FireEye replaces our traditional antivirus solutions like Symantec and McAfee and covers multiple business use cases, including EDR.
Project Manager at LTIMINDTREE
We can deploy all our configurations through the cloud
Pros and Cons
- "We have a cloud-based instance, so we can deploy all our configurations through the cloud. That's the beauty of FireEye."
- "Upgrading to new versions isn't easy and it can take a long time. Also, other solutions' tamper protection features are better than FireEye's. Clients should have access to our local information, but they shouldn't change settings on the system itself."
What is our primary use case?
What is most valuable?
We have a cloud-based instance, so we can deploy all our configurations through the cloud. That's the beauty of FireEye.
What needs improvement?
Upgrading to new versions isn't easy and it can take a long time. Also, other solutions' tamper protection features are better than FireEye's. Clients should have access to our local information, but they shouldn't change settings on the system itself.
For how long have I used the solution?
I I have used FireEye for 10 months.
Buyer's Guide
Trellix Endpoint Security (ENS)
October 2024
Learn what your peers think about Trellix Endpoint Security (ENS). Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
What do I think about the stability of the solution?
I rate Endpoint Security seven out of 10. There is room for improvement and development.
What do I think about the scalability of the solution?
FireEye is a cloud-based application, so it's easy to extend by purchasing more licenses.
How are customer service and support?
FireEye responds promptly, and their support has been excellent so far.
How was the initial setup?
Deploying Endpoint Security is hassle-free. We uninstalled our legacy antivirus system and deployed FireEye. We created a package and deployed it across the servers manually.
What other advice do I have?
I rate FireEye Endpoint Security eight out of 10. Explore the solution and see what benefits it can offer your organization. I recommend FireEye depending on the customer's needs and use cases.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Regional Cyber Security Manager
Offers a variety of plugins, is reasonably stable, and has fair pricing
Pros and Cons
- "The extendability is great."
- "The solution needs to work on memory consumption. It is too high."
What is our primary use case?
We primarily use the solution for managed defense. It is a next-generation EDR, similar to Cylance and CrowdStrike. It's used for endpoint enforcement.
What is most valuable?
It offers more plugins for endpoints in order to extend endpoint protection. There are a variety of plugin options.
The extendability is great.
It is pretty stable.
The product is very scalable.
We find the pricing to be in line with the current market.
What needs improvement?
The solution needs to work on memory consumption. It is too high. EDRs are notorious for this.
Technical support could be improved a bit. They are doing a lot with the acquisition and rebranding, and things may take a while to settle.
For how long have I used the solution?
We've used the solution for 18 months.
What do I think about the stability of the solution?
The solution is stable and reliable. It's just as stable as anything else on the market. This is a stable build. All of it does depend on the interaction with the Microsoft patches. Most of the time, the performance is quite good.
What do I think about the scalability of the solution?
The solution scales well and has a lot of device plugins. I'd rate it a ten out of ten. You can do all kinds of things with it that you can't do with other endpoint protection options.
How are customer service and support?
Technical support isn't ideal. It's not that it is awful; it's just not fantastic.
Which solution did I use previously and why did I switch?
I'm also familiar with Cylance and CrowdStrike, which I've used at a different company.
How was the initial setup?
I wasn't involved with the initial setup. However, we have a top-notch implementation engineer.
What about the implementation team?
We had the vendor's assistance, and we've always had an excellent experience using them.
What's my experience with pricing, setup cost, and licensing?
I am not sure about the exact costs. However, my understanding is it is comparable to Crowdstrike. Like other solutions, the more endpoints you have, the less the cost.
What other advice do I have?
We're customers. We're an international conglomerate. They are our vendor, and they are partners with us on our security journey.
I'd advise people to use Managed Defense. It pays for itself.
I'd rate the solution a solid eight out of ten overall.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Trellix Endpoint Security (ENS)
October 2024
Learn what your peers think about Trellix Endpoint Security (ENS). Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
Manager- Process Excellence at Datamatics Business Solutions
A cloud solution for security purposes but performs slowly during usage
What is our primary use case?
We use the solution for security purposes.
What is most valuable?
The solution is valuable for security aspects.
What needs improvement?
The solution should respond faster. Whenever Trelix runs, the system slows down.
For how long have I used the solution?
I have been using Trellix for two years. We are using the latest version of the solution.
What do I think about the stability of the solution?
The product’s stability is good.
I rate the solution’s stability a seven out of ten.
What do I think about the scalability of the solution?
The solution is scalable. Around 3,000 users are using this solution.
I rate the solution’s scalability an eight out of ten.
How are customer service and support?
Technical support is good. They respond faster.
How was the initial setup?
The initial setup is simple.
What other advice do I have?
Ten people are required for maintenance.
You should monitor how efficiently the solution functions, how it will impact your system, and how many files will be processed. The more files your system has, the more security time is needed to scan them daily. Due to this, your system may become slower. Trelix ensures the system does not slow down even when Trelix runs in the background.
Overall, I rate the solution a seven out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
System&Security engineer at Var Group SpA
A strong, stable, and scalable solution with good support
Pros and Cons
- "It is a really strong solution for endpoint security."
- "There should be better integration between the ePolicy Orchestrator and FireEye console. The integration of both consoles should be better."
What is our primary use case?
We are using all Trellix solutions, and we are also using all McAfee products. Our customers are using virus scan for the old platforms, Endpoint Security, MVISION, File and Folder Encryption, File and Folder Protection, and Device Control, but at the moment, I am really interested in the integration between the new Trellix solution like MVISION and FireEye.
What is most valuable?
It is a really strong solution for endpoint security.
What needs improvement?
There should be better integration between the ePolicy Orchestrator and FireEye console. The integration of both consoles should be better.
For how long have I used the solution?
I have been using this solution for about six years.
What do I think about the stability of the solution?
Its stability is perfect.
What do I think about the scalability of the solution?
Its scalability is perfect. In our company, we have between 2,000 and 3,000 users, but our installation has about 50,000 endpoints for all customers.
How are customer service and support?
They're very good. I am in contact with their support about five times a day, and they respond quickly.
How would you rate customer service and support?
Positive
How was the initial setup?
It was easy. I have been using Trellix since the carbon age. I have been using Trellix since the day it was released.
Its deployment doesn't take long.
What about the implementation team?
I customize every installation.
What's my experience with pricing, setup cost, and licensing?
It is not so cheap in comparison to Sophos and other solutions.
What other advice do I have?
Make a really detailed survey of all the systems before implementing any solution on the endpoint. Do not buy the license and try deployment after that.
I would rate it a 10 out of 10.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
CEO at a tech services company with 1-10 employees
Central management that enhances endpoint protection with helpful support
Pros and Cons
- "The EPO, the ePolicy Orchestrator, is the best endpoint protection central management system."
- "The detection and response capabilities need to be improved."
What is our primary use case?
We use Trellix Endpoint Security for endpoint protection, including virus protection for desktops, laptops, and servers. The solution includes special dedicated modules, such as those for Microsoft SharePoint security.
How has it helped my organization?
Trellix Endpoint Security helps us support and secure a large number of endpoints efficiently. We have a lot of installations, supporting up to twenty thousand endpoints. With the central management system EPO, it has significantly improved our ability to manage security across these devices.
What is most valuable?
The EPO, the ePolicy Orchestrator, is the best endpoint protection central management system.
Trellix Endpoint Security has a lot of special small modules that I like very much, such as access protection, adaptive threat prevention, exclusion capabilities, and logging capabilities. Together with disk encryption or file encryption, it provides a comprehensive solution.
What needs improvement?
The detection and response capabilities need to be improved. The product is not sharp enough in catching viruses, and we often have to use additional components alongside the pure endpoint security. Symantec, for example, might be better in this area.
For how long have I used the solution?
We have been working with Trellix Endpoint Security for about 20 years.
What do I think about the stability of the solution?
The stability of the solution is very high, I'd rate it around eight or nine out of ten.
What do I think about the scalability of the solution?
Scalability is high; I'd rate it 20 out of ten if possible.
How are customer service and support?
Technical support is correct and absolutely helpful. We had some issues during the migration from McAfee to Trellix, particularly with account migrations, but generally, support has been good.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have used Fortinet Endpoint Management, Symantec, Kaspersky, Check Point, and others. Among these, I find that the EPO system of Trellix is the best.
How was the initial setup?
I like the initial setup very much because Trellix Endpoint Security has a lot of special small modules and configurations. It's flexible and allows for detailed customizations.
What's my experience with pricing, setup cost, and licensing?
The pricing of the solution is correct and justified for the value it provides.
What other advice do I have?
I'd rate the solution eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Last updated: Sep 20, 2024
Flag as inappropriateDelivery Manager at a tech services company with 10,001+ employees
Great containment feature and very user-friendly GUI
Pros and Cons
- "A great console with a user-friendly GUI."
- "Search feature could be made more user-friendly."
What is our primary use case?
The solution enables me to monitor all my endpoints and ensure that our agents are reporting to the FireEye management server. That is key for allowing us to see any suspicious traffic coming in. I'm the delivery manager and we are customers of FireEye.
What is most valuable?
I like the console and the GUI is user-friendly. One of the most important and critical features is containment. Suppose something gets infected and there's the possibility of it spreading laterally and causing a problem or compromising a network. FireEye has a feature that enables it to disconnect from a system network so that the infection doesn't spread.
Even if an incident occurs at night when support teams are not available, the feature can contain the infection so that when the support teams get to work, they can carry out the remediation part and bring the system back to production.
What needs improvement?
I'd like to see the searches enhanced because when I hand over the product to someone without experience, it should be user-friendly to them as well. If the feature was enhanced, and the amount of data that comes in reduced, it would simplify the process for anyone.
For how long have I used the solution?
I've been using this solution for two years.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
I haven't had any issues with scalability.
How are customer service and support?
The support is pretty good, we haven't had any problems.
How would you rate customer service and support?
Neutral
How was the initial setup?
We had a separate team implementing FireEye and there didn't seem to be any issues so I think deployment was relatively straightforward.
Which other solutions did I evaluate?
I prefer FireEye to solutions like CrowdStrike, Carbon Black, and Trend Micro which are not as user-friendly. FireEye is also easier to integrate with the SIEM, so all the logs get pushed and there are no issues getting the device integrated with SIEM.
What other advice do I have?
I rate this solution nine out of 10.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Technical consultant at a construction company with 51-200 employees
Protects server files deployed in the web tier but have poor support
Pros and Cons
- "HIPS protects server files from being modified or deleted by unauthorized users. It's primarily deployed in the web tier."
- "It is a bit technical. The user interface has some significant limitations, mainly when using HIPS on the server side, to protect files from being changed or deleted by hackers, users, or administrators."
What is our primary use case?
I'm working on a project for the Hong Kong library system under the Hong Kong government. They provide workstations in the library for citizens to access the Internet. The ENS needs to be installed on all the PCs in the library. Another part involves the CSWA for the server farm. They are upgrading the entire library system, including the rental system, book search, eBooks, multimedia, and other services. The CSWA modules are primarily for the backend servers, including Linux and Windows.
How has it helped my organization?
Detection and response functionality meet our requirements, but the support is poor.
What is most valuable?
HIPS protects server files from being modified or deleted by unauthorized users. It's primarily deployed in the web tier.
What needs improvement?
It is a bit technical. The user interface has some significant limitations, mainly when using HIPS on the server side, to protect files from being changed or deleted by hackers, users, or administrators. The UI only allows for the inclusion of files using wildcards.
For example, it can protect an entire directory or a subdirectory, but it doesn't let you select specific files within a directory.
For how long have I used the solution?
I have been using Trellix Endpoint Security (ENS) as an implementor for two years.
What do I think about the stability of the solution?
We haven't had any system crashes or problems in most cases. SolidCore is not compatible with some kernels, which is causing problems. Endpoint, HIPS, and anti-theft are working fine so far.
I rate the solution’s stability as seven out of ten.
What do I think about the scalability of the solution?
We use one ePO server to manage around four thousand endpoints, including servers. This single server effectively handles this load.
It is suitable for medium and large enterprises.
I rate the solution’s scalability as seven out of ten.
How are customer service and support?
Support is poor. A module called Solidcore needs to match with the OS kernel in one area. The support for this module has been slow because it doesn't match the latest OS. As a result, we haven't been able to upgrade our OS because McAfee does not support the latest version. We've also encountered issues where the product can't be upgraded or installed successfully. We're managing over 300 servers and 3,000 workstations. Upgrading has been a nightmare with this setup.
It provides a slow response. Sometimes, getting feedback takes a few days, and that is also not to the point.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is easy and straightforward. Determining specific modules and functions often involves a lot of trial and error. Deployment takes only a couple of days.
What other advice do I have?
Overall, I rate the solution a seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
Last updated: Sep 2, 2024
Flag as inappropriateGroup Manager at HCL Technologies
Works in an ecosystem, has a central console, and can enable blocking
Pros and Cons
- "If the network has seen something, we can use that to put a block to all the endpoints."
- "The solution can be expensive."
What is our primary use case?
We used it for a compromise assessment. That would be for our client. We deployed the agents. It was for endpoint security.
We had been using the solution previously for one of the clients. We were using it for six months, and we did a compromise assessment based on the FireEye Endpoints that were deployed across the group. At that point in time, there were a lot of ransomware attacks in the environment, and it was impossible to identify the source of the attack and where it came from. The tools didn't point to that visibility. We had to deploy these agents across the environment and also monitor the environment using the network security appliances provided by FireEye just to monitor.
We did monitor it for six months, so it was an assessment. In those six months, we did not have another ransomware attack. It was proven the environmental assessment was clean. That was the whole objective of the compromise assessment - to find out if there are any indicators or anything that has gained a foothold in the environment, trying to fend advanced persistent threats from that standpoint.
What is most valuable?
It is a great solution. The way it exchanges the information between the entire ecosystem, all the endpoints, as well as the network ATP, can trigger the blocking even if it is seen by some other device. If the network has seen something, we can use that to put a block to all the endpoints.
It works in an ecosystem. Centrally, from just one console, you can block malicious attacks across your environment. It provides you with the ability to respond to threats better.
What needs improvement?
The solution can be expensive.
If it could provide a little more in terms of automating things, for example, in response and automatic playbooks wherein you define whatever it is if you see this kind of a threat. You define the actions that need to be followed. If a playbook could be automated and run without even requiring manual involvement, that is the future we want, and they should look into how to make that happen. That is the kind of capability we want them to build.
In terms of reporting, also, if they could provide a little bit more information from where it started, how it progressed; a complete workflow, how that had progressed from where it was picked up; what was the target stage, what was the next stage, and what was the final stage, that would be very helpful. If they could pick up in a simple pictorial way of representing analysis just like the Cisco ASA Packet Analyzer used to do, that would be really helpful.
For how long have I used the solution?
We used the solution for six months.
What do I think about the stability of the solution?
The stability has been very good. There are no bugs or glitches and it doesn’t crash or freeze. It’s reliable.
What do I think about the scalability of the solution?
The product can scale. It’s not an issue at all. 20,000 users were using the solution with no problems.
How are customer service and support?
We have contacted tech support. Tech support was brilliant. They were very knowledgeable, very skillful, and very responsive, and they knew the subject matter. They knew what we were asking for.
How was the initial setup?
The agent installation was okay. It was just a package that was installed. It also provides options to customize and fine-tune based on the system's performance. It's not too heavy on the systems or the servers.
On the network side of things, I think there were challenges to getting that working. We had to do a couple of alterations in terms of making it work, mainly since the appliance's model was provided using a special-purpose SFP, and the compatible SFP was not available in the client environment at that one point. We had to procure it specifically for that assessment.
What's my experience with pricing, setup cost, and licensing?
It’s very costly.
What other advice do I have?
I’d recommend the solution to others.
I would rate the solution eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Trellix Endpoint Security (ENS) Report and get advice and tips from experienced pros
sharing their opinions.
Updated: October 2024
Popular Comparisons
CrowdStrike Falcon
Microsoft Defender for Endpoint
Fortinet FortiEDR
Cisco Secure Endpoint
SentinelOne Singularity Complete
Fortinet FortiClient
Cortex XDR by Palo Alto Networks
Elastic Security
Symantec Endpoint Security
Intercept X Endpoint
Trend Vision One Endpoint Security
Trellix Endpoint Security
Kaspersky Endpoint Security for Business
Buyer's Guide
Download our free Trellix Endpoint Security (ENS) Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- How does McAfee Endpoint Security compare with MVISION?
- How does Crowdstrike Falcon compare with FireEye Endpoint Security?
- Where can I get a fully paid for training course for McAfee MVISION Endpoint?
- What is the biggest difference between EPP and EDR products?
- Can Cylance be used with Symantec or Kaspersky endpoint solutions without conflict?
- When evaluating Endpoint Security, what aspect do you think is the most important to look for?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Which Endpoint Protection Solution offers Zero Trust (ZTN) as a feature?
- What to choose: an endpoint antivirus, an EDR solution or both?
- Are you aware of SIEM platforms that integrate both Active Directory auditing and security monitoring tools?