Trellix Endpoint Security (ENS) Reviews

McAfee is used to secure my laptop against online threats and malware. It detects and removes any potential issues from the laptop.

It's good that it periodically scans all my drives. I can stay up to date with the status of my drivers and update them if needed.

One suggestion is they should reduce the constant notifications. Whenever I open my laptop, there are too many notifications from McAfee, and it gets annoying.

I would like to see less notifications.

I have been using this solution for about four to five months because I've just purchased my new laptop. It came with the latest version when I got the laptop.

The stability is good. I receive updates regularly, which is quite good.

It's quite straightforward. You have the dashboard to access all the data protection features, so it's easy to use.

The deployment hardly takes two to three minutes.

For the McAfee process, I didn't need to contact anybody. I just needed to switch on my laptop, and it started on its own.

You need to subscribe to McAfee. There's a subscription on a yearly basis. It's not that expensive; it's quite affordable.

I would suggest giving it a try. Overall, I would rate the solution a nine out of ten. Due to the notifications, I would deduct one point. But overall, it's a nine. It's good.

It can be used for ransomware detection and data exfiltration. It is also able to detect Remote Access Trojan (RAT).

It is easy to use, flexible, and stable. Because it is a cloud-based solution and it integrates all endpoints of the cloud, we can do an IOC-based search. It can search the entire enterprise and tell us the endpoints that are possibly compromised.

It has a feature called Isolation. If a device is compromised, we can connect it to our SOC, and no one would be able to access it. This way we can limit the damage to the network while we are investigating.

Malware detection can be better. It doesn't have support and detection for the recent malware, but it has a compensatory control where it can do the behavior-based assessment and alert you when there is something malicious or unexpected. For example, when a certain user is executing the privilege command, which is not normal. These dynamic detections are good, and they compensate for malware detection.

It has very good integrations. However, its integration with Palo Alto was not good, and they seem to be working on it at the backend. It is not very resource-hungry, but it can be even better in terms of resource utilization. It could be improved in terms of efficiency, memory sizing, and disk consumption by agents.

They have something called Managed Detection and Response. They get intel from their customers, and that intel is shared with the rest of FireEye's customers. I want to subscribe to their intel, but that is not available to us.

I have been using this solution for two years.

It is stable. The FireEye team monitors it, and in case it goes down, we get an alert saying that the device is down. We either get their help or troubleshoot it ourselves to get it up and running.

It is quite scalable. We have scaled it according to their sizing recommendations. They have devices for different bandwidths, models, and offices.

We have about 4,000 people who are using this product. In terms of our plans to increase its usage, we are currently studying two options. One of them will basically scale up to about 40,000 instances.

Their technical support is good. For each region, they seem to have got local support that takes care of all problems. They have support teams in Singapore, India, and North America.

Its initial setup was straightforward. I have done one installation that took about 90 minutes. Virtual installations are straightforward. Physical installations have got some networking interfaces, and one needs to go through the documentation to do it. If you have got the right configuration, it is straightforward.

We have about five people within SOC. We manage the engineering and deployment aspects of it. It is not very resource-hungry.

For its deployment, we just needed about four people. We deployed about 14 appliances and one cloud-based instance. We have automated the deployment. We deployed it via Puppet, so the installation was fast.

We also use CrowdStrike Falcon, which is also endpoint security. At that time, we chose the best option based on our study. Both Falcon and FireEye were doing good in the market, so we basically went ahead with what was the best at that time. We buy the licenses for both of these and then do the deployment.

We also use Sophos, but it is signature-based. We have licenses for the normal management control software of Sophos and the agents. We have not used Sophos Intercept X. My understanding is that it is an EDR, and we look forward to doing a study on it.

Based on my two years of experience with this solution, I would comfortably recommend this solution.

I would rate FireEye Endpoint Security an eight out of ten.

We use the platform for managing and securing endpoints in our organization.

The solution's technical support services have a quick response time. It has been beneficial for our organization. 

The platform's most valuable features are AI capabilities and its quick updates. 

They could provide better integration capabilities for the product with other services.

We have been using Trellix Endpoint Security (ENS) for two to three years. We are using the latest version and regularly update it.

I rate the product's stability a seven out of ten. 

Our corporation has approximately 13,000 Trellix Endpoint Security (ENS) users. It is a scalable product.

The solution helps manage users easier and reduces the workload for the IT team.

The product pricing is high. 

We are evaluating Trellix Endpoint Security (ENS) features compared to others. 

I advise others to consider the specific requirements of users, such as personal devices that may not be supported before making a purchase decision.

I rate it an eight out of ten. 

We just run it in the background and potentially scan any wireless or malicious file. It must be the same setup.

Maybe the performance could be better. I noticed that it slows down a bit when I start it up in the morning.

We have had this solution for over three years now. It's enterprise security. We use the latest version. 

It's stable. It's just that I don't have to use it very often. I can go weeks without having to deal with any issues. If something does pop up, it's usually pretty easy to fix. I just let the people who know what they're doing handle it.

It's scalable enough for our needs. I don't see any problems right now. There are about 55 users in two branches of our company.

We haven't needed to use tech support. We are an IT company, so we usually take care of our own devices.

The setup is not that complex. It takes five to ten minutes to set up. It's mostly this is our old devices.

It's a self-deployable solution, so we don't need any technical staff for deployment.

We do need to pay for a license.

Overall, I would rate the solution a six out of ten. 

We deploy the solution on-premises but we have the roadmap to migrate it on cloud. Initially, everything was on-premises, but we are moving to the cloud, which will be our first cloud migration.

The seamless deployment is very valuable.

The quality of the dashboard could be improved, and the central monitoring dashboard needs improvement. At first, we thought we were getting multiple views. One was a wholly summarized view, and the other was a more detailed view of an endpoint device. Digging into one device's detail is sometimes difficult. Additionally, the granularity of reporting can be improved. The next release could also include an extended mobile connection for the solution.

We have been using this solution for approximately four months.

The solution is stable.

The solution is scalable. Maybe in another six to eight months, we will scale to around 5,500 because we are recruiting more people, so the number may increase.

I have not had any experience with customer service and support.

We previously used Trend Micro. When we were deploying Trend Micro, we faced a lot of difficulties. When we acquired Trend Micro, we had no endpoint security so we had to remove an endpoint and deploy Trend Micro. As a result, deploying Trend Micro was very painful. There were frequent failures in the automatic script that Trend Micro had provided, and it took us about three and a half months to completely cover around 4,000 devices. At the same time, McAfee's deployment was seamless. There might have been an issue, but those issues never escalated. With Trend Micro, the issues escalated frequently.

We switched because of the distinction in scalability, Bluetooth and support. Additionally, one of the reasons we replaced Trend Micro was that we were raising a support ticket every month, which was embarrassing for us. We were losing five to seven tags. PSEs and the response to those PSEs were not satisfied every time.

I rate pricing and licensing a seven out of ten.

I rate this solution an eight out of ten. The solution is good, but the dashboard quality and granularity of reporting can be improved.

We moved on to FireEye HX as an endpoint solution. Mainly, this is the next-generation endpoint protection where it protects the endpoints not just from the office network but also from roaming. Its capability seeing today's threat actors is the best one.

This gives us a more secure and completely scalable zero-day model security product to the endpoint. We manage not only the software but also the next-gen AV.

All the features of HX give the administrator control over the managed devices:

• Managing is easy
• The different threat actor based signature
• Behavioural analysis
• Malware protection
• Zero-day protection

IOC based detections are really the best ones. However, the enterprise search option is a hunting option given to the admin.

• AV management based on manual scan
• Manual scan feature is not easily done
• A long way of setting hostname set, and
• Scheduling over policy which is time taking and I don't feel comfortable. 

Excellent.

Performance wise, it's good. The agent does not consume much process or CPU.

Great support, a well technology-minded guy with a proactive and ready-to-resolve easy attitude.

The deployment was easy.

In-house, and sometimes getting help from the product vendor.

Though it's expensive, it gives the security required to be trusted with the product.

We use this solution to enhance our internal defense system, protecting us against malware and advanced persistent threats.

We use the on-premises deployment model.

This solution has helped to protect our organization against security threats.

The most valuable feature of this solution is its simplicity. The triage process is quite effective, and it is compatible with many different systems.

We had a very large problem that has, unfortunately, not been solved. Simply put, when we start the computer the program will not start. We have encouraged FireEye to solve this problem because we have to manually start this product each and every time, and it affects almost thirty percent of our environment. From a security perspective, this is not stable.

After using various components in this solution, I get the feeling that not every part of the whole FireEye suite works perfectly with the other parts. Sometimes you have this functionality where the product has the ability to take data from one part of the solution and use it in different parts. Sometimes, however, you don't have this luxury. The solution needs more suitable dashboards that handle things from different perspectives. For example, a CEO and a technician from operations are completely different. The integration and display of the dashboards have to be done better.

We have had trouble with stability because the program fails to start when the computer does. 

This solution is very flexible and scalable.

This solution needs stronger support in Eastern Europe because of the time difference between, for example, Poland and the United States. It makes it difficult to contact technical support. In order to receive good support, we have to wait until 5:00 pm before we call. Essentially, the vender needs a better presence in more time zones, and 24/7 support would help to fix this.

Technical support has another problem, where the support from the US is better than the support elsewhere. The training and knowledge should be the same, no matter which tech support group you contact. This might be accomplished using a better internal knowledge sharing system.

We did use another solution prior to this, but because we have the entire FireEye suite, we decided to create a more monolithic approach to security using different products. These include FireEye EX and FireEye AX, which are used for malware protection, network protection, and sandboxing. We decided that if these were good enough then we would push more for the endpoints, which is why we adopted this solution.

The installation of this solution is straightforward from my perspective.

I like FireEye products, and they have a huge portfolio for this solution. However, this is not a magic bullet where you can install it and your problems will disappear. The problem is with the people, rather than the tool. From my perspective, you can install every tool, but you need to have a security operations team involved in the process of analyzing, sorting, and eliminating threats.

When we started our project, we had very few people and we have realized that this had to change. The system without human intervention is useless. We needed to build more complex security operation centers to handle false positives, the triage process, and eliminating threats.

The biggest lesson that I have learned from this solution is that people need to be ready and the business needs to be ready to use it. This is not a toy. It is a very mature solution to protect the internals of the organization and it should be treated in this way.

This is not the worse product that I have seen. I've seen many, many bad products. At the same time, this is not the best product that I have seen.

I would rate this solution an eight out of ten.

We're using MVISION Endpoint for the protection of our endpoint devices.

What I like most about McAfee MVISION Endpoint is that it's very user-friendly. You do need some knowledge on how to navigate the portal, but as soon as you've gained that knowledge, navigation will no longer be an issue.

I have no complaints about McAfee MVISION Endpoint. For me, the product is perfect the way it is. It's great right now, and it's doing good as it is.

So far, McAfee MVISION Endpoint ticks off all of our boxes, but its pricing could always be better.

I started using MVISION Endpoint last year. It was preceded by the MVISION ePO.

McAfee MVISION Endpoint is a stable product.

McAfee MVISION Endpoint has no issues in terms of scalability. You just need money to make scaling up possible.

The support for McAfee MVISION Endpoint is okay. I have no complaints about it.

On a scale of one to five, where one is bad and five is good, I would rate support for the product as four out of five.

The initial setup for McAfee MVISION Endpoint is pretty easy.

We used a consultant for the deployment of McAfee MVISION Endpoint.

I don't have information on ROI from McAfee MVISION Endpoint because a separate unit takes care of those calculations.

Pricing for McAfee MVISION Endpoint is not very good, and I would rate its cost three out of five, though I won't be able to mention how much its actual price is.

There were other solutions in use, but that was before I joined my department, so I don't know which solutions were used before my company went with McAfee MVISION Endpoint.

I have some experience with McAfee MVISION Endpoint, and I'm currently using it. I can't remember the exact version of the solution which I'm using, but it's the latest version.

My company is a customer of McAfee MVISION Endpoint.

My company is a telco, so I don't have the exact user count, but it's surely more than a hundred. All roles within my company use the product, even people at the highest levels.

At the moment, there's no plan to increase usage of McAfee MVISION Endpoint within the company.

My advice for people looking into implementing McAfee MVISION Endpoint is to use the demo, roll it out within your organization, utilize its functionalities, and let it work for you.

In terms of rating, I'm giving McAfee MVISION Endpoint a solid eight because it does what's needed and it works, so no complaints.