Try our new research platform with insights from 80,000+ expert users

Logpoint vs Trellix ESM comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 18, 2024
 

Categories and Ranking

Logpoint
Ranking in Security Information and Event Management (SIEM)
26th
Average Rating
7.6
Reviews Sentiment
6.9
Number of Reviews
21
Ranking in other categories
Log Management (24th), User Entity Behavior Analytics (UEBA) (7th), Endpoint Detection and Response (EDR) (32nd), Security Orchestration Automation and Response (SOAR) (14th)
Trellix ESM
Ranking in Security Information and Event Management (SIEM)
23rd
Average Rating
7.4
Reviews Sentiment
7.4
Number of Reviews
36
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of December 2024, in the Security Information and Event Management (SIEM) category, the mindshare of Logpoint is 0.9%, up from 0.9% compared to the previous year. The mindshare of Trellix ESM is 0.8%, down from 1.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

Subhash Sreenivasan - PeerSpot reviewer
Roughly 800 to 1000 integrations available with various security products and applications and offers built-in SOAR capabilities
The documentation part is something that needs to be improved, as well as the threat intelligence investigation part. Logpoint has a kind of site to describe what kinds of threats they are investigating. But that, I think, maybe Logpoint can improve more. The threat investigations and reporting to the end-users can be improved. Logpoint can also come up with IR [incident response] capabilities. Other important SIEM solutions have some IR services. If I am an MSSP working with LogPoint for SIEM/SOAR solutions and I need immediate support, I should be able to get some support. It can be paid support, like SecureWorks, which has those kinds of functionalities. They will immediately get in and start working on helping us identify the threats, isolate them, and give us remedies to take care of and recover from any kind of attacks. Whereas in LogPoint, that functionality is missing. We will be on our own if something happens. We will get other support from them, but there's no paid support before taking ownership and helping us recover from those kinds of attacks. They have a kind of integration for AI, but the incident response capability is what they should improve.
Daniel Durian - PeerSpot reviewer
Helps to monitor and detect cyberattacks
The tool's effectiveness depends on how you define your log sources. To build visibility of incoming and outgoing traffic, you need logs from perimeter defense, firewalls, web application firewalls, and endpoint protection. With good traffic visibility, incident response time is really quick. Trellix ESM provides situation awareness. On the dashboard, I can see outbound and inbound communications to known threat hosts, IPS/IDS activity, and threat intelligence of the perimeter defense in the firewall. This information helps preempt attacks.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"They basically charge you in a better way."
"It is a very comprehensive solution for gathering data. It has got a lot of capabilities for collecting logs from different systems. Logs are notoriously difficult to collect because they come in all formats. LogPoint has a very sophisticated mechanism for you to be able to connect to or listen to a system, get the data, and parse it. Logs come in text formats that are not easily parseable because all logs are not the same, but with LogPoint, you can define a policy for collecting the data. You can create a parser very quickly to get the logs into a structured mechanism so that you can analyze them."
"The most valuable feature of LogPoint is that they have the SIEM and SOAR combined in one solution. They are not on a separate platform."
"In my experience with medium-sized operations, LogPoint's scalability is excellent, so I would rate it a ten out of ten."
"The integration is very user-friendly. There are not many CLI commands. Everything is directly accessible from the web interface."
"The flexibility of the search feature and the solution's analytics features are the most valuable parts of the solution."
"The solution offers excellent reporting features. Our customers have been satisfied that they have been able to meet their compliance needs by giving them a standard report."
"Log collection, dashboards and reporting are good."
"The most valuable feature is the capability to correlate different events from different platforms that we feed into it."
"I like the ease of deployment."
"McAfee as a whole is a good solution."
"Compared to other solutions, the user interface is good."
"The solution is 100% stable. We really have had a great time working with it. It hasn't let us down."
"The support I have received from the vendor has been great."
"It blocks the things which are not to be allowed. It has an adaptive mode where it learns for itself."
"It is a good central viewpoint for issues. These can then be investigated in more detail on the subnet server(s)/endpoints."
 

Cons

"It is complicated to collect daily logs from other systems."
"The interface needs things like wizards that will assist with creating complex correlation rules."
"One of the downsides is it is not a SaaS solution. It must be on-premises."
"Nowadays the trend is going towards the ransomware and the endpoint detection and response. So if they added something for that, that will be very, very good."
"It is a good product, but its interface or GUI could be better."
"The documentation part is something that needs to be improved, as well as the threat intelligence investigation part."
"I know that they have user behavior analytics, but it's an extra cost for this feature. It would be nice if it was in with the standard products."
"LogPoint must find a way to integrate the servers without agents."
"Update to user interface from version 9 is cosmetic in some aspects, and after a few clicks you are back on the old interface."
"There's no software support from McAfee."
"It cannot integrate with our Next-Generation Firewall and few applications such as Cisco ACI."
"The only issue I have with McAfee is the amount of computer resources that it takes... it's definitely impacting some of the other applications that are running on a computer at the same time."
"I have to purchase a new box now. Its existing box is not scalable and I can't use it anymore."
"The product’s alert response feature needs improvement. It could be more flexible and secure."
"There should be support for multitenancy in the product."
"It seems McAfee does test its product before releasing. When we - not only us, other companies also - deploy McAfee, we face multiple issues from the customer side, after which, McAfee reacts and fixes the bugs."
 

Pricing and Cost Advice

"It has a fixed price, which is what I like about LogPoint. I bought the system and paid for it, and I pay maintenance. It is not a consumption model. Most SIEMs or most of the log management systems are consumption-based, which means that you pay for how many logs you have in the system. That's a real problem because logs can grow very quickly in different circumstances, and when you have a variable price model, you never know what you're going to pay. Splunk is notoriously expensive for that reason. If you use Splunk or QRadar, it becomes expensive because there are not just the logs; you also have to parse the logs and create indexes. Those indexes can be very expensive in terms of space. Therefore, if they charge you by this space, you can end up paying a significant amount of money. It can be more than what you expect to pay. I like the fact that LogPoint has a fixed cost. I know what I'm going to pay on a yearly basis. I pay that, and I pay the maintenance, and I just make it work."
"LogPoint seemed like it was a good product, but it was expensive and there wasn't any room to move the pricing when customers needed a lower-costing solution."
"For a hundred user deployment the cost is about $10,000. The next year it would be the same because it's a subscription-based license. There are separate costs as well, for example, if a customer asks for training for their staff."
"On a scale of one to ten, where one is cheap, and ten is expensive, I would rate LogPoint's pricing a seven. It is not very expensive compared to some of the more costly products, and it is not very cheap compared to some of the cheaper products in the SIEM market."
"It's getting more expensive, which is one of the reasons we're looking around just to see if there's anything better value."
"My company used to pay for LogPoint costs annually. It's a cost-effective solution. I'm not part of the Finance team, though, so I'm not sure exactly what the licensing fee is or what license my company had."
"It was on a yearly basis at about $100K. It was not a huge environment. We were running it on our own virtual server environment, which, of course, had a cost. There was hardware and some energy cost, and then there were Microsoft Windows licenses for servers. That's all, but there was nothing in comparison to the licensing costs."
"Our licensing fees are about $10,000 USD per month, which I think is fair."
"The licensing cost is based on EPS."
"The product is slightly expensive."
"The price of McAfee ESM is higher than some of the other solutions. There are additional features that can be added at an additional fee."
"McAfee is the right choice for a low-budget solution."
"The price is good. It's moderate. We follow a pay-as-you-go model. There are different models available, and they can also be monthly. You can choose monthly or yearly. It's very flexible. If our existing customers exceed the current plan, you can just call McAfee and get it extended."
"The pricing is fair."
"It is an inexpensive product. We purchase its yearly license."
"We renew our license annually."
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
824,168 professionals have used our research since 2012.
 

Comparison Review

VS
Feb 26, 2015
HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are…
 

Top Industries

By visitors reading reviews
Educational Organization
67%
Computer Software Company
8%
Comms Service Provider
4%
Manufacturing Company
3%
Educational Organization
76%
Financial Services Firm
4%
Computer Software Company
3%
Government
3%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for LogPoint?
On a scale of one to ten, where one is cheap, and ten is expensive, I would rate LogPoint's pricing a seven. It is not very expensive compared to some of the more costly products, and it is not ver...
What needs improvement with LogPoint?
The documentation part is something that needs to be improved, as well as the threat intelligence investigation part. Logpoint has a kind of site to describe what kinds of threats they are investig...
What do you like most about McAfee ESM?
The solution's technical support is great.
What is your experience regarding pricing and costs for McAfee ESM?
Regarding pricing, Trellix ESM is not that expensive. It's less than half the cost of IBM QRadar.
What needs improvement with McAfee ESM?
The product is mature and needs little improvement, but we could enhance the customized dashboarding based on use cases.
 

Also Known As

No data available
McAfee ESM, NitroSecurity, McAfee Enterprise Security Manager
 

Learn More

Video not available
 

Overview

 

Sample Customers

AP Pension, Copenhagen Airports, KMD, Terma, DISA, Danish Crown, Durham City Council, Game, TopDanmark, Lahti Energia, Energi Midt, Synoptik, Eissmann Group Automotive, Aligro, CG50...
San Francisco Police Credit Union, Wªstenrot Gruppe, Volusion, California Department of Corrections & Rehabilitation, Government of New Brunswick, State of Colorado, Macquarie Telecom, Texas Tech University Health Sciences Center, Cologne Bonn Airport
Find out what your peers are saying about Logpoint vs. Trellix ESM and other solutions. Updated: December 2024.
824,168 professionals have used our research since 2012.