Try our new research platform with insights from 80,000+ expert users
Information Security Manager at a financial services firm with 5,001-10,000 employees
Real User
Enables us to block and blacklist all types of USB devices
Pros and Cons
  • "The versatility regarding the exit point Endpoint Protector supports in making sure that important data doesn't leave our organization is vital for us. In the industry that we're in, data breaches are a significant concern. While our staff is contractually required to maintain confidentiality and they're all very aware that they shouldn't try and transfer company data of different classifications elsewhere to non-company devices, there's a risk."
  • "Sometimes, it should try to focus on one thing rather than multiple things. Endpoint Protector does device control very well, which is why we use that particular function."

What is our primary use case?

I work for a financial services company. As a consequence, we work with multiple lenders and lender clients; essentially banks and building societies. There's a requirement in this industry for tight controls from an information security point of view. For many years we've had industry requirements to deploy a number of technical controls to secure things like device control.

Prior to using Endpoint Protector, we used Ivanti Device Control. However, from the UI point of view, it was a bit of a dated product, and some of the functionality wasn't brilliant. We also took a recommendation from our service provider, who had been using this product with other customers, and as such we deployed CoSoSys Endpoint Protector. We primarily have one single purpose, which is to secure all of our endpoints, mostly laptops. We have a very small number of client computers as well, but we primarily use it to block all removable media and all USB points on the laptops.

As a business, we don't enable and support the use of removable media. We do have a small number of use cases where that is allowed, primarily within our IT team, but they are the exception. As such, every single USB port is blocked across the business with Endpoint Protector to mitigate the risk of somebody intentionally, accidentally, or for whatever reason being tricked into inputting their USB drive into our network which would then cause potentially a risk to the confidentiality, integrity, and availability of our data.

We have a contractual requirement for us to have a tool like CoSoSys. It mitigates risk for us as a business by enabling us to be sure that no one can exfiltrate data from our company via USB media or be infected by malware by plugging a device into an endpoint.

We only use that one particular feature. I believe there are other features available but I don't believe we pay for the other elements of functionality of the software. There are other features like DLP within the software, however, we have a suite of additional tools within our business to control those other elements so we use CoSoSys exclusively for device control.

We only use it for a very small use case. It certainly has a wide range of functionality, although, we don't use the vast majority of the functionality because we don't pay for it or because we have other tools in place that are specific for a certain purpose.

What is most valuable?

The granularity of the policies that we can create is good. We block USB media. One of the reasons we left our previous provider is because of the lack of this functionality. We have built some custom rules to make exceptions for staff members that should be able to use USB media. Of course, the ability to amend and write policies is far more granular than the previous product that we used. Switches, disabling and blocking Bluetooth, weren't available with our previous supplier. 

The feature that locks down USB devices means that if you plug removable media into any of our USB drives, it blocks it. As we block, we blacklist all the types of USB devices, and the cloud running trail blocks that. If someone puts the USB drive in, it will block them from opening that drive or even registering that drive. If they want to make an exception, they have to make a formal request to do so, and that can be made either by email or through an application to our IT desk.

The versatility regarding the exit point Endpoint Protector supports in making sure that important data doesn't leave our organization is vital for us. In the industry that we're in, data breaches are a significant concern. While our staff is contractually required to maintain confidentiality and they're all very aware that they shouldn't try and transfer company data of different classifications elsewhere to non-company devices, there's a risk. If we didn't have Endpoint Protector in place, they could plug in a USB drive, copy a file onto the USB drive, and then take that onto their personal computer or share it externally, whether that be with the press or the public, etc. This tool stops that from happening. It means employees are unable to share files and exfiltrate data via that channel.

We have other controls to stop other channels. One of the biggest concerns for us as a business is employees sharing data via the internet, dragging files and confidential information from our computer drives into Dropbox or into Webmail, et cetera. We have other controls and tools to stop that. But Endpoint Protector is used exclusively to stop USB media.If we didn't have Endpoint Protector in place, they could plug in a USB drive, copy a file onto the USB drive, and then take that onto their personal computer or share it externally, whether that be with the press or the public, etc. This tool stops that from happening. It means employees are unable to share files and exfiltrate data via that channel.

We have other controls to stop other channels. One of the biggest concerns for us as a business is employees sharing data via the internet, dragging files and confidential information from our computer drives into Dropbox or into Webmail, et cetera. We have other controls and tools to stop that. But Endpoint Protector is used exclusively to stop USB media.

For how long have I used the solution?

I have been using Endpoint Protector for 18 months.

What do I think about the stability of the solution?

The stability is very comfortable. We have no qualms or concerns. There have not been any incidents or issues with it not working, or any problems that I'm aware of. Any kind of such problems would be raised to my attention and discussion review, and there haven't been any concerns raised by users or with our IT service desk. There has been no concern there.

Buyer's Guide
Netwrix Endpoint Protector
October 2024
Learn what your peers think about Netwrix Endpoint Protector. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,763 professionals have used our research since 2012.

What do I think about the scalability of the solution?

Scalability is about the policies. We could deploy it simply to larger groups of people as and when required. There's a procedure where we deploy using an RMM tool. It's easy to deploy.

At present, we don't have plans to increase usage. We have a number of different controls and requirements, and we have specialist tools for each of the different requirements. We're also trying to move towards a Microsoft stack where possible because we have so many different tools in use. Microsoft doesn't do device control. 

How are customer service and support?

I have never personally been involved with technical support. There was joint deployment with our MSP. There have been no problems, so I think it's fairly positive.

Which solution did I use previously and why did I switch?

We were previously using Ivanti.

How was the initial setup?

The setup was quite straightforward and didn't cause any issues. But I wasn't involved. Our IT system team deployed it around 18 months ago. I was quite new to the business at the time. It went relatively smoothly, there were no hiccups, and there were no deployment problems.

It took under a few weeks to implement. It was not a couple of weeks of solid work. We deployed it slowly within a UAT testing environment and only on a small number of laptops. Once we were comfortable that the config was working as expected, then we deployed our tool to other users. We deployed the end client to all endpoints using an RMM tool we use from SolarWinds.

What about the implementation team?

We have a managed service provider who we use to support some of our IT needs. They were the ones who recommended the products and they would have been the ones who actually implemented the product and do much of the actual deployment with our IT service desk.

The implementation required around 2-3 staff members. It was one person from the MSP and two people in-house who would have worked on that project to deploy it. It was a normal project team for the deployment of that size.

Day-to-day maintenance only requires one or two employees. We don't have somebody looking at it daily, but our service desk will review it, update it, and amend things within the tool as and when required. It really runs by itself, it's not a huge amount of maintenance, which is a good thing.

What was our ROI?

ROI is very hard to quantify but Endpoint Protector is ultimately priceless. If device control wasn't in place, any single data breach that could occur as a consequence of a USB device being able to transfer data externally could result, for us as a business, in considerable loss, and considerable fines. There are massive fines for data breaches in the UK.

Data breaches could have a very significant reputational impact on our business. It's very difficult to quantify, but we haven't had any of these breaches. If we didn't have Endpoint Protector in place, we would be at a higher risk.

What's my experience with pricing, setup cost, and licensing?

The pricing is very fair. No concerns. We don't have massive budgets, we're quite a small company, but we don't have small budgets either. I think it's quite competitive.

I don't believe there are additional costs in addition to standard licensing. 

Which other solutions did I evaluate?

We reviewed Ivanti Device Control, which is the previous tool we were using, and we compared it with Endpoint Protector's product set. Then we compared the prices and compared the features, and decided to go with Endpoint Protector over the previous supplier.

What other advice do I have?

We have a third-party that automatically encrypts confidential data transferred to USB storage devices. That's not a use case for us with Endpoint Protector.

We exclusively use Windows. We do have instances of Linux, but from an endpoint point of view, it is exclusively Windows. 

As a business, we're never going to move into a Mac OS environment, so the fact that it supports Windows, Mac, and Linux wouldn't be one of our prerequisites. We looked at Endpoint Protector to make sure it supported Windows but the fact that it supports all platforms wasn't that important to us. Obviously, if it didn't work with Windows we wouldn't have used it, but from that point of view, it's not important for us now.

We also don't use it to search for keywords that are important to our business. We have a third-party tool we've had in use for several years that classifies all our data and ensures that we have visibility of where data is and what type of data is at risk.

I would rate Endpoint Protector an eight out of ten. I'm by no means an expert on the tool, however, it does appear to offer quite a large range of different functions within the toolset. Sometimes, it should try to focus on one thing rather than multiple things. Endpoint Protector does device control very well, which is why we use that particular function.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
IT Manager of Information Technology Operations Manager at astrafaelcomsys.com
Real User
A versatile and user friendly solution with great customer support
Pros and Cons
  • "The role-based access features for the teams that administer it is good."
  • "Customization could be a lot better."

What is our primary use case?

I use the Endpoint Protector to monitor what the users or employees are doing. I monitor employee data like what they are sending, who they are sending it to, and what kind of data they're sending.

If I want to check that data, I can download it. I am checking the backup of the Endpoint Protector data weekly. If I want to monitor previous things, I can do that with the backup of the software.

It's important to create policies to protect my company data. If I create a policy that only our attachments go through our domain, only our attachments get through and not from Google, Yahoo, and others. It's blocking attachments effectively while providing me with an alert if I included an alert policy.

What is most valuable?

Endpoint Protector by CoSoSys has some valuable features. The role-based access features for the teams that administer it is good.

The granularity of the policies is good. The versatility of exit points is good. It also supports both macOS and Windows.

What needs improvement?

A lot of things can be improved. Especially customization could be a lot better.

Sometimes there are issues like when I write a policy to block finance sites. It also blocks the banking sites I have not included. Sometimes it also blocks commands I send to the machine while using Matrix software. 

Whenever this happens, I have to go into the software and choose the packet inspection option or something similar. Then I have to send the command again to the machine, and if it doesn't work, I have to contact the support team. These are some of the issues I have dealt with.

For how long have I used the solution?

I have been using the Endpoint Protector by CoSoSys for over six months. 

What do I think about the stability of the solution?

The stability, reliability, and availability of Endpoint Protector by CoSoSys is good.

What do I think about the scalability of the solution?

Endpoint Protector by CoSoSys is scalable and that's why we use it.

How are customer service and technical support?

The support is excellent. I got responses promptly, just like the vendor stated. If I email or call support, they are ready to assist me.

Which solution did I use previously and why did I switch?

Previously, we used Symantec Endpoint Protection, but the customer support wasn't good. I also inquired about Symantec Endpoint Protection and found out from our local vendors that the support wasn't good, and they recommended CoSoSys.

I installed CoSoSys in my system and tested it for two to three days. I made some policies like data blocking policies, mail blocking policies, attachment blocking policies, and all kinds of policies we need in our company. I tested it and felt very good about it and purchased the license.

How was the initial setup?

The initial setup and deployment are very easy. You can download the database directly, and you can purchase the license. After that, you can download the ETP client to install it. That's all you have to do.

The deployment takes about two hours. The company had a deployment plan and strategy, and I did the rest. 

What about the implementation team?

I implemented the Endpoint Protector by CoSoSys all by myself. 

What's my experience with pricing, setup cost, and licensing?

The price of Endpoint Protector by CoSoSys is more or less the same as other competing solutions.

Which other solutions did I evaluate?

I have installed Symantec Endpoint Protection previously, and the response wasn't good. That's why I moved to CoSoSys DLP. Before CoSoSys DLP, I checked another software, but I found it wasn't a DLP.

What other advice do I have?

If you need a good DLP software to protect your data, I recommend that you go for CoSoSys without any second thought. 

Endpoint Protector by CoSoSys is a versatile solution. The important thing is to protect the data, and it does that well. I have blocked all USB connections from the users via CoSoSys Endpoint Protector. 

It's very easy to use, just download the database from the internet directly, and after getting the license key, we can install and connect to the internet. Once you purchase the license, it's very easy, and 4GB of RAM and 150GB hard disk is enough for this data.

On a scale from one to ten, I would give Endpoint Protector by CoSoSys a ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
Netwrix Endpoint Protector
October 2024
Learn what your peers think about Netwrix Endpoint Protector. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,763 professionals have used our research since 2012.
CTO at a aerospace/defense firm with 201-500 employees
Real User
Allows us to have better control over what end-users plug into their computers and tighten our security posture
Pros and Cons
  • "The device control is a big deal for us because we can actually lock out removable drives and different types of hardware. It allows us to have better control over what end-users plug into their computers, and we can have deny lists and tighten our security posture."
  • "The reports and analysis could be improved. There could be a little more data, and the logs could be a little more granular, but it's nothing major. It does what it needs to do, and it's fine."

What is our primary use case?

We bought it because we had a specific need for a single Macintosh computer. We're a defense contractor, so we have to meet very rigid compliance requirements, and Macintosh caused a lot of problems for our mainly Windows domain infrastructure. So, we found the Endpoint Protector tool and tested it, and it did what we wanted it to do. 

We bought it for the Macintosh environment, but because we liked it, we rolled it out to our Windows environment as well.

How has it helped my organization?

The key point is that it allowed us to meet a complex cybersecurity requirement mandated by the government, and it was cost-effective. It is critical to our business because if we're not compliant, we can't bid on contracts.

It provides the ability to lock down a wide variety of USB devices. We've actually done it for pretty much everything that could potentially be an issue, such as keyboards, mice, USB devices, and CD-ROMs. This functionality is critical for us.

What is most valuable?

The device control is a big deal for us because we can actually lock out removable drives and different types of hardware. It allows us to have better control over what end-users plug into their computers, and we can have deny lists and tighten our security posture.

In terms of the granularity of the policies, it is fine. It does exactly what we need. It is granular enough, but it is not too much where it is impossible to tune. It has a nice balance.

In terms of ease of managing DLP in a hybrid environment, it has been very easy to use. It's a very intuitive product. There were no issues trying to figure stuff out.

What needs improvement?

The reports and analysis could be improved. There could be a little more data, and the logs could be a little more granular, but it's nothing major. It does what it needs to do, and it's fine. 

The alerts could be a little bit more intuitive, but again, it's not a big deal. It's just if I had to choose something, that's what it would be.

For how long have I used the solution?

We have not been using it for very long. We bought it about four or five months ago.

What do I think about the stability of the solution?

It has been rock solid. It has never crashed or blown up on us.

What do I think about the scalability of the solution?

We haven't gotten that far yet. We're using it for the initial rollout, and then in the future, we do plan to look more into the Content Aware Protection module to see if this is another add-on module in which we would be interested. After we start playing with the Content Aware Protection module and add modules, we'll know more about scalability, but right now, I don't have any input on that.

In terms of its usage, we currently have about a hundred devices.

How are customer service and technical support?

They were excellent. They were very responsive and helpful.

Which solution did I use previously and why did I switch?

We have had other things. One of the solutions that we used to use was GFI, but it got extremely expensive and over-complex, and it wasn't stable.

How was the initial setup?

It was easy. From deployment to config, it wasn't overly involved or overly complex. The lady we talked to at Endpoint helped us very quickly. We had a licensing issue with something, and their support was good.

Its deployment did not take very long. It took less than a day. 

In terms of the deployment plan, it is simple enough where you don't need anything too complex. We just have a process that we follow. To add any new software, we have to try it first on a dirty network and validate it, and if all is good, then we put it in production.

In terms of its maintenance, primarily, our network engineer is responsible for configuring, reviewing, maintaining, and upgrading it. The rest of us look at the reports and the alerts from it.

What was our ROI?

I can't provide a specific return on investment. The return on investment is that this is a lot cheaper than if someone plugs in a USB key with malware and pollutes the whole network.

What's my experience with pricing, setup cost, and licensing?

From what we've seen, their pricing is a lot lower than the other stuff we've looked at. I actually don't have any concerns with their pricing. They were probably the most reasonable company out there for the features that were offered.

It was pretty straightforward in terms of licensing, and you just pay for the license.

Which other solutions did I evaluate?

We looked at some of the other options. I don't remember their names, but the costs were outrageous. They were just unobtainable for a small business like ours. The cost was a big driver for going for Endpoint Protector, and its features worked. 

Some of the other solutions offered more in terms of data leakage protection, but again, they were too much for a small business. The cost was a big factor as well.

What other advice do I have?

It is critical to test it out. I would advise doing the trial first to make sure it absolutely works for what you need it to do. Being able to test it without paying is a big deal, and it lets you really drive it.

We don't use the EasyLock USB Enforced Encryption app to automatically encrypt the confidential data transferred to the USB storage. We don't allow USB storage. We use it purely to lock the device, and our encryption is handled by another tool.

In terms of role-based access features for admins, I don't handle a lot of the technical side of it. My network engineer handles it, so I don't have any input to provide, but I haven't heard any complaints.

For zero-day protection, we have other tools. I don't think we're using this feature.

I would rate Endpoint Protector an eight out of 10. It pretty much did what they stated it did. There were no surprises.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
IT Manager at a tech vendor with 11-50 employees
Real User
Easy to set up, good reporting, and provides valuable insight into users' activities
Pros and Cons
  • "The most valuable feature is device control."
  • "I would like to see an alert feature that when a system is started, it checks to make sure that the client has the most up-to-date policies."

What is our primary use case?

We use Endpoint Protector as our data loss prevention solution for Windows, Linux, and Mac machines. Our clients work from outside of our building and in different locations, and we need to use this product to keep our data secure.

How has it helped my organization?

There are many benefits to using this solution.

In terms of the granularity of policies that we can create, this is a good product. We have created two policies that are used on Windows, Linux, and our Mac machines. The first is related to screen sharing, and the second is responsible for blocking files in email attachments.

This functionality is important to us. At the end of the day, we get reports about files, the users, and what they are doing. Preventing screen sharing with unknown people, or accepting files from somebody who is not known, are both things that I want to prevent.

We get detailed reports that identify our clients and we can see how each of them is spending their day at the office. Essentially, we have good visibility of the traffic on our endpoints.

To this point, I have not needed to lock down a variety of different USB devices. I have not used, for example, a card reader. I have only used it to lock down USB storage devices. In the future, I may use more of these features.

I have had no difficulty with using this solution in our hybrid environment that includes Windows, Linux, and Mac machines. There is no difference in features between the different platforms. There are differences such as the web browser that is used. For example, in Windows, we use Chrome, whereas, with Mac, we use Safari. Certain things are different based on the software but otherwise, everything is the same.

What is most valuable?

The most valuable feature is device control. If you have the wrong devices connected to the network then it may cost you, and this product allows you to control them. For example, you can prevent users from using an external hard disk, which is something that I like.

There is a clipboard feature to ensure that a user cannot print their screen or take a screenshot. This is one of the reasons that we feel secure when using this product.

The users are happy with using this solution on a daily basis. 

What needs improvement?

I would like to see an alert feature that when a system is started, it checks to make sure that the client has the most up-to-date policies. Before the policies are updated, nothing can be done on the system.

For how long have I used the solution?

We have been using Endpoint Protector for one year.

What do I think about the stability of the solution?

This is a stable product and we haven't had any problems with it.

What do I think about the scalability of the solution?

We have between 50 and 60 people in our organization.

How are customer service and technical support?

Within the past month or two, I have experienced problems and contacted technical support by email. They immediately responded and gave me suggestions on how to improve our security.

Normally, I send the support team an email and they answer within 24 hours. They analyze the problem and try to determine why it has occurred. They ask end-to-end questions such as what I was doing at the time, which allows them to assess and analyze all of the relevant points.

Which solution did I use previously and why did I switch?

This is the first DLP solution that we have used.

How was the initial setup?

The initial setup is very easy and there is nothing difficult about it.

Our deployment took one month and we didn't know anything about the product in advance. We didn't know exactly how it would work or which features would be added. The vendor explained everything to us after that.

What's my experience with pricing, setup cost, and licensing?

The minimum number of licenses they sell is 50 or 150 users. They do not sell, for example, a package of 10 licenses. It would be helpful if you could purchase a smaller number of licenses at one time.

Which other solutions did I evaluate?

We did not evaluate other such solutions before selecting this one.

What other advice do I have?

My advice for anybody who is considering this product is that it's user-friendly, and everyone can easily understand the details about how it works.

I am 100% confident in the security that I get from this product.

Overall, I think that our requirements for basic control, including application control, have been met. I'm happy with the current product and I like the feature set. That said, if they provide additional features in the future then we will use them.

I would rate this solution a ten out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Sivakumar Mahathevan - PeerSpot reviewer
Head of MSP Division at Halodata
Reseller
Leaderboard
Is user-friendly, easy to manage and set up, and is stable and scalable
Pros and Cons
  • "We like that content-aware and device controls can easily be managed. They're not complicated. You don't need to be a rocket scientist to understand them."
  • "Because it is only an Endpoint Protector at this point in time, it does not have a network DLP component. There's only an endpoint DLP component. In the future, it would be good if a network DLP component could be embedded and extended to have network DLP capabilities."

What is our primary use case?

We are using it for data loss prevention, basically managing all our employees throughout the region. Our servers are installed in our HQ in Singapore. We use device control, content-aware management or content-aware protection, and enforce encryption.

What is most valuable?

We like that content-aware and device controls can easily be managed. They're not complicated. You don't need to be a rocket scientist to understand them.

As for overall experience, Endpoint Protector is very user-friendly.

What needs improvement?

Because it is only an Endpoint Protector at this point in time, it does not have a network DLP component. There's only an endpoint DLP component. In the future, it would be good if a network DLP component could be embedded and extended to have network DLP capabilities.

For how long have I used the solution?

We've been using Endpoint Protector for more than seven years.

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

It is very easily scalable.

In my company alone, we have close to 100 users. They are scattered across three countries in the region. We manage for our end partners who have about 15,000 users.

How are customer service and support?

I am satisfied with Endpoint Protector support services. It is exceptional.

How was the initial setup?

It is super easy to set up. It takes less than one hour to set up the whole system, and you can actually get the users to get on the basic policies and tools in under a couple of hours as well.

What's my experience with pricing, setup cost, and licensing?

The pricing is very competitive and is cheaper in comparison to that of other solutions. It makes it an easy decision to go with EPP for the data loss prevention infrastructure.

Which other solutions did I evaluate?

In terms of the ease of deployment, the ease of management, and the ease of actually getting the basis of Endpoint Protector to move on, EPP is one of the easiest. I have seen more difficult ones, including those with setups that can take days and weeks.

In terms of the infrastructure needed here, EPP only requires one VM to run the whole infrastructure, unlike McAfee or Symantec that require a database server with an operating system. You will need a file server and an operating server, which will make the infrastructure itself too expensive. With EPP, you will need just one VM server, and you can start your data loss prevention just like that.

What other advice do I have?

End users need to understand what data loss prevention is; otherwise, they will select the wrong solution. It will become too difficult, and they won't know what to do with it. It's best to start off with the baselines of Endpoint Protector and then move up to more complex situations with network DLP-based options.

I would rate this solution at nine on a scale from one to ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
IT Engineer at a tech services company with 51-200 employees
Real User
Top 20
Gain control over endpoint security with enhanced visibility and device management
Pros and Cons
  • "The most valuable aspects of the solution is the device control, which manages any portable device connected to the endpoint, and content-aware protection, which controls data in motion from the endpoint to outside, like when users try to upload data to a web browser or an instant messaging application."
  • "Currently, for additional applications that need monitoring by the EPP, a request must be made to their technical support. It would be beneficial to add a feature allowing users to manually add applications for monitoring without depending on the vendor."

What is our primary use case?

The primary use case is to prevent data loss and data breaches from employees using endpoints such as workstations or notebooks.

How has it helped my organization?

They gain a lot of visibility over file transfers and user activities. For example, a company can detect when a user copies sensitive company files to an external drive. With this visibility, security is enhanced, and any unauthorized attempt to handle sensitive data can be blocked.

What is most valuable?

The most valuable aspects of the solution is the device control, which manages any portable device connected to the endpoint, and content-aware protection, which controls data in motion from the endpoint to outside, like when users try to upload data to a web browser or an instant messaging application.

What needs improvement?

Currently, for additional applications that need monitoring by the EPP, a request must be made to their technical support. It would be beneficial to add a feature allowing users to manually add applications for monitoring without depending on the vendor.

For how long have I used the solution?

I have been working with Endpoint Protector for approximately five years.

How are customer service and support?

Generally, they are very helpful when we escalate an issue. However, the time difference can make some discussions and follow-ups challenging as their working hours are based on U.S. time, while we work on Indonesian time. There's a seven-hour difference.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I have not worked with any other DLP solution before Netwrix Endpoint Protector.

What's my experience with pricing, setup cost, and licensing?

I am not sure about the pricing since I handle the technical aspects, not the pricing.

What other advice do I have?

I would recommend Netwrix Endpoint Protector to others.

I'd rate the solution nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
PeerSpot user
People Operations Manager at a tech services company with 11-50 employees
Real User
Main dashboard is intuitive, and offline temporary passcode solution is really easy to use
Pros and Cons
  • "It also provides us with the ability to lock down a wide variety of USB devices, which is pretty important because we don't want certain data accessed. It does a really good job when it comes to the versatility of the exit points it supports, making sure that important data does not leave our organization."
  • "There are times when the server needs to be updated, and it would help if I got a notification for when the newest version comes out, because at the moment, I'm going in every now and then and checking. Sometimes it comes out and I didn't know it had come out."

What is our primary use case?

We use it primarily for endpoint protection. We have to be SOC 2 compliant. We have a number of standards that we have to abide by for HIPAA reasons and SOC 2 reasons, which is why we initially put it in place, but we mostly use it for endpoint protection and MDM.

How has it helped my organization?

We have access to some healthcare data, at times, which means that we have to follow very strict guidelines. So we need the endpoint protection.

What is most valuable?

I like the main dashboard. It's very intuitive. 

The offline temporary passcode solution is really easy to use for both the backend administrator and the users.

The granularity of the policies that you can create is pretty sufficient. We haven't had to make any super-granular policies. I understand what its capabilities are, and it is really nice to know that if we have to crack down and be a little more strict on our policies, Endpoint Protector provides those features.

It also provides us with the ability to lock down a wide variety of USB devices, which is pretty important because we don't want certain data accessed. It does a really good job when it comes to the versatility of the exit points it supports, making sure that important data does not leave our organization.

Endpoint Protector also provides a single platform to support Windows, macOS, and Linux, although we don't use Linux, we just use Windows and Mac. It makes it pretty easy for me to manage DLP in such a hybrid environment. I find it intuitive. It's pretty vital that it supports Windows and macOS because we use both types of computers in our company. It provides Zero day protection for macOS.

What needs improvement?

There are times when the server needs to be updated, and it would help if I got a notification for when the newest version comes out, because at the moment, I'm going in every now and then and checking. Sometimes it comes out and I didn't know it had come out. It would be super-helpful if I got a notification saying, "It's time to update the server."

For how long have I used the solution?

I've been using CoSoSys for a little more than two years.

What do I think about the stability of the solution?

It hasn't changed much since we started using it, so I haven't really found myself having to adapt or learn anything new. It has served all the purposes that we've purchased it for, so it's pretty stable.

What do I think about the scalability of the solution?

We have such a small team that scalability hasn't really been an issue at this point. It's easy enough for me to manage it on my own. We have fewer than 50 employees, and somewhere between 50 and 60 computers, so I haven't really encountered any scalability issues. We've adopted it 100 percent.

How are customer service and technical support?

For the most part, their technical support has been really responsive and good about setting up time to go over things. They have been pretty timely, in general.

Which solution did I use previously and why did I switch?

We didn't have anything in place before.

How was the initial setup?

It's really easy to install. I had to do most of them in person. At the time, most of us were in the office, so I just had folks drop off their computers at my desk for 15 minutes while I set it up. Some took less than 15 minutes. We do have some remote workers, and I used Zoom which has a remote screen option.

It was done over the course of a couple of days, because I had 50-something devices to do.

I don't know if Endpoint Protector has this kind of feature, because I didn't need to use it. But if I had more than 50 computers, it would have been really time-consuming to do the implementation. It wasn't that bad for me, but any more than 50 computers would be a little bit of a hassle.

What was our ROI?

Our return is that it serves the purpose that we need it for.

What's my experience with pricing, setup cost, and licensing?

The pricing model changed the last time that we renewed, but it's reasonable compared to what's out there.

Which other solutions did I evaluate?

Choosing a solution was a discussion that happened before I was in the mix. I don't know if other solutions were discussed before this one was decided upon. I do know that it was something that another employee had used before and she recommended it. I don't know if a lot of other research went on or they just said, "Okay, since someone knows it and they've used it, we'll use it too."

What other advice do I have?

In terms of feature parity between Windows and macOS, with Windows it takes a lot longer to install, but that's really the main difference.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Head IT at Trantor
Real User
It seems they have not properly tested the product, and customer support is very poor
Pros and Cons
  • "The product is forward-looking, in my opinion, which is a requirement nowadays."
  • "I have faced issues which shouldn't be related to this product. This product is purely a DLP, so it should only protect my data. I don't know what is happening with their agent or what is happening with the software, but it messes up my endpoint. For example, people are facing bandwidth issues. Before I deployed this on an endpoint, people were getting internet speeds of 40 or 50 Mbps. After deploying it, that would come down to 10 Mbps. And if I uninstalled the agent, it would go back to 50 Mbps."

What is our primary use case?

We primarily use the solution for DLP. 

What is most valuable?

I have not found any valuable features.

What needs improvement?

I bought it for my Windows, Linux, and Mac platform. Frankly speaking, I'm not happy with the product. The reason is that they have not tested the product in their environment. You can't really install it on any endpoint, because you never know what will happen.

I have faced issues which shouldn't be related to this product. This product is purely a DLP, so it should only protect my data. I don't know what is happening with their agent or what is happening with the software, but it messes up my endpoint. For example, people are facing bandwidth issues. Before I deployed this on an endpoint, people were getting internet speeds of 40 or 50 Mbps. After deploying it, that would come down to 10 Mbps. And if I uninstalled the agent, it would go back to 50 Mbps.

In my experience, they claim their product is very good, but I don't think so.

Software should be such that if you deploy it on any machine, it should not come up with issues. If it is blocking things I can understand that the engine behind the software is very good. But it is blocking things that are not required to be blocked.

The major challenge was my Linux environment, and that is why I took this product—to get it deployed on my Linux machine. But if I want to deploy it on Linux 1, 2, or 20, or some other Linux distribution, I need to reach out to the support team to get the agents. If I have paid for licenses, they should be on the portal so I can download all the different versions freely.

If I want to install it on any machine, I need to give the version of that machine and they will give me the agent. You don't know whether that agent is the latest one or not. And if you face challenges you have to go back to the support team again and say, "I have deployed it and I'm facing this issue." They will give you another version. I can't tell you all the challenges we have faced. I have not deployed it on a single Linux machine, and it was for Linux that I bought this product. I have just put it on Windows, because on Windows I am facing fewer issues compared to Mac and Linux.

It is not a straightforward installation or a straightforward configuration, for me or the end-user.

For how long have I used the solution?

I bought Endpoint Protector six months back.

What do I think about the stability of the solution?

If you talk about the server on which the application is running it's very stable. But if you talk about the agents, I have already explained how many issues I'm facing.

How are customer service and technical support?

Whenever we contacted support they would give us a resolution and we would apply it. One issue would get resolved but another issue would come up. It's like they considered us as a tester of their application.

In our company, we provide infrastructure services. People have their own environments on their endpoints. If they come across issues, every time we talk to support they tell us to show them the environment. It is not easy for us to get a developer to give control of his or her machine to CoSoSys support in order to showcase the issue.

I mentioned one point to the support team: "Please provide us the latest version of your product." That is how it happens with all products. If your company has come up with an updated version, you should reach out to your customers. Either publish it on your website, saying that you have a new version or new agent, or send an email to all your customers. When I put this comment on the ticket, the feedback I got from a support engineer was, "Please mention this to your account manager." He should not have said that. The support team should have gone to the management team and told them about the feedback they were getting from the customer. They should have said to management, "We need to incorporate these things into the system."

I never ever tell my clients to reach out to my management if they have issues. I'm here to address those issues. If I'm unable to do that, then I will reach out to my management to tell them this customer is facing these issues and we need to address them as a high-priority.

After that, I reached out to my account manager from whom I bought this product and I told him to escalate this issue. I said, first of all, that the tech team should reach out to the customer with the latest version. And secondly, that the support guy who told me to reach out to management should not have done that. The account manager escalated it to someone but I didn't get a call back on that topic.

It's a very serious matter. I was expecting a response from the account manager or from some senior person, but I never ever heard anything from the company.

It has not been so easy to get the support that I paid for. I should get prompt support during that year.

Which solution did I use previously and why did I switch?

A colleague who works with another company bought this product and he told me about it. The one thing I liked about this product was because it is for Mac, Linux, and Windows. If you go for other companies like Forcepoint or Symantec Endpoint Protection, they only give you a solution for Windows and Mac. In our company, we are about 60 percent Linux, 30 percent Windows, and 10 percent Mac.

How was the initial setup?

The server setup is very easy. They have an appliance and you just decide where you want to set it up. They give you some image files. You attach that file to your server and your server is ready. After that, you need to put your own efforts into the configuration, because with these guys the support is pathetic.

What's my experience with pricing, setup cost, and licensing?

If they gave it to me for free for the next year I would not go for this product. Pricing is one thing, but if they are not giving me a full, usable product, pricing hardly matters.

Which other solutions did I evaluate?

I have seen a demo of Forcepoint. Although it is not meant for Linux, rather for Windows and Mac, it is very easy to use. I'm thinking that if I had bought Forcepoint at least I would be okay with my Windows and Mac. Now I'm worried about all the three operating systems and I have paid a very handsome amount for the product.

In my previous company I was using Symantec and that is a wonderful product. But Linux was the challenge.

What other advice do I have?

I'm just waiting for the renewal. I will not use it again in the future.

DLP means blocking something, and I have not blocked anything. If you look at my configuration, I'm just reporting things in case something happens so I can fetch the logs and show them to management. But I don't want to face an embarrassing situation in front of management, because we are in the software service. We have proper SLAs. But if management comes to me and says, "Why didn't you guys block this?" I will not have any answer.

If I knew that support was fantastic, that if I did something and I got stuck I could reach out to support and they would help me out immediately, then I would try. But if I deploy something and I come across some issues, I don't know how much time these guys will take: two days, three days, or five days. They have no SLA. We are a startup but we have proper SLAs with our end-users and clients.

If CoSoSys made some improvements in their product and to their support, no doubt it could be very good. The product is forward-looking, in my opinion, which is a requirement nowadays. But because of the pathetic support and their internal team not doing proper testing of their product... Previously, people used to work only on Windows. But now people are mainly working on Mac or Linux. And now, because of the COVID-19 situation, people are working from home and it is necessary to deploy this product on endpoints to save company data.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
Download our free Netwrix Endpoint Protector Report and get advice and tips from experienced pros sharing their opinions.
Updated: October 2024
Product Categories
Data Loss Prevention (DLP)
Buyer's Guide
Download our free Netwrix Endpoint Protector Report and get advice and tips from experienced pros sharing their opinions.