Coming October 25: PeerSpot Awards will be announced! Learn more

Trellix Endpoint Security OverviewUNIXBusinessApplication

Trellix Endpoint Security is #3 ranked solution in XDR Security products and #17 ranked solution in endpoint security software. PeerSpot users give Trellix Endpoint Security an average rating of 8.0 out of 10. Trellix Endpoint Security is most commonly compared to McAfee MVISION Endpoint: Trellix Endpoint Security vs McAfee MVISION Endpoint. Trellix Endpoint Security is popular among the large enterprise segment, accounting for 65% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 21% of all views.
Trellix Endpoint Security Buyer's Guide

Download the Trellix Endpoint Security Buyer's Guide including reviews and more. Updated: September 2022

What is Trellix Endpoint Security?

Trellix Endpoint Security provides aggressive robust protection for every endpoint in an enterprise organization. Trellix uses dynamic threat intelligence and mounts a superb defense across the complete threat lifecycle. This solution will keep your organization more secure and resistant to any possible threat of risks. Trellix offers an amalgamated suite of next-generation endpoint security tools. These tools give users the benefit of machine learning, intuitive intelligence, and greater assistance to ensure their networks are being protected non-stop against threats - potential or realized - and can stop attacks before they happen. Trellix uses MDR (managed detection and response) and XDR (extended detection and response) to give users a comprehensive endpoint security solution.

Trellix Endpoint Security Benefits

  • Intuitive Protection: Trellix Endpoint Security learns and matures to ensure organizations are continuously protected in today’s aggressive threat environment. Users have full visibility and greater control of all endpoints and are able to utilize Trellix Endpoint Security’s potent threat detection, prevention, investigation, and response to keep their enterprises safe and secure.

  • Streamlined Security Protection: Users have a single view of full transparency into how their networks are performing and the overall effectiveness of the security. Users can access the solution from anywhere and manage automated workflows. The solution allows for a streamlined security process to improve the overall reliability of the organization's security and can effortlessly scan through hundreds of thousands of endpoints in minutes.

  • Robust Risk Management: Stop attacks before they occur and keep abreast of potential threats with intuitive threat prioritization. Receive easy to understand risk assessment and repair guidance without delay to prevent any possible lapses in security. Test scenarios will allow users to see how the organization would respond to a threat scheme.

Trellix Endpoint Security Top Features

  • Consolidated Management: Trellix offers numerous deployment options. The unique consolidated management process provides full transparency, cost-effective processes, improved IT functionality, and streamlined operations.

  • Intuitive Processes: Trellix can identify zero-day threats using machine learning and develop workable risk assessment to prevent attacks. Trellix intuitively creates protocols to recognize problematic processes that could lead to future attacks.
  • Reduced Impact on Resources: Trellix learns to focus on suspicious or anomalous activities by quickly identifying trusted activities to greatly reduce CPU consumption.

Reviews from Real Users

“It has a great console. We can manage everything from the central console and it is very easy. Every year we are getting the benefits of legacy also. It's easy to set up.” - S Fazlul H., IT Lead Engineer, Information Technology at Banglalink

“There is a new feature where you can set thresholds for all the CPU consumption allowing for no consumption on the servers when the scans happen. It is a separate plugin or addon, and if we have it on all the virtual machines it automatically checks the resources, and based on that, it will schedule the scans. That is something that I have not seen in other antivirus solutions, such as Symantec.” - Sabari K. Senior Engineer at a comms service provider

Trellix Endpoint Security was previously known as McAfee Endpoint Security, McAfee Complete Endpoint Protection, McAfee Endpoint Protection, Total Protection for Endpoint, Intel Security Total Protection for Endpoint, MCAFEE Complete Endpoint Protection.

Trellix Endpoint Security Customers

inHouseIT, Seagate Technology

Trellix Endpoint Security Video

Trellix Endpoint Security Pricing Advice

What users are saying about Trellix Endpoint Security pricing:
  • "I think Trellix is more on the higher side of the market, just on a general scale, but I also think it depends on what particular package you choose."
  • "We pay 650 Rand for a license. It is a perpetual license which we normally run for two years."
  • "McAfee's prices are flexible and can be quite competitive, although there are other solutions that are even more so."
  • "We pay for the license on an annual basis."
  • Trellix Endpoint Security Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    ITOfficer at U.S. Army Medical Research Unit - Kenya
    Real User
    Top 20
    An informative dashboard and immediate reporting and notifications
    Pros and Cons
    • "We really like the dashboard from Trellix and we've found that it's pretty informative."
    • "The solution consumes a lot of end user memory and CPU. Trellix doesn't really focus much on the anti-malware side."

    What is our primary use case?

    Our use case is pretty straightforward. We have the central ePO that's running, and clients connect to it. All the clients connect to the ePO for updates and the ePO is able to go out and get updates, so it's pretty much like a star topology where you have the ePO sitting at the middle and handling all the requests from the clients and the servers.

    What is most valuable?

    We really like the dashboard from Trellix and we've found that it's pretty informative. Also, the reporting is pretty much immediate, so if there's any activity on the network, you're able to get notifications immediately. That's something that we really like about this product.

    What needs improvement?

    The solution consumes a lot of end user memory and CPU, so you need to have a computer that has a lot of resources for you to properly run Trellix. The agent ends up using a lot of resources, either RAM or CPU, and at times that bogs down users. I don't know if it's possible to have a lighter version of the agent, but if the agent was lighter it wouldn't consume so many resources, which would be good.

    It's a bit complex. It's very granular and you need to really, really know the ins and outs of configuration. If you are specifically configuring an XML against ransomware, some very special setup, it can end up being a bit technical. You wouldn't want to make any mistakes while doing your configuration. A single configuration can make you lose whatever you wanted to do.

    The other thing is if the engine would also focus more on malware, sort of an anti-malware. Trellix doesn't really focus so much on the anti-malware side, but there are other better performing antivirus or endpoint products that have better engines or they have a higher detection rate compared to what Trellix is currently providing.

    For how long have I used the solution?

    I have been working with this solution for about three years.

    Buyer's Guide
    Trellix Endpoint Security
    September 2022
    Learn what your peers think about Trellix Endpoint Security. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
    634,775 professionals have used our research since 2012.

    What do I think about the stability of the solution?

    If you've given the solution the resources that it needs, it's pretty much stable and it's able to continuously run uninterrupted. I've never seen any down times, so I'd say it's pretty much stable and it's built well.

    What do I think about the scalability of the solution?

    As far as scalability, I think the solution is able to handle quite a bit. We have around three admins who interact with the product. Then we have the rest of the organization who interface with it, which is around 300 to 500 employees.

    How are customer service and support?

    The tech support was pretty responsive and I believe all my questions were answered within the stated timeline. I can't remember what my questions were about, but I spoke with the technical team and got the help that I deserved. I would rate the support as a five out of five.

    How would you rate customer service and support?

    Positive

    How was the initial setup?

    From a technical side, it's not so complicated. Of course, you need to set up your server correctly, and then deploying it to the agent is pretty simple. The setup on the server is the one that is a bit technical. You can't have a default deployment, so once you do your deployment you need to set up rules that work within your environment to be able to safeguard it against suspect files or potentially unwanted programs. You need to know exactly what to do, and that's the point that may not be very friendly to admin, because they might not know all of the threats that are out there. You can't really foresee a threat that you don't know about, or rather you don't know if you'd block it or not. The initial setup is pretty much straightforward if you're an IT person, but the configuration side has a learning curve. It takes quite some bit of time to really know exactly what you're doing.

    What about the implementation team?

    We handled implementation in-house because when we got the licensing, we also got training modules from Trellix. Trellix has KB articles, which are pretty much straightforward and really helped quite a bit. I'd say it took about four hours to deploy from the time we started with a clean machine to the time that we started pulling updates and deploying to client machines.

    On a scale of one to five, I'd give the setup a four, because the product pretty much does what it says it does, but it's not perfect. If you're an IT person, you'll be able to deploy it, and sending the Agent file to clients is pretty much a no-brainer.

    The maintenance bit is okay as well. There's not a high amount of maintenance because you can automate many activities. You just need to make sure that your server is able to pick up the updates that are necessary, and make sure the databases are running okay. It's nothing new if you're in the IT environment, just making sure everything is running properly. I've never landed on an update that broke the application.

    What was our ROI?

    I believe for organizations that are looking for what Trellix is offering right now, there is a definite return on investment.

    What's my experience with pricing, setup cost, and licensing?

    I think Trellix is more on the higher side of the market, just on a general scale, but I also think it depends on what particular package you choose. Different packages have different rates. I would give the pricing a three out of five. It depends on your usage because if the product works for you, then you might say the price is right. At one point it worked for us, but we have shifted our goals.

    Which other solutions did I evaluate?

    We currently considering switching from Trellix to Bitdefender mainly because Trellix isn't really focused on malware, and right now most threats are coming from within the organization as malware. Malware is something that can stop business continuity, so that's one of our main areas of focus, and Trellix is not doing really well within that perspective.

    What other advice do I have?

    I would recommend Trellix to someone as long as they know exactly what they're looking for within the organization. For instance, Trellix is very granular, so if you have a dedicated security department that can customize policies and XML documents at a very fine level and specifically work on this product, then I would say, go for it. The solution is going to serve them well, because what it does, it does really well. You're able to experience possibly what's among the best products in the market. I would recommend it as long as the people know exactly what they're getting into and they're ready to handle the challenge.

    On a scale of one to ten, I would give Trellix an eight.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    IT Infrastructure Manager at a financial services firm with 51-200 employees
    Real User
    Top 5
    Protect your business against a wide variety of threats
    Pros and Cons
    • "It's quite easy to install agents."
    • "With McAfee, if there is a zero-day vulnerability, you have to download the patch for it from the McAfee website, then apply it to your endpoint."

    What is our primary use case?

    We currently have around 50 servers. We aren't really a big company but we have 50 servers which we manage. We use McAfee for the web filtering portion of it. For example, if a user is doing a search on Google, there's a risk-rating web content filter built into McAfee. This alerts us if there are any threats present. 

    We have licensed McAfee ENS on a per-server basis. As of now, from memory, I think we have 56 endpoints running McAfee — 56 servers in total.

    What is most valuable?

    From the McAfee side, I really like the ePolicy Orchestrator software that allows us to manage all of our endpoints. You can create the deployment policies and whenever there is a new update — a new version of the ENS Agent, or threat protection — we could test it out in the evaluation branch, and even test it on some of our servers.

    It's quite easy to manage. Quite intuitive. I would say the dashboard of ePolicy Orchestrator software is quite intuitive and quite easy to understand and manage. 

    For how long have I used the solution?

    I have been using this solution for 15 to 20 years.

    What do I think about the stability of the solution?

    We have had some issues from the performance side of things, especially when we were deploying new types of software. Sometimes the consumption of resources from McAfee was a bit high. Afterward, these problems were resolved gradually in future versions of McAfee. From what I've read from the release notes, in regard to the handling of memory, McAfee has been doing a better job, which wasn't really the case in the early years. 

    What do I think about the scalability of the solution?

    It's easily scalable. If I need to deploy the Agent over 800 endpoints, I just have to script it and run a group policy to deploy it to all of our computers on the network — it's quite easy. 

    How are customer service and technical support?

    For day-to-day management and ongoing queries, if ever I didn't have the solution to queries, I would just raise the case to the case management section of the McAfee website. Then the McAfee support team would help me out.

    I was definitely satisfied with the support team. I really can't complain. They always sent me the correct knowledge-based article and they provided really insightful information to help me find a resolution to the issue. 

    Which solution did I use previously and why did I switch?

    At the previous company that I worked for, we used Symantec Endpoint Protection. Now, we are working with CylancePROTECT and OPTICS.

    The main reason that we moved from McAfee to Cylance is that McAfee is still a signature-based product. We moved to Cylance, a signatureless-based product, where everything is updated. What I was doing, from an ENS product point stance, I had set reminders to myself and my team to update the Agent and look into the software repository to see if there were any updates every month.

    Indeed, every month we had software updates and fixing restrictions. It wasn't good but I now have less of a hard time looking into this from a Cylance perspective as the Cylance library doesn't push one-minute software updates per year. I would say at most, two or three software updates a year, which is very, very small from a software update perspective in comparison to McAfee.

    They're both good products. I'm not saying McAfee is a bad product. It's a very, very good product. It's mainly for these reasons that we moved to Cylance.

    The ePolicy Orchestrator console is good, but from my side, I would say Cylance has a better artificial intelligence module — the OPTICS module which I would say is the way to go. I haven't really seen the trend in terms of what other companies other than McAfee or Symantec are doing, but Cylance is doing a really good job with this artificial intelligence module. It's great when it comes to notifying the team when it detects something malicious.

    With McAfee, if there is a zero-day vulnerability, you have to download the patch for it from the McAfee website, then apply it to your endpoint. With Cylance, it's not like that. Each agent does it by itself — it's like a self-healing application. This is something that signature-based antivirus solutions like McAfee and Symantec didn't have until now, unfortunately. That's why we moved towards Cylance.

    How was the initial setup?

    It's quite easy to install agents. Deployment and product updates are quite easy, as well. It goes without saying that it comes with some, I would say, low-level training and upscaling but these are easily retrievable from the knowledge base of McAfee.

    We manually downloaded their AMCore versions to keep all our endpoints up to date. This way, whenever we troubleshoot the root cause of an issue, we still keep our endpoints as updated as possible and keep our environment safe.

    When we installed the Agent — let's say I am building a new VM and new server. When you run the frame package, it's really intense. I would say it takes roughly two minutes to install, then afterward, to install the ENS modules, like the threat protection and web filtering packages, you've got to go through the ePolicy Orchestrator management console. I would say, all in all, it takes roughly 10 minutes.

    To get it up to date, to download everything, all the packages, the software updates, and all of the AMCore DAT files as well as the virus definitions, it's quite easy. It doesn't take much time at all.  

    What about the implementation team?

    For deployment, I worked with one external consultant.

    Initially, when I came to the company, I didn't really have a background or any experience managing McAfee. I came from more of a Symantec background but I gained some knowledge from one of our external consultants who really had a deep understanding of McAfee products and their deployment. We had some training sessions and then I could manage the McAfee forum on my own. After a week's worth of training, I could manage McAfee on my own.

    What's my experience with pricing, setup cost, and licensing?

    We had McAfee on a year renewal. We purchased it initially and then we renewed it on a yearly basis. I think the only reason we are renewing the license is for support reasons. 

    What other advice do I have?

    I would definitely recommend this solution to others. McAfee is a good product. I worked with Symantec, but personally, I think McAfee is better.

    However, in my opinion, now having worked with CylancePROTECT and OPTICS, I think  CylancePROTECT and OPTICS are on another level. Still, we have been working with McAfee for nearly 10 years and I feel it's a very good product. 

    Overall, on a scale from one to ten, I would give McAfee a rating of eight.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Trellix Endpoint Security
    September 2022
    Learn what your peers think about Trellix Endpoint Security. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
    634,775 professionals have used our research since 2012.
    Manuel Ochoa - PeerSpot reviewer
    Support Security Engineer at a computer software company with 501-1,000 employees
    Real User
    Top 20
    An endpoint security solution with a valuable threat prevention feature
    Pros and Cons
    • "Threat prevention is valuable because most clients use other solutions like antivirus as part of web protection. I don't find that kind of solution useful."
    • "The local technical support could be better."

    What is our primary use case?

    I work for a company that is a McAfee partner. We sell the solution, and we have engineers that implement the solutions. Basically, I am part of the technical staff that implements the solution on-premise.

    We use endpoint security for our clients. We configure policies to scan the computer every single day in some cases and every week or even every moment. Basically, it protects the endpoint, and we have policies to do advanced threat protection.

    How has it helped my organization?

    Thanks to the implementation of this tool, we have managed to avoid massive virus infection, have visibility into console events and be able to implement action plans to contain threats.

    What is most valuable?

    Threat prevention is valuable because most clients use other solutions like antivirus as part of web protection. I don't find that kind of solution useful. We use the firewall to protect the client's network or even blocks and some kind of traffic that the computer received. The ATP model, I think, is one of the most important features because it can protect the computer when an application doesn't work as expected. It will alert and send messages to the ePO, and we can see everything.

    What needs improvement?

    The local technical support could be better. It would also help if the engineers can develop some automation features for the on-prem ePO. For example, in the on-prem ePO, you can store the endpoint using the IP address or using text, or using the default version. But in the MVISION ePO, you don't have that kind of feature. It's complicated to sort the endpoint because you have to do it manually.

    I also think the detailed level of the detection could be better. In some cases, it's very complicated to figure out which file is the one that is actually impacted, depending on the dashboard you see. The dashboard is one of the most important things in the ePO because it's where you can see everything in a central location. But sometimes, you need to change from one view to another view to find what you're looking for.

    For how long have I used the solution?

    I have been using McAfee Endpoint Security for about three years.

    What do I think about the stability of the solution?

    It's very stable. It works as expected, and I am very happy with this solution.

    What do I think about the scalability of the solution?

    This is a very flexible product. It can be installed on a single physical or virtual server, or well installed on a windows cluster, and if you want to explore other modes it can also be implemented in the AWS cloud or as a SAAS.

    How are customer service and technical support?

    In some cases, if the report comes from India or America, it's basically an open and shut case. But if the support comes from Latin America, you probably have to scale that problem to another area or another region. You need a person that has more experience with the product.

    Which solution did I use previously and why did I switch?

    No. 

    How was the initial setup?

    The initial setup can be both straightforward or complex. Some documentation on clients is very slow. Basically, we spent time implementing the ePO version because sometimes the database from the ePO is too big, and we need to do some things to the database to shrink the space, and it doesn't always work as expected. Sometimes, we have to follow one, two, or three steps to get the data and various scenarios to increase the number of steps because troubleshooting wasn't working.

    If we implement MVISION, eventually, it would take around three hours because we have to install the software on the server. We have to do all the upgrades and implement some upgrades to the ePO software. Basically, it's three hours, but it can take five to six hours, depending on the data's size.

    What about the implementation team?

    We implement this solution for our customers. If you are an engineer, and you have the experience, you can do it. If someone doesn't have experience with the OS, with Windows, or with the product, you might need specialized engineers.

    What's my experience with pricing, setup cost, and licensing?

    For the issue of implementation costs, you require that the partner you use has qualified personnel to carry out this activity or you can use the professional services of McAfee, but these can be somewhat expensive.

    Which other solutions did I evaluate?

    Our clients ask us about other solutions like Cylance. I have one client that uses CrowdStrike. If you compare Cylance and McAfee Endpoint Security, the main difference is support. 

    McAfee is excellent. You can ask any questions, and with a couple of clicks, you will find the answer to the issue. If you don't find it, you can open a support ticket. Sometimes, the McAfee solutions are very complex to configure. Just in some topics, but on the other hand, very simple to configure.

    What other advice do I have?

    I recommend that the client needs to be aware of what McAfee can do for them. If the engineer can implement the solution, he'll just follow the book, and he's not going to get the best experience from the product.

    To not impact the computer or the endpoint's performance, you need to finetune the policies. If the engineer doesn't have that kind of experience, you won't get the best out of the product. The client needs to get an engineer with a lot of performance tuning experience to get the most out of the product.

    On a scale from one to ten, I would give McAfee Endpoint Security a nine.

    Which deployment model are you using for this solution?

    Hybrid Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    IT Security Specialist at Commercial Bank of Ethiopia
    Real User
    Top 5
    Stable with good technical support and very good threat prevention capabilities
    Pros and Cons
    • "The product is quite user-friendly."
    • "Users can just install software into their computers. We need some sort of application control system that, if there are any pieces of software that are not whitelisted, then the solution could flag it or maybe alert the administers. That would be very helpful."

    What is our primary use case?

    We basically use the solution for threat detection. It's for security purposes.

    What is most valuable?

    The solution is pretty good for threat prevention, web protection, adaptive threat protection, and other tasks.

    The solution is very stable.

    We have had a good experience dealing with technical support.

    The product is quite user-friendly.

    What needs improvement?

    Currently, we have the threat prevention as well as the web protection, and the McAfee firewall, which we were using before, however, we have not installed it on any of our machines. We have disabled it due to the fact that a lot of stuff was being blocked, it was blocking a lot of internal stuff, which meant it needed some fine-tuning. We were supposed to fine-tune it so that we can recognize our items, however, we're still working on that.

    We wanted an EDR solution, and our first option was McAfee as the EDR would go hand in hand with the Endpoint integration. We'd like McAfee to offer stronger security. It's not that it isn't strong right now, however, it needs to continue to improve as attacks are always evolving. We are concerned some attacks may be able to find a way to bypass McAfee. If the solution offered something that could detect better, it would be ideal. It would add more value to what is already in place.

    I know that they have application control and all the like. The one feature that maybe is lacking is a different module for the antivirus, however, we have a lot of applications that are running in our environment that were not authorized. 

    Users can just install software into their computers. We need some sort of application control system that, if there are any pieces of software that are not whitelisted, then the solution could flag it or maybe alert the administers. That would be very helpful.

    For how long have I used the solution?

    I joined the organization a little while back in 2016 and when I got here they were already using McAfee product. Therefore, I've been using the solution for a few years now.

    What do I think about the stability of the solution?

    We've found the solution to be quite stable. It doesn't crash or freeze. There are no bugs or glitches. It's quite reliable.

    What do I think about the scalability of the solution?

    We haven't tried scaling it to as normally the license that we buy, we buy for 650 Rand and at this point, we haven't even tried adding more to try and scale it to that.

    How are customer service and technical support?

    The tech support has been superb. You log a call. Sometimes we are in a different time zone when we log a service request. However, they are very responsive. I was on the line with them a few hours ago and they were helping me with an issue I was having. We are currently in the process of consolidating our SQL servers. We want them to be running from a centralized server instead of having different SQL servers scattered all over the place. Technical support is really great at helping us with the process.

    How was the initial setup?

    While I wasn't at the company for the original implementation, looking at it, it's not that complex of a process. When I got here, we were using the lower version and then we've just upgraded it and used a higher version level. The process wasn't difficult. We upgraded to 10.5, 10.6, now we are on 10.7.

    What's my experience with pricing, setup cost, and licensing?

    We pay 650 Rand for a license. It is a perpetual license which we normally run for two years. It will be expiring sometime in July and our renewal is normally for two years.

    When we are looking at the pricing, nobody will ever say the pricing is bad. Normally what we do is we'll take quotes from different local partners, as McAfee doesn't allow us to buy direct from them. Therefore, we typically deal with resellers.

    What other advice do I have?

    We are customers and end-users. We don't have a business relationship with McAfee.

    We are a central bank and one of the things that we haven't really experienced or gone into is putting our solutions into the cloud - even though everything is moving in that direction. We are moving slowly in that direction as well. We'll get there one day.

    I have found this solution easy to use. When you need support, you get it. Even in terms of protection, it's fine. I would recommend it to other users.

    I'd rate the solution at an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Obaseun Awoyinfa - PeerSpot reviewer
    Security Consultant at CS Africa
    Reseller
    Top 20
    A high detection rate for a solution that is always improving
    Pros and Cons
    • "The detection is great and the solution is constantly improving."
    • "It would be nice if the solution were to allow not just on-cloud management, but on-premises, as well."

    What is our primary use case?

    We are using the latest version at the moment because I'm managed by the MVISION tenants.

    In the past, many people had issues with the utilization of detections and resources. ENS is actually very good for detection. When properly configured, especially when the prevention feature is activated, it integrates very well with the ATP, in respect of the endpoint. ATP offers very good protection and is a rich solution which helps to remove ransomware. I've been using the product for a while now and been able to secure a lot of environmental ransomware attacks, as well as some others, by integrating the ATP with the ENS. 

    What is most valuable?

    It is of primary importance that the solution does not cripple my system. When an endpoint is sitting on one's computer a struggle ensues involving resources, since the endpoint is actually scanning. At present, it either does not do so or is not noticeable. The detection rate is very high and one can be certain that he is not getting false positives, since he can see if the policy is properly configured. 

    The detection is great and the solution is constantly improving. 

    What needs improvement?

    It would be nice if the solution were to allow not just on-cloud management, but on-premises, as well. 

    For how long have I used the solution?

    I have been using McAfee Endpoint Security for a couple of years. I started with Virus Scan and moved to MVISION when it was introduced. I used ENS when it was made available. While I cannot remember for certain, I believe I have been using the solution since 2015 or 2016. I still use it. 

    What do I think about the stability of the solution?

    The solution is very stable. Proper configuration means that we have not had issues with the stability. When all is said and done, the landscape is shifting towards one involving EDR, which is necessary for one to feel he has complete endpoint protection. 

    What do I think about the scalability of the solution?

    The solution is scalable. 

    How are customer service and technical support?

    While there is a need to utilize technical support, I feel it to be fair. Overall, support will point one in a certain, or appropriate, direction, although they will occasionally ask that the person solve the problem on his own. The process may take longer if the issue involves the product. Proper escalation can shorten the resolution process. While I have occasionally had to solve the problem by myself, more often than not the support is very helpful and reliable, especially of late. 

    How was the initial setup?

    The deployment is simple and very straightforward, including when one wishes to deploy in the cloud.

    What about the implementation team?

    Deployment can be handled on one's own. Most deployments are the same. When deploying in the cloud, there is only a need to click several times on the link that is sent. There's nothing to it. Anybody can actually do the installation. It's very straightforward.

    We are distributors although, as an engineer, I handle everything, including integration. 

    What's my experience with pricing, setup cost, and licensing?

    McAfee's prices are flexible and can be quite competitive, although there are other solutions that are even more so. Most end-users don't focus on which solution is better, but on which one is most cost-effective. 

    Our customers must pay for the licensing involved in using the solution, which they do so annually. Yet, the majority of our customers deploy the solution on-premises, which means their licenses are perpetual. There is still a need to pay for support, however, and this must be renewed annually. 

    What other advice do I have?

    The solution does a fine job of integration. 

    It is deployed in the cloud. 

    My organization is very big. Like I said, we're systems integrators. As we are a distribution company, I am in a position to speak from a technical point of view. I've actually seen environments that reach 16,000. I did the deployment for a bank in Ghana, which is under the management of the Pan-African Bank and is responsible for management throughout all of Africa, save for Nigeria. This involved around 15,000 nodes. There is another bank in Nigeria with between 4,000 to 6,000 nodes and still others with around 12,000. 

    I would definitely recommend this solution to other users. Leaving aside the fact that I sell this solution, when it comes to endpoint security solutions the world over, McAfee is one of the best, if not the best. 

    Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
    PeerSpot user
    Zubair Ahmad - PeerSpot reviewer
    Chief Manager at Arcil
    Real User
    Top 5
    A stable antivirus solution, but consumes too much memory and CPU resources
    Pros and Cons
    • "The solution is stable."
    • "We don't like the solution since it requires much memory consumption and consumes much CPU resources."

    What is our primary use case?

    We are using ePO Center Server to communicate with all the endpoints that are in the network. While I cannot be certain, I believe the relevant version is McAfee 8 or 9.

    We make use of McAfee Agent version number 5.6.4.151. We utilize McAfee Data Exchange Layer.

    The McAfee Endpoint Security version to which we refer is 10.7.

    We use the solution for antivirus purposes. 

    What needs improvement?

    We don't like the solution since it requires much memory consumption and consumes much CPU resources. All the machines becomes very slow whenever it uses its tab scans. For this reason, we consider the solution to not be good nowadays. The newer solutions consume less memory and CPU. 

    We employ the solution for our antivirus needs, for which it is solely suited, and not as an EDR. We are actually looking for an XDR solution.

    The solution is currently outdated. We are looking for Next-Gen antivirus along with EDR and it should have XDR capabilities as well. This would take care of the network and the  properties that are running in the background. They should be protected from cyber threats.

    The solution should also be faster. McAfee actually offers EDR and XDR capabilities but, based on our experience, it consumes an inordinate amount of memory and CPU and this causes the system to be slow. At present, McAfee does not lead the market when it comes to antivirus security solutions. 

    For how long have I used the solution?

    We have been using McAfee Endpoint Security for eight to ten years. 

    What do I think about the stability of the solution?

    The solution is stable. 

    What do I think about the scalability of the solution?

    While the solution is scalable, we wish to change it with the latest Next-Gen antivirus and EDR option, one which comes with both EDR and XDR capabilities.

    How are customer service and technical support?

    We have not had direct contact with McAfee support. We have received support from the vendor. The support is forwarded to McAfee should we encounter problems. It is good and I have no issues with it.    

    Which solution did I use previously and why did I switch?

    We did not make use of other solutions prior to going with McAfee Endpoint Security, which we have been using since 2009 or 2010. At that time, an attack happened which caused us to evaluate other antivirus security options. In those days McAfee and Symantec were the market leaders. We are talking about 2008, 2010. This is why awareness of these solutions was prevalent. At the time, Trend Micro greatly lagged behind these two security solutions.

    How was the initial setup?

    The installation is easy, but expertise is required.

    While the installation was not especially time consuming, we would occasionally have to manually install or remove the entire tool. McAfee Endpoint Security can be considered a good product but outdated. The beta version, the one we are currently using, is not up to date. Nowadays, everybody uses EDR and XDR solutions for their security needs.

    What about the implementation team?

    I have a team which was responsible for the installation. As mentioned, I am currently looking for another solution, one which would allow installation to also be handled remotely from the central management portal dashboard or to have the .exe file installed in each endpoint.

    We have our own team, comprised of three to four support HR, who take care of installation, daily troubleshooting, support and all necessary changes. As such, we forward to receive remote support for all our users.

    What's my experience with pricing, setup cost, and licensing?

    We took out a three-year license, including support, but it is slated to end come December. We would like to switch to a yearly subscription. 

    We pay for the license on an annual basis. 

    What other advice do I have?

    The solution is in-house, on-premises.

    There are 300 people making use of the solution in our organization. 

    When it comes to the question of whether I would recommend this solution to others, we can see that McAfee greatly lags behind CrowdStrike, Palo Alto Cortex, Cynet and Sophos, which are the top performing security solutions on the market. 

    I would rate McAfee Endpoint Security as a five or six out of ten. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Kuldeep Patel - PeerSpot reviewer
    Senior System Administrator at a computer software company with 501-1,000 employees
    Real User
    Top 20
    Good remote installation and malware detection with the capability to scale
    Pros and Cons
    • "The solution scales well."
    • "The solution takes up a high amount of memory and can cause the system to hang."

    What is our primary use case?

    We primarily use the solution for endpoint security.

    What is most valuable?

    The remote installation capabilities are very helpful for us. Its automatic installation is a good feature.

    The malware detection is very good. 

    The features, for the most part, are reliable. When installed as endpoint security, ransomware detected on any endpoint will be automatically quarantined there. It's then disconnected from the network and users are able to clean up that particular wireless area.

    The initial setup isn't too difficult.

    The solution scales well.

    The solution offers good patches pretty regularly.

    What needs improvement?

    The solution takes up a high amount of memory and can cause the system to hang.

    The malware detection, as good as it is, does not seem to be deployed correctly. It's not doing system quarantine. If a system gets attacked by ransomware, it's not going to be quarantined correctly.

    If someone wants to filter or asks the system, "Please remove that antivirus we don't want it here," due to the fact that we don't want to work on a specific system, we get frustrated as it won't remove itself. It just starts scanning when we don't want it to and it begins to slow down everything when we need to do important work. 

    We would like there to be better reports that we could take to management to have them be able to look at.

    Recently, we have seen that Ransomware updating is starting with just SQL services. It would be nice if it was offered across the board.

    For how long have I used the solution?

    I've been using the solution for about one year at this point. It hasn't been too long.

    What do I think about the stability of the solution?

    While the system is stable and we are getting malware protection, we've found that the one big thing is that we are getting performance issues. Every system goes slow. There is a significant slowdown when we install the McAfee agent. That's one of the big issues we're just facing continually.

    What do I think about the scalability of the solution?

    The solution scales quite well. If a company needs to expand it, it can do so with ease.

    How are customer service and technical support?

    We don't get any support from McAfee. If the endpoint server is down or something is not working, or the data is not connected, you may need technical support, however, in truth, we haven't had any type of these problems. From the server-side, it was working perfectly, providing the proper reports. We haven't had any real issues and therefore haven't needed to reach out.

    Which solution did I use previously and why did I switch?

    I have some experience with Sophos and Trend Micro Apex One. I find them to be a bit better than McAfee in terms of capabilities.

    How was the initial setup?

    The initial setup is pretty straightforward. It's not overly complex. A company shouldn't have any issues with the implementation process. It's pretty normal, pretty standard.

    What other advice do I have?

    We're just a customer and an end-user.

    We're doing the latest version of the solution. I do not have the version number on-hand.

    50% of companies are facing ransomware issues right now. We have also faced that in the past. That's why we have looked into Apex One. We have installed that. All systems are under Apex One. Everything is updated, however, it's not protected as it's not continuously communicating with the data centers. They are not updating the algorithm as they should. They need to make improvements to that part. 

    Overall, I would rate the solution eight out of ten.

    I'd recommend the solution for companies just working with a few documents, however, if you are an enterprise, you might find that the solution slows down your system and it could affect your work in general.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    CISO at a manufacturing company with 10,001+ employees
    Real User
    Top 5Leaderboard
    Very stable solution with good value but lacks easy cloud compatibility
    Pros and Cons
    • "I think the costing is fine compared to other products. Cost-wise you definitely get value for your money."
    • "We would like to see all the features available on cloud."

    What is our primary use case?

    McAfee Endpoint Security can be used for threat protection, for malware protection, and for data loss prevention by encrypting the end user devices using full depth encryption.

    We are using the latest version minus two because we generally update the antivirus to the current version after testing it. So generally it is two versions behind.

    We have three versions in our network, one is the latest version, then we have a minus one on critical machines and minus two on the endpoints.

    What is most valuable?

    The most valuable feature of McAfee Endpoint Security is that it is stable. It is a good product.

    What needs improvement?

    In terms off what could be improved, it is a little bit slow.

    Additionally, the encryption part definitely needs to be improved.

    We have faced certain issues recovering the data from systems which could not be fully encrypted by McAfee and then the decryption was a nightmare, it took a lot of time. Some could not even be recovered. That was one issue. 

    The endpoint protection and anti malware features are good. But encryption and decryption are a bit slow and it's a tedious job.

    The second issue is that the public dashboards are out-of-the box kinds of features, so they need to be configured, which takes a lot of time.

    Finally, there is an issue with the device timing features for allowing certain devices within the network for what we call USB protection. For master devices or static Bluetooth devices which need to be connected, the white-listing of those devices needs to be more straightforward, it is currently highly technical.

    The dashboard and encryption should be improved. 

    There is a cloud-based environment available from McAfee which is called MOVE. If the customer has already implemented it on-premises, it should be integratable with the MOVE version. We discussed this with McAfee and they said encryption data can not be moved to cloud. This means if I move my antivirus server to the cloud, I still need to maintain a separate encryption server within my network. That is the challenge.

    We would like to see all the features available on cloud.

    For how long have I used the solution?

    I have been using McAfee Endpoint Security for three years.

    What do I think about the stability of the solution?

    McAfee Endpoint Security is a stable product. 

    What do I think about the scalability of the solution?

    In terms of scalability, as of now, we have licensing for 2000 users. We originally purchased it for 1800 users. Now we have renewed it for another year for 2000 users.

    It's not scalable now because we have endpoint detection and response, the new technology which has been released by many companies, including McAfee. If we need to move to EDR, we will need to remove this and to implement the EDR across different products.

    We require three people to deploy and maintain the solution.

    Which solution did I use previously and why did I switch?

    Before switching to McAfee Endpoint Security, we were using Trend Micro.

    How was the initial setup?

    The initial installation went on for two and a half months.

    It was straightforward for Endpoint Protection Antivirus for encryption, but it took some time. This McAfee encryption had some issues with Windows 8 and Windows 7 older versions. For new versions it runs smoothly.

    What about the implementation team?

    When we implemented three years back we used a system integrator, our partners, for doing the installation.

    We have 1700+ systems so we needed to be setup with this solution.

    What's my experience with pricing, setup cost, and licensing?

    I think the costing is fine compared to other products. Cost-wise you definitely get value for your money.

    What other advice do I have?

    We have already recommended it.

    On a scale of one to ten I would rate McAfee Endpoint Security as a seven.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Download our free Trellix Endpoint Security Report and get advice and tips from experienced pros sharing their opinions.
    Updated: September 2022
    Buyer's Guide
    Download our free Trellix Endpoint Security Report and get advice and tips from experienced pros sharing their opinions.