We performed a comparison between CrowdStrike Falcon and Trellix Endpoint Security (ENS) based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the analysis, because of the beta structure."
"The product's initial setup phase is very easy."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"The setup is pretty simple."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"There's almost no maintenance required. It's very low if there's any at all."
"This solution consistently releases improvements. They have communicated their next two years of development which is powerful and covers all of our needs."
"It provides very good protection and the ability to crosscheck environments."
"The UI is simple and self-explanatory. Everything is easy to understand."
"One of the most valuable features of CrowdStrike Falcon is when there are upgrades there are no additional fees."
"The detection and response console is the most valuable feature."
"It has an extremely low footprint, so it has got minimum impact on the user end points in terms of CPU and memory usage."
"I like the detection rates of mobile threats."
"FireEye Endpoint Security is easy to use and lightweight compared to others."
"The most valuable feature is the integration between environments."
"McAfee MVISION Endpoint is stable."
"The response part of EDR was most valuable. We used that to separate the endpoint from the network. We utilized the solution during the instant response. We were also utilizing advanced malware detection capabilities, but we benefited the most from its help with the response."
"It's very stable and reliable."
"The features we have found most valuable have been containment as well as the ability to triage agent activities."
"We have a cloud-based instance, so we can deploy all our configurations through the cloud. That's the beauty of FireEye."
"Provides protection against threats."
"The support needs improvement."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"Cannot be used on mobile devices with a secure connection."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The SIEM could be improved."
"We'd like to see more one-to-one product presentations for the distribution channels."
"The solution is not stable."
"Any kind of integration that you want to do, such as using the API to connect to a SIEM, is complex and it will be expensive to do."
"The current database schema presents challenges and has potential for improvement."
"They don't really have anything when it comes to scanning attachments."
"It is cloud-based, and this does make some weary of the data being held on the cloud. Privacy requirements must be taken into account."
"The ability to receive text alerts natively in the console would be kind of cool."
"The malware analysis could be improved, as that's what we use the solution for the most and that change would make it a better EDR tool."
"Whenever there is a feature release (upgrade) where we push to all the endpoints, it causes something to be blocked without us knowing."
"In the six months that I have been using CrowdStrike, it has not been able to detect anything."
"The product is consolidating its portfolio into one product. It is difficult at the moment."
"The initial setup can be a bit complicated for those unfamiliar with the product."
"The price of McAfee MVISION Endpoint could improve."
"The product needs to reduce the usage of RAM and CPU."
"The performance could be better. I noticed that it slows down a bit."
"The email protection isn't efficient enough, and I'd like to see DLP features in the next release."
"So far, McAfee MVISION Endpoint ticks off all of our boxes, but its pricing could always be better."
"The product could be flexible and offer better pricing."
More Trellix Endpoint Security (ENS) Pricing and Cost Advice →
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 107 reviews while Trellix Endpoint Security (ENS) is ranked 19th in Endpoint Protection Platform (EPP) with 49 reviews. CrowdStrike Falcon is rated 8.8, while Trellix Endpoint Security (ENS) is rated 7.6. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Trellix Endpoint Security (ENS) writes "Reliable with good independent modules and a straightforward setup". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Trellix Endpoint Security (ENS) is most compared with Trellix Endpoint Security, Microsoft Defender for Endpoint, Trellix Endpoint Detection and Response (EDR), Open EDR and SentinelOne Singularity Complete. See our CrowdStrike Falcon vs. Trellix Endpoint Security (ENS) report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Hello, I think it doesn't make sense to just compare device protection and automated response security solutions, it's missing to protect identities, devices, and insider access. I think: The best and most valuable option is Microsoft.
Microsoft 365 Defender is a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks.
With the integrated Microsoft 365 Defender solution, security professionals can stitch together the threat signals that each of these products receive and determine the full scope and impact of the threat; how it entered the environment, what it's affected, and how it's currently impacting the organization. Microsoft 365 Defender takes automatic action to prevent or stop the attack and self-heal affected mailboxes, endpoints, and user identities.
Microsoft 365 Defender services includes:
1. Microsoft Defender for Endpoint, is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.
2. Microsoft Defender for Office 365, Plan 1 protects email and collaboration from zero-day malware, phish, and business email compromise, Plan 2 adds post-breach investigation, hunting, and response, as well as automation, and simulation (for training).
3. Microsoft Defender for Identity, a cloud service that helps protect your enterprise hybrid environments from multiple types of advanced targeted cyber-attacks and insider threats.
4. Microsoft Cloud App Security, is a Cloud Access Security Broker (CASB) that operates on multiple clouds. It provides rich visibility, control over data travel, and sophisticated analytics to identify and combat cyber threats across all your cloud services.
If the end customer already has Microsoft 365 in companies or educational institutions, they already have the collaboration tools, only the security and endpoint management tools should be added, all with Microsoft 365 E5/A5, no more investment is being made, it is being consolidated, visibility is gained, responses are automated, the fatigue of operating so many security events that you do not have the time or personnel to review them decrease.
I hope this has generated value for you.