Trellix Endpoint Security Platform Reviews

The product works in the background. It does not slow down the computer, which is good. If we put the USB, it automatically asks us whether the device must be scanned. We can scan it or postpone it. If anything goes wrong, the tool informs us that a file or website was blocked. It might be because the IP is on a blacklist. The product is simple. We do not have to do anything. The product is easy to use.

The tool could provide more advanced protection. It should do a deeper analysis of the files.

I have been using the solution for eight years. I am using the latest version of the solution.

The tool is scalable. We can choose when and how to scan. We can even choose to exclude certain folders. Ten people in our organization use the solution extensively.

I have used NOD32 and Kaspersky. I started using Trellix Endpoint Security because my company decided to use it.

The initial setup was straightforward. It took us 10 to 15 minutes to deploy the solution because we had to go a bit deeper into the settings.

The product can be deployed in-house. The deployment process is quite easy and fast.

The solution is worth the money.

We have a yearly subscription. We have bought the solution for ten stations. The pricing is more or less the same as the other tools in the market.

Some tools use a lot of memory, so it's really difficult to use them, especially when we are scanning something. We mostly work on documents on the cloud. We do not get many files on the computer. We do get some spam. I would recommend the solution to others. So far, we've never had any problems. Nothing gets through. Overall, I rate the tool an eight out of ten.

We primarily use the solution for our endpoints. 

McAfee is working perfectly. The productivity itself is great.

There are really a lot of features in McAfee.

The endpoint administration is very easy.

We found the initial setup to be simple. 

The stability has been great.

You can scale the product.

I'm not feeling any critical care is missing in the solution.

It is a very heavy tool, unfortunately.

It could always be a bit more stable. 

I've used the solution for three years. I've used it for a while now. 

It's stable and reliable. I've been happy with the performance. There are no bugs or glitches, and it doesn't crash or freeze. 

The solution is scalable. It's not a problem if you would like to expand it.

We have about 430 users on the product right now. 

There are no plans to increase usage at this time. In fact, we are using it less and less. 

Technical support has been fine. We haven't really had any big problems to deal with. 

I've also used Check Point. 

We deployed the solution three years ago. It was not hard to implement. It's all pretty straightforward. 

I'm not sure of the exact pricing. I'm not sure what it breaks down to, per user.

We are using the latest version of the solution. I'm not sure of the version number. We keep it updated. 

I don't recommend McAfee for endpoint users. This is a very crucial tool that to have these days. However, it is too heavy for the end user.  

I'd rate it six out of ten. 

We used it for a compromise assessment. That would be for our client. We deployed the agents. It was for endpoint security.

We had been using the solution previously for one of the clients. We were using it for six months, and we did a compromise assessment based on the FireEye Endpoints that were deployed across the group. At that point in time, there were a lot of ransomware attacks in the environment, and it was impossible to identify the source of the attack and where it came from. The tools didn't point to that visibility. We had to deploy these agents across the environment and also monitor the environment using the network security appliances provided by FireEye just to monitor.

We did monitor it for six months, so it was an assessment. In those six months, we did not have another ransomware attack. It was proven the environmental assessment was clean. That was the whole objective of the compromise assessment - to find out if there are any indicators or anything that has gained a foothold in the environment, trying to fend advanced persistent threats from that standpoint.

It is a great solution. The way it exchanges the information between the entire ecosystem, all the endpoints, as well as the network ATP, can trigger the blocking even if it is seen by some other device. If the network has seen something, we can use that to put a block to all the endpoints.

It works in an ecosystem. Centrally, from just one console, you can block malicious attacks across your environment. It provides you with the ability to respond to threats better.

The solution can be expensive.

If it could provide a little more in terms of automating things, for example, in response and automatic playbooks wherein you define whatever it is if you see this kind of a threat. You define the actions that need to be followed. If a playbook could be automated and run without even requiring manual involvement, that is the future we want, and they should look into how to make that happen. That is the kind of capability we want them to build.

In terms of reporting, also, if they could provide a little bit more information from where it started, how it progressed; a complete workflow, how that had progressed from where it was picked up; what was the target stage, what was the next stage, and what was the final stage, that would be very helpful. If they could pick up in a simple pictorial way of representing analysis just like the Cisco ASA Packet Analyzer used to do, that would be really helpful.

We used the solution for six months.

The stability has been very good. There are no bugs or glitches and it doesn’t crash or freeze. It’s reliable.

The product can scale. It’s not an issue at all. 20,000 users were using the solution with no problems.

We have contacted tech support. Tech support was brilliant. They were very knowledgeable, very skillful, and very responsive, and they knew the subject matter. They knew what we were asking for.

The agent installation was okay. It was just a package that was installed. It also provides options to customize and fine-tune based on the system's performance. It's not too heavy on the systems or the servers.

On the network side of things, I think there were challenges to getting that working. We had to do a couple of alterations in terms of making it work, mainly since the appliance's model was provided using a special-purpose SFP, and the compatible SFP was not available in the client environment at that one point. We had to procure it specifically for that assessment.

It’s very costly.

I’d recommend the solution to others.

I would rate the solution eight out of ten.

We use it for protecting our system nodes. It's run on Windows 7 and Windows 10.

The solution is stable.

You can scale the product.

Overall it's a good product that works well. 

Technical support is always available and very helpful.

The antivirus component is very good.

It's not very user-friendly as sometimes you have to install the agents and then the agents do not get deleted from the database. Due to this, we have to manually delete it from the nodes and then again we have to install it again. When distributing the product, sometimes things get confused and we need to clean up the temporary folder.

The initial setup isn't so easy. You need to know what you are doing. 

The products are getting obsolete too early. That's one of the issues we have with McAfee. They're coming up with new products too early. We installed 10.5 in 2016, and then in 2019, or 2020, we got 10.7. Now, 10.5 is obsolete. They are upgrading the versions too fast. Due to the fact that we have a subscription, we have to upgrade it to the next level which creates some maintenance issues. 

I have been working with the solution since 2016. 

The solution is stable. There are no bugs or glitches. It doesn't crash or freeze. 

The only thing is the reliability. It changes so fast and versions become obsolete and it creates maintenance issues for us. 

The solution is scalable. We do plan to increase usage. Earlier, we had VirusScan Enterprise, however, now, as it is integrated into the ENS threat prevention, we are migrating.

We have 15 or 20 users on the solution right now. 

We have found the technical support to be very helpful. They are responsive and available when we need them to help us troubleshoot. We are satisfied with their level of service.

We haven't really used another solution in place of McAfee, although we do also use Symantec.

The initial setup is not so straightforward. It's difficult if you aren't used to McAfee. It takes time to get the hang of it. 

I'm just a customer and an end-user. I don't have a business relationship with McAfee.

I'd rate the solution at an eight out of ten. 

We are using ePO Center Server to communicate with all the endpoints that are in the network. While I cannot be certain, I believe the relevant version is McAfee 8 or 9.

We make use of McAfee Agent version number 5.6.4.151. We utilize McAfee Data Exchange Layer.

The McAfee Endpoint Security version to which we refer is 10.7.

We use the solution for antivirus purposes. 

We don't like the solution since it requires much memory consumption and consumes much CPU resources. All the machines becomes very slow whenever it uses its tab scans. For this reason, we consider the solution to not be good nowadays. The newer solutions consume less memory and CPU. 

We employ the solution for our antivirus needs, for which it is solely suited, and not as an EDR. We are actually looking for an XDR solution.

The solution is currently outdated. We are looking for Next-Gen antivirus along with EDR and it should have XDR capabilities as well. This would take care of the network and the  properties that are running in the background. They should be protected from cyber threats.

The solution should also be faster. McAfee actually offers EDR and XDR capabilities but, based on our experience, it consumes an inordinate amount of memory and CPU and this causes the system to be slow. At present, McAfee does not lead the market when it comes to antivirus security solutions. 

We have been using McAfee Endpoint Security for eight to ten years. 

The solution is stable. 

While the solution is scalable, we wish to change it with the latest Next-Gen antivirus and EDR option, one which comes with both EDR and XDR capabilities.

We have not had direct contact with McAfee support. We have received support from the vendor. The support is forwarded to McAfee should we encounter problems. It is good and I have no issues with it.    

We did not make use of other solutions prior to going with McAfee Endpoint Security, which we have been using since 2009 or 2010. At that time, an attack happened which caused us to evaluate other antivirus security options. In those days McAfee and Symantec were the market leaders. We are talking about 2008, 2010. This is why awareness of these solutions was prevalent. At the time, Trend Micro greatly lagged behind these two security solutions.

The installation is easy, but expertise is required.

While the installation was not especially time consuming, we would occasionally have to manually install or remove the entire tool. McAfee Endpoint Security can be considered a good product but outdated. The beta version, the one we are currently using, is not up to date. Nowadays, everybody uses EDR and XDR solutions for their security needs.

I have a team which was responsible for the installation. As mentioned, I am currently looking for another solution, one which would allow installation to also be handled remotely from the central management portal dashboard or to have the .exe file installed in each endpoint.

We have our own team, comprised of three to four support HR, who take care of installation, daily troubleshooting, support and all necessary changes. As such, we forward to receive remote support for all our users.

We took out a three-year license, including support, but it is slated to end come December. We would like to switch to a yearly subscription. 

We pay for the license on an annual basis. 

The solution is in-house, on-premises.

There are 300 people making use of the solution in our organization. 

When it comes to the question of whether I would recommend this solution to others, we can see that McAfee greatly lags behind CrowdStrike, Palo Alto Cortex, Cynet and Sophos, which are the top performing security solutions on the market. 

I would rate McAfee Endpoint Security as a five or six out of ten. 

We use the product for EDR purposes.

The product has robust integration with ePO (ePolicy Orchestrator), offering centralized management capabilities. It also allows multifunctionality within a single platform. They offer endpoint and NLP protection as well.

The platform needs improvement in terms of handling heavy databases. We encounter database unavailability for a prolonged period. Its integration capabilities with security platforms like FireEye could be enhanced.

We have been using Trellix Endpoint Security for over a decade.

It is a stable product.

We manage around 20,000 endpoints for our enterprise customers. It is a scalable product.

The technical support works fast and is knowledgeable and customer-friendly.

We have to follow a step-by-step process to implement Trellix Endpoint Security. It can be deployed in the cloud and on-premises.

I recommend product deployment assistance from a consultant, distributor, or reseller.

Trellix Endpoint Security is an inexpensive platform.

I recommend Trellix Endpoint Security to people looking for endpoint protection. I rate it a nine out of ten.

We use the solution for security purposes.

The solution is valuable for security aspects.

The solution should respond faster. Whenever Trelix runs, the system slows down.

I have been using Trellix for two years. We are using the latest version of the solution.

The product’s stability is good.

I rate the solution’s stability a seven out of ten.

The solution is scalable. Around 3,000 users are using this solution.

I rate the solution’s scalability an eight out of ten.

Technical support is good. They respond faster.

The initial setup is simple.

Ten people are required for maintenance.

You should monitor how efficiently the solution functions, how it will impact your system, and how many files will be processed. The more files your system has, the more security time is needed to scan them daily. Due to this, your system may become slower. Trelix ensures the system does not slow down even when Trelix runs in the background.

Overall, I rate the solution a seven out of ten.

We build our own use cases and those provided by the vendor for specific upcoming attack scenarios. Configuring the rule set using Trellix Endpoint Security is very much flexible based on the IOCs.

Trellix Endpoint Security is good for doing containment immediately. We can get visibility of processes or services running all over the enterprise, where the agent gets information on a particular end-user system. Since Trellix Endpoint Security keeps the data for three months, we can get a complete picture of the files downloaded from the end user mission. So Trellix Endpoint Security is very helpful when you do forensics. The only drawback is that we cannot change its format, and there is no workaround currently.

The most valuable feature of Trellix Endpoint Security is containment, which takes less than a minute. It also has a dual containment feature. Trellix Endpoint Security is also useful for taking the triage image, which takes roughly thirty minutes. So it's pretty fast, and we have multiple configuration sets. We can precisely take a triage image based on what you want, like endpoint logs, antivirus logs, or the RAM.

Currently, Trellix Endpoint Security can't find the running mutexes, while other open-source products can do it. Mutex is something like a malware user. Secondly, the solution should support multiple output formats for the triage image. Currently, the solution has only Mandiant format, where you can't use tools like volatility to analyze the memory image.

It would be good if Trellix Endpoint Security had a good visualization like other products, such as SentinelOne and Carbon Black.

I have been using Trellix Endpoint Security for one year and six months.

I rate Trellix Endpoint Security a seven out of ten for stability because it crashes frequently and requires a lot of maintenance.

I rate Trellix Endpoint Security a nine out of ten for scalability. We have plans to increase the usage of the solution in the future.

I rate Trellix Endpoint Security an eight out of ten for ease of initial setup.

I rate Trellix Endpoint Security a nine out of ten for pricing.

I am using the latest version of Trellix Endpoint Security. Using Trellix Endpoint Security depends upon the user's organizational needs. If their only concern is containing and taking the triage image, and if they are comfortable doing forensics with a deadline, then they can use Trellix Endpoint Security. But if some companies want to integrate their in-house or third-party tools, Trellix Endpoint Security is not a good option.

Overall, I rate Trellix Endpoint Security a nine out of ten.