Netwrix Endpoint Protector Reviews

We bought it because we had a specific need for a single Macintosh computer. We're a defense contractor, so we have to meet very rigid compliance requirements, and Macintosh caused a lot of problems for our mainly Windows domain infrastructure. So, we found the Endpoint Protector tool and tested it, and it did what we wanted it to do. 

We bought it for the Macintosh environment, but because we liked it, we rolled it out to our Windows environment as well.

The key point is that it allowed us to meet a complex cybersecurity requirement mandated by the government, and it was cost-effective. It is critical to our business because if we're not compliant, we can't bid on contracts.

It provides the ability to lock down a wide variety of USB devices. We've actually done it for pretty much everything that could potentially be an issue, such as keyboards, mice, USB devices, and CD-ROMs. This functionality is critical for us.

The device control is a big deal for us because we can actually lock out removable drives and different types of hardware. It allows us to have better control over what end-users plug into their computers, and we can have deny lists and tighten our security posture.

In terms of the granularity of the policies, it is fine. It does exactly what we need. It is granular enough, but it is not too much where it is impossible to tune. It has a nice balance.

In terms of ease of managing DLP in a hybrid environment, it has been very easy to use. It's a very intuitive product. There were no issues trying to figure stuff out.

The reports and analysis could be improved. There could be a little more data, and the logs could be a little more granular, but it's nothing major. It does what it needs to do, and it's fine. 

The alerts could be a little bit more intuitive, but again, it's not a big deal. It's just if I had to choose something, that's what it would be.

We have not been using it for very long. We bought it about four or five months ago.

It has been rock solid. It has never crashed or blown up on us.

We haven't gotten that far yet. We're using it for the initial rollout, and then in the future, we do plan to look more into the Content Aware Protection module to see if this is another add-on module in which we would be interested. After we start playing with the Content Aware Protection module and add modules, we'll know more about scalability, but right now, I don't have any input on that.

In terms of its usage, we currently have about a hundred devices.

They were excellent. They were very responsive and helpful.

We have had other things. One of the solutions that we used to use was GFI, but it got extremely expensive and over-complex, and it wasn't stable.

It was easy. From deployment to config, it wasn't overly involved or overly complex. The lady we talked to at Endpoint helped us very quickly. We had a licensing issue with something, and their support was good.

Its deployment did not take very long. It took less than a day. 

In terms of the deployment plan, it is simple enough where you don't need anything too complex. We just have a process that we follow. To add any new software, we have to try it first on a dirty network and validate it, and if all is good, then we put it in production.

In terms of its maintenance, primarily, our network engineer is responsible for configuring, reviewing, maintaining, and upgrading it. The rest of us look at the reports and the alerts from it.

I can't provide a specific return on investment. The return on investment is that this is a lot cheaper than if someone plugs in a USB key with malware and pollutes the whole network.

From what we've seen, their pricing is a lot lower than the other stuff we've looked at. I actually don't have any concerns with their pricing. They were probably the most reasonable company out there for the features that were offered.

It was pretty straightforward in terms of licensing, and you just pay for the license.

We looked at some of the other options. I don't remember their names, but the costs were outrageous. They were just unobtainable for a small business like ours. The cost was a big driver for going for Endpoint Protector, and its features worked. 

Some of the other solutions offered more in terms of data leakage protection, but again, they were too much for a small business. The cost was a big factor as well.

It is critical to test it out. I would advise doing the trial first to make sure it absolutely works for what you need it to do. Being able to test it without paying is a big deal, and it lets you really drive it.

We don't use the EasyLock USB Enforced Encryption app to automatically encrypt the confidential data transferred to the USB storage. We don't allow USB storage. We use it purely to lock the device, and our encryption is handled by another tool.

In terms of role-based access features for admins, I don't handle a lot of the technical side of it. My network engineer handles it, so I don't have any input to provide, but I haven't heard any complaints.

For zero-day protection, we have other tools. I don't think we're using this feature.

I would rate Endpoint Protector an eight out of 10. It pretty much did what they stated it did. There were no surprises.

The primary use case is to prevent data loss and data breaches from employees using endpoints such as workstations or notebooks.

They gain a lot of visibility over file transfers and user activities. For example, a company can detect when a user copies sensitive company files to an external drive. With this visibility, security is enhanced, and any unauthorized attempt to handle sensitive data can be blocked.

The most valuable aspects of the solution is the device control, which manages any portable device connected to the endpoint, and content-aware protection, which controls data in motion from the endpoint to outside, like when users try to upload data to a web browser or an instant messaging application.

Currently, for additional applications that need monitoring by the EPP, a request must be made to their technical support. It would be beneficial to add a feature allowing users to manually add applications for monitoring without depending on the vendor.

I have been working with Endpoint Protector for approximately five years.

Generally, they are very helpful when we escalate an issue. However, the time difference can make some discussions and follow-ups challenging as their working hours are based on U.S. time, while we work on Indonesian time. There's a seven-hour difference.

Positive

I have not worked with any other DLP solution before Netwrix Endpoint Protector.

I am not sure about the pricing since I handle the technical aspects, not the pricing.

I would recommend Netwrix Endpoint Protector to others.

I'd rate the solution nine out of ten.

We have been implementing and designing solutions with CoSoSys as a part of the Host level DLP (Data leak prevention) solution. Our major cause is to provide a solution to protect data being leaked by their users, knowingly, via any application or software like web browsers, email, SaaS applications, drive, etc., or any hardware devices through MTP/PTP (mobile phones, wifi, USB, cd/floppy, printer, or ay such devices

We have successfully implemented this solution in multiple customer environments, PAN India.

We have implemented this solution for protecting our data that may be leaked by users for their personal use.

Our concern for data protection came into the picture during the pandemic phase (COVID-19), where users were performing critical business operations from their homes. At that moment, it was observed that data needs to be protected.

We were searching for data protection solutions on Google during the time, where Endpoint Protector popped up. We connected with their team, implemented the same in our environment initially for testing purposes, and then implemented it in our environment and then in our customer's network.

The most valuable features are Device Control, Content-Aware Protection, Enforced Encryption, and eDiscovery.

Device control is a module of CoSoSys EPP where we get granular rights and controls for protection of data getting leaked from any hardware devices like USB drives, Storage media, Wi-Fi, printers, etc.

Content-Aware Protection prevents users from uploading or sharing the data or files/documents with others through any application or software like web-browsers, email, file-sharing, or remote application software. It can even prevent users from taking and/or sharing screenshots or clipboard data.

Enforced Encryption is used when you want to have only permitted or restrictive devices connecting to user systems.

eDiscovery is another module where an IT admin can find a file/resource/path/folder present in a user's system.

As a host DLP solution, it has granular controls and features. It misses Network level DLP and SaaD DLP offerings. If CoSoSys comes up with a suite of Host DLP, along with Network DLP and SaaS DLP, it will cover all of the aspects of a DLP solution.

Various other products provide us a complete suite of solutions covering Host, Network, and SaaS aspects. Examples of these are Forcepoint and Digital Guardian.

I have been deploying and presenting this solution to multiple customers, since April 2020.

There are areas where CoSoSys supports more than other vendors do. For example, they offer support for Windows, Mac, and Linux platforms, which not all of the other vendors provide.

The initial setup and installation of the server were very simple.

We implemented in-house using the admin guide that was provided.

This is a budget-friendly solution that covers all the aspects of host-level DLP.