Trellix Active Response and WatchGuard EPDR are popular endpoint protection solutions. Users are generally more satisfied with the features of WatchGuard EPDR, although Trellix Active Response has its strengths.
Features: Trellix Active Response offers advanced threat detection, customizable rules, and strong customer support. WatchGuard EPDR provides comprehensive protection combining EDR and EPP capabilities, integration with network security tools, and a simplified management console.
Room for Improvement: Trellix Active Response needs improved reporting, analytics capabilities, and more streamlined configuration. WatchGuard EPDR should enhance malware detection accuracy, reduce response times, and provide better user documentation.
Ease of Deployment and Customer Service: Trellix Active Response deployment requires detailed configuration but benefits from responsive customer support. WatchGuard EPDR offers a straightforward deployment process with less complexity, coupled with supportive customer service.
Pricing and ROI: Trellix Active Response has premium pricing but offers robust ROI through threat mitigation. WatchGuard EPDR presents a cost-effective price point providing excellent ROI driven by its dual-layer protection.
While we haven't yet quantified the financial benefits, we recognize that there has been a return on investment, particularly with operational efficiencies provided by the alerts.
They create a case, tell me to refer to articles, and if not resolved, they take a remote session to solve the issue.
The scalability of Active Response is satisfactory.
It is very stable with no hanging problems.
We would like Trellix to optimize the technology for these systems similarly to how it is deployed for normal endpoints.
While I can create groups for VPN, SSL, IPSec, and others, I can't make groups for IPs.
Based on our evaluations, Trellix Active Response's pricing was the most feasible from a cost perspective.
The pricing is slightly high, but the product quality justifies it.
They notify us immediately of any vulnerabilities on the endpoints, allowing us to deploy a response quickly.
The cloud of WatchGuard lets me see all my devices, updating me to minute levels with detailed information, such as patch status and vulnerabilities.
Continuous Visibility into Your Endpoints:
Capture and monitor events, files, host flows, process objects, context, and system state changes that may be indicators of attack or dormant attack components.
Identify and Remediate Breaches Faster:
Access tools you need to quickly correct security issues. Send intelligence to analytics, operations, and forensic teams.
Target Critical Threats:
Get preconfigured and customizable actions when triggered, so you can target and eliminate threats.
EDR for continuous monitoring that prevents the execution of unknown processes. Behavioral analysis and detection of IoAs (indicators of attack) scripts, macros, etc.
Automatic detection and response for targeted attacks and in-memory exploits. Endpoint protection capabilities such as URL filtering, device control and managed firewall.
Zero-Trust Application and Threat Hunting features delivered as managed services. Lightweight agent and easy-to-use Cloud-based console with detailed reporting.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
