Try our new research platform with insights from 80,000+ expert users
Trellix ESM Logo

Trellix ESM Reviews

Vendor: Trellix
3.7 out of 5
Leave a review

What is Trellix ESM?

Make your organization more resilient and confident with Trellix Security Operations. Filter out the noise and cut complexity to deliver faster, more effective SecOps. Integrate your existing security tools and connect with over 650 Trellix solutions and third-party products.

Get the Trellix ESM Buyer's Guide and find out what your peers are saying about Trellix ESM, Microsoft Sentinel, Splunk Enterprise Security and more!
Trellix ESM is the #20 ranked solution in top Security Information and Event Management (SIEM) solutions. PeerSpot users give Trellix ESM an average rating of 7.4 out of 10. Trellix ESM is most commonly compared to Microsoft Sentinel: Trellix ESM vs Microsoft Sentinel. Trellix ESM is popular among the large enterprise segment, accounting for 46% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a comms service provider, accounting for 13% of all views.
Buyer's Guide
Trellix ESM
June 2025
Get the report
Helped 863,564 peers since 2012

Featured Trellix ESM reviews

Read more reviews

Trellix ESM mindshare

As of July 2025, the mindshare of Trellix ESM in the Security Information and Event Management (SIEM) category stands at 1.0%, up from 0.7% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)

PeerResearch reports based on Trellix ESM reviews

TypeTitleDate
CategorySecurity Information and Event Management (SIEM)Jul 25, 2025Download
ProductReviews, tips, and advice from real usersJul 25, 2025Download
ComparisonTrellix ESM vs Splunk Enterprise SecurityJul 25, 2025Download
ComparisonTrellix ESM vs WazuhJul 25, 2025Download
ComparisonTrellix ESM vs Microsoft SentinelJul 25, 2025Download
Suggested products
TitleRatingMindshareRecommending
Microsoft Sentinel4.16.8%93%97 interviewsAdd to research
Splunk Enterprise Security4.29.4%93%319 interviewsAdd to research
 
 
Key learnings from peers

Valuable Features

Trellix ESM users highlight its ease of use, powerful dashboard views, efficient correlation and reporting capabilities. Integration with third-party threat feeds enhances anomaly detection, while advanced correlation and logging bolster security. Customization options like personalized views and alerts, along with a user-friendly interface, make it accessible. Preconfigured rules and threat monitoring streamline operations, and users appreciate its vendor support and automatic threat blocking based on severity. Effective deployment and reduced resource usage are notable advantages.
  • "Scalability is quite easier with Trellix ESM, because all we need to do is add more receivers to it, so it can go to any point."
  • "The strongest part of Trellix ESM is that we get quite good reports."
  • "Trellix ESM utilizes fewer human resources and improves security and visibility."

Room for Improvement

Trellix ESM users desire enhanced stability, a more intuitive HTML5-based interface, and improved documentation. They find the need for better API development, enhanced integration with SaaS and cloud solutions, and more scalable resource efficiency. Users report performance issues, particularly with dashboards, and seek advanced analytics, AI features, enriched logging, and faster log scanning. McAfee ESM faces criticism regarding its technical support, speed, and outdated storage methodologies, impacting visibility and user experience. Enhanced case management, customizable dashboards, and reduced resource consumption are sought improvements.
  • "Areas of Trellix ESM that could be improved or enhanced include checking on the clients who are still on-prem, especially banks, as most are not moving everything to the cloud due to confidentiality and accessibility during network outages."
  • "We need to improve Trellix ESM by making sure that most of the logging devices available in the global market should be covered, and if there is any device which is not covered, there should not be any additional charges for writing the custom parsers on that."
  • "It is more difficult to operate Trellix ESM than other solutions."

ROI

Returns from Trellix ESM depend on the investment's 5-year depreciation and the number of threats mitigated annually. When these threats materialize, potential company impact may be significant. Feedback claims McAfee gives the best market return. Proper security metrics and management can enhance ROI, particularly for MSSP clients. However, executives may struggle to perceive returns due to reports not catering to C-level interests. Users must develop effective operational procedures to maximize ROI.

Pricing

Trellix ESM is perceived as a premium-priced product with a licensing model based on yearly fees. Enterprise buyers have noted the pricing is competitive compared to IBM QRadar and RSA, though it includes expenses for additional features. Pricing flexibility allows for monthly or yearly options, and the setup process is straightforward. While some see it as costly, particularly with split components, others appreciate the value and discounts available, especially for larger deployments.
  • "Regarding pricing, Trellix ESM is not that expensive. It's less than half the cost of IBM QRadar."
  • "The product is slightly expensive."
  • "It is an inexpensive product. We purchase its yearly license."

Popular Use Cases

Organizations primarily use Trellix ESM for security-related tasks, such as monitoring network vulnerabilities, securing data, and managing logs. It aids in central log management, threat detection, malware detection, and correlating events. Service providers use it to manage client security operations, while entities in finance and healthcare benefit from its comprehensive security and log analysis. It effectively integrates with various devices like IoT, endpoints, firewalls, and cloud environments for robust security operations.

Service and Support

Trellix ESM customer service is generally appreciated for its professionalism, while technical support receives mixed feedback. Some report prompt and helpful assistance, rating it highly, while others mention delays and knowledge gaps among support personnel. Issues with communication, especially in specific regions, are noted. Technical documentation and community support are valued, yet the speed and effectiveness of problem resolution could benefit from improvement.

Deployment

Trellix ESM's initial setup is generally straightforward and quick, taking a couple of hours to a week depending on specifics. It's simple for many, while some find it complex with integration challenges. Adequate planning is crucial for efficient configuration and data source integration. Many find the process easy with clear instructions, yet some encounter difficulties relating to licensing and interface. Deployment often requires collaboration between multiple parties.

Scalability

Trellix ESM exhibits notable scalability, adapting well to various user needs. Clients appreciate its configuration and flexibility, especially in diverse deployments, from small enterprises to large organizations. Although some concerns arise regarding hardware limitations, its scalability remains robust with options for expansion based on investment. The software's ability to handle different user tiers and implementation types is praised. Most clients report satisfaction, often scoring it highly in terms of scalability, demonstrating its effectiveness across multiple scenarios.

Stability

Trellix ESM's stability is largely positive, with many users experiencing no issues. Some note occasional bugs, particularly after upgrades, but these are often resolved with prompt support. Users frequently describe it as stable and praise McAfee's long-standing reliability. While some encounter power-related shutdown issues that require support, others rate stability highly, acknowledging minor bugs but nothing significantly disruptive. Reports indicate a good performance in data centers, contributing to user satisfaction.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Trellix ESM Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
By visitors reading reviews

Top industries

By visitors reading reviews
Comms Service Provider
13%
Computer Software Company
12%
Financial Services Firm
12%
Manufacturing Company
6%
Government
6%
Consumer Goods Company
4%
Construction Company
4%
Educational Organization
4%
Performing Arts
3%
Insurance Company
3%
Energy/Utilities Company
3%
University
3%
Healthcare Company
3%
Retailer
2%
Outsourcing Company
2%
Transportation Company
2%
Media Company
2%
Real Estate/Law Firm
2%
Recreational Facilities/Services Company
2%
Non Profit
1%
Logistics Company
1%
Recruiting/Hr Firm
1%
Legal Firm
1%
Pharma/Biotech Company
1%
Wholesaler/Distributor
1%
Renewables & Environment Company
1%
Aerospace/Defense Firm
1%
Hospitality Company
1%
Mining And Metals Company
1%

Compare Trellix ESM with alternative products

Go!

Learn more about Trellix ESM

Trellix ESM was previously known as McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager.

Trellix ESM customers

San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport

Related articles

Julia Miller - PeerSpot reviewer
Top SIEM Solutions & Success Stories: Strengthening Cybersecurity in Diverse Industries
Read more

Related questions

  • 36
Has anyone got experience in deployment of a SIEM solution?
  • 33
IBM QRadar is rated above competitors (McAfee, Splunk, LogRhythm) in Gartner's 2020 Magic Quandrant. Agree/Disagree?
  • 197
What Solution for SIEM is Best To Be NIST 800-171 Compliant?
  • 47
When evaluating Security Information and Event Management (SIEM), what aspect do you think is the most important feature to look for?
  • 104
What are the main differences between Nessus and Arcsight?
  • 11
What's The Best Way to Trial SIEM Solutions?
  • 145
Which is the best SIEM solution for a government organization?
  • 924
What is the difference between IT event correlation and aggregation?
  • 88
What Is SIEM Used For?
  • 22
RSA-EMC vs. other SIEM products?

Product Categories

Product Categories
Security Information and Event Management (SIEM)

Popular Comparisons

Popular Comparisons
Microsoft Sentinel vs Trellix ESM Logo
Microsoft Sentinel vs Trellix ESM
Splunk Enterprise Security vs Trellix ESM Logo
Splunk Enterprise Security vs Trellix ESM
IBM Security QRadar vs Trellix ESM Logo
IBM Security QRadar vs Trellix ESM
Elastic Security vs Trellix ESM Logo
Elastic Security vs Trellix ESM
LogRhythm SIEM vs Trellix ESM Logo
LogRhythm SIEM vs Trellix ESM
Fortinet FortiSIEM vs Trellix ESM Logo
Fortinet FortiSIEM vs Trellix ESM
Securonix Next-Gen SIEM vs Trellix ESM Logo
Securonix Next-Gen SIEM vs Trellix ESM
Exabeam vs Trellix ESM Logo
Exabeam vs Trellix ESM
Stellar Cyber Open XDR vs Trellix ESM Logo
Stellar Cyber Open XDR vs Trellix ESM
ManageEngine EventLog Analyzer vs Trellix ESM Logo
ManageEngine EventLog Analyzer vs Trellix ESM
OpenText Enterprise Security Manager vs Trellix ESM Logo
OpenText Enterprise Security Manager vs Trellix ESM
Trellix Helix Connect vs Trellix ESM Logo
Trellix Helix Connect vs Trellix ESM
SolarWinds Security Event Manager vs Trellix ESM Logo
SolarWinds Security Event Manager vs Trellix ESM
Snare vs Trellix ESM Logo
Snare vs Trellix ESM
Graylog Security vs Trellix ESM Logo
Graylog Security vs Trellix ESM
See all alternatives
 

Trellix ESM reviews

Sort by:
MD
Senior Vice President IT at AS IT Consulting Pvt. Ltd.
Verified user of Trellix ESM
May 12, 2025
Offers comprehensive report generation while maintaining ease of integration

Pros

"The strongest part of Trellix ESM is that we get quite good reports."

Cons

"We need to improve Trellix ESM by making sure that most of the logging devices available in the global market should be covered, and if there is any device which is not covered, there should not be any additional charges for writing the custom parsers on that."

What is our primary use case?

I am working with something that is similar to Trellix ESM for event management. It is similar to Trellix Enterprise Security Manager.

How has it helped my organization?

Mainly compliance is the primary concern where organizations have to have log retention for more than six months, one year, or six years, depending on the compliance applicable to the organization for the Enterprise Security Manager. And Trellix gives us good reporting. 

*Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
Read full review (655 words)
Daniel Durian - PeerSpot user
Senior Information Security Manager at a real estate/law firm with 10,001+ employees
Verified user of Trellix ESM
Aug 23, 2024
Helps to monitor and detect cyberattacks

Pros

"The tool's effectiveness depends on how you define your log sources. To build visibility of incoming and outgoing traffic, you need logs from perimeter defense, firewalls, web application firewalls, and endpoint protection. With good traffic visibility, incident response time is really quick. "

Cons

"The product is mature and needs little improvement, but we could enhance the customized dashboarding based on use cases. "

What is our primary use case?

I use Trellix ESM to monitor inbound communication from known threat hosts and detect cyberattacks. It's also useful for outbound communication, but we block threat communication via a firewall.

What is most valuable?

The tool's effectiveness depends on how you define your log sources. To build visibility of incoming and outgoing traffic, you need logs from perimeter defense, firewalls, web application firewalls, and endpoint protection. With good traffic visibility, incident response time is really quick.

Trellix ESM provides situation awareness. On the dashboard, I can see outbound and inbound communications to known threat hosts, IPS/IDS activity, and threat intelligence of the perimeter defense in the firewall. This information helps preempt attacks.

*Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Read full review (393 words)
Buyer's Guide
Download free report
Find out what your peers are saying about Trellix ESM. Updated June 2025
863,564 professionals have used our research since 2012.
LAWAL YUSUF - PeerSpot user
IT auditor at SHEFFIELD HALLAM UNIVERSITY
Verified user of Trellix ESM
Sep 26, 2023
Stable product with efficient features for log monitoring

Pros

"The product’s most valuable feature is log monitoring. "

Cons

"The product’s alert response feature needs improvement. It could be more flexible and secure. "

What is our primary use case?

We use McAfee for security features.

What is most valuable?

The product’s most valuable feature is log monitoring.

*Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Read full review (310 words)
Usman Ali - PeerSpot user
Principal Engineer at Emerson
Verified user of Trellix ESM
Dec 10, 2023
Easy-to-deploy product with good stability

Pros

"It can be easily deployed with the other solutions."

Cons

"Customized reports and alerting functionality could be included in the dashboard. "

What is our primary use case?

We use the product to protect endpoint nodes.

What is most valuable?

The product works better than other vendors available in the market. It can be easily deployed with the other solutions.

*Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
Read full review (289 words)
ES
Security Engineer at PC Store
Verified user of Trellix ESM
Nov 23, 2023
A tool with an easy initial setup phase that helps users with the monitoring and reporting parts on servers

Pros

"The solution's technical support is great."

Cons

"The product's stability is an area of concern where improvements are required."

What is our primary use case?

In my company, we don't use Trellix ESM in our environment because we are a small company, but we have implemented it for our customers.

My company's customers use Trellix ESM to monitor and report on servers in their environment. My company's customers also have some of the virtual machines in their environment, along with firewalls integrated into Trellix ESM.

What is most valuable?

The most valuable feature of the solution is that the integration is really easy. Using the product is very easy. The product is user-friendly, but its use needs to be planned.

*Disclosure: My company has a business relationship with this vendor other than being a customer.
Read full review (682 words)
Daniel Durian - PeerSpot user
Senior Information Security Manager at a real estate/law firm with 10,001+ employees
Verified user of Trellix ESM
Dec 6, 2022
Provides visibility of all the traffic within the company infrastructure

Pros

"The most valuable feature is for the security operation center because it provides visibility of all traffic within the company infrastructure."

Cons

"Tech support is required each time there is a system update of the solution."

What is our primary use case?

The primary use case of the solution is central log management for the company. It allows us to see all the traffic coming in and going out to and from the internet. It provides various views from the firewall and web application firewall and event logs from the endpoint. The command view will tell us the current status of the threats from various threat sources. While the normalized view will give us correlated events from sources to destinations and related applications.

How has it helped my organization?

It provides threat monitoring from the Internet and if there is malicious activity on the end-point, the ESM can provide us what host is affected. 

*Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Read full review (697 words)
Amirsaeed Iloukhani - PeerSpot user
Security Consultant at Bank Meli Exchange
Verified user of Trellix ESM
Aug 16, 2022
High level intrusion detection, beneficial malware protection, and simple setup

Pros

"The most valuable features of McAfee ESM are intrusion detection, malware protection, and the device controller."

Cons

"The support from McAfee ESM could improve. They could improve the speed."

What is our primary use case?

McAfee ESM is used for my customers in the financial sector.

What is most valuable?

The most valuable features of McAfee ESM are intrusion detection, malware protection, and the device controller.

*Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
Read full review (258 words)
GencJakupi - PeerSpot user
Information Technology Security Analyst at a financial services firm with 201-500 employees
Verified user of Trellix ESM
Apr 1, 2023
Unexpected reboots and logs missing information, but responsive support

Pros

"The support I have received from the vendor has been great."

Cons

"McAfee ESM is not user-friendly and the log is not accurate. For instance, if I were assigned to generate a log for changes made today, I wouldn't be able to see all the modifications. While Palo Alto allows us to see all changes, McAfee ESM only captures one out of every ten changes. It's crucial to have visibility into all changes made."

What is our primary use case?

McAfee ESM is utilized to gather logs from Microsoft Windows servers and Palo Alto firewalls.

What is most valuable?

The support I have received from the vendor has been great.

*Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Read full review (412 words)