Trellix Endpoint Security Platform Reviews

Our company just started evaluating the solution for endpoint protection. We have tested it in a POC environment but have not deployed it to the production environment. 

The solution includes a good combination of features for both signature and signature-less detection. Based on types of threats, we can opt to use either or a combination of both. 

Good progress has been made with integrations for McAfee and FireEye but more work has to be completed because the feature is still pending. Down the line with these integrations, the solution will be very good product. 

The solution could provide open XDR in addition to EDR.

Adding MDR makes sense instead of just being on the EDR and DXDR fronts. 

I have been using the solution for a couple of weeks. 

The solution is stable. 

The solution is SaaS so should be fully scalable but we have not yet tested scalability. 

Technical support could be improved. Our team worked with the product reps to coordinate requirements and deploy.

The setup is quite easy and only takes a few minutes because it is a SaaS solution. 

We implemented the solution in-house for our POC environment. 

We use several products simultaneously and are using the solution in a test case. It might take two or three months to confirm if we plan to deploy to our production environment. 

The solution meets customer expectations and is a good product. I rate the solution an eight out of ten. 

The tool is primarily used for endpoint detection. When an event occurs on an endpoint, alarms are generated. Colleagues from my company then investigate these alarms based on a playbook. Depending on the playbook and the specific customer contract, actions may be taken, such as informing the customer or implementing endpoint containment measures.

The tool has contributed to improving our security posture. While it's just one part of our overall solution, it plays a crucial role. As we continue to evolve, we anticipate it becoming even more important alongside other aspects like network behavior and additional metrics.

The tool's most valuable feature is containment. Last year, a German company faced an external attack. We installed the product on every machine, totaling hundreds of endpoints. The Trellix agent collected information, allowing us to check the entire IT infrastructure. 

The product is consolidating its portfolio into one product. It is difficult at the moment. 

I have been using the product for three years. 

The solution's scalability is easy. If you have Trellix Endpoint Security on-premises, you need to define how many agents you will support and consider future scaling. Different appliances are available for various scenarios. If you plan to have hundreds or thousands of agents in the future, hardware considerations become important. However, if it is deployed in the cloud, scaling up or down is easily manageable.

My experience with the product's tech support is good. 

Positive

Trellix Endpoint Security (ENS)'s deployment is not difficult. There are different options available, such as using an on-prem hardware box or a virtual machine in the cloud. Setting up the virtual machine in the cloud is easy, requiring only a connection to the customer's system. 

If you plan to install the solution on-premises, you bring the box to the customer and connect it to their system. This involves some configuration, such as opening a port on the firewalls. Deploying agents on the endpoints is straightforward and can be done from a central management point. The entire process takes around a day to configure, and then you are up and running.

Microsoft Defender is not cheap and from a cost perspective, Trellix Endpoint Security (ENS) is a better option. 

We integrate the product into our system using API. The information, in the form of messages or alarms, is received in our system. We further process this information and incorporate it into our complete solution. 

I rate the product an eight out of ten. 

We primarily use Trellix for drive encryption and malware prevention, but we also use some advanced features, such as centralized control and policy management. 

Trellix enables us to customize and centrally manage policies. We can set on-prem policies and synchronize them with the cloud. 

Trellix integrates well with most SIEM and data classification solutions.

You do not have access to all the features when you use the Trellix web interface. For example, you cannot do device or drive encryption from the web interface. Also, when we're working with customers, it's sometimes challenging to get sales support.  Delays mean we might lose an opportunity. Lastly, Trellix lacks some documentation about custom features. 

I would like to see Trellix add database activity monitoring. They don't have a plan for this, and there isn't a significant roadmap around it. They have an enterprise service manager, which is sort of like a SIEM, but there is no roadmap. I want to see a clearer roadmap for integrating specific critical solutions like PAM and other things, too.

I have used Trellix ENS for two to three years.

Trellix ENS is stable. 

Trellix is scalable with some limitations. I recommend it for small or medium-sized businesses.  The integration needs to be simplified for it to work in an enterprise with a large, complex environment.

I rate Trellix support six out of 10. They need more local presence in South Africa and a faster response. Other distributors work through a partner system. There are also some challenges due to the merger of McAfee and FireEye to form Trellix and some legacy issues around a lack of innovation. 

Standard support is included with the subscription, and there are layers of escalation when you open a ticket. You can pay extra to get premium support, which is priced separately. 

Neutral

Trellix is easy to deploy if you have enough skills. Some customers think they can do it alone without professional services, but the deployment doesn't go smoothly. They have misconfigurations, which become a problem. They have issues when they are renewing the license because they didn't scale sufficiently in the beginning. The deployment time can range from five days to three months, depending on the size and complexity of your environment. 

Trellix is reasonably priced, but the cost goes up by about 7 to 10 percent annually, so some of our customers complain at renewal time. The license is based on the number of devices. There are discounts as you add more devices, so you may pay $15 per device or up to $50 per device. 

Standard support is included with the subscription for the first year, but you'll pay for the deployment costs. In the next year, you'll pay only for the license and support.

Trellix is one of the best legacy endpoint protection solutions, but we're also looking at Crowdstrike. Other solutions have advantages over Trellix in brand awareness and local presence. 

The company needs to do more to build its presence in this country. I've never seen an account manager or sales rep show up to an in-person event in South Africa. Other companies like Trend Micro have offices here. 

I rate Trellix Endpoint Security six out of 10. I would give it a seven or an eight if not for the vendor's shortcomings in terms of support and local presence. The scale and speed of response make a difference. It's an excellent product that may not be perceived as such because of how it's supported and the awareness of potential customers. 

Before implementing Trellix, you should take time to understand the core use cases you want to achieve and match them to specific features. You should also do a limited proof of concept with the vendor or a distributor.

For some of our engagements, we have used MVISION, including data protection, threat intelligence, and DPP also.

We use McAfee MVISION primarily for endpoint protection, antivirus, and understanding the threat intel for end users. 

It is very stable.  

The independent modules are very good. 

For the most part, the setup and deployment are simple.

The only challenge we found is the integration with its product modules. It has a DPP. That integration, we felt, is slightly complex. The complexity of advanced modules can be improved. They could do some improvements so that it is easier to deploy the advanced modules.

We would like more in their advanced modules or ATP.

I've used the solution for a could of years.

The solution has been quite stable. It is reliable. There are no bugs or glitches. It doesn't crash or freeze.

I cannot comment on the scalability. I've never tried to scale the solution. 

For desktop support, they are pretty good. 

There are certain engagements where our customers are still using it. Now, however, we do see a common trend of people moving towards Defender service rather than using McAfee.

We also use Trend Micro. We would prefer Trend Micro and would rate Trend Micro top and then make McAfee next.

The basic modules are straightforward to set up. We don't see many challenges there. However, when we talk about going into advanced ATP modules, et cetera, we do see certain amounts of complexity.

I did not work on the implementation and cannot say how long exactly it took to deploy. Likely, it would take between three and six months.

We generally deal with annual licensing. 

I'd rate the solution seven out of ten. Having used Trend Micro as well, I would rate Trend Micro higher. However, I would still choose this product as a second option.

When we recommend a product, we would recommend something based on the fit of the product and customer requirements. We worked with Defender, we worked with Trend Micro, and we worked with McAfee. All of them almost overlap in multiple use cases. That said, we do see the customer IT strategy and where they're going, and they are adopting Azure more. We know there are certain limitations in their landscape where there may be some old legacy systems, and in that case, then we would either switch back to McAfee or Trend Micro instead of Defender.

The solution is used, especially by those who want an antivirus product. It is also useful for those looking for tools that offer endpoint detection and response features. The product offers multiple features, one of which is endpoint security.

Sometimes, one might face issues with the scalability of the product. The aforementioned area can be considered for improvement.

I have been using Trellix Endpoint Security (ENS) for five years. I operate as a system integrator of the product in my company.

Stability-wise, I rate the solution an eight out of ten.

Scalability-wise, I rate the solution a seven out of ten.

My company caters to the needs of small, medium, and large-sized businesses.

I rate the technical support a ten out of ten.

Positive

The product's initial setup phase was straightforward.

The solution is deployed on the cloud and on an on-premises model.

The time required for the deployment of the product can vary, and it also depends on whether the company has been actively using the product.

The price of the product is similar to the ones in the market that offer the same features.

The product has improved its malware protection features since it provides a couple of features that no other solution does. The tool is helpful for multiple companies.

The tool streamlines the incident response process.

The most effective part of the product for threat prevention is related to the tool's rollback feature.

Trellix Endpoint Security (ENS) is like an antivirus tool, but it doesn't alone provide the rollback feature since it is something that is possible with Trellix Endpoint Detection and Response (EDR).

The tool does provide adaptive threat protection features.

I recommend the product to those who plan to use it.

I rate the tool a seven to eight out of ten.

Customers use Trellix Endpoint Security as an anti-malware or antivirus solution that provides AI and machine learning features. The solution provides DAC (Dynamic Access Control) and HIPS (host intrusion prevention system) functionality in its firewall module. It also has a web control functionality, wherein we can allow, deny, or choose the category part and work it out.

Trellix Endpoint Security provides a single umbrella kind of architecture. A lot of different solutions come under a single umbrella and a single console. The most valuable features of the solution include DLP (data loss prevention), CASB (cloud access security broker) functionality, endpoint encryption, and cloud workload security. The solution also has features like application control, device control, and cloud DLP.

The solution's documentation is not streamlined and is in bits and pieces, which should be in a single format.

Trellix Endpoint Security should include the virtual patching feature in the next release.

I have been working with Trellix Endpoint Security for one year.

I rate Trellix Endpoint Security a nine out of ten for stability.

Trellix Endpoint Security has good scalability. Our customers for the solution are most enterprise businesses and government entities.

I rate the solution a nine out of ten for scalability.

The solution’s initial setup is easy.

I rate Trellix Endpoint Security ten out of ten for the ease of its initial setup.

The solution's deployment on the cloud is very fast because we give the requirement and get the solution. On-premises, the basic initial setup of the server takes about half an hour or one hour.

Trellix Endpoint Security is neither a cheap nor an expensive solution.

On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a four out of ten.

I am working with the latest version of Trellix Endpoint Security. We provide our customers with on-premises, on-cloud, and hybrid cloud deployment models for Trellix Endpoint Security.

Overall, I rate Trellix Endpoint Security an eight out of ten.

The product is fairly reliable. I have been using the DLP functionality a lot. It blocks all USB-connected devices but still allows charging external devices like phones. It keeps out any malware. It does a good job of protecting our network as an enterprise solution. I mainly use it as an antivirus and DLP solution.

The product is not easy to use. Moving around in it is cumbersome. I have heard other users saying that it is cumbersome to find things. Creating and deploying policies with DLP can be really cumbersome. It can be difficult if we don’t know how to use it. Sometimes, we have difficulty in communicating with clients. Sometimes, we have to go through troubleshooting to fix it.

I have been using the solution for 17 to 18 years. I am using the latest version of the solution.

I rate the product’s stability an eight out of ten.

I rate the solution’s scalability an eight out of ten.

It's pretty straightforward to deploy the product as an enterprise solution. I create a System Tree, and I break everything out between VMs, workstations, servers, and VLANs.

We have seen a return on investment.

I would definitely tell people to try the tool. They must go through and test out different solutions. Trellix Endpoint Security is fairly easy to use and manage for an enterprise solution. I'm in the process of getting more visibility for my service desk. The ability to lock it back down and only give what I want the service desk to see is valuable because it gives it a little bit more visibility without affecting what I've done as an enterprise admin. Overall, I rate the tool a nine out of ten.

The solution is used for drive encryption and as a policy orchestrator.

The endpoint security, antivirus and firewall are the most valuable features of Trellix Endpoint Security.

Trellix Endpoint Security is pretty hard to configure and maintain. You need to have a dedicated person for the solution. It is very complex when you want to change the data loss prevention and data leak prevention policies. It's quite hard to give some exceptions on specific computers. It's not very fast onboarding with the orchestrator.

The solution should provide a more easy way to uninstall it on specific stations.

I have been working with Trellix Endpoint Security for two years.

The solution’s stability is quite okay.

I rate Trellix Endpoint Security an eight or nine out of ten for stability.

Trellix Endpoint Security is a scalable solution. Around 200 users are using the solution in our organization.

Currently, the solution's initial setup on a new computer is quite simple. Although some time is needed to configure all the policies, especially for our needs, it is not too difficult.

The deployment takes one week internally and two days of professional help from a local vendor partner.

It is enough to have one administrator for the solution’s maintenance, but we do not have one full-time administrator. A dedicated person is needed for the maintenance and monitoring of the solution to take it to its full potential. The resources or computers needed to use the solution make it quite expensive. Especially if you put the drive encryption and don't have new computers, you will have to delete multiple files, which is quite a pain.

The solution was implemented by a local vendor partner.

We have seen a return on investment with Trellix Endpoint Security in terms of time.

Compared to Bitdefender, Trellix Endpoint Security is more expensive, but considering it comes with DLP, the solution's price is fine. The licensing cost for the solution is 20k a year for 400 users and 10k for 200 users. You don't have to pay additionally for the solution's maintenance.

The solution's effectiveness depends a lot on the stations that you want to install it on. I will not recommend Trellix Endpoint Security for people with a lot of small text files on the computer. The DLP solution is quite okay. It is not so easy to configure in terms of the computers and permission to allow USB devices on specific computers.

Overall, I rate Trellix Endpoint Security a seven out of ten.