Netwrix Endpoint Protector Reviews

We use it primarily for endpoint protection. We have to be SOC 2 compliant. We have a number of standards that we have to abide by for HIPAA reasons and SOC 2 reasons, which is why we initially put it in place, but we mostly use it for endpoint protection and MDM.

We have access to some healthcare data, at times, which means that we have to follow very strict guidelines. So we need the endpoint protection.

I like the main dashboard. It's very intuitive. 

The offline temporary passcode solution is really easy to use for both the backend administrator and the users.

The granularity of the policies that you can create is pretty sufficient. We haven't had to make any super-granular policies. I understand what its capabilities are, and it is really nice to know that if we have to crack down and be a little more strict on our policies, Endpoint Protector provides those features.

It also provides us with the ability to lock down a wide variety of USB devices, which is pretty important because we don't want certain data accessed. It does a really good job when it comes to the versatility of the exit points it supports, making sure that important data does not leave our organization.

Endpoint Protector also provides a single platform to support Windows, macOS, and Linux, although we don't use Linux, we just use Windows and Mac. It makes it pretty easy for me to manage DLP in such a hybrid environment. I find it intuitive. It's pretty vital that it supports Windows and macOS because we use both types of computers in our company. It provides Zero day protection for macOS.

There are times when the server needs to be updated, and it would help if I got a notification for when the newest version comes out, because at the moment, I'm going in every now and then and checking. Sometimes it comes out and I didn't know it had come out. It would be super-helpful if I got a notification saying, "It's time to update the server."

I've been using CoSoSys for a little more than two years.

It hasn't changed much since we started using it, so I haven't really found myself having to adapt or learn anything new. It has served all the purposes that we've purchased it for, so it's pretty stable.

We have such a small team that scalability hasn't really been an issue at this point. It's easy enough for me to manage it on my own. We have fewer than 50 employees, and somewhere between 50 and 60 computers, so I haven't really encountered any scalability issues. We've adopted it 100 percent.

For the most part, their technical support has been really responsive and good about setting up time to go over things. They have been pretty timely, in general.

We didn't have anything in place before.

It's really easy to install. I had to do most of them in person. At the time, most of us were in the office, so I just had folks drop off their computers at my desk for 15 minutes while I set it up. Some took less than 15 minutes. We do have some remote workers, and I used Zoom which has a remote screen option.

It was done over the course of a couple of days, because I had 50-something devices to do.

I don't know if Endpoint Protector has this kind of feature, because I didn't need to use it. But if I had more than 50 computers, it would have been really time-consuming to do the implementation. It wasn't that bad for me, but any more than 50 computers would be a little bit of a hassle.

Our return is that it serves the purpose that we need it for.

The pricing model changed the last time that we renewed, but it's reasonable compared to what's out there.

Choosing a solution was a discussion that happened before I was in the mix. I don't know if other solutions were discussed before this one was decided upon. I do know that it was something that another employee had used before and she recommended it. I don't know if a lot of other research went on or they just said, "Okay, since someone knows it and they've used it, we'll use it too."

In terms of feature parity between Windows and macOS, with Windows it takes a lot longer to install, but that's really the main difference.

We primarily use the solution for DLP. 

I have not found any valuable features.

I bought it for my Windows, Linux, and Mac platform. Frankly speaking, I'm not happy with the product. The reason is that they have not tested the product in their environment. You can't really install it on any endpoint, because you never know what will happen.

I have faced issues which shouldn't be related to this product. This product is purely a DLP, so it should only protect my data. I don't know what is happening with their agent or what is happening with the software, but it messes up my endpoint. For example, people are facing bandwidth issues. Before I deployed this on an endpoint, people were getting internet speeds of 40 or 50 Mbps. After deploying it, that would come down to 10 Mbps. And if I uninstalled the agent, it would go back to 50 Mbps.

In my experience, they claim their product is very good, but I don't think so.

Software should be such that if you deploy it on any machine, it should not come up with issues. If it is blocking things I can understand that the engine behind the software is very good. But it is blocking things that are not required to be blocked.

The major challenge was my Linux environment, and that is why I took this product—to get it deployed on my Linux machine. But if I want to deploy it on Linux 1, 2, or 20, or some other Linux distribution, I need to reach out to the support team to get the agents. If I have paid for licenses, they should be on the portal so I can download all the different versions freely.

If I want to install it on any machine, I need to give the version of that machine and they will give me the agent. You don't know whether that agent is the latest one or not. And if you face challenges you have to go back to the support team again and say, "I have deployed it and I'm facing this issue." They will give you another version. I can't tell you all the challenges we have faced. I have not deployed it on a single Linux machine, and it was for Linux that I bought this product. I have just put it on Windows, because on Windows I am facing fewer issues compared to Mac and Linux.

It is not a straightforward installation or a straightforward configuration, for me or the end-user.

I bought Endpoint Protector six months back.

If you talk about the server on which the application is running it's very stable. But if you talk about the agents, I have already explained how many issues I'm facing.

Whenever we contacted support they would give us a resolution and we would apply it. One issue would get resolved but another issue would come up. It's like they considered us as a tester of their application.

In our company, we provide infrastructure services. People have their own environments on their endpoints. If they come across issues, every time we talk to support they tell us to show them the environment. It is not easy for us to get a developer to give control of his or her machine to CoSoSys support in order to showcase the issue.

I mentioned one point to the support team: "Please provide us the latest version of your product." That is how it happens with all products. If your company has come up with an updated version, you should reach out to your customers. Either publish it on your website, saying that you have a new version or new agent, or send an email to all your customers. When I put this comment on the ticket, the feedback I got from a support engineer was, "Please mention this to your account manager." He should not have said that. The support team should have gone to the management team and told them about the feedback they were getting from the customer. They should have said to management, "We need to incorporate these things into the system."

I never ever tell my clients to reach out to my management if they have issues. I'm here to address those issues. If I'm unable to do that, then I will reach out to my management to tell them this customer is facing these issues and we need to address them as a high-priority.

After that, I reached out to my account manager from whom I bought this product and I told him to escalate this issue. I said, first of all, that the tech team should reach out to the customer with the latest version. And secondly, that the support guy who told me to reach out to management should not have done that. The account manager escalated it to someone but I didn't get a call back on that topic.

It's a very serious matter. I was expecting a response from the account manager or from some senior person, but I never ever heard anything from the company.

It has not been so easy to get the support that I paid for. I should get prompt support during that year.

A colleague who works with another company bought this product and he told me about it. The one thing I liked about this product was because it is for Mac, Linux, and Windows. If you go for other companies like Forcepoint or Symantec Endpoint Protection, they only give you a solution for Windows and Mac. In our company, we are about 60 percent Linux, 30 percent Windows, and 10 percent Mac.

The server setup is very easy. They have an appliance and you just decide where you want to set it up. They give you some image files. You attach that file to your server and your server is ready. After that, you need to put your own efforts into the configuration, because with these guys the support is pathetic.

If they gave it to me for free for the next year I would not go for this product. Pricing is one thing, but if they are not giving me a full, usable product, pricing hardly matters.

I have seen a demo of Forcepoint. Although it is not meant for Linux, rather for Windows and Mac, it is very easy to use. I'm thinking that if I had bought Forcepoint at least I would be okay with my Windows and Mac. Now I'm worried about all the three operating systems and I have paid a very handsome amount for the product.

In my previous company I was using Symantec and that is a wonderful product. But Linux was the challenge.

I'm just waiting for the renewal. I will not use it again in the future.

DLP means blocking something, and I have not blocked anything. If you look at my configuration, I'm just reporting things in case something happens so I can fetch the logs and show them to management. But I don't want to face an embarrassing situation in front of management, because we are in the software service. We have proper SLAs. But if management comes to me and says, "Why didn't you guys block this?" I will not have any answer.

If I knew that support was fantastic, that if I did something and I got stuck I could reach out to support and they would help me out immediately, then I would try. But if I deploy something and I come across some issues, I don't know how much time these guys will take: two days, three days, or five days. They have no SLA. We are a startup but we have proper SLAs with our end-users and clients.

If CoSoSys made some improvements in their product and to their support, no doubt it could be very good. The product is forward-looking, in my opinion, which is a requirement nowadays. But because of the pathetic support and their internal team not doing proper testing of their product... Previously, people used to work only on Windows. But now people are mainly working on Mac or Linux. And now, because of the COVID-19 situation, people are working from home and it is necessary to deploy this product on endpoints to save company data.

We have been implementing and designing solutions with CoSoSys as a part of the Host level DLP (Data leak prevention) solution. Our major cause is to provide a solution to protect data being leaked by their users, knowingly, via any application or software like web browsers, email, SaaS applications, drive, etc., or any hardware devices through MTP/PTP (mobile phones, wifi, USB, cd/floppy, printer, or ay such devices

We have successfully implemented this solution in multiple customer environments, PAN India.

We have implemented this solution for protecting our data that may be leaked by users for their personal use.

Our concern for data protection came into the picture during the pandemic phase (COVID-19), where users were performing critical business operations from their homes. At that moment, it was observed that data needs to be protected.

We were searching for data protection solutions on Google during the time, where Endpoint Protector popped up. We connected with their team, implemented the same in our environment initially for testing purposes, and then implemented it in our environment and then in our customer's network.

The most valuable features are Device Control, Content-Aware Protection, Enforced Encryption, and eDiscovery.

Device control is a module of CoSoSys EPP where we get granular rights and controls for protection of data getting leaked from any hardware devices like USB drives, Storage media, Wi-Fi, printers, etc.

Content-Aware Protection prevents users from uploading or sharing the data or files/documents with others through any application or software like web-browsers, email, file-sharing, or remote application software. It can even prevent users from taking and/or sharing screenshots or clipboard data.

Enforced Encryption is used when you want to have only permitted or restrictive devices connecting to user systems.

eDiscovery is another module where an IT admin can find a file/resource/path/folder present in a user's system.

As a host DLP solution, it has granular controls and features. It misses Network level DLP and SaaD DLP offerings. If CoSoSys comes up with a suite of Host DLP, along with Network DLP and SaaS DLP, it will cover all of the aspects of a DLP solution.

Various other products provide us a complete suite of solutions covering Host, Network, and SaaS aspects. Examples of these are Forcepoint and Digital Guardian.

I have been deploying and presenting this solution to multiple customers, since April 2020.

There are areas where CoSoSys supports more than other vendors do. For example, they offer support for Windows, Mac, and Linux platforms, which not all of the other vendors provide.

The initial setup and installation of the server were very simple.

We implemented in-house using the admin guide that was provided.

This is a budget-friendly solution that covers all the aspects of host-level DLP.