Trellix Endpoint Security Platform Reviews

We use McAfee Endpoint Security as a solution for workstations and laptops.

Some of McAfee Endpoint Security's main features are it has benefits over normal conventional antivirus solutions because it works much faster. 

The solution learns which piece of software is running on the computer and compares it to a white list or black list database, if it is on the white list it allows the application and if it is on the black it does not.

McAfee Endpoint Security uses fewer computer resources than many competitors making it less of a burden on the performance of the computer. 

We have had some of our clients not happy with McAfee Endpoint Security because it blocks some of the applications they are trying to use. They should make it easier to unblock applications.

In a future release, McAfee Endpoint Security and all other endpoint solutions should reduce the number of resources needed to run their solution, such as hard drive space and CPU processing. The fewer resources the solution uses the better the performance of the hosting computer will have.

I have been using McAfee Endpoint Security for approximately 15 years.

The solution is stable.

McAfee Endpoint Security is cloud-based making it scalable.

We have approximately 100,000 users using the solution in my organization.

I can log into the McAfee portal and get support. We have not had any problem with the support and we have never had an interruption or a case of software failing.

The installation was very easy and quick. It only takes a few minutes.

We can do the implementation of the solution. Customers can do it by themself or in a corporate environment it can be pushed from the central server to each individual computer.

The maintenance of the solution is done by an outside vendor.

For each computer that is connected to the server McAfee charges us for each computer based on our license agreement.

We are in the process of moving away from McAfee Endpoint Security and replacing it with Cylance.

The solution is great by itself. However, it is important how management is organized within the company and how quick of response the teams can apply white list and other security measures.

I would recommend this solution to others.

I rate McAfee Endpoint Security an eight out of ten.

We've only got two or three machines. The solution is simply used as an antivirus, however,  we've rolled it out to all of our customers and we use it as a managed service.

The solution has reduced false positives for our clients and ourselves.

It's got quite good ransomware detection.

The product can be deployed across mobile devices.

It has a managed service push deployment where we can push cloud tasks into policies. 

It's a really good product. It's stable and scalable. It offers good flexibility, has a small footprint, offers a minimal effect on performance, and is from a trusted brand.

We have found the deployment to be very fast.

Technical support is excellent.

We're still looking for weaknesses. The product is still quite new for us. That said, so far, every time I have thought, "I wonder if it can do this or it can do that." I've been able to do it.

McAfee has also asked us for feedback, and we noticed when we gave them suggestions, they worked to implement them. For example, we asked for the ability to leverage Windows Defender instead of creating an endpoint. They've just put that in so you can choose now what you want to do. You can change that deployment and push it out without any intervention by the client as well.

The initial setup can be a bit complicated for those unfamiliar with the product.

We have been using the solution for about four or five months at this point. 

The stability is good. There are no bugs or glitches and it doesn't crash or freeze.

The companies we work with range in size from small to large. 

The solution is very easy to scale.

I would rate technical support at a ten out of ten. They have been great. We have found them to be helpful and responsive. My personal interaction with them was absolutely brilliant.

The initial setup can be difficult the first time. You have the flexibility to give all sorts of setup options. You need to know, for example, do you want this, do you want that, do you want these exclusions? Do you want these exploit preventions? et cetera. There are a lot of components. It's going to be complicated initially, however, once you've done that and set it up for a customer, then it's very simple just to deploy it and roll it out.

We rolled out another customer on Friday, and that's 35 sites we've done so far - and I was able to do the whole lot remotely. It's quick to deploy. For clients, in terms of the deployment, I just simply send them a link to their emails and they just go click on it and it goes.

Once the product is deployed, there isn't any maintenance necessary. It's all controlled from a SaaS portal.

The pricing is okay. It's in the middle and there are actually surveys out and they all say that as well.

There's a couple of license options. You can choose a single license or you can choose what we call a MV2 license. Every single license gives you the ability to install a product on five other devices - including mobile. You get a Windows license and that enables you to install it on a tablet, iPhone, or Android device (up to five) as well.

We're a McAfee partner.

We are using the SaaS version. It's my understanding that we are on the latest version of the solution. 

We would recommend the solution to other companies. We actually sell it and provide it to all our clients.

I'd rate the solution at a ten out of ten.

We are using the latest version at the moment because I'm managed by the MVISION tenants.

In the past, many people had issues with the utilization of detections and resources. ENS is actually very good for detection. When properly configured, especially when the prevention feature is activated, it integrates very well with the ATP, in respect of the endpoint. ATP offers very good protection and is a rich solution which helps to remove ransomware. I've been using the product for a while now and been able to secure a lot of environmental ransomware attacks, as well as some others, by integrating the ATP with the ENS. 

It is of primary importance that the solution does not cripple my system. When an endpoint is sitting on one's computer a struggle ensues involving resources, since the endpoint is actually scanning. At present, it either does not do so or is not noticeable. The detection rate is very high and one can be certain that he is not getting false positives, since he can see if the policy is properly configured. 

The detection is great and the solution is constantly improving. 

It would be nice if the solution were to allow not just on-cloud management, but on-premises, as well. 

I have been using McAfee Endpoint Security for a couple of years. I started with Virus Scan and moved to MVISION when it was introduced. I used ENS when it was made available. While I cannot remember for certain, I believe I have been using the solution since 2015 or 2016. I still use it. 

The solution is very stable. Proper configuration means that we have not had issues with the stability. When all is said and done, the landscape is shifting towards one involving EDR, which is necessary for one to feel he has complete endpoint protection. 

The solution is scalable. 

While there is a need to utilize technical support, I feel it to be fair. Overall, support will point one in a certain, or appropriate, direction, although they will occasionally ask that the person solve the problem on his own. The process may take longer if the issue involves the product. Proper escalation can shorten the resolution process. While I have occasionally had to solve the problem by myself, more often than not the support is very helpful and reliable, especially of late. 

The deployment is simple and very straightforward, including when one wishes to deploy in the cloud.

Deployment can be handled on one's own. Most deployments are the same. When deploying in the cloud, there is only a need to click several times on the link that is sent. There's nothing to it. Anybody can actually do the installation. It's very straightforward.

We are distributors although, as an engineer, I handle everything, including integration. 

McAfee's prices are flexible and can be quite competitive, although there are other solutions that are even more so. Most end-users don't focus on which solution is better, but on which one is most cost-effective. 

Our customers must pay for the licensing involved in using the solution, which they do so annually. Yet, the majority of our customers deploy the solution on-premises, which means their licenses are perpetual. There is still a need to pay for support, however, and this must be renewed annually. 

The solution does a fine job of integration. 

It is deployed in the cloud. 

My organization is very big. Like I said, we're systems integrators. As we are a distribution company, I am in a position to speak from a technical point of view. I've actually seen environments that reach 16,000. I did the deployment for a bank in Ghana, which is under the management of the Pan-African Bank and is responsible for management throughout all of Africa, save for Nigeria. This involved around 15,000 nodes. There is another bank in Nigeria with between 4,000 to 6,000 nodes and still others with around 12,000. 

I would definitely recommend this solution to other users. Leaving aside the fact that I sell this solution, when it comes to endpoint security solutions the world over, McAfee is one of the best, if not the best. 

I use this solution for system security protection.

McAfee has helped our organization by keeping all of our computer systems secure from viruses or other intrusions.

The most valuable feature is the centralized console where everything can be controlled by the administration. McAfee is always improving and is coming out with advanced cloud strategies, you can always rely on them now and for many years ahead.

There are times the solution has some additional software added that is not fully integrated properly, such as Exchange Group Shield. It is quite old and is not fully integrated properly and could be improved.

In an upcoming release, there could be an improvement in performance. There are times the solution can use a lot of resources on the local machines. This normally happens when the system is scanning, the end-user can really notice the performance change. After every new version that is released, there are improvements made. However, there is still room for improvement.

I have been using this solution for approximately 15 years.

The stability is good, whenever there is an issue there is an update or solution to fix it shortly after.

The scalability has been good for us, we have not expanded very much to know more.

The technical support could be improved. We currently have business support and this has been a lot better than the regular support. The business support is more responsive and the resolutions are more thorough. 

The price of the solution is fair, we have a complete security package.

The solution is very good but it is useful and important to have good experience with the endpoint testing machine.

I rate McAfee Endpoint Security nine out of ten.

Overall, we handle the implementation of the solution, taking into account the policy required to secure the network.

We primarily use McAfee Endpoint Security for data loss and endpoint protection.

An area in need of improvement involves the overview, which usually does not enable one to get the value in reports.

Upon receipt of the incident, the review is important. Based on this it is possible to construct a workflow for closing the case. 

It is crucial to keep the data inside the department. Receipt of the incident is a pain point since there is a need to engage one's system administrator as part of the data loss protection consent requirements and this involves sensitive information. However, nothing will be accomplished with a system administrator, only with a compliance administrator who is fully knowledgeable. 

The solution is not stable and the ecosystem enters the picture for those responsible. Each system is connected in a centralized manner to give a holistic view of one's endpoint and environment. This is how things are at present and it offers a great way of setting things up. But, it poses an issue that a person cannot translate the value of the information once the entire system is integrated into a single console. Nothing will be accomplished in the system if incidents are frequently received but with no correlation between them. There is a need for combining IP analytics with artificial intelligence in respect of these reports. 

The initial setup was complex and required too many servers.

A perpetual license is not an option with McAfee Endpoint Security or anyone else for that matter. 

The price of the solution is high in Asia, in contrast to Symantec, which gives you a 70% discount on the closing of the project. The issue at hand involves the people. McAfee did have some big clients in my country and region. However, it did not have many clients. 

The solution is deployed on-premises since it mostly involves a bank. 

Unfortunately, most clients have chosen to remove McAfee and have switched to Silence because of its ease of use. They are not interested in updates. 

I feel McAfee Endpoint Security is a good, mature product, although the price of the technology poses an issue. In Pakistan and Asia, there is a different kind of field environment than in Europe and the United States. While we cannot offer our clients managed services, which is what everyone wants, in Europe and the United States they can. 

I rate McAfee Endpoint Security as a six out of ten. 

It can be used for ransomware detection and data exfiltration. It is also able to detect Remote Access Trojan (RAT).

It is easy to use, flexible, and stable. Because it is a cloud-based solution and it integrates all endpoints of the cloud, we can do an IOC-based search. It can search the entire enterprise and tell us the endpoints that are possibly compromised.

It has a feature called Isolation. If a device is compromised, we can connect it to our SOC, and no one would be able to access it. This way we can limit the damage to the network while we are investigating.

Malware detection can be better. It doesn't have support and detection for the recent malware, but it has a compensatory control where it can do the behavior-based assessment and alert you when there is something malicious or unexpected. For example, when a certain user is executing the privilege command, which is not normal. These dynamic detections are good, and they compensate for malware detection.

It has very good integrations. However, its integration with Palo Alto was not good, and they seem to be working on it at the backend. It is not very resource-hungry, but it can be even better in terms of resource utilization. It could be improved in terms of efficiency, memory sizing, and disk consumption by agents.

They have something called Managed Detection and Response. They get intel from their customers, and that intel is shared with the rest of FireEye's customers. I want to subscribe to their intel, but that is not available to us.

I have been using this solution for two years.

It is stable. The FireEye team monitors it, and in case it goes down, we get an alert saying that the device is down. We either get their help or troubleshoot it ourselves to get it up and running.

It is quite scalable. We have scaled it according to their sizing recommendations. They have devices for different bandwidths, models, and offices.

We have about 4,000 people who are using this product. In terms of our plans to increase its usage, we are currently studying two options. One of them will basically scale up to about 40,000 instances.

Their technical support is good. For each region, they seem to have got local support that takes care of all problems. They have support teams in Singapore, India, and North America.

Its initial setup was straightforward. I have done one installation that took about 90 minutes. Virtual installations are straightforward. Physical installations have got some networking interfaces, and one needs to go through the documentation to do it. If you have got the right configuration, it is straightforward.

We have about five people within SOC. We manage the engineering and deployment aspects of it. It is not very resource-hungry.

For its deployment, we just needed about four people. We deployed about 14 appliances and one cloud-based instance. We have automated the deployment. We deployed it via Puppet, so the installation was fast.

We also use CrowdStrike Falcon, which is also endpoint security. At that time, we chose the best option based on our study. Both Falcon and FireEye were doing good in the market, so we basically went ahead with what was the best at that time. We buy the licenses for both of these and then do the deployment.

We also use Sophos, but it is signature-based. We have licenses for the normal management control software of Sophos and the agents. We have not used Sophos Intercept X. My understanding is that it is an EDR, and we look forward to doing a study on it.

Based on my two years of experience with this solution, I would comfortably recommend this solution.

I would rate FireEye Endpoint Security an eight out of ten.

I have found DLP to be a valuable feature.

When it comes to DLP or McAfee Security Encryption, with which I am happy, I like to make use of the solution for Vault, but find that the encryption is problematic. The system needs reforming. Suppose the solution is utilized on a laptop or desktop and the client wishes to make an assignment to another person but forgot his password. The data cannot be archived or backed up. 

I have been using McAfee Endpoint Security for the past five years.

The solution is reliable.

Previously, I used the solution for a single site consisting of nearly 300 users. However, as I found it to also be a good tool for DLP endpoint, I now use it for another client with nearly 700 users.

Counting from one to ten, this being the highest, I fully support the solution's technical services.

The initial setup is very simple, allowing a person to get the videos or documents on the internet. 

The deployment takes one to two days.

I do licensing on an annual basis and this is what I always recommend to my clients over the monthly option. This is because all my clients are long-term and do not wish to pay on a monthly basis, instead preferring licenses of, perhaps, three years with an additional one or two year option. 

I am using the latest version of the solution minus one. 

Some of our clients deploy the solution on-premises and others use clouds, such as AWS or IBM Cloud. I'm actually a service partner with IBM Cloud and the community manager with AWS Cloud.

We currently have two or three clients utilizing the solution and it can be said that it is a good product. 

The solution is really good and competitively priced, so someone wishing to secure his enterprise or make use of it in an inexpensive fashion should do so. 

I would rate it a seven out of ten. 

MVISION Endpoint is the management software for McAfee that manages the Windows Defender. It manages the Windows Defender anti-malware, Windows Defender Exploit Guard, and Windows Defender Firewall. These are the three main components that McAfee manages centrally from an ePO, and that ePO can be an on-premises ePO management server, or it can be an MVISION ePO management server on McAfee cloud. So, management can be both on the cloud and on-premises.

It's simple and very easy to use. Before MVISION Endpoint, McAfee had their own Endpoint Security software called ENS, which included their anti-malware engine. Even though ENS was a comprehensive product and a very good product as well, it was confusing for some professionals. 

In the times that we live in now, an IT personnel, even a specialized one, is a generalist. So you have an IT person who is managing the firewall and endpoint security, and also managing the ERP and backups, and the switches as well. Everything in the environment will be handed over to a single person.

A product like McAfee ENS is pretty extensive and allows for advanced configurations, especially for security professionals. However, IT personnel often fail to configure it properly. MVISION Endpoint is so much easier and so much simpler for the lay security personnel to handle. This is what I really like about it.

McAfee has an on-premises ePO server, which you can install on your environment. You can add your infrastructure and push the agents all from the console; so you literally don't have to do anything on your own. From the dashboard, you'll push the agents, install them, configure them, and manage them all from the console.

McAfee has several MVISION products. It will be really amazing if they could be consolidated into one dashboard. As of now, I know that this is on the roadmap and is expected to be released very soon. It'll unify the management of the various MVISION portfolios. It will be a great tool for improvement.

Instead of needing separate management consoles to manage some of the products in the portfolio, a unified console for MVISION Cloud, MVISION EDR, MVISION Endpoint, MVISION DLP, and the remaining MVISION portfolio would be great. I believe that McAfee is addressing this at present.

A drawback with the cloud MVISION ePO is that you can't push agents from the cloud portal. You need to download that agent, and you need to figure out a way to install that agent into the machines.

I'd like to see MVISION Endpoint for other platforms because MVISION Endpoint is only compatible with Windows 10 and Windows 2016 and above. If I were using a Linux operating system, I would not be able to use MVISION Endpoint.

I'd like to see it in the Mac operating system as well. I'd like to see cross-compatibility, which would be great. Even though McAfee has a simpler product for Androids and the iOS, it would be great to see the ease of use of MVISION Endpoint across the portfolio.

I've been using it for two years.

McAfee doesn't provide the security software. It manages the security software which is built in to the Windows 10 and Windows Servers 2016 and above. Unlike McAfee ENS, which uses its own software to do the scanning and its own signature database that could add lots of clutter to the operating system, MVISION Endpoint uses Windows Defender, so there's no added overhead for the machines. As a result, it is pretty stable.

In terms of scalability, you can deploy as many agents to as many machines and protect them from the ePO, whether it's an on-premises ePO or one on the cloud.

Technical support is great. I didn't have to interact with them that much, but they provided good support at the times when I had to reach them. They were responsive; that is, I'd get a response within the same day.

In my experience, the installation has been straightforward.

The only major issue is that if a client is going to have his ePO on the cloud, his management server will be on the cloud. So I will need to push agents to lots of machines. There is no automated deployment from the cloud to on-premises machines. That means that I need to download the McAfee agents and have to take care of the deployment and the automation on my own.

Customers would need to purchase a license. If a customer purchases an MVISION Endpoint license, he may use that license to install ENS. It's a flexible license where you have the option to either use the McAfee security software or the Windows Defender managed by McAfee, which is MVISION Endpoint.

With MVISION Endpoint, even if you don't know about cybersecurity, you can just turn on the protection checkbox. It's that easy. It was really relatable to my experience with Sophos because the configuration there was also that simple, so I really liked it.

For those who can't afford expensive cybersecurity professionals but are responsible for configuring the security of the organization, MVISION Endpoint is a good product to go with. It's flexible, and you can manage it from the cloud or on-premises.

At present, it is often used by small businesses because of its ease of use, configuration, and deployment.

It's been around on the market for a long time, and has undergone many improvements. So, on a scale from one to ten, I would rate McAfee MVISION Endpoint at eight.