Try our new research platform with insights from 80,000+ expert users
reviewer1518660 - PeerSpot reviewer
IT Manager at a tech vendor with 11-50 employees
Real User
Easy to set up, good reporting, and provides valuable insight into users' activities
Pros and Cons
  • "The most valuable feature is device control."
  • "I would like to see an alert feature that when a system is started, it checks to make sure that the client has the most up-to-date policies."

What is our primary use case?

We use Endpoint Protector as our data loss prevention solution for Windows, Linux, and Mac machines. Our clients work from outside of our building and in different locations, and we need to use this product to keep our data secure.

How has it helped my organization?

There are many benefits to using this solution.

In terms of the granularity of policies that we can create, this is a good product. We have created two policies that are used on Windows, Linux, and our Mac machines. The first is related to screen sharing, and the second is responsible for blocking files in email attachments.

This functionality is important to us. At the end of the day, we get reports about files, the users, and what they are doing. Preventing screen sharing with unknown people, or accepting files from somebody who is not known, are both things that I want to prevent.

We get detailed reports that identify our clients and we can see how each of them is spending their day at the office. Essentially, we have good visibility of the traffic on our endpoints.

To this point, I have not needed to lock down a variety of different USB devices. I have not used, for example, a card reader. I have only used it to lock down USB storage devices. In the future, I may use more of these features.

I have had no difficulty with using this solution in our hybrid environment that includes Windows, Linux, and Mac machines. There is no difference in features between the different platforms. There are differences such as the web browser that is used. For example, in Windows, we use Chrome, whereas, with Mac, we use Safari. Certain things are different based on the software but otherwise, everything is the same.

What is most valuable?

The most valuable feature is device control. If you have the wrong devices connected to the network then it may cost you, and this product allows you to control them. For example, you can prevent users from using an external hard disk, which is something that I like.

There is a clipboard feature to ensure that a user cannot print their screen or take a screenshot. This is one of the reasons that we feel secure when using this product.

The users are happy with using this solution on a daily basis. 

What needs improvement?

I would like to see an alert feature that when a system is started, it checks to make sure that the client has the most up-to-date policies. Before the policies are updated, nothing can be done on the system.

Buyer's Guide
Netwrix Endpoint Protector
December 2024
Learn what your peers think about Netwrix Endpoint Protector. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
830,526 professionals have used our research since 2012.

For how long have I used the solution?

We have been using Endpoint Protector for one year.

What do I think about the stability of the solution?

This is a stable product and we haven't had any problems with it.

What do I think about the scalability of the solution?

We have between 50 and 60 people in our organization.

How are customer service and support?

Within the past month or two, I have experienced problems and contacted technical support by email. They immediately responded and gave me suggestions on how to improve our security.

Normally, I send the support team an email and they answer within 24 hours. They analyze the problem and try to determine why it has occurred. They ask end-to-end questions such as what I was doing at the time, which allows them to assess and analyze all of the relevant points.

Which solution did I use previously and why did I switch?

This is the first DLP solution that we have used.

How was the initial setup?

The initial setup is very easy and there is nothing difficult about it.

Our deployment took one month and we didn't know anything about the product in advance. We didn't know exactly how it would work or which features would be added. The vendor explained everything to us after that.

What's my experience with pricing, setup cost, and licensing?

The minimum number of licenses they sell is 50 or 150 users. They do not sell, for example, a package of 10 licenses. It would be helpful if you could purchase a smaller number of licenses at one time.

Which other solutions did I evaluate?

We did not evaluate other such solutions before selecting this one.

What other advice do I have?

My advice for anybody who is considering this product is that it's user-friendly, and everyone can easily understand the details about how it works.

I am 100% confident in the security that I get from this product.

Overall, I think that our requirements for basic control, including application control, have been met. I'm happy with the current product and I like the feature set. That said, if they provide additional features in the future then we will use them.

I would rate this solution a ten out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.

PeerSpot user
Rich text editor
    reviewer2200881 - PeerSpot reviewer
    Director /Founder at a energy/utilities company with 51-200 employees
    Real User
    Top 20
    A robust data loss prevention offering effective internal data leakage prevention, simplified compliance management and user-friendly customization options
    Pros and Cons
    • "Its robust security audit and compliance functionalities prove especially beneficial for businesses in sectors like BFSI (Banking, Financial Services, and Insurance) and Information Technology."
    • "The only aspect that prevents it from being a perfect solution is the occasional slower response time."

    What is our primary use case?

    It serves as a tool for ensuring compliance and facilitating security audits and it functions as a protective measure against unauthorized data transfers, whether through email or USB devices. The primary focus revolves around maintaining compliance with regulations and safeguarding sensitive information from unauthorized transfers.

    How has it helped my organization?

    The primary advantage lies in preventing internal data leakage, effectively thwarting any unauthorized data transfer within the organization. Additionally, the audit functionality is invaluable, particularly given the mandatory compliance with data security laws, a requisite for every company, especially in India.

    What is most valuable?

    Its robust security audit and compliance functionalities prove especially beneficial for businesses in sectors like BFSI (Banking, Financial Services, and Insurance) and Information Technology. Also, the flexibility to independently set, modify, and adapt data security policies is a crucial feature, allowing users to tailor the protection measures according to their specific needs.

    What needs improvement?

    The only aspect that prevents it from being a perfect solution is the occasional slower response time.

    For how long have I used the solution?

    I have been working with it for eight months now.

    What do I think about the stability of the solution?

    The product is highly stable, with no reported issues.

    What do I think about the scalability of the solution?

    It provides excellent scalability capabilities.

    How was the initial setup?

    The initial setup is neither overly simplistic nor excessively complex. While it may not be effortlessly intuitive, it doesn't fall into the category of being highly intricate either. The process requires some time, patience, and a basic understanding, as individuals may find it initially challenging. This is often attributed to the unfamiliarity of information technology teams in various companies with data loss prevention solutions.

    What about the implementation team?

    The deployment process typically begins with a two-way proof of concept on five or six endpoints within the company. Once the POC is completed, addressing most bugs, difficulties, and fine-tuning keywords for Content Aware, the stage is set. The continuous refinement of keywords is crucial during this phase. Following the POC, any remaining issues or customizations are ironed out. Actual deployment, which usually spans about four to five days within a week, is not overly time-consuming. Larger companies may require more time and a larger team for deployment. However, in the case of smaller-sized companies, specifically those with user counts ranging from five hundred to one thousand, a two-member team is generally sufficient. The training process requires an investment of approximately three to four months for the client or customer team to familiarize themselves with the solution. Although it tends to become more straightforward with practice, the initial learning period spans around three months.

    What's my experience with pricing, setup cost, and licensing?

    The pricing is reasonable for this particular market.

    What other advice do I have?

    My recommendation for Kaspersky is highly positive. It supports all platforms, including Windows, Linux, and Mac. This broad compatibility across three different operating systems is a significant advantage. If you're someone using multiple platforms, Kaspersky proves to be an excellent and versatile option. Overall, I would rate it eight out of ten.

    Which deployment model are you using for this solution?

    Public Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Amazon Web Services (AWS)
    Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer

    PeerSpot user
    Rich text editor
      Buyer's Guide
      Netwrix Endpoint Protector
      December 2024
      Learn what your peers think about Netwrix Endpoint Protector. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
      830,526 professionals have used our research since 2012.
      Dan Pham Ich - PeerSpot reviewer
      Assistant It Manager at New system vietnam
      Real User
      Prevents 99% of ransomware
      Pros and Cons
      • "Endpoint Protector's best features are its protection and user-friendliness."
      • "Endpoint Protector would be improved with more DLP templates."

      What is our primary use case?

      I use Endpoint Protector to protect our end server.

      What is most valuable?

      Endpoint Protector's best features are its protection and user-friendliness.

      What needs improvement?

      Endpoint Protector would be improved with more DLP templates.

      For how long have I used the solution?

      I've been using Endpoint Protector for two to three months.

      What do I think about the stability of the solution?

      Endpoint Protector works perfectly.

      What do I think about the scalability of the solution?

      Endpoint Protector is scalable.

      How was the initial setup?

      The initial setup is easy with a private cloud.

      What other advice do I have?

      Endpoint Protector has machine learning and AI, and it prevents 99% of ransomware. I would give Endpoint Protector a rating of nine out of ten.

      Which deployment model are you using for this solution?

      Private Cloud

      If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

      Other
      Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller

      PeerSpot user
      Rich text editor
        Sivakumar Mahathevan - PeerSpot reviewer
        Head of MSP Division at Halodata
        Reseller
        Leaderboard
        Is user-friendly, easy to manage and set up, and is stable and scalable
        Pros and Cons
        • "We like that content-aware and device controls can easily be managed. They're not complicated. You don't need to be a rocket scientist to understand them."
        • "Because it is only an Endpoint Protector at this point in time, it does not have a network DLP component. There's only an endpoint DLP component. In the future, it would be good if a network DLP component could be embedded and extended to have network DLP capabilities."

        What is our primary use case?

        We are using it for data loss prevention, basically managing all our employees throughout the region. Our servers are installed in our HQ in Singapore. We use device control, content-aware management or content-aware protection, and enforce encryption.

        What is most valuable?

        We like that content-aware and device controls can easily be managed. They're not complicated. You don't need to be a rocket scientist to understand them.

        As for overall experience, Endpoint Protector is very user-friendly.

        What needs improvement?

        Because it is only an Endpoint Protector at this point in time, it does not have a network DLP component. There's only an endpoint DLP component. In the future, it would be good if a network DLP component could be embedded and extended to have network DLP capabilities.

        For how long have I used the solution?

        We've been using Endpoint Protector for more than seven years.

        What do I think about the stability of the solution?

        It is stable.

        What do I think about the scalability of the solution?

        It is very easily scalable.

        In my company alone, we have close to 100 users. They are scattered across three countries in the region. We manage for our end partners who have about 15,000 users.

        How are customer service and support?

        I am satisfied with Endpoint Protector support services. It is exceptional.

        How was the initial setup?

        It is super easy to set up. It takes less than one hour to set up the whole system, and you can actually get the users to get on the basic policies and tools in under a couple of hours as well.

        What's my experience with pricing, setup cost, and licensing?

        The pricing is very competitive and is cheaper in comparison to that of other solutions. It makes it an easy decision to go with EPP for the data loss prevention infrastructure.

        Which other solutions did I evaluate?

        In terms of the ease of deployment, the ease of management, and the ease of actually getting the basis of Endpoint Protector to move on, EPP is one of the easiest. I have seen more difficult ones, including those with setups that can take days and weeks.

        In terms of the infrastructure needed here, EPP only requires one VM to run the whole infrastructure, unlike McAfee or Symantec that require a database server with an operating system. You will need a file server and an operating server, which will make the infrastructure itself too expensive. With EPP, you will need just one VM server, and you can start your data loss prevention just like that.

        What other advice do I have?

        End users need to understand what data loss prevention is; otherwise, they will select the wrong solution. It will become too difficult, and they won't know what to do with it. It's best to start off with the baselines of Endpoint Protector and then move up to more complex situations with network DLP-based options.

        I would rate this solution at nine on a scale from one to ten.

        Which deployment model are you using for this solution?

        On-premises
        Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller

        PeerSpot user
        Rich text editor
          reviewer1560321 - PeerSpot reviewer
          Information Security Manager at a financial services firm with 5,001-10,000 employees
          Real User
          Enables us to block and blacklist all types of USB devices
          Pros and Cons
          • "The versatility regarding the exit point Endpoint Protector supports in making sure that important data doesn't leave our organization is vital for us. In the industry that we're in, data breaches are a significant concern. While our staff is contractually required to maintain confidentiality and they're all very aware that they shouldn't try and transfer company data of different classifications elsewhere to non-company devices, there's a risk."
          • "Sometimes, it should try to focus on one thing rather than multiple things. Endpoint Protector does device control very well, which is why we use that particular function."

          What is our primary use case?

          I work for a financial services company. As a consequence, we work with multiple lenders and lender clients; essentially banks and building societies. There's a requirement in this industry for tight controls from an information security point of view. For many years we've had industry requirements to deploy a number of technical controls to secure things like device control.

          Prior to using Endpoint Protector, we used Ivanti Device Control. However, from the UI point of view, it was a bit of a dated product, and some of the functionality wasn't brilliant. We also took a recommendation from our service provider, who had been using this product with other customers, and as such we deployed CoSoSys Endpoint Protector. We primarily have one single purpose, which is to secure all of our endpoints, mostly laptops. We have a very small number of client computers as well, but we primarily use it to block all removable media and all USB points on the laptops.

          As a business, we don't enable and support the use of removable media. We do have a small number of use cases where that is allowed, primarily within our IT team, but they are the exception. As such, every single USB port is blocked across the business with Endpoint Protector to mitigate the risk of somebody intentionally, accidentally, or for whatever reason being tricked into inputting their USB drive into our network which would then cause potentially a risk to the confidentiality, integrity, and availability of our data.

          We have a contractual requirement for us to have a tool like CoSoSys. It mitigates risk for us as a business by enabling us to be sure that no one can exfiltrate data from our company via USB media or be infected by malware by plugging a device into an endpoint.

          We only use that one particular feature. I believe there are other features available but I don't believe we pay for the other elements of functionality of the software. There are other features like DLP within the software, however, we have a suite of additional tools within our business to control those other elements so we use CoSoSys exclusively for device control.

          We only use it for a very small use case. It certainly has a wide range of functionality, although, we don't use the vast majority of the functionality because we don't pay for it or because we have other tools in place that are specific for a certain purpose.

          What is most valuable?

          The granularity of the policies that we can create is good. We block USB media. One of the reasons we left our previous provider is because of the lack of this functionality. We have built some custom rules to make exceptions for staff members that should be able to use USB media. Of course, the ability to amend and write policies is far more granular than the previous product that we used. Switches, disabling and blocking Bluetooth, weren't available with our previous supplier. 

          The feature that locks down USB devices means that if you plug removable media into any of our USB drives, it blocks it. As we block, we blacklist all the types of USB devices, and the cloud running trail blocks that. If someone puts the USB drive in, it will block them from opening that drive or even registering that drive. If they want to make an exception, they have to make a formal request to do so, and that can be made either by email or through an application to our IT desk.

          The versatility regarding the exit point Endpoint Protector supports in making sure that important data doesn't leave our organization is vital for us. In the industry that we're in, data breaches are a significant concern. While our staff is contractually required to maintain confidentiality and they're all very aware that they shouldn't try and transfer company data of different classifications elsewhere to non-company devices, there's a risk. If we didn't have Endpoint Protector in place, they could plug in a USB drive, copy a file onto the USB drive, and then take that onto their personal computer or share it externally, whether that be with the press or the public, etc. This tool stops that from happening. It means employees are unable to share files and exfiltrate data via that channel.

          We have other controls to stop other channels. One of the biggest concerns for us as a business is employees sharing data via the internet, dragging files and confidential information from our computer drives into Dropbox or into Webmail, et cetera. We have other controls and tools to stop that. But Endpoint Protector is used exclusively to stop USB media.If we didn't have Endpoint Protector in place, they could plug in a USB drive, copy a file onto the USB drive, and then take that onto their personal computer or share it externally, whether that be with the press or the public, etc. This tool stops that from happening. It means employees are unable to share files and exfiltrate data via that channel.

          We have other controls to stop other channels. One of the biggest concerns for us as a business is employees sharing data via the internet, dragging files and confidential information from our computer drives into Dropbox or into Webmail, et cetera. We have other controls and tools to stop that. But Endpoint Protector is used exclusively to stop USB media.

          For how long have I used the solution?

          I have been using Endpoint Protector for 18 months.

          What do I think about the stability of the solution?

          The stability is very comfortable. We have no qualms or concerns. There have not been any incidents or issues with it not working, or any problems that I'm aware of. Any kind of such problems would be raised to my attention and discussion review, and there haven't been any concerns raised by users or with our IT service desk. There has been no concern there.

          What do I think about the scalability of the solution?

          Scalability is about the policies. We could deploy it simply to larger groups of people as and when required. There's a procedure where we deploy using an RMM tool. It's easy to deploy.

          At present, we don't have plans to increase usage. We have a number of different controls and requirements, and we have specialist tools for each of the different requirements. We're also trying to move towards a Microsoft stack where possible because we have so many different tools in use. Microsoft doesn't do device control. 

          How are customer service and technical support?

          I have never personally been involved with technical support. There was joint deployment with our MSP. There have been no problems, so I think it's fairly positive.

          Which solution did I use previously and why did I switch?

          We were previously using Ivanti.

          How was the initial setup?

          The setup was quite straightforward and didn't cause any issues. But I wasn't involved. Our IT system team deployed it around 18 months ago. I was quite new to the business at the time. It went relatively smoothly, there were no hiccups, and there were no deployment problems.

          It took under a few weeks to implement. It was not a couple of weeks of solid work. We deployed it slowly within a UAT testing environment and only on a small number of laptops. Once we were comfortable that the config was working as expected, then we deployed our tool to other users. We deployed the end client to all endpoints using an RMM tool we use from SolarWinds.

          What about the implementation team?

          We have a managed service provider who we use to support some of our IT needs. They were the ones who recommended the products and they would have been the ones who actually implemented the product and do much of the actual deployment with our IT service desk.

          The implementation required around 2-3 staff members. It was one person from the MSP and two people in-house who would have worked on that project to deploy it. It was a normal project team for the deployment of that size.

          Day-to-day maintenance only requires one or two employees. We don't have somebody looking at it daily, but our service desk will review it, update it, and amend things within the tool as and when required. It really runs by itself, it's not a huge amount of maintenance, which is a good thing.

          What was our ROI?

          ROI is very hard to quantify but Endpoint Protector is ultimately priceless. If device control wasn't in place, any single data breach that could occur as a consequence of a USB device being able to transfer data externally could result, for us as a business, in considerable loss, and considerable fines. There are massive fines for data breaches in the UK.

          Data breaches could have a very significant reputational impact on our business. It's very difficult to quantify, but we haven't had any of these breaches. If we didn't have Endpoint Protector in place, we would be at a higher risk.

          What's my experience with pricing, setup cost, and licensing?

          The pricing is very fair. No concerns. We don't have massive budgets, we're quite a small company, but we don't have small budgets either. I think it's quite competitive.

          I don't believe there are additional costs in addition to standard licensing. 

          Which other solutions did I evaluate?

          We reviewed Ivanti Device Control, which is the previous tool we were using, and we compared it with Endpoint Protector's product set. Then we compared the prices and compared the features, and decided to go with Endpoint Protector over the previous supplier.

          What other advice do I have?

          We have a third-party that automatically encrypts confidential data transferred to USB storage devices. That's not a use case for us with Endpoint Protector.

          We exclusively use Windows. We do have instances of Linux, but from an endpoint point of view, it is exclusively Windows. 

          As a business, we're never going to move into a Mac OS environment, so the fact that it supports Windows, Mac, and Linux wouldn't be one of our prerequisites. We looked at Endpoint Protector to make sure it supported Windows but the fact that it supports all platforms wasn't that important to us. Obviously, if it didn't work with Windows we wouldn't have used it, but from that point of view, it's not important for us now.

          We also don't use it to search for keywords that are important to our business. We have a third-party tool we've had in use for several years that classifies all our data and ensures that we have visibility of where data is and what type of data is at risk.

          I would rate Endpoint Protector an eight out of ten. I'm by no means an expert on the tool, however, it does appear to offer quite a large range of different functions within the toolset. Sometimes, it should try to focus on one thing rather than multiple things. Endpoint Protector does device control very well, which is why we use that particular function.

          Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.

          PeerSpot user
          Rich text editor
            Mohammad Amir Hossain - PeerSpot reviewer
            Head of IT Infrastructure at a tech vendor with 10,001+ employees
            Real User
            Top 10
            Stable and works well across multiple platforms
            Pros and Cons
            • "It is easy to manage the DLP between MacOS and Linux."
            • "In Linux a user can remove a getent anytime. There is no control there on the file structure in Linux. So if this solution could give us information on what users removed in the dashboard, it would help us."

            What is our primary use case?

            We have a multi-platform environment, mainly Linux and Mac.

            We installed a client in our client PCs and we have a management server in the same network. So we control the workstation through that management control, we mainly enable the Endpoint Protector function for blocking USBS and other physical ports, and we have some policies to restrict data passing from one PC to another PC. Those are the main features we are using.

            How has it helped my organization?

            Endpoint Protector almost fulfills our requirements; by 60%. Compared to other solutions we feel better with CoSoSys. 

            We are a research center, so control is very important for us. We don't have any in-house solutions for Mac and Linux, so CoSoSys is a very important tool for us to control and ensure our internal security. This is a very important function.

            During lockdown time we needed to deploy some new policies and rules. We faced problems all the time. We communicated with CoSoSys'  technical teams and we generated support tickets. They supported us as much as possible. During that period they helped us a lot.

            Because we are using it for security purposes, there is no direct impact value, but it is saving our data. That is very important. It's almost like an insurance policy.

            What is most valuable?

            We are happy and satisfied with the solution. When we face any problem, we contact the CoSoSys technical team support directly and they support us as much as possible.

            CoSoSys provides a single platform to support Windows, MacOS and Linux. We are using hybrid deployment docs, but we're only using Linux and a Mac, not Windows.

            It manages the DLP. It is easy to manage the DLP between MacOS and Linux. This is very important for us because we don't have any sort of in-house solution for data collection for the Linux and Mac environment. We are fully dependent on CoSoSys.

            We are not using encryption, because the encryption depends on the server and on many other things, which will cause us to face problems.

            Additionally, it has granularity features to copy, paste, and do other things.

            Between PCs, there is no control, but we are interested when data is transferred to outside the PCs. At those times we use CoSoSys. CoSoSys can control most of this part.

            It has absolutely, 100% helped to reduce important data from going out of our organization.

            What needs improvement?

            Some CoSoSys features do need to be improved. For example, in Linux a user can remove a getent anytime. There is no control there on the file structure in Linux. So if this solution could give us information on what users removed in the dashboard, it would help us. If CoSoSys applied this sort of improvement, it would help us a lot.

            For how long have I used the solution?

            We have been using Endpoint Protector for two to three years.

            What do I think about the stability of the solution?

            Endpoint Protector is a very stable product.

            We manage it directly and when we face any issues, we directly contact CoSoSys. There is no third party. When purchasing we use a third party for payment and other purposes as it is overseas payment, so we can't pay directly.

            We are licensing from a reseller, but all our support is directly through CoSoSys.

            What do I think about the scalability of the solution?

            Right now we have about 400 developers using this solution, with one person managing it and one as backup. It does not require too much manpower to manage this team.

            How are customer service and technical support?

            Their support is very good. We have had very good experiences with them.

            They have been responsive and they're generally knowledgeable. They always support us when we request it.

            How was the initial setup?

            The initial setup is simple, not complex.

            The initial setup did not take much time. It is a very lightweight application and it runs very smoothly. It actually took less than half a minute to setup.

            You just need to install and sync with the management service and it work in the background as an agent. It is automatically up and working in the background.

            The first time we needed to configure and set up synchronization and the next times, for any changes we may need, we need to apply it in the server and sync with both of them.

            Prior to deploying it, we had some strategies. We set our purpose, our policy, and then based on this policy, we deployed it.

            What's my experience with pricing, setup cost, and licensing?

            We think the pricing is very reasonable.

            Which other solutions did I evaluate?

            We searched Digital Guardian and some other solutions. We found CoSoSys is the most suitable for us.

            CoSoSys completely allows combined work in Windows, Linux, and Mac and the synchronization between server and client is very easy. In addition, creating exceptions is very easy in CoSoSys compared to other solutions.

            What other advice do I have?

            I work in Samsung, so we have many subsidiaries all over the world. Gradually we are explaining to them that we are using this solution in Bangladesh and we are expecting more organizations in Samsung to use this solution.

            We have a platform to communicate with each other and share our experiences. So if any offices in Samsung begin using this process it would allow us to develop these things for Samsung more closely.

            On a scale of one to ten I would give Endpoint Protector an eight. Our experience using Endpoint Protector for security purposes is very good.

            Which deployment model are you using for this solution?

            On-premises
            Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.

            PeerSpot user
            Rich text editor
              reviewer1554309 - PeerSpot reviewer
              CTO at a aerospace/defense firm with 201-500 employees
              Real User
              Allows us to have better control over what end-users plug into their computers and tighten our security posture
              Pros and Cons
              • "The device control is a big deal for us because we can actually lock out removable drives and different types of hardware. It allows us to have better control over what end-users plug into their computers, and we can have deny lists and tighten our security posture."
              • "The reports and analysis could be improved. There could be a little more data, and the logs could be a little more granular, but it's nothing major. It does what it needs to do, and it's fine."

              What is our primary use case?

              We bought it because we had a specific need for a single Macintosh computer. We're a defense contractor, so we have to meet very rigid compliance requirements, and Macintosh caused a lot of problems for our mainly Windows domain infrastructure. So, we found the Endpoint Protector tool and tested it, and it did what we wanted it to do. 

              We bought it for the Macintosh environment, but because we liked it, we rolled it out to our Windows environment as well.

              How has it helped my organization?

              The key point is that it allowed us to meet a complex cybersecurity requirement mandated by the government, and it was cost-effective. It is critical to our business because if we're not compliant, we can't bid on contracts.

              It provides the ability to lock down a wide variety of USB devices. We've actually done it for pretty much everything that could potentially be an issue, such as keyboards, mice, USB devices, and CD-ROMs. This functionality is critical for us.

              What is most valuable?

              The device control is a big deal for us because we can actually lock out removable drives and different types of hardware. It allows us to have better control over what end-users plug into their computers, and we can have deny lists and tighten our security posture.

              In terms of the granularity of the policies, it is fine. It does exactly what we need. It is granular enough, but it is not too much where it is impossible to tune. It has a nice balance.

              In terms of ease of managing DLP in a hybrid environment, it has been very easy to use. It's a very intuitive product. There were no issues trying to figure stuff out.

              What needs improvement?

              The reports and analysis could be improved. There could be a little more data, and the logs could be a little more granular, but it's nothing major. It does what it needs to do, and it's fine. 

              The alerts could be a little bit more intuitive, but again, it's not a big deal. It's just if I had to choose something, that's what it would be.

              For how long have I used the solution?

              We have not been using it for very long. We bought it about four or five months ago.

              What do I think about the stability of the solution?

              It has been rock solid. It has never crashed or blown up on us.

              What do I think about the scalability of the solution?

              We haven't gotten that far yet. We're using it for the initial rollout, and then in the future, we do plan to look more into the Content Aware Protection module to see if this is another add-on module in which we would be interested. After we start playing with the Content Aware Protection module and add modules, we'll know more about scalability, but right now, I don't have any input on that.

              In terms of its usage, we currently have about a hundred devices.

              How are customer service and technical support?

              They were excellent. They were very responsive and helpful.

              Which solution did I use previously and why did I switch?

              We have had other things. One of the solutions that we used to use was GFI, but it got extremely expensive and over-complex, and it wasn't stable.

              How was the initial setup?

              It was easy. From deployment to config, it wasn't overly involved or overly complex. The lady we talked to at Endpoint helped us very quickly. We had a licensing issue with something, and their support was good.

              Its deployment did not take very long. It took less than a day. 

              In terms of the deployment plan, it is simple enough where you don't need anything too complex. We just have a process that we follow. To add any new software, we have to try it first on a dirty network and validate it, and if all is good, then we put it in production.

              In terms of its maintenance, primarily, our network engineer is responsible for configuring, reviewing, maintaining, and upgrading it. The rest of us look at the reports and the alerts from it.

              What was our ROI?

              I can't provide a specific return on investment. The return on investment is that this is a lot cheaper than if someone plugs in a USB key with malware and pollutes the whole network.

              What's my experience with pricing, setup cost, and licensing?

              From what we've seen, their pricing is a lot lower than the other stuff we've looked at. I actually don't have any concerns with their pricing. They were probably the most reasonable company out there for the features that were offered.

              It was pretty straightforward in terms of licensing, and you just pay for the license.

              Which other solutions did I evaluate?

              We looked at some of the other options. I don't remember their names, but the costs were outrageous. They were just unobtainable for a small business like ours. The cost was a big driver for going for Endpoint Protector, and its features worked. 

              Some of the other solutions offered more in terms of data leakage protection, but again, they were too much for a small business. The cost was a big factor as well.

              What other advice do I have?

              It is critical to test it out. I would advise doing the trial first to make sure it absolutely works for what you need it to do. Being able to test it without paying is a big deal, and it lets you really drive it.

              We don't use the EasyLock USB Enforced Encryption app to automatically encrypt the confidential data transferred to the USB storage. We don't allow USB storage. We use it purely to lock the device, and our encryption is handled by another tool.

              In terms of role-based access features for admins, I don't handle a lot of the technical side of it. My network engineer handles it, so I don't have any input to provide, but I haven't heard any complaints.

              For zero-day protection, we have other tools. I don't think we're using this feature.

              I would rate Endpoint Protector an eight out of 10. It pretty much did what they stated it did. There were no surprises.

              Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.

              PeerSpot user
              Rich text editor
                reviewer2587170 - PeerSpot reviewer
                IT Engineer at a tech services company with 51-200 employees
                Real User
                Top 5
                Gain control over endpoint security with enhanced visibility and device management
                Pros and Cons
                • "The most valuable aspects of the solution is the device control, which manages any portable device connected to the endpoint, and content-aware protection, which controls data in motion from the endpoint to outside, like when users try to upload data to a web browser or an instant messaging application."
                • "Currently, for additional applications that need monitoring by the EPP, a request must be made to their technical support. It would be beneficial to add a feature allowing users to manually add applications for monitoring without depending on the vendor."

                What is our primary use case?

                The primary use case is to prevent data loss and data breaches from employees using endpoints such as workstations or notebooks.

                How has it helped my organization?

                They gain a lot of visibility over file transfers and user activities. For example, a company can detect when a user copies sensitive company files to an external drive. With this visibility, security is enhanced, and any unauthorized attempt to handle sensitive data can be blocked.

                What is most valuable?

                The most valuable aspects of the solution is the device control, which manages any portable device connected to the endpoint, and content-aware protection, which controls data in motion from the endpoint to outside, like when users try to upload data to a web browser or an instant messaging application.

                What needs improvement?

                Currently, for additional applications that need monitoring by the EPP, a request must be made to their technical support. It would be beneficial to add a feature allowing users to manually add applications for monitoring without depending on the vendor.

                For how long have I used the solution?

                I have been working with Endpoint Protector for approximately five years.

                How are customer service and support?

                Generally, they are very helpful when we escalate an issue. However, the time difference can make some discussions and follow-ups challenging as their working hours are based on U.S. time, while we work on Indonesian time. There's a seven-hour difference.

                How would you rate customer service and support?

                Positive

                Which solution did I use previously and why did I switch?

                I have not worked with any other DLP solution before Netwrix Endpoint Protector.

                What's my experience with pricing, setup cost, and licensing?

                I am not sure about the pricing since I handle the technical aspects, not the pricing.

                What other advice do I have?

                I would recommend Netwrix Endpoint Protector to others.

                I'd rate the solution nine out of ten.

                Which deployment model are you using for this solution?

                On-premises
                Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
                Flag as inappropriate

                PeerSpot user
                Rich text editor
                  Buyer's Guide
                  Download our free Netwrix Endpoint Protector Report and get advice and tips from experienced pros sharing their opinions.
                  Updated: December 2024
                  Product Categories
                  Data Loss Prevention (DLP)
                  Buyer's Guide
                  Download our free Netwrix Endpoint Protector Report and get advice and tips from experienced pros sharing their opinions.
                  ...
                  ...