Netwrix Endpoint Protector Reviews

We used Endpoint Protector for the users who were primarily working from home. These workers were contact agents who work on compliant applications, and the potential for client data to be exposed was significant.

I like the data protection feature. Our users were working on a client's CRM application with a lot of client-related EIA information. We did not want the users to be able to send any of this data outside. I also like its ability to protect against data leaks via emails and social media. I like that you can deploy it quickly, and it requires no training.

It would be better if they had an inbound restriction feature. For example, I work out of my home from my personal computer. All my policies can be deployed while working. When I am done, I should be able to use my machine as my personal machine, and all these policies should be waived. In the next release, I want time bound restriction of the policies because most of these users were working out of home and using their personal computers.

I used Endpoint Protector for about six months.

Endpoint Protector is a stable solution. I didn't face any issues during my time at the organization.

On a scale from one to ten, I would give stability a nine.

I was told that Endpoint Protector was a scalable solution. We have 1500 users, and I was told we could quickly scale to 5000 users.

The initial setup was pretty straightforward. It took us some time to deploy this solution as the users were in different parts of the country. Once we connected with them, deploying this solution took about ten minutes.

On a scale from one to ten, I would give the initial setup a nine.

A third-party vendor or partner helped us implement this solution. They were very helpful and were available during and after deployment.

We found the pricing pretty attractive. However, volume-based pricing wasn't available.

On a scale from one to ten, I would give pricing a seven.

I advise potential users to figure out the actual use case for deployment. For example, will it be for a corporate network or remote users? This is because the policies you will deploy will be different.

On a scale from one to ten, I would give Endpoint Protector a nine.

Currently, we are using it only for the media access restriction. We're not like a bank or financial sort of organization, so we're not using EPP for DLP.

We have only Windows clients in our environment. We don't have macOS or Linux in our environment.

We were facing multiple issues when we were using a different solution. For example, for upgrading the software, if there was a new agent, we had to first remove the agent, but we used to face issues when an end-user was outside the organization. That solution required some sort of active link between the agent and the service to be able to remove the agent. With EPP, there is OTP, and we can put a password on the agent. Management is much easier. Upgrades are also easier.

If an end-user, who is not on our premises and is in a different country or location, needs to access the media, he or she can send us an email providing the information about the device. We can then provide an OTP. So, our IT department has less headache now. Overall, it's much better for our organization. Our management might be seeing the same or even more cost with EPP, but even if we are paying a little bit more than other solutions, in the end, the headache that our department IT used to have previously is gone.

All of the features are good if somebody has the budget. Our budget is limited and our purpose is just for media access. That's why we went only for this feature, but it has other features such as DLP or reporting.

It is fantastic in terms of the granularity of the policies. It has many built-in policies, and we can add or create more policies as well. It is perfect, and it gives us more options. We have some users who go outside and then come inside. With EPP, we can even control those users who are outside. If they need to access the media that we are using right now, we can provide OTP messages so that they can access the media even when they are outside of their organization. With our previous solution, we were facing some issues in doing this.

It provides us with the ability to lock down a wide variety of USB devices. It is better to have more options than having no options.

We are using it to only apply media restrictions. When we are installing a new agent, we have to install EPP manually on a device. It would be great if the installations can be done from the server instead of me going to each PC or device to implement EPP or using a policy. They should have some sort of system so that a domain admin can install EPP on all PCs from a central manager. 

After EPP is installed, the upgrade can be done from the EPP console, but they don't always work. Sometimes, there are minor issues with upgrades, but we are able to sort them with the help of their support. The EPP support is great.

We started using this solution last year. This is the second year.

In terms of the stability of the software, I have not faced any issues in the last two years. It was never down or had any other problem. It has been working perfectly fine for the last two years.

We never faced any issues. We have 520 to 530 endpoints.

Their technical support is perfect. They were awesome whenever I had an issue and contacted them.

We were using DeviceLock DLP. We were using it for quite a long time, maybe around 10 to 12 years. When we came across EPP, it was just a quick migration from that one to this one. We had the demo, and we were amazed. The options were amazing. That's why we quickly decided to migrate from the old one to this one. 

Its initial setup is really easy. It is just like an appliance. We just have to install the appliance and configure it. We can install it either through a policy or one by one on our PCs. It was just a matter of time to install it for our organization. Overall, it didn't take more than two or three days.

In our organization, we have some sort of policy that everything should be done by some sort of vendor. So, a vendor was here, but I can definitely say that the vendor did not do anything that we wouldn't have been able to do. I had to stand by the vendor, and I saw everything. It is clearly easy. There is nothing serious. We just had to import the appliance inside our VMware, and then we just had to go with the steps for the installation of the appliance.

It doesn't require any maintenance. We take the backup with the VM itself. Within the VM itself, there is an option to schedule a backup. We just need to update the appliance from time to time for any new updates. If we do an update, we also have to update the agents, but such upgrades and everything else can be done from the EPP console.

From my perspective, I would say that we have seen an ROI, but I have no idea of what the manager will say. The management would see the cost side and whether we are spending the same amount of money or more, but from a technical perspective, it has provided an ROI. It has been helpful in terms of time savings and ease of management. 

We have a really small team. Earlier, some of our users used to send us an email to open the CD or USB for them. We didn't have much control and information about who's asking for what or for how much time they need the access. We used to open it, and that's it, but now, with OTP, we know to whom are we providing access and for how many hours. Report-wise, we get to know whether a particular user used that OTP or not. If the end-user forgot to access the OTP, the OTP stays with him for, let's say, two weeks. They can use it anytime they want during that period. So, it is not like old solutions.

Now, nobody contacts us and says, "Kindly open this media now." They know everything goes through the OTP. Things are more systematic now, and the headache of the IT team is gone. We have control over who is using what sort of media or what exactly they are transferring to the media. Our control has improved. So, overall, we are able to see a return on this investment, at least for our IT department.

We have a limited budget for our media section. When we purchased it last year, we migrated from a different solution to this solution, and at that time, they told us that the cost will remain the same, but this year, they increased the price by 20% or something like that. I am not sure about the exact price, but let's say from 8,000, it increased to 10,000. It was a huge gap, and we couldn't bear this cost because we have a limited budget. When we spoke to them, they understood our problem and reduced it to the same price that we had last year.

We only compared EPP with our previous solution. We did not evaluate any other solution.

You won't face many issues with EPP. Based on my experience, I've not faced any issues other than those related to the upgrade. Sometimes, you might face minor issues for agents, but their support is awesome. They can easily fix an issue if you contact them.

I would rate Endpoint Protector a nine out of 10.

We use this product to protect our Mac and Windows 10 endpoints.

Our main purpose is to block the uploading of Excel and PowerPoint files. We also use it to block USB devices and other peripherals that users connect to the system. 

This product performs well and multiple things have been blocked by it.

By raising discovered issues with our team members, they are doing their part in terms of resolving them.

Endpoint Protector provides a single platform to support our Windows and Mac machines. We do not have any Linux machines in our environment. Managing DLP for our machines in this hybrid environment is pretty simple, as the product is user-friendly and we can easily find what we need.

The fact that this solution supports different operating systems is very important to us because we want to ensure that there is no data leakage.

We have one or two Macs in our organization, with the majority of people using Windows 10 machines. We haven't seen any difference in the support that this product offers for either operating system.

The Device Control feature and tools are very nice. It can also be used for containers. We have blocked multiple financial components using these features and rely on the upload and block policies. For example, we have blocked Google Drive uploads, as well as the upload functionality for other cloud spaces.

The interface is pretty user-friendly, neatly explained, and simple to use.

We are able to lock down a wide variety of USB devices, which is important to us because none of our users can connect a USB drive or other device to the machine. By preventing this, there won't be data leakage. We have experienced this in the past and we are now able to control it through the use of device policies. 

The technical support that they provide works well.

We use the RDP remote desktop option to prevent copy and paste operations to remote systems. If anyone tries to copy and paste between a remote system and a local system then they will not be able to do it. This works well and it makes our operations more secure.

We are currently facing an issue where it is blocking the Winman software, which is something that we don't want to happen because we use it in our accounts department to pay taxes.

There is no option or support available for DriveHQ. 

We have been using Endpoint Protector for between seven and eight years.

This product is pretty stable.

It is easy to scale. Across the organization, we have more than 900 users with Endpoint Protector deployed on their machines.

We plan to soon increase the number of licenses that we have. Our intention is to start deploying on our laptops, which will bring us to a total of approximately 1,500 licenses.

We have been in touch with technical support and our experience has been pretty nice.

This solution was easy to deploy but it was implemented before I joined the company so I don't know how long the process took.

No major upgrades have been required since I have been working with it.

We have an in-house person who is responsible for servers, and he deployed Endpoint Protector. The process is not complex and only one person is required.

We have three system engineers, three senior system engineers, and one assistant manager in charge of maintenance.

We looked at a DLP product by Forcepoint but our current solution was working pretty well, so we opted not to switch.

This is a product that has improved over time. For example, in the past, there was no option to view the ports that were not added to your list. This is now supported and some of the problems we were facing have been stopped. Another example is that we are now able to block Teams and it works pretty well, whereas, in the past, we could not block uploads or downloads with Teams.

Endpoint Protector has other features that we do not use, such as encryption. Instead, we deployed Sophos Encryption approximately six months ago for this purpose.

The biggest lesson that I have learned from using this product is how to block uploads and downloads, as well as how to lock devices on users' machines. My advice for anybody who is considering it is that it is pretty simple to use. It's a friendly environment and it's easy to block devices, uploads, and other security issues.

In summary, we have not faced many issues with Endpoint Protector and it is fulfilling our requirements, as we wanted.

I would rate this solution a nine out of ten.

The product's most valuable feature is its ability to support Linux operating systems.

CoSoSys Endpoint Protector's network-level DLP and integration with mail servers need improvement.

We have been using CoSoSys Endpoint Protector for five or six years.

We never encountered any bugs or issues. The product has been running for many years since we set it up with the server.

We have 10 CoSoSys Endpoint Protector users in our organization.

The technical support services are good.

CoSoSys Endpoint Protector can be deployed on the cloud and on-premises. It takes 15 minutes to set up the server and get it running. The process is easy.

The product is worth the investment.

The product has average pricing.

The product supports Linux systems and multiple source codes. I advise others to go for it. I rate it a nine out of ten.

CoSoSys Endpoint Protector is a unique solution for Linux devices. It has a user-friendly console that makes it easy to navigate and create policies.

CoSoSys is supported on Mac devices. One unique feature is drive encryption. We have portable devices, and they have a password vault. If you transfer any data to your device, you can use the password vault to protect it.

CoSoSys Endpoint Protector has many predefined classifiers for data identifiers. It needs to improve in terms of policy customization. I observed that fewer policies were available, which needs to be improved so that users can modify and view policies based on their requirements and create their templates. The audit part could be added. With our current architecture, we have a lot of alerts, for example, when a user requests access to a policy temporarily for a business requirement. We can make an automatic request mechanism that would work for this type of scenario, which would help us sleep better at night.

I have been using CoSoSys Endpoint Protector for no longer than six months. We are using the latest version of the solution.

The product is stable apart from the policies because it is limited.

The solution is scalable. Despite the limited resources, customers are looking for some platforms for Mac and Linux, but I have tried many products on the market. For example, Forcepoint and Trend Micro are there.

We have Forcepoint for endpoint data leakage protection and this scale and footprint for network protection. It depends on business requirements.

The initial setup is easy and seamless.

The solution’s pricing is a normal industry standard and depends on customers and salespersons.

CoSoSys Endpoint Protector has improved significantly in recent years, with new features and enhancements that make it a leading data loss prevention solution. Data identification is essential for data protection, as CoSoSys Endpoint Protector cannot protect data it cannot identify. Overall, I rate the solution a six out of ten.

I use Endpoint Protector to protect our end server.

Endpoint Protector's best features are its protection and user-friendliness.

Endpoint Protector would be improved with more DLP templates.

I've been using Endpoint Protector for two to three months.

Endpoint Protector works perfectly.

Endpoint Protector is scalable.

The initial setup is easy with a private cloud.

Endpoint Protector has machine learning and AI, and it prevents 99% of ransomware. I would give Endpoint Protector a rating of nine out of ten.

We are using it for data loss prevention, basically managing all our employees throughout the region. Our servers are installed in our HQ in Singapore. We use device control, content-aware management or content-aware protection, and enforce encryption.

We like that content-aware and device controls can easily be managed. They're not complicated. You don't need to be a rocket scientist to understand them.

As for overall experience, Endpoint Protector is very user-friendly.

Because it is only an Endpoint Protector at this point in time, it does not have a network DLP component. There's only an endpoint DLP component. In the future, it would be good if a network DLP component could be embedded and extended to have network DLP capabilities.

We've been using Endpoint Protector for more than seven years.

It is stable.

It is very easily scalable.

In my company alone, we have close to 100 users. They are scattered across three countries in the region. We manage for our end partners who have about 15,000 users.

I am satisfied with Endpoint Protector support services. It is exceptional.

It is super easy to set up. It takes less than one hour to set up the whole system, and you can actually get the users to get on the basic policies and tools in under a couple of hours as well.

The pricing is very competitive and is cheaper in comparison to that of other solutions. It makes it an easy decision to go with EPP for the data loss prevention infrastructure.

In terms of the ease of deployment, the ease of management, and the ease of actually getting the basis of Endpoint Protector to move on, EPP is one of the easiest. I have seen more difficult ones, including those with setups that can take days and weeks.

In terms of the infrastructure needed here, EPP only requires one VM to run the whole infrastructure, unlike McAfee or Symantec that require a database server with an operating system. You will need a file server and an operating server, which will make the infrastructure itself too expensive. With EPP, you will need just one VM server, and you can start your data loss prevention just like that.

End users need to understand what data loss prevention is; otherwise, they will select the wrong solution. It will become too difficult, and they won't know what to do with it. It's best to start off with the baselines of Endpoint Protector and then move up to more complex situations with network DLP-based options.

I would rate this solution at nine on a scale from one to ten.

We bought it because we had a specific need for a single Macintosh computer. We're a defense contractor, so we have to meet very rigid compliance requirements, and Macintosh caused a lot of problems for our mainly Windows domain infrastructure. So, we found the Endpoint Protector tool and tested it, and it did what we wanted it to do. 

We bought it for the Macintosh environment, but because we liked it, we rolled it out to our Windows environment as well.

The key point is that it allowed us to meet a complex cybersecurity requirement mandated by the government, and it was cost-effective. It is critical to our business because if we're not compliant, we can't bid on contracts.

It provides the ability to lock down a wide variety of USB devices. We've actually done it for pretty much everything that could potentially be an issue, such as keyboards, mice, USB devices, and CD-ROMs. This functionality is critical for us.

The device control is a big deal for us because we can actually lock out removable drives and different types of hardware. It allows us to have better control over what end-users plug into their computers, and we can have deny lists and tighten our security posture.

In terms of the granularity of the policies, it is fine. It does exactly what we need. It is granular enough, but it is not too much where it is impossible to tune. It has a nice balance.

In terms of ease of managing DLP in a hybrid environment, it has been very easy to use. It's a very intuitive product. There were no issues trying to figure stuff out.

The reports and analysis could be improved. There could be a little more data, and the logs could be a little more granular, but it's nothing major. It does what it needs to do, and it's fine. 

The alerts could be a little bit more intuitive, but again, it's not a big deal. It's just if I had to choose something, that's what it would be.

We have not been using it for very long. We bought it about four or five months ago.

It has been rock solid. It has never crashed or blown up on us.

We haven't gotten that far yet. We're using it for the initial rollout, and then in the future, we do plan to look more into the Content Aware Protection module to see if this is another add-on module in which we would be interested. After we start playing with the Content Aware Protection module and add modules, we'll know more about scalability, but right now, I don't have any input on that.

In terms of its usage, we currently have about a hundred devices.

They were excellent. They were very responsive and helpful.

We have had other things. One of the solutions that we used to use was GFI, but it got extremely expensive and over-complex, and it wasn't stable.

It was easy. From deployment to config, it wasn't overly involved or overly complex. The lady we talked to at Endpoint helped us very quickly. We had a licensing issue with something, and their support was good.

Its deployment did not take very long. It took less than a day. 

In terms of the deployment plan, it is simple enough where you don't need anything too complex. We just have a process that we follow. To add any new software, we have to try it first on a dirty network and validate it, and if all is good, then we put it in production.

In terms of its maintenance, primarily, our network engineer is responsible for configuring, reviewing, maintaining, and upgrading it. The rest of us look at the reports and the alerts from it.

I can't provide a specific return on investment. The return on investment is that this is a lot cheaper than if someone plugs in a USB key with malware and pollutes the whole network.

From what we've seen, their pricing is a lot lower than the other stuff we've looked at. I actually don't have any concerns with their pricing. They were probably the most reasonable company out there for the features that were offered.

It was pretty straightforward in terms of licensing, and you just pay for the license.

We looked at some of the other options. I don't remember their names, but the costs were outrageous. They were just unobtainable for a small business like ours. The cost was a big driver for going for Endpoint Protector, and its features worked. 

Some of the other solutions offered more in terms of data leakage protection, but again, they were too much for a small business. The cost was a big factor as well.

It is critical to test it out. I would advise doing the trial first to make sure it absolutely works for what you need it to do. Being able to test it without paying is a big deal, and it lets you really drive it.

We don't use the EasyLock USB Enforced Encryption app to automatically encrypt the confidential data transferred to the USB storage. We don't allow USB storage. We use it purely to lock the device, and our encryption is handled by another tool.

In terms of role-based access features for admins, I don't handle a lot of the technical side of it. My network engineer handles it, so I don't have any input to provide, but I haven't heard any complaints.

For zero-day protection, we have other tools. I don't think we're using this feature.

I would rate Endpoint Protector an eight out of 10. It pretty much did what they stated it did. There were no surprises.