Trellix Endpoint Security Platform Reviews

We deploy the solution on-premises but we have the roadmap to migrate it on cloud. Initially, everything was on-premises, but we are moving to the cloud, which will be our first cloud migration.

The seamless deployment is very valuable.

The quality of the dashboard could be improved, and the central monitoring dashboard needs improvement. At first, we thought we were getting multiple views. One was a wholly summarized view, and the other was a more detailed view of an endpoint device. Digging into one device's detail is sometimes difficult. Additionally, the granularity of reporting can be improved. The next release could also include an extended mobile connection for the solution.

We have been using this solution for approximately four months.

The solution is stable.

The solution is scalable. Maybe in another six to eight months, we will scale to around 5,500 because we are recruiting more people, so the number may increase.

I have not had any experience with customer service and support.

We previously used Trend Micro. When we were deploying Trend Micro, we faced a lot of difficulties. When we acquired Trend Micro, we had no endpoint security so we had to remove an endpoint and deploy Trend Micro. As a result, deploying Trend Micro was very painful. There were frequent failures in the automatic script that Trend Micro had provided, and it took us about three and a half months to completely cover around 4,000 devices. At the same time, McAfee's deployment was seamless. There might have been an issue, but those issues never escalated. With Trend Micro, the issues escalated frequently.

We switched because of the distinction in scalability, Bluetooth and support. Additionally, one of the reasons we replaced Trend Micro was that we were raising a support ticket every month, which was embarrassing for us. We were losing five to seven tags. PSEs and the response to those PSEs were not satisfied every time.

I rate pricing and licensing a seven out of ten.

I rate this solution an eight out of ten. The solution is good, but the dashboard quality and granularity of reporting can be improved.

Our use case is pretty straightforward. We have the central ePO that's running, and clients connect to it. All the clients connect to the ePO for updates and the ePO is able to go out and get updates, so it's pretty much like a star topology where you have the ePO sitting at the middle and handling all the requests from the clients and the servers.

We really like the dashboard from Trellix and we've found that it's pretty informative. Also, the reporting is pretty much immediate, so if there's any activity on the network, you're able to get notifications immediately. That's something that we really like about this product.

The solution consumes a lot of end user memory and CPU, so you need to have a computer that has a lot of resources for you to properly run Trellix. The agent ends up using a lot of resources, either RAM or CPU, and at times that bogs down users. I don't know if it's possible to have a lighter version of the agent, but if the agent was lighter it wouldn't consume so many resources, which would be good.

It's a bit complex. It's very granular and you need to really, really know the ins and outs of configuration. If you are specifically configuring an XML against ransomware, some very special setup, it can end up being a bit technical. You wouldn't want to make any mistakes while doing your configuration. A single configuration can make you lose whatever you wanted to do.

The other thing is if the engine would also focus more on malware, sort of an anti-malware. Trellix doesn't really focus so much on the anti-malware side, but there are other better performing antivirus or endpoint products that have better engines or they have a higher detection rate compared to what Trellix is currently providing.

I have been working with this solution for about three years.

If you've given the solution the resources that it needs, it's pretty much stable and it's able to continuously run uninterrupted. I've never seen any down times, so I'd say it's pretty much stable and it's built well.

As far as scalability, I think the solution is able to handle quite a bit. We have around three admins who interact with the product. Then we have the rest of the organization who interface with it, which is around 300 to 500 employees.

The tech support was pretty responsive and I believe all my questions were answered within the stated timeline. I can't remember what my questions were about, but I spoke with the technical team and got the help that I deserved. I would rate the support as a five out of five.

Positive

From a technical side, it's not so complicated. Of course, you need to set up your server correctly, and then deploying it to the agent is pretty simple. The setup on the server is the one that is a bit technical. You can't have a default deployment, so once you do your deployment you need to set up rules that work within your environment to be able to safeguard it against suspect files or potentially unwanted programs. You need to know exactly what to do, and that's the point that may not be very friendly to admin, because they might not know all of the threats that are out there. You can't really foresee a threat that you don't know about, or rather you don't know if you'd block it or not. The initial setup is pretty much straightforward if you're an IT person, but the configuration side has a learning curve. It takes quite some bit of time to really know exactly what you're doing.

We handled implementation in-house because when we got the licensing, we also got training modules from Trellix. Trellix has KB articles, which are pretty much straightforward and really helped quite a bit. I'd say it took about four hours to deploy from the time we started with a clean machine to the time that we started pulling updates and deploying to client machines.

On a scale of one to five, I'd give the setup a four, because the product pretty much does what it says it does, but it's not perfect. If you're an IT person, you'll be able to deploy it, and sending the Agent file to clients is pretty much a no-brainer.

The maintenance bit is okay as well. There's not a high amount of maintenance because you can automate many activities. You just need to make sure that your server is able to pick up the updates that are necessary, and make sure the databases are running okay. It's nothing new if you're in the IT environment, just making sure everything is running properly. I've never landed on an update that broke the application.

I believe for organizations that are looking for what Trellix is offering right now, there is a definite return on investment.

I think Trellix is more on the higher side of the market, just on a general scale, but I also think it depends on what particular package you choose. Different packages have different rates. I would give the pricing a three out of five. It depends on your usage because if the product works for you, then you might say the price is right. At one point it worked for us, but we have shifted our goals.

We currently considering switching from Trellix to Bitdefender mainly because Trellix isn't really focused on malware, and right now most threats are coming from within the organization as malware. Malware is something that can stop business continuity, so that's one of our main areas of focus, and Trellix is not doing really well within that perspective.

I would recommend Trellix to someone as long as they know exactly what they're looking for within the organization. For instance, Trellix is very granular, so if you have a dedicated security department that can customize policies and XML documents at a very fine level and specifically work on this product, then I would say, go for it. The solution is going to serve them well, because what it does, it does really well. You're able to experience possibly what's among the best products in the market. I would recommend it as long as the people know exactly what they're getting into and they're ready to handle the challenge.

On a scale of one to ten, I would give Trellix an eight.

We primarily use this solution as cover for mobile devices. I'm the manager of pre-sales and we are resellers and users of this solution. We are low-level partners of McAfee.

The solution provides good mobile device protection and it's great that it's on the cloud. The product is compatible and works for all platforms.

I'd like McAfee to include device control on MVISION. The solution currently lacks mobile device management. The cost of the solution is comparatively high and I'd like to see that reduced. 

I've been using MVISION for one year and working with McAfee solutions for the past 10 years. 

The solution is stable for threat protection. 

The solution is scalable.

The technical support is very good. They are very knowledgeable and also happy to help out. 

Positive

The initial setup is easy and very straightforward. 

There's a USD$1,500 supported annual subscription fee that includes maintenance for anywhere between 51 and 100 users. It's USD$30 per users which I think is quite expensive. 

It's important to be clear about your use case and environment before purchasing this solution. 

I rate this solution eight out of 10. 

MVISION offers decent protection.

The email protection isn't efficient enough, and I'd like to see DLP features in the next release. 

I've been using MVISION for three years.

MVISION is stable.

MVISION is scalable. 

Setting up MVISION is easy.

We have an annual license and pay extra for support.

I rate McAfee MVISION Endpoint six out of 10. It's a good product, but not the best. I wouldn't recommend it to others because it's not secure enough. 

The solution enables me to monitor all my endpoints and ensure that our agents are reporting to the FireEye management server. That is key for allowing us to see any suspicious traffic coming in. I'm the delivery manager and we are customers of FireEye. 

I like the console and the GUI is user-friendly. One of the most important and critical features is containment. Suppose something gets infected and there's the possibility of it spreading laterally and causing a problem or compromising a network. FireEye has a feature that enables it to disconnect from a system network so that the infection doesn't spread. 

Even if an incident occurs at night when support teams are not available, the feature can contain the infection so that when the support teams get to work, they can carry out the remediation part and bring the system back to production.

I'd like to see the searches enhanced because when I hand over the product to someone without experience, it should be user-friendly to them as well. If the feature was enhanced, and the amount of data that comes in reduced, it would simplify the process for anyone. 

I've been using this solution for two years. 

The solution is stable.

I haven't had any issues with scalability. 

The support is pretty good, we haven't had any problems. 

Neutral

We had a separate team implementing FireEye and there didn't seem to be any issues so I think deployment was relatively straightforward. 

I prefer FireEye to solutions like CrowdStrike, Carbon Black, and Trend Micro which are not as user-friendly. FireEye is also easier to integrate with the SIEM, so all the logs get pushed and there are no issues getting the device integrated with SIEM. 

I rate this solution nine out of 10. 

The features we have found most valuable have been containment as well as the ability to triage agent activities.

The way that signatures work when using this solution could be improved. They could be more user friendly. We would like the ability to select a client's signature from a menu or file share to save time. 

FireEye allows three releases per day which are automated. If the automation fails for some reason, the release fails. FireEye does not allow manual releases. This is why we are moving away from using this solution. 

This is a stable solution.

This is a scalable solution. 

The customer service is good. 

Neutral

I have previously used Symantec at a different company. I think Symantec is the best solution overall. 

The initial setup was quite complex. It took three months for us to roll out the solution. 

The suitability of FireEye for a business depends on the business itself. 
I would rate this solution a seven out of ten. 

McAfee MVISION Endpoint is used for endpoint security across all platforms, including mobile and desktop users. 

All endpoint-related activities for which the company has a charter.

In my opinion, it's a pretty good product.

I have not received any complaints about the performance.

I would like to see more local integration for the applications that we use. We are looking forward to having more unified management.

We have been using McAfee MVISION Endpoint for one year. We have recently implemented it.

McAfee MVISION Endpoint has been stable.

We have not yet scaled it, but I believe that it is scalable.

Our organization has 7,000 users.

I'm not sure if the technical teams have done so, but I haven't contacted technical support.

We are using Cisco Umbrella, as well as McAfee.

Our own team performed the installation. I didn't hear any complaints, so I guess it's pretty simple.

To deploy and maintain, we have a team of two administrators and one manager.

It is based on an annual subscription.

I would definitely recommend McAfee MVISION Endpoint because it is cloud-based app management and requires little maintenance.

I would rate, McAfee MVISION Endpoint, an eight out of ten.

We are using McAfee Endpoint Security for network security.

There is a new feature where you can set thresholds for all the CPU consumption allowing for no consumption on the servers when the scans happen. It is a separate plugin or addon, and if we have it on all the virtual machines it automatically checks the resources, and based on that, it will schedule the scans. That is something that I have not seen in other antivirus solutions, such as Symantec.

The user interface could be improved by making it more user-friendly. There are multiple solutions and there is no clear line differentiating all of them. There is a centralized console where we manage everything but most of the administrators feel a little confused when it comes to managing multiple products from a single place.

In a future release, McAfee could improve by having a fewer resource-consuming agents. When you bundle up all the solutions with an agent, it becomes heavy for the endpoint to handle. This is one drawback that they should improve because some of their competitors, such as Trend Micro and Symantec both have low-consumption agents available.

McAfee has multiple solutions that can be combined together into a single product. There is no need to have this many solutions.

I have been using McAfee Endpoint Security for approximately 10 years.

McAfee Endpoint Security is stable. However, the way we implement it can impact stability sometimes. The stability can fluctuate because of the configuration that we have, or the different types of policy that we have on the endpoints. The configurations can be tweaked and tuned to make it becomes stable again.

The solution is scalable. We have approximately 80,000 endpoints on a single console. If we wanted to increase the number of endpoints it can scale higher.

The support from McAfee is far better than other vendors, such as Trend Micro and Symantec.

I have previously used Symantec and Trend Micro.

The initial setup for an experienced administrator should be easy. The setup can also be easy if you follow the very detailed guide which they call the KB guide that they provide. You can receive good support from the professional services team from McAfee. That is how many organizations usually do the initial setup.

I would advise others that are wanting to implement McAfee Endpoint Security to initially use help from the professional service team at McAfee, it will help a lot by making sure they do all the scalability and enviroment requirements. Additionally, they can ask questions based on their expectation and receive suggestions and answers. As an alternative, if you have an experienced person who is well-versed with implementations then I would use them, if not, I would always recommend using the professional service team at McAfee.

I rate McAfee Endpoint Security a seven out of ten.