Trellix Endpoint Security Platform Reviews

Our use case is pretty straightforward. We have the central ePO that's running, and clients connect to it. All the clients connect to the ePO for updates and the ePO is able to go out and get updates, so it's pretty much like a star topology where you have the ePO sitting at the middle and handling all the requests from the clients and the servers.

We really like the dashboard from Trellix and we've found that it's pretty informative. Also, the reporting is pretty much immediate, so if there's any activity on the network, you're able to get notifications immediately. That's something that we really like about this product.

The solution consumes a lot of end user memory and CPU, so you need to have a computer that has a lot of resources for you to properly run Trellix. The agent ends up using a lot of resources, either RAM or CPU, and at times that bogs down users. I don't know if it's possible to have a lighter version of the agent, but if the agent was lighter it wouldn't consume so many resources, which would be good.

It's a bit complex. It's very granular and you need to really, really know the ins and outs of configuration. If you are specifically configuring an XML against ransomware, some very special setup, it can end up being a bit technical. You wouldn't want to make any mistakes while doing your configuration. A single configuration can make you lose whatever you wanted to do.

The other thing is if the engine would also focus more on malware, sort of an anti-malware. Trellix doesn't really focus so much on the anti-malware side, but there are other better performing antivirus or endpoint products that have better engines or they have a higher detection rate compared to what Trellix is currently providing.

I have been working with this solution for about three years.

If you've given the solution the resources that it needs, it's pretty much stable and it's able to continuously run uninterrupted. I've never seen any down times, so I'd say it's pretty much stable and it's built well.

As far as scalability, I think the solution is able to handle quite a bit. We have around three admins who interact with the product. Then we have the rest of the organization who interface with it, which is around 300 to 500 employees.

The tech support was pretty responsive and I believe all my questions were answered within the stated timeline. I can't remember what my questions were about, but I spoke with the technical team and got the help that I deserved. I would rate the support as a five out of five.

Positive

From a technical side, it's not so complicated. Of course, you need to set up your server correctly, and then deploying it to the agent is pretty simple. The setup on the server is the one that is a bit technical. You can't have a default deployment, so once you do your deployment you need to set up rules that work within your environment to be able to safeguard it against suspect files or potentially unwanted programs. You need to know exactly what to do, and that's the point that may not be very friendly to admin, because they might not know all of the threats that are out there. You can't really foresee a threat that you don't know about, or rather you don't know if you'd block it or not. The initial setup is pretty much straightforward if you're an IT person, but the configuration side has a learning curve. It takes quite some bit of time to really know exactly what you're doing.

We handled implementation in-house because when we got the licensing, we also got training modules from Trellix. Trellix has KB articles, which are pretty much straightforward and really helped quite a bit. I'd say it took about four hours to deploy from the time we started with a clean machine to the time that we started pulling updates and deploying to client machines.

On a scale of one to five, I'd give the setup a four, because the product pretty much does what it says it does, but it's not perfect. If you're an IT person, you'll be able to deploy it, and sending the Agent file to clients is pretty much a no-brainer.

The maintenance bit is okay as well. There's not a high amount of maintenance because you can automate many activities. You just need to make sure that your server is able to pick up the updates that are necessary, and make sure the databases are running okay. It's nothing new if you're in the IT environment, just making sure everything is running properly. I've never landed on an update that broke the application.

I believe for organizations that are looking for what Trellix is offering right now, there is a definite return on investment.

I think Trellix is more on the higher side of the market, just on a general scale, but I also think it depends on what particular package you choose. Different packages have different rates. I would give the pricing a three out of five. It depends on your usage because if the product works for you, then you might say the price is right. At one point it worked for us, but we have shifted our goals.

We currently considering switching from Trellix to Bitdefender mainly because Trellix isn't really focused on malware, and right now most threats are coming from within the organization as malware. Malware is something that can stop business continuity, so that's one of our main areas of focus, and Trellix is not doing really well within that perspective.

I would recommend Trellix to someone as long as they know exactly what they're looking for within the organization. For instance, Trellix is very granular, so if you have a dedicated security department that can customize policies and XML documents at a very fine level and specifically work on this product, then I would say, go for it. The solution is going to serve them well, because what it does, it does really well. You're able to experience possibly what's among the best products in the market. I would recommend it as long as the people know exactly what they're getting into and they're ready to handle the challenge.

On a scale of one to ten, I would give Trellix an eight.

We primarily use the solution for endpoint security.

One of the strengths of McAfee in general, not only in the Endpoint, is the ePolicy orchestrator. It's a single management platform for all the solutions and also a single agent. From my experience, with all other products, it becomes easy to use with multiple deployments. 

With McAfee, what you do is you just upload and download some packages for specific features. For example, with endpoint security, you get only the four features, the firewall, web control, the ATP, and then threat prevention. Should the client would want an additional feature, for example, device control, full-blown DLP, or application control, then we can add the packages for that and then easily deploy it with the client. 

Looking at the current ePolicy orchestrator, and the transition of most vendors to the cloud, they need to do an improvement with the current dashboard or the overall aesthetic of their GUI. They need to just keep up with the current trends. It's still a bit old-looking. That said, with the CASB, their other solutions their cloud solutions, they're already on the way with that. They are working on improving things. 

The initial setup can be a bit difficult. 

They should offer further application control. The way of doing the application control is based on an inventory scan. It would be great and it would be at par with other solutions if they would be able to improve that into a category-based application control.

I've used the solution for about three years. 

McAfee is one of my favorites. It's very stable and reliable. There are no bugs or glitches. 

We have been able to scale. For example, a client who wanted to migrate their on-premise solution and then move to the cloud found it to be pretty straightforward. With things like this, there is still room for improvement and there can be trouble doing that. However, with the experience that I had during the migration, it was pretty smooth and seamless.

I haven't had any experience with technical support. I'm working as a presales engineer, however, I have colleagues who've had a few experiences with McAfee technical support. Usually, it's all about clarifications around the licensing or loading of the license. For example, we have had experiences with the license already loaded to the client's account and we haven't received the email yet. When that happens, we have no way of accessing the account of the client. In those instances, we'd reach out to support. Beyond that, we don't really need help. 

I have experience with Trend Micro, Sophos, and McAfee.

The main difference is their single solution. There's one single pane of glass you're looking at which gets easier with the maintenance. The utilization is also great. It takes away the customer of having to deal with problems with the utilization. There's a balance between the performance of the agent as well as the operation of the client. You won't hear a client complaining that a McAfee solution.

The threat intelligence with respect to endpoint security is great too. With the threat intelligence and McAfee having been in the industry for so long, it has a better capability of protecting our endpoints.

For the setup, if you're not familiar with it, it can be a challenge. From my experience, when I just started working with McAfee, it was really hard to understand how the policies work, how the policies should be implemented and how would you assign them to certain groups. If you're just getting started, it's hard. However, if you're already familiar with how policy creation works and how you're supposed to assign it to certain groups or certain users, then it becomes easier over time.

For every 100 users, one person is enough in terms of handling maintenance tasks. Management is easy as you can manage everything from a single pane of glass. It doesn't require a lot of manpower. 

If you look from the Gartner perspective, and if we're only looking at the leaders' quadrant, McAfee is around five out of five in terms of price affordability. Among all other solutions, it has really a reasonable price. If you look at the entire Magic Quadrant, not only the leaders' quadrant, McAfee is even better. There are other solutions that have a more reasonable price, however, it also comes at the cost of the quality that we're offering.

I'm a reseller and solutions provider. 

It can be deployed in a virtualized environment or on the cloud. It depends on the client's requirements. I typically recommend the SaaS environment, however, in the Phillippines, it's mostly on-premises still. In that case, we may use a virtualized or physical server.

I'd rate the solution eight out of ten.

We primarily use the solution for managed defense. It is a next-generation EDR, similar to Cylance and CrowdStrike. It's used for endpoint enforcement. 

It offers more plugins for endpoints in order to extend endpoint protection. There are a variety of plugin options.

The extendability is great. 

It is pretty stable.

The product is very scalable.

We find the pricing to be in line with the current market.

The solution needs to work on memory consumption. It is too high. EDRs are notorious for this. 

Technical support could be improved a bit. They are doing a lot with the acquisition and rebranding, and things may take a while to settle. 

We've used the solution for 18 months. 

The solution is stable and reliable. It's just as stable as anything else on the market. This is a stable build. All of it does depend on the interaction with the Microsoft patches. Most of the time, the performance is quite good. 

The solution scales well and has a lot of device plugins. I'd rate it a ten out of ten. You can do all kinds of things with it that you can't do with other endpoint protection options. 

Technical support isn't ideal. It's not that it is awful; it's just not fantastic. 

I'm also familiar with Cylance and CrowdStrike, which I've used at a different company.

I wasn't involved with the initial setup. However, we have a top-notch implementation engineer. 

We had the vendor's assistance, and we've always had an excellent experience using them. 

I am not sure about the exact costs. However, my understanding is it is comparable to Crowdstrike. Like other solutions, the more endpoints you have, the less the cost. 

We're customers. We're an international conglomerate. They are our vendor, and they are partners with us on our security journey. 

I'd advise people to use Managed Defense. It pays for itself. 

I'd rate the solution a solid eight out of ten overall.

We deploy the solution on-premises but we have the roadmap to migrate it on cloud. Initially, everything was on-premises, but we are moving to the cloud, which will be our first cloud migration.

The seamless deployment is very valuable.

The quality of the dashboard could be improved, and the central monitoring dashboard needs improvement. At first, we thought we were getting multiple views. One was a wholly summarized view, and the other was a more detailed view of an endpoint device. Digging into one device's detail is sometimes difficult. Additionally, the granularity of reporting can be improved. The next release could also include an extended mobile connection for the solution.

We have been using this solution for approximately four months.

The solution is stable.

The solution is scalable. Maybe in another six to eight months, we will scale to around 5,500 because we are recruiting more people, so the number may increase.

I have not had any experience with customer service and support.

We previously used Trend Micro. When we were deploying Trend Micro, we faced a lot of difficulties. When we acquired Trend Micro, we had no endpoint security so we had to remove an endpoint and deploy Trend Micro. As a result, deploying Trend Micro was very painful. There were frequent failures in the automatic script that Trend Micro had provided, and it took us about three and a half months to completely cover around 4,000 devices. At the same time, McAfee's deployment was seamless. There might have been an issue, but those issues never escalated. With Trend Micro, the issues escalated frequently.

We switched because of the distinction in scalability, Bluetooth and support. Additionally, one of the reasons we replaced Trend Micro was that we were raising a support ticket every month, which was embarrassing for us. We were losing five to seven tags. PSEs and the response to those PSEs were not satisfied every time.

I rate pricing and licensing a seven out of ten.

I rate this solution an eight out of ten. The solution is good, but the dashboard quality and granularity of reporting can be improved.

We used it for a compromise assessment. That would be for our client. We deployed the agents. It was for endpoint security.

We had been using the solution previously for one of the clients. We were using it for six months, and we did a compromise assessment based on the FireEye Endpoints that were deployed across the group. At that point in time, there were a lot of ransomware attacks in the environment, and it was impossible to identify the source of the attack and where it came from. The tools didn't point to that visibility. We had to deploy these agents across the environment and also monitor the environment using the network security appliances provided by FireEye just to monitor.

We did monitor it for six months, so it was an assessment. In those six months, we did not have another ransomware attack. It was proven the environmental assessment was clean. That was the whole objective of the compromise assessment - to find out if there are any indicators or anything that has gained a foothold in the environment, trying to fend advanced persistent threats from that standpoint.

It is a great solution. The way it exchanges the information between the entire ecosystem, all the endpoints, as well as the network ATP, can trigger the blocking even if it is seen by some other device. If the network has seen something, we can use that to put a block to all the endpoints.

It works in an ecosystem. Centrally, from just one console, you can block malicious attacks across your environment. It provides you with the ability to respond to threats better.

The solution can be expensive.

If it could provide a little more in terms of automating things, for example, in response and automatic playbooks wherein you define whatever it is if you see this kind of a threat. You define the actions that need to be followed. If a playbook could be automated and run without even requiring manual involvement, that is the future we want, and they should look into how to make that happen. That is the kind of capability we want them to build.

In terms of reporting, also, if they could provide a little bit more information from where it started, how it progressed; a complete workflow, how that had progressed from where it was picked up; what was the target stage, what was the next stage, and what was the final stage, that would be very helpful. If they could pick up in a simple pictorial way of representing analysis just like the Cisco ASA Packet Analyzer used to do, that would be really helpful.

We used the solution for six months.

The stability has been very good. There are no bugs or glitches and it doesn’t crash or freeze. It’s reliable.

The product can scale. It’s not an issue at all. 20,000 users were using the solution with no problems.

We have contacted tech support. Tech support was brilliant. They were very knowledgeable, very skillful, and very responsive, and they knew the subject matter. They knew what we were asking for.

The agent installation was okay. It was just a package that was installed. It also provides options to customize and fine-tune based on the system's performance. It's not too heavy on the systems or the servers.

On the network side of things, I think there were challenges to getting that working. We had to do a couple of alterations in terms of making it work, mainly since the appliance's model was provided using a special-purpose SFP, and the compatible SFP was not available in the client environment at that one point. We had to procure it specifically for that assessment.

It’s very costly.

I’d recommend the solution to others.

I would rate the solution eight out of ten.

McAfee MVISION Endpoint is used for endpoint protection. Protects the files and network against viruses and malware.

The price of McAfee MVISION Endpoint could improve.

I have been using McAfee MVISION Endpoint for approximately one year.

McAfee MVISION Endpoint is stable.

I have previously used Check Point and Microsoft Defender. I would recommend Microsoft Defender over the other solutions I have used.

The installation of the McAfee MVISION Endpoint was simple. We are able to do it remotely from a central location.

I have had a return on investment by using McAfee MVISION Endpoint.

We are on an annual subscription for McAfee MVISION Endpoint. The cost for the license could be less expensive.

I rate McAfee MVISION Endpoint a six out of ten.

We primarily use the solution for security. Sometimes we try to shift to other security sites, however, whenever we compare this solution with the others, we found that McAfee developing in more dynamic ways.

It has a great console. We can manage everything from the central console and it is very easy. Every year we are getting the benefits of legacy also.

It's easy to set up.

Some agents become old and then they don't communicate well any longer. They need an update. They need to make sure that older agents on active computers communicate properly.

Sometimes the agents stop working, however, we cannot understand why. This is sometimes a problem, especially if some agent is not communicating for one month or two months. We're not sure if there's a backlog or if it got infected. We need to know right away if an agent has stopped working and possibly what has caused it to stop. 

They have a dashboard. In the dashboard, you can see if a signature is in backlog, and it becomes red. This is also required if new agents or some number of event communications stop. 

I've been using the solution for about seven years.

The solution has been stable. there are not any bugs or glitches and it doesn't crash or freeze.

It is able to scale as required.

We have about 2,500 people using the solution. We have that amount of servers and PCs.

Technical support has been great. They always help us to resolve any issues. We are quite satisfied with them. If they ever run into issues, they can also open up a ticket with the OEM. we've never had an incident where our issues weren't resolved.

Before I started with the company, it may have been using AVG. While I was not responsible for the shift, at the time I came on, the company was growing by quite a lot, which may have initiated the change in solutions. 

The initial setup is very simple. It's not overly complex. We have two people who are able to handle its implementation.

It takes us about two weeks to set everything up.

I work with this solution and I have two junior colleagues. They also help me and we have an IT support team that assists as well. They are actually installing it into the new laptops and they actually sometimes take on basic troubleshooting. basically from the server end, I take care of it and I have two helping hands and we have 15 members in IT support. They provide support to the end-user.

We have a vendor that helps us with the initial setup.

I have not been monitoring for ROI.

We pay for the solution on a yearly basis. 

It is affordable. I don't exactly know the amount as it is maintained by someone else on my team. We have another separate team that basically manages the financial part. 

We are a customer and end-user. 

We always want it updated to the latest version.

I'd rate the solution nine out of ten.

We are using all Trellix solutions, and we are also using all McAfee products. Our customers are using virus scan for the old platforms, Endpoint Security, MVISION, File and Folder Encryption, File and Folder Protection, and Device Control, but at the moment, I am really interested in the integration between the new Trellix solution like MVISION and FireEye.

It is a really strong solution for endpoint security.

There should be better integration between the ePolicy Orchestrator and FireEye console. The integration of both consoles should be better.

I have been using this solution for about six years.

Its stability is perfect.

Its scalability is perfect. In our company, we have between 2,000 and 3,000 users, but our installation has about 50,000 endpoints for all customers.

They're very good. I am in contact with their support about five times a day, and they respond quickly.

Positive

It was easy. I have been using Trellix since the carbon age. I have been using Trellix since the day it was released.

Its deployment doesn't take long. 

I customize every installation.

It is not so cheap in comparison to Sophos and other solutions.

Make a really detailed survey of all the systems before implementing any solution on the endpoint. Do not buy the license and try deployment after that.

I would rate it a 10 out of 10.