Trellix DLP Reviews

We have been distributing Trellix DLP solutions for around 5 to 6 years because we have our DLP customers. When going for fresh leads, we insist on Trellix DLP solutions if they have a Windows environment. We definitely recommend Trellix DLP because it has many features, and when it comes to on-premises solutions, it has the best incident monitoring and evidence storing capacity. Data evidence is essential. If somebody shares something, we will be able to look at what files they had and what those contents are. This particular feature we highlight to every customer, making it a key selling point for Trellix DLP.

The main use cases would be incident monitoring and incident storing to look through the contents. Registering the documents enables fingerprinting so you can monitor wherever they go, whether they are sent via mail or through a browser. That is one of the benefits. With application monitoring, many solutions have control over data in applications. For example, remote access applications or instant messaging applications have access, but in most solutions, they are predefined, and to add a custom-based application, it takes some time. You need to have a call with tech support to add that application. However, with Trellix DLP, we can directly create a user-based classifier and application channel in the definitions and block the data leakage of sensitive data through that application.

Another part involves custom classifications; we can also integrate third-party classifiers, such as Titus and Mimecast.

We handle data security parts including DLP Encryption, EDR, and external endpoint security, including Trellix Endpoint Security.

The document registration feature enables fingerprinting of documents for monitoring their movement through email or browser. Application monitoring provides control over data in applications, with the ability to directly create user-based classifiers and application channels without requiring technical support intervention.

The solution includes custom classifications and integration capabilities with third-party classifiers. The Machine Learning capability assists with classification capabilities, though there is room for improvement in data discovery accuracy.

Customers using Trellix DLP are looking to ensure that their confidential data is not leaked from the organization through multiple data channels such as email, web channels, Cloud channels, clipboard, and printers, particularly focusing on protecting personal data such as PII or HIPAA data, Aadhaar Card, PAN Card, and bank details in India.

We are currently working with both the on-prem and the Cloud version of Trellix DLP.

The most valuable features of Trellix DLP include data classification, the ability to define custom queries, creating custom dashboards based on our needs, and the ability to create tasks to update agents automatically and deploy them from a single management console.

Trellix DLP's advanced reporting and analytical tools help our customers gain insights into data usage and potential vulnerabilities.

Trellix DLP can be integrated with our LDAP Active Directory to get user information based on OU wise, and it also integrates with third-party SIEM solutions.

The endpoint protection features of Trellix DLP are pretty good, offering signature-based detection and real-time scanning that helps identify threats or malicious applications in our system automatically based on predefined rules.

I used Trellix DLP for Data Loss Prevention (DLP). I have been working with Trellix in general for approximately ten to 11 years, and specifically with DLP for the last four years.

The most effective aspect of Trellix DLP is that it does what it's supposed to do. It is fairly simple to use compared to Proofpoint. The product covers web, email, and endpoint domains, providing a comprehensive package within one software suite. Trellix products are manageable through a centralized control center, meeting requirements from frameworks like PCI DSS.

Use cases consist of upload blocking in our environment. We have configured policies based on classifications. There are different kinds of scenarios where we utilize screen capture, printer protection, and web protection. It depends on the requirements.

Speaking about valuable functionality of Trellix DLP, several features are noteworthy. These features are very useful for protecting company confidential data from being copied to another remote location or other sites.

The valuable features include screen capture, printer protection, web protection, and network protection. We are not using all these features. While we don't use network protection in our environment, we primarily use screen capture and web protection.

Unfortunately, it usually starts with a breach where some data is leaked or taken from the company by an insider or a user. In addition, it is companies that reach the maturity level where they see the value of making use of DLP.

The solution involves implementing the confidentiality, utility, and availability principles. Depending on its location, whether on a server or end-user, if I can use the CIA to find a load, and I can close the door for it, I can secure the data. For someone who understands how information security works, the implementation is straightforward, especially with understanding what policies and fingerprints to use in specific environments where it needs to be implemented.

The main use case of Trellix DLP for our clients is classification according to customer requirements based on how they want to use the DLP. We also have to achieve the blocking of confidential data, PII, and PCI through the DLP.

The impact of automated policy controls on our data security management means we have to achieve multiple types of policies. We want to achieve channel blocking tasks through PII.

The advantages of Trellix DLP are particularly important on the financial side, where confidential data is most important for any channel that could be exploited. We are using the DLP to achieve services and additional protections.

Trellix DLP is easy to install from the API services. We simply enable the services to use the DLP.

We use the solution for data loss prevention. It is mainly used in manufacturing industries.

Trellix DLP helps handle false positives, but it depends on your configuration. It is quite overwhelming in terms of its dashboard.