAfee Endpoint Protection could improve the word control feature. It is absent from the application. I couldn't do that.

Everything has been fine with the product. It could use better visuals. The tutorial is very limited. They need better training materials and visuals in reports.

McAfee Complete Endpoint Protection is very stable. 

I don't know how much it can grow. Already you have the basic products that you need for the platform. We have about say 500 endusers and admins altogether. There are around ten admins for the solution.

I had an issue. I had a bridge about a year and a half ago. I had to contact McAfee online and they helped me patch it. They signed the consolation code for us.

I had a very good experience with McAfee customer support. I'm very satisfied.

When I came in, there was a previous manager. He set it up. I had nothing to do with it.

I would recommend McAfee Complete Endpoint Protection. It's an all in one endpoint. You can scale it. You can buy McAfee web control. You can buy other products.

You can increase as many products as you like as you go on. Most organizations don't have it and it makes controlling easier.

On a scale of one to ten, I would rate McAfee Complete Endpoint Protection a solid seven because a ten is perfect. I believe there are opportunities for improvement.