Trellix Endpoint Detection and Response (EDR) Reviews

We use the solution to detect different threats.

Trellix has a user-friendly interface.

Everything is normal, but it's not up to the mark compared to other solutions. It isn't easy to manage. The detection rate is also not reasonable. Trellix does not support Linux and Mac.

I have used Trellix Endpoint Detection and Response (EDR) for 1 year.

I rate the solution’s stability a six out of ten.

Earlier, 10,000 users were using this solution.

I rate the solution’s scalability a six out of ten.

Support is good. They provide a swift response.

I have used Symantec. It is a user-friendly solution with good performance and easy deployment. Support is also good.

The initial setup is easy. We use email deployment. Sometimes, we use third-party tools like SSCM to deploy.

The product has agent-based costs.

We need to get special training for maintenance. Maintenance is very easy, but it requires engineers.

Overall, I rate the solution a six out of ten.

We use this solution to protect our endpoints, meaning our workstation laptops.

The most valuable features of the solution are the ability to isolate or quarantine devices and block or detect Ransomware and other well-known tools that are used to exploit vulnerabilities on devices.

The dashboard and reporting features are not so user-friendly or intuitive, so they need some work.

In terms of being able to detect new threats, it would be good if the solution was not so dependent on a signature base, but instead offered a more rapid release for being able to detect zero-days. 

My company has been using McAfee MVISION Endpoint Detection and Response for about seven months. 

The solution is stable. 

The solution is easily scalable. 

Their technical support is better than some of the competitors in the space. To make a direct comparison, it's definitely better than Symantec Broadcom.

The initial setup takes a bit of work, but it can be done. It's not easy. It's not hard. It's in between.

I would rate this solution as a seven out of ten.

This is more of a cloud-based clientless type solution, for file-based security. 

The solution is scalable and the product has a good strategy when everything is in place. 

One of their issues is that they were very much based on agents, whereas most of the other solutions are clientless. There were a lot of legacy issues and they needed to evolve to more of the current operating systems of Microsoft for endpoint systems and PCs. If you're clientless, your cloud-based applications sit on top of the operating system and are not built into it.

It's reasonably stable. They made some changes to the architecture and that always creates issues. 

The solution is scalable. 

They had pretty good tech support. I think a lot of what happened to McAfee, from my perspective, was everything went offshore to India and for US customers, there is a language barrier that created problems.

The initial setup was relatively complicated and used a lot of resources - CPU resources, memory, disk.

There are a lot of companies in this space now and they are all pretty close to each other in terms of what they offer. I think those that are more user-friendly, and have the agentless client have the advantage over the legacy companies with older architecture. 

They lost a lot of product managers and engineering managers in the breakup. That said, I think this is a good product with a good strategy, they just haven't quite reached maturity yet.  

I rate this solution eight out of 10. 

The solution is used for threat hunting and incident response.

Trellix is a good solution. It helps with real-time monitoring and alerts. We are pretty satisfied with it. The product is user-friendly. It improves our security posture.

The graphical view for nodes must be increased.

I have been using the solution for two years.

The tool’s stability is good.

The tool is scalable.

We need three to four months to learn the tool. We were given training. It is not difficult if we read the documents properly.

The price is reasonable.

We were looking for other solutions. Whoever is interested in the product can learn to use it. Overall, I rate the solution an eight out of ten.

Please share how Trellix Endpoint Detection and Response has improved your organization. If it didn't, please explain why.

The solution should be more compatible with macOS.

The solution is stable. I rate it a nine out of ten.

The solution is scalable. Since we are from the banking industry, we have 10,000 users for the solution.

We have two architects, five engineers and two technical support personnel for deployment.

The pricing for Trellix Endpoint Detection and Response (EDR) is good.

I rate Trellix Endpoint Detection and Response a seven out of ten.

I have upgraded to EDR for endpoint protection.

Feature-wise, this product is similar to other EDRs.

The main drawbacks are resources and processing time, as it consumes a lot of CPU and RAM.

The alert system should be improved.

Technical support is in need of improvement.

The dashboard should be improved because it needs a fresh look.

Improvement in the centralized policy enforcement is needed.

I have been using this product for three years.

This is a stable product.

The scalability is okay, although not much more than that.

This is the worst technical support. Without OEM support, you can't handle this product. OEM support is mandatory, yet sometimes, they are not capable of installing and implementing the product properly.

I was using McAfee DLP for Endpoint protection, but it is not very strong. This is why I have upgraded to the EDR solution.

We did not have any issues with configuration. However, in terms of implementation, we had a lot of issues. There is complexity in policy aggregation. When you upgrade the client, there is a challenge in policy enforcement.

Initially, it will take about one month to deploy.

The cost is okay, compared to other products.

We have been looking at replacing McAfee with Trend Micro, but to change our setup is a big task. It is very complex and we need a plan, so are just upgrading instead of changing at this time.

My advice for anybody looking into implementing this product is to first look into who will be providing the support. If they do not have good capabilities and the support is not very strong, then do not choose this option.

I would rate this solution a three out of ten.