Trellix Endpoint Security Platform Reviews

The central management feature of the ePolicy Orchestrator was extremely valuable to me. My organization had a very small security team, so the ability to manage our protection tools from one program made the job much more efficient.  Additionally, central management made it much easier to create executive reports for management review. 

My organization did not have a well-maintained host-based security program before McAfee Endpoint Protection. This product made it possible to protect critical data, investigate threat events, and prevent future events from occurring on every endpoint on our network.

One thing I could have used was a more detailed description of the HIPS signatures. When selecting a HIPS configuration, I would have liked to see exactly what access will change on the system. My organization did not have much room for testing, and many issues did not come up until days or weeks after changes were made. 

We have had no issues with the deployment.

We have had no issues with the stability.

We have had no issues scaling it for our needs.

The system my current organization uses does not allow for administrative changes from the endpoint itself, like McAfee Endpoint Protection does. This feature is very useful when testing firewall rules and HIPS configurations for specific programs and sites that only certain network segments may need to access. 

The centralized management of the solution is valuable since we are a diverse organization.

It would be nice to have the ability to change Safeboot passwords from within the OS as there is a delay in the boot process and password changes can take time.

We've been using it for over five years. The component versions we are using are

McAfee VirusScan Enterprise + AntiSpyware Enterprise 8.8.0.1445
McAfee Agent 4.8.0.1938
Saferboot Device Encryption 5.2.11
McAfee SiteAdvisor Enterprise 3.5.0.1364

We have had no issues with the deployment.

There have been no issues with the stability.

We have had no issues scaling it.

I've not had to contact customer support.

I've not had to contact tech support.

We had something in place previously, and this just seemed to be a better fit. Also, the management of the device worked best for our organization.

The initial setup was straightforward.

We implemented it in-house. I would suggest building a small lab to get familiar with the process before working on a live environment.

Take your time and plan it out before attempting to deploy in a production environment.

There is not one feature in particular that is more valuable than another for us. It is generally a valuable tool that helps us with our security.

We can easily renew our subscription and update the product. When we update it, it automatically removes viruses from most of the infected systems.

They could improve it by providing better manageability for administrators. I need to spend too much time on this right now.

We've been using it for three years.

We have had an issue updating it. I have applied update ePO 5.3.1, but it shows the update version is ePO 5.3.0.

There have been no stability issues.

We have had no issues scaling it.

Customer service responds well.

Technical service is also responsive.

I used a different product in a previous position.

The initial setup was straightforward.

We implemented it via a vendor team.

The pricing needs to be lowered as we find it to be high. We're just a small-to-medium sized company.

You should use a licensed version of an anti-virus, preferably McAfee.

The most valuable feature that I've found most useful is the availability of seamless AES 256 full-disk encryption.

I don't need to worry about the content of a laptop if it's lost or stolen. It provides better security of laptops when doing foreign travel.

I think encryption needs to move to an all hardware-based solution. Software encryption is less efficient than hardware-based. Intel purchased McAfee a few years ago, so this company is set up from the chipset point-of-view.

We've used it for six years.

Initially, we ran into issues running full-disk encryption and certain versions of disk defragmentation software. However, this has now been resolved.

There have been no issues with the stability.

We have had no issues scaling it for our needs.

9/10. I've found technical support to be very good and responsive.

We selected this endpoint protection solution due to its multi-platform support, not just Windows (e.g BitLocker). Other reasons were that it has enterprise key storage and recovery, which is very important to us.

It's fairly easy to get going. It's been around for a while now, and there are lots of use cases. You just just need to follow the best practice installation documentation.

We implemented it with the help of a McAfee vendor team.

Everything has a cost. During the initial product evaluation, price was considered but it was not a show stopper.

The central management console, ePO, is very useful. It incorporates file/folder encryption as well as encrypted thumb drive registration and policy management.

McAfee Endpoint Protection is a a good product that's easy to administer. It provides endpoint protection for desktops, laptops, and servers, and the protection includes anti-virus, anti-malware, anti-spam, DLP, and encryption.

We're less affected by viruses and threats on end-user device, able to manage all endpoints from a centralized server across locations. We're also able to encrypt sensitive laptops with ease. Very good reporting and compliance to endpoints.

It needs much better control on zero-day viruses and easier submission of threats to McAfee. They also need to improve the DLP rules since loads of false positives and patch releases are not quick enough when a new OS hits the market. Because of this, there are incompatibility issues which cause slowness on end-user devices.

I've used it for five years.

Deployment of agents and products to end-user machines is straightforward and easy. The basic McAfee ePO deployment is not easy and you need good knowledge in SQL and servers.

Patch release is not fast when there is a new OS on the market, so compatibility issues will come and can cause slowness on end-user devices. For example, I had a tough time when Windows 10 was released and the devices were not protected for a month, which is not advisable.

The upgrade of the new ePO from older versions always have issues and need support from McAfee engineers all the time. In a span of three years, we had upgraded three times and all three times were difficult. But the engineers were good enough and at the end of the day, they fixed it.

We had no issues with the stability.

We had no issues with the scalability.

Excellent 8.5/10

9/10 - Very fast support and engineers have good knowledge of the products. They show patience in understanding the issues before taking any action/recommendations, which I personally appreciate. They also have an escalation matrix that provides for faster response time depending on issue severity.

I have used Symantec, not happy with their support and was facing lots of performance issues.

The initial setup is complex as loads of communication (ports between server, clients and locations) has to be done, making setup difficult. You need a good engineer who has knowledge of SQL, database, servers, and firewalls.

Our environment was a mix. I prefer to do it with a vendor and Intel Support.

The pricing was good and licensing is on a per-user basis, so it's flexible. All the products will work, but only AV signatures will stop downloading.

We evaluated Kaspersky and Trend Micro.

Always test on all environments and different OS's before deploying into production, especially VSE, DLP, and encryption.

The fact that the three components have been provided under one platform helps to simply perform product management.

Also, the virus definition file size is 40% smaller, which reduces the amount of bandwidth required to update all the endpoints.

There are three valuable components to Endpoint Security 10.1: First, there's threat prevention, which is for anti-virus and anti-malware detection. Second, there's firewall, which replaces the Windows firewall when activated. Third, there's web control which is used for endpoint web filtering.

The threat prevention feature is the most valuable because it provides protection against malware.

I would like the product deployment to be made simpler. The current deployment requires creating tasks to install each component.

The product is quite stable. We haven't had any issues with instability.

The scalability is great. We've been able to scale it for our needs.

Intel Security technical support is very efficient, although the wait times on the customer support line can be quite long.

I previously used Kaspersky. However, the management console does not match up to the functionality of the ePolicy orchestrator management console provided by Intel Security.

The setup was very straightforward. The EPO server deployed the McAfee agent and then we were able to deploy Endpoint Security.

Implementation was done through the vendor. My advice is to ensure all the requirements that are provided prior to implementation to avoid any delays.

The return on investment has been very encouraging. Ask the vendor to give you as much information as possible on all the suites so you can get a package that suites your environment.

Endpoint Protection 10.1 is a very complete endpoint protection solution that gives complete protection for endpoints. It is easy to deploy and can be a very useful endpoint protection suite for small, medium, and large-scale environments.

• Easy installation and configuration
• Managed by ePolicy Orchestrator (ePO) for simplified management

It's provided us with a reduction of the attack surfaces used by malware. As an organization, we've decreased our threat visibility.

We have reports by users of machines being slow when the on-demand scan starts.

Recently, some cases of ransomware have been reported on managed systems without VSE detecting them.

I've used it for six years.

VSE 8.8 is managed by ePO for easy deployment.

Beta versions are released for extensive testing on the various platforms before RTW (Release to World) versions.

We have had no issues scaling it for our needs.

McAfee technical support is available 24/7 to assist with any calls logged.

I have worked with Symantec before. I chose McAfee because of the security-connected framework for synchronized security, which works well to mitigate risks and to enable a proactive approach to threat responses.

The initial setup of VSE is via the ePO. When checked in to the ePO, VSE can be deployed to the whole environment via the ePO silently without any user intervention.

The initial implementation was done by an in-house team comprised of highly-skilled McAfee experts since we are an Infosec company specializing in various vendor products. An in-house team can set it up, provided they are awarded adequate training.

With the rise of malware and, recently, ransomware cases, using VSE assures you a positive Return-on-Investment. The benefits surely outweigh the risks of a compromised environment.

Using McAfee provides you a single, integrated platform that helps you have an end-to-end visibility of the whole environment.

I personally really like what the folks at Intel did when creating the Endpoint Protection Suites. Running the EASI.exe installer from the .zip file simplifies the build process for newer administrators and engineers by installing a base-system tree, basic policies, and streamlining the installation process. 

What most don't seem to grasp is that Endpoint Protection is a Suite Install Package. There are 6 different versions of Endpoint Protection, each coming with different applications installed. Primarily, I usually install the Endpoint Protection Advanced Suite (EPA) & Complete Endpoint Protection Suite (CEE). I recommend installing SQL either on the same box as ePO if you're managing under 5000 endpoints, or on a separate SQL server if higher, overusing the SQL Express that comes with the Installer. The primary reason is that if you use SQL Express, you do not have access to SQL Management Studio. Having access to the data tables and being able to clean up the space on the SQL server over time will be a must. The Complete Endpoint Suite has certainly simplified the build procedure.

I have been installing ePO and the separate modules for years. I am a bit biased on Intel Security products as it is how I make my living as a Subject Matter Expert .

There are a few things I wish the folks at Intel would fix. 

The primary for me is with the ePO Query creation. Queries in ePO are powerful tools as they can be used to create dashboards, server tasks, and be exported or rolled up to Senior Management. In older versions of ePO (4.0 & 4.5) the Queries, gave a wide range of data. With ePO 4.6, 5.0, 5.1 & 5.3 the data could be pulled from various installed products to get the data that you were looking for, with the current versions of ePO you can only pull the fields listed in the "Result Type/Feature Group" and it is very limited.

A good example...If i wanted to try and create one report that shows all Common Configuration Enumeration (CCE) data (this data comes from Policy Auditor) while also showing what software is installed from each system  (this data comes from Application Control) and adding in fields such as IPv4, FQDN, OS version, Domain...Simplified, if I could pull Hardware Asset, Software Asset, CCE Data, and Policy Auditor Scoring all on one report, it would make my life so much easier. 

Alas, this cannot be done with the current Query Building setup. The fields that are available are limited to each application installed and are only for that application.