Trellix Endpoint Security Platform Reviews

We use Trellix in an OT environment where it is being used as an orchestrator to deploy endpoint security and application controls in our network. We are using its DLP product in OT end points.

We use ENS as our main antivirus tool. The activation of features within ENS and the collection of threats into a single console is a strong point. There are some features we're not using, mainly related to IT environments. For us, ENS is primarily an antivirus and adaptive threat prevention tool. The threats received from endpoints received in ePO consoles which can be relayed on SMTP server to get real time updates on threats.

The deployment of products through ePO is very useful in managing multiple endpoints and deploying policies as per organizational requirements . Working manually on those endpoints is time-consuming and tedious. Threats and case management, Automation tasks, generating reports, those are some good points to be considered.

The technical support needs some improvement. When product distribution errors occur, we have to contact technical support, which is a very tedious and time consuming task. After raising the call onto the technical support portal, usually receive a notification after 24 hours. It usually takes 3 to 4 days to conclude and resolve the issue. If 24/7 online support or a phone line where we could speak directly with technical support for real-time troubleshooting, that would be very helpful.

Licensing is another aspect where trellix should look into. Different purchases are grouped together in single user account get mixed up. Categorization of purchases and their grant numbers is not available to end user.

I have been using it for eight years. 

It's very stable. If configured correctly, it's very smooth and doesn't cause frequent issues.

We have like 500 installations. It is very scalable. 

I would rate the scalability a nine out of ten.

There is room for improvement in the customer service and support.

Positive

We had McAfee virus scan approved for OT endpoints but were using manual deployment methods. After introducing ePO architecture we have migrated to ENS, application control and DLP. Now, we've adopted more Trellix products. 

We use symentec and txOne as well, but for standalone systems only.

I would rate my experience with the initial setup a nine out of ten, with ten being easy and one being difficult. 

The deployment takes moderate amount of time. Some of the products were installed quickly, but others remain in configuration. So, it's not too fast, but it's moderately quick.

So, it takes two to three hours.

In house expertise is available for installation, deployment and management.

The pricing is reasonable. 

NA

I would recommend Trellix because I am satisfied with its overall performance and functionality.

Overall, I would rate the solution an eight out of ten. 

FireEye offers a great suite of tools. I like its threat analyzer and other features.

We have FireEye Endpoint Security installed on all our desktops, laptops, and servers throughout the network.

It's been crucial to monitor threats 24/7, both external and internal. 

It's capable of stopping ransomware at the gateway, preventing malware, and it can even protect against zero-day attacks.

When I implemented it for one of our clients, it improved their security by almost 70 to 80%. They were using a different solution before, but after implementing Trellix Endpoint Security, they were able to block threats that the earlier solution couldn't handle.

There are only about two to three percent false positives, which isn't much. So, this solution handles false positives quite well and minimizes disruption.

The threat scanning is excellent. It uses predictive technology and I can utilize attack data to help us fine-tune our systems and network infrastructure. This protects us against current and future attacks.

Trellix Endpoint Security is a really good product. It comes from industry veterans in the US, so their technology, ease of use, and support are all excellent.

When it comes to real-time analysis capabilities, I've seen many benefits.

Integration is very easy with any system, like firewalls or any network. I can also integrate it with our mobile client.

There is room for improvement in the pricing. The price should be improved, it's high.

I have a lot of experience with FireEye. It's a solid product with several components. It was acquired by another company.

We've been using it for the last few years. 

It is a very stable product. It has been a well-known name in the industry for the last 30 years or so. 

Trellix has a lot of top investors in the company.

The scalability is very good. We can scale it anytime. 

There are around 350 end users in our company. 

Support is very good; they have local partners everywhere, so there's no issue there.

For people who still use trellis, there's a toll-free number for each country. Support is accessible 24/7. 

If you buy a normal license, gold support is included. There's no need to buy platinum support. The normal support lets you talk to any Trellix Endpoint Security (ENS) technical person 24/7.

Positive

The initial setup is very straightforward and user-friendly. 

It takes about 20 minutes to configure and run it. 

For the deployment process, the product team itself provides a file. I get a download link in an email from the web browser. Once I start downloading, a key will be attached. You provide the names of your domains. We integrate it with Active Directory (AD), so it pulls all the users automatically. 

It's a good in-house solution; we can do it yourself. Deploying this doesn't need more than one person. 

An L2 technician can manage the installation in a maximum of thirty minutes if they have access to Active Directory (AD) and the main server. 

Everything is on the cloud now, so you can control and log in from anywhere, anytime. Alerts via email and mobile are easy to set up.

The return on investment is very good if you choose a three-year license.

The license is a bit expensive. 

Overall, I would rate the solution an eight out of ten. If you are evaluating this product, go ahead and buy it. It's a very good product. There's nothing lacking – great technology, great approach, great support, great availability.

We primarily use Trellix for drive encryption and malware prevention, but we also use some advanced features, such as centralized control and policy management. 

Trellix enables us to customize and centrally manage policies. We can set on-prem policies and synchronize them with the cloud. 

Trellix integrates well with most SIEM and data classification solutions.

You do not have access to all the features when you use the Trellix web interface. For example, you cannot do device or drive encryption from the web interface. Also, when we're working with customers, it's sometimes challenging to get sales support.  Delays mean we might lose an opportunity. Lastly, Trellix lacks some documentation about custom features. 

I would like to see Trellix add database activity monitoring. They don't have a plan for this, and there isn't a significant roadmap around it. They have an enterprise service manager, which is sort of like a SIEM, but there is no roadmap. I want to see a clearer roadmap for integrating specific critical solutions like PAM and other things, too.

I have used Trellix ENS for two to three years.

Trellix ENS is stable. 

Trellix is scalable with some limitations. I recommend it for small or medium-sized businesses.  The integration needs to be simplified for it to work in an enterprise with a large, complex environment.

I rate Trellix support six out of 10. They need more local presence in South Africa and a faster response. Other distributors work through a partner system. There are also some challenges due to the merger of McAfee and FireEye to form Trellix and some legacy issues around a lack of innovation. 

Standard support is included with the subscription, and there are layers of escalation when you open a ticket. You can pay extra to get premium support, which is priced separately. 

Neutral

Trellix is easy to deploy if you have enough skills. Some customers think they can do it alone without professional services, but the deployment doesn't go smoothly. They have misconfigurations, which become a problem. They have issues when they are renewing the license because they didn't scale sufficiently in the beginning. The deployment time can range from five days to three months, depending on the size and complexity of your environment. 

Trellix is reasonably priced, but the cost goes up by about 7 to 10 percent annually, so some of our customers complain at renewal time. The license is based on the number of devices. There are discounts as you add more devices, so you may pay $15 per device or up to $50 per device. 

Standard support is included with the subscription for the first year, but you'll pay for the deployment costs. In the next year, you'll pay only for the license and support.

Trellix is one of the best legacy endpoint protection solutions, but we're also looking at Crowdstrike. Other solutions have advantages over Trellix in brand awareness and local presence. 

The company needs to do more to build its presence in this country. I've never seen an account manager or sales rep show up to an in-person event in South Africa. Other companies like Trend Micro have offices here. 

I rate Trellix Endpoint Security six out of 10. I would give it a seven or an eight if not for the vendor's shortcomings in terms of support and local presence. The scale and speed of response make a difference. It's an excellent product that may not be perceived as such because of how it's supported and the awareness of potential customers. 

Before implementing Trellix, you should take time to understand the core use cases you want to achieve and match them to specific features. You should also do a limited proof of concept with the vendor or a distributor.

We use the solution for malware, fall behavior, and data loss prevention.

The Trellix Endpoint Security, when used in conjunction with EDR and Insight, enhances the visibility of events in the central management console, enabling us to identify events more effectively. Furthermore, Endpoint Security actively prevents threats from spreading. It reduced the action time a lot.

Trellix provides a data view of the Alpha systems with Trellix installs and makes small changes to the central management console. Nothing on the endpoints themselves works, but it focuses more on the management side.

I have been using Trellix Endpoint Security for 14 years.

I rate the solution’s stability an eight out of ten.

This solution is used by 33,000 users and covers different operating systems. I rate the solution’s scalability an eight out of ten.

We do get quick responses from support. However, it sometimes takes a bit longer to reach the final solution, particularly if something unusual requires additional investigation time.

Neutral

The initial setup is very easy and takes two hours to complete.

Trellix Endpoint Security offers substantial cost savings by reducing recovery expenses. These savings can exceed three hundred percent at this stage.

The AI portion is quite good. It is already built into the product; it does assist us. 

We have five engineers to maintain the solution.

Overall, I rate the solution an eight out of ten.

The solution is used for drive encryption and as a policy orchestrator.

The endpoint security, antivirus and firewall are the most valuable features of Trellix Endpoint Security.

Trellix Endpoint Security is pretty hard to configure and maintain. You need to have a dedicated person for the solution. It is very complex when you want to change the data loss prevention and data leak prevention policies. It's quite hard to give some exceptions on specific computers. It's not very fast onboarding with the orchestrator.

The solution should provide a more easy way to uninstall it on specific stations.

I have been working with Trellix Endpoint Security for two years.

The solution’s stability is quite okay.

I rate Trellix Endpoint Security an eight or nine out of ten for stability.

Trellix Endpoint Security is a scalable solution. Around 200 users are using the solution in our organization.

Currently, the solution's initial setup on a new computer is quite simple. Although some time is needed to configure all the policies, especially for our needs, it is not too difficult.

The deployment takes one week internally and two days of professional help from a local vendor partner.

It is enough to have one administrator for the solution’s maintenance, but we do not have one full-time administrator. A dedicated person is needed for the maintenance and monitoring of the solution to take it to its full potential. The resources or computers needed to use the solution make it quite expensive. Especially if you put the drive encryption and don't have new computers, you will have to delete multiple files, which is quite a pain.

The solution was implemented by a local vendor partner.

We have seen a return on investment with Trellix Endpoint Security in terms of time.

Compared to Bitdefender, Trellix Endpoint Security is more expensive, but considering it comes with DLP, the solution's price is fine. The licensing cost for the solution is 20k a year for 400 users and 10k for 200 users. You don't have to pay additionally for the solution's maintenance.

The solution's effectiveness depends a lot on the stations that you want to install it on. I will not recommend Trellix Endpoint Security for people with a lot of small text files on the computer. The DLP solution is quite okay. It is not so easy to configure in terms of the computers and permission to allow USB devices on specific computers.

Overall, I rate Trellix Endpoint Security a seven out of ten.

The endpoint of Trellix itself should be placed within an enterprise with more than 200 or 300 endpoints. And then, an administration council should be used to administrate these endpoints and get the updates, including any virtual batching needed, and so on. This is the most usual case for this product. However, of course, there are other supportive add-ons, or sensors, to be added to this endpoint - including the EDR, the endpoint detection response, sensor. 

The user behavioral analysis feature is great.

It patches the operating system which is running on it until there is an available patch for the operating system itself.

The user experience of the administration has to be reviewed or refined. It's not friendly, not that easy.

If I could sell my customers the endpoint protection software in addition to the EDR software as a single package, that would be ideal. 

Technical support needs improvement. 

I started using the solution around four years ago.

The stability depends on the version. I'd rate reliability eight out of ten. With some other versions, especially the old ones, you cannot even rate them five out of ten. The newer versions are much more stable?

The scalability is okay. I'd rate it seven or eight out of ten in terms of ease of scaling. 

We can just embed new features to the original package just to include everything so that you do not need to ask the customer to get full coverage by adding an add-on license, and so on.

Typically, enterprises use the solution. It's used, for example, within the financial sector and most of the customers are banks, FinTech companies, or financial organizations. Organizations may have 500 to 5,000 users.

Some of our products have a first and second line owned by us. We are giving support services to the customers instead of the vendor. Some other products are supported directly by the technology vendor, however.

Technical support from the vendor is very bad. 

Usually, when the customer submits a ticket, they put a severity level on the case. Whenever the case is very important, and there is a real malfunction in the product on the customer side, and there is something down that needs someone to have a look immediately, it takes more time than it should to even engage with the customer. 

When someone has to contact the customer and have a remote session within the customer environment, they sometimes lack in terms of communication with the customer. The support centers are located in the East and not all have an acceptable level of English in order to communicate directly with the customer. 

Neutral

We did previously work with Trend Micro. We also worked with Kaspersky and also ended the contract. 

Trend Micro is more attractive than Trellix from a sales perspective since most of the features are already gathered within it as one solution. The interface is much more user-friendly for the customers as well. In addition, the customer does not have to prepare a huge infrastructure requirement, to have the products already deployed. It's much easier to deal with and very stable as well. Some customers do not like Trend Micro since it doesn't have many integration points with other technology.

The solution can be easy or complex. It depends on the environment in which we are going to implement or deploy the product on. 

It becomes complex, especially when it's a virtualized environment.

The time it takes to deploy depends on the number of endpoints running within the organization. The initial setup for the administration part may take two business days.

There should be an updated operating system first, in order to host the administration console of the product. Then certain batches have to be installed, including batches on updates for the product itself. Then we usually install the main orchestrator of this product. After that, we generate the endpoint package to be distributed on other endpoints.

Usually, one to three people are needed to deploy the solution. 

I'd rate the solution seven out of ten. 

We do have a technical arm. It's an independent professional service provider. It's a company itself. However, it's under the umbrella of the main one, which is acting as the technical arm of the main company. It typically handles the initial setup. 

Trellix may cost around $46 to $47 for a single license without an EDR. In contrast, Trend Micro may cost $23 to $25 USD without an EDR sensor. Trend Micro is much cheaper. 

Trellix may have extra costs in terms of managed services. That might be around $200 to $250.

I'd rate the solution six or seven out of ten in terms of affordability.

We're a partner and reseller. 

We're working with the most recent three versions. It is 10.9 right now. Previously, it was 9.5 and then 8.7.

We have the solution deployed on-premises and on the cloud as well. 

I'd advise potential new users to look at all packages before implementing Trellix and to look into configurations right at the outset. 

I'd rate the solution seven out of ten.

The company is using it for cybersecurity, malware, and anti-malware.

We have customers who were facing challenges with traditional security solutions such as Trend Micro or Symantec that were not working. They would receive reports indicating no malware in their network. However, when we implemented Trellix Endpoint Security in their network, multiple types of malware was detected.

The solution is easy to manage, easy to implement, easy to install, and the support is excellent.

The detection capability of Trellix Endpoint Security is higher than traditional antivirus solutions.

The AI functionality has proven quite useful with the new version. Trellix Endpoint Security has introduced the new MVISION solution, MVISION Endpoint, which works completely on AI and machine learning.

The agent is very heavy, so we have to ensure that we have a lightweight agent for Windows systems.

We have been using the solution for almost 20 years now.

The cloud management console ensures there are no limits on scalability. It's quite scalable with no restrictions.

Support has been excellent overall. 

Positive

The solution has been easy to manage, easy to implement, and very easy to install.

I'd rate the solution ten out of ten. 

Trellix Endpoint Security is a reliable and developed product and our company's customers are satisfied with the security offered by the product. 

The product has a robust reporting feature and a user-friendly interface. Using Trellix Endpoint Security, users can easily create customized, detailed reports and export them as PDF or Excel files. The solution's ePO console is highly efficient and does not get hanged.

The console of other competitor products from Kaspersky, Symantec, and Microsoft is very complicated. The comprehensive ePO feature of Trellix Endpoint Security is highly reliable for the management of systems and servers. 

Patch management can be included as a feature in the solution. 

As part of our company, we have been working with the solution since 2008. 

It's a very stable product. 

Our organization provides Trellix Endpoint Security as a solution to small, medium, and large enterprises. 

Tech support from Trellix Endpoint Security is better than that of its competitors. I would rate the tech support a seven out of ten. 

Neutral

The deployment time of the solution depends on the number of nodes that need to be set up. For example, 100 nodes can be setup in 30 minutes. The solution agent works robustly in the network environment leading to shorter setup time, especially if a fast network setup already exists. 

Trellix Endpoint Security is an affordable tool. Its renewal price is also quite low. The product is available as a subscription license or a perpetual license. 

At our company, we have also worked with CrowdStrike, Trend Micro, Microsoft and McAfee solutions. Trend Micro is the only tool that offers virtual patching. 

The tool offers automation in multiple segments of deployment, scanning, and fetching reports. FireEye can also be easily integrated with the tool, offering an efficient combination.  

Trellix Endpoint Security offers NDR and NSP network security across platforms and device sensors by obtaining network information for threat detection. I would rate Trellix Endpoint Security a nine out of ten. 

The solution's productivity, reliability, and manageability control are outstanding.