Trellix Endpoint Security (ENS) Reviews

We primarily use this solution as cover for mobile devices. I'm the manager of pre-sales and we are resellers and users of this solution. We are low-level partners of McAfee.

The solution provides good mobile device protection and it's great that it's on the cloud. The product is compatible and works for all platforms.

I'd like McAfee to include device control on MVISION. The solution currently lacks mobile device management. The cost of the solution is comparatively high and I'd like to see that reduced. 

I've been using MVISION for one year and working with McAfee solutions for the past 10 years. 

The solution is stable for threat protection. 

The solution is scalable.

The technical support is very good. They are very knowledgeable and also happy to help out. 

Positive

The initial setup is easy and very straightforward. 

There's a USD$1,500 supported annual subscription fee that includes maintenance for anywhere between 51 and 100 users. It's USD$30 per users which I think is quite expensive. 

It's important to be clear about your use case and environment before purchasing this solution. 

I rate this solution eight out of 10. 

We use this solution to enhance our internal defense system, protecting us against malware and advanced persistent threats.

We use the on-premises deployment model.

This solution has helped to protect our organization against security threats.

The most valuable feature of this solution is its simplicity. The triage process is quite effective, and it is compatible with many different systems.

We had a very large problem that has, unfortunately, not been solved. Simply put, when we start the computer the program will not start. We have encouraged FireEye to solve this problem because we have to manually start this product each and every time, and it affects almost thirty percent of our environment. From a security perspective, this is not stable.

After using various components in this solution, I get the feeling that not every part of the whole FireEye suite works perfectly with the other parts. Sometimes you have this functionality where the product has the ability to take data from one part of the solution and use it in different parts. Sometimes, however, you don't have this luxury. The solution needs more suitable dashboards that handle things from different perspectives. For example, a CEO and a technician from operations are completely different. The integration and display of the dashboards have to be done better.

We have had trouble with stability because the program fails to start when the computer does. 

This solution is very flexible and scalable.

This solution needs stronger support in Eastern Europe because of the time difference between, for example, Poland and the United States. It makes it difficult to contact technical support. In order to receive good support, we have to wait until 5:00 pm before we call. Essentially, the vender needs a better presence in more time zones, and 24/7 support would help to fix this.

Technical support has another problem, where the support from the US is better than the support elsewhere. The training and knowledge should be the same, no matter which tech support group you contact. This might be accomplished using a better internal knowledge sharing system.

We did use another solution prior to this, but because we have the entire FireEye suite, we decided to create a more monolithic approach to security using different products. These include FireEye EX and FireEye AX, which are used for malware protection, network protection, and sandboxing. We decided that if these were good enough then we would push more for the endpoints, which is why we adopted this solution.

The installation of this solution is straightforward from my perspective.

I like FireEye products, and they have a huge portfolio for this solution. However, this is not a magic bullet where you can install it and your problems will disappear. The problem is with the people, rather than the tool. From my perspective, you can install every tool, but you need to have a security operations team involved in the process of analyzing, sorting, and eliminating threats.

When we started our project, we had very few people and we have realized that this had to change. The system without human intervention is useless. We needed to build more complex security operation centers to handle false positives, the triage process, and eliminating threats.

The biggest lesson that I have learned from this solution is that people need to be ready and the business needs to be ready to use it. This is not a toy. It is a very mature solution to protect the internals of the organization and it should be treated in this way.

This is not the worse product that I have seen. I've seen many, many bad products. At the same time, this is not the best product that I have seen.

I would rate this solution an eight out of ten.

My company uses Trellix Endpoint Security (ENS) to protect our computers.

The most valuable feature of the solution stems from the fact that it works fine with stability.

From an improvement perspective, I want everything in the solution to be free. I don't consider myself to be so sophisticated when it comes to Trellix Endpoint Security (ENS).

I have been using the trial version of Trellix Endpoint Security (ENS), but I have experience with the tool for around four years. I don't remember the version of the solution.

It is a stable solution.

It is a scalable solution.

I used the solution's technical support and was satisfied with their responses.

I have experience with Microsoft Defender, AVG, and Norton.

The product's initial setup was straightforward.

The solution's deployment by an end user can be done in three minutes.

I recommend the solution to others who plan to use it.

I rate the overall tool a nine out of ten.

McAfee is used to secure my laptop against online threats and malware. It detects and removes any potential issues from the laptop.

It's good that it periodically scans all my drives. I can stay up to date with the status of my drivers and update them if needed.

One suggestion is they should reduce the constant notifications. Whenever I open my laptop, there are too many notifications from McAfee, and it gets annoying.

I would like to see less notifications.

I have been using this solution for about four to five months because I've just purchased my new laptop. It came with the latest version when I got the laptop.

The stability is good. I receive updates regularly, which is quite good.

It's quite straightforward. You have the dashboard to access all the data protection features, so it's easy to use.

The deployment hardly takes two to three minutes.

For the McAfee process, I didn't need to contact anybody. I just needed to switch on my laptop, and it started on its own.

You need to subscribe to McAfee. There's a subscription on a yearly basis. It's not that expensive; it's quite affordable.

I would suggest giving it a try. Overall, I would rate the solution a nine out of ten. Due to the notifications, I would deduct one point. But overall, it's a nine. It's good.

FireEye replaces our traditional antivirus solutions like Symantec and McAfee and covers multiple business use cases, including EDR. 

We have a cloud-based instance, so we can deploy all our configurations through the cloud. That's the beauty of FireEye.

Upgrading to new versions isn't easy and it can take a long time. Also, other solutions' tamper protection features are better than FireEye's. Clients should have access to our local information, but they shouldn't change settings on the system itself. 

I I have used FireEye for 10 months.

I rate Endpoint Security seven out of 10. There is room for improvement and development. 

FireEye is a cloud-based application, so it's easy to extend by purchasing more licenses. 

FireEye responds promptly, and their support has been excellent so far.

Deploying Endpoint Security is hassle-free. We uninstalled our legacy antivirus system and deployed FireEye. We created a package and deployed it across the servers manually. 

I rate FireEye Endpoint Security eight out of 10. Explore the solution and see what benefits it can offer your organization. I recommend FireEye depending on the customer's needs and use cases. 

The two primary use cases are towards the process monitor and malware detection for APT (Advanced Persistent Threat).

FireEye Endpoint Security has improved our customers' organizations. Before a customer was with us, they may have worked with Windows Defender. This is for suspicious activity. Then they implement the next solution that is for network monitoring. With that, they deploy the EGX for info security. Now, with these components, they have a lot of visibility on their network and endpoint activity.

The most valuable feature that my customers have found with solution is the capacity to collect all the information for forensic analysis purposes.

In my personal and professional view, I think the reports need more development. They need more details on the reports and more details taking the executive view into consideration.

These reports contain the information that is gathered at the intake solutions. They are more geared for the technician and I think they need more executive information because it is important to talk to the main executives, and for them to see what is happening related to some of those suspicious activities.

I have been using FireEye Endpoint Security for something like 4 years.

In terms of stability, we have had some issue related to the deployment and hardware requirements, because most customers need to revalidate all those requirements. For example, if your deployment was on a hyper B environment, we don't know their server. They decrease in the performance of the appliance because in some cases, the requirements are not specifically stated, including the CP or reserve for those components. For example, I may define that the memory requirement is 16 gigabytes with a specific machine build.

FireEye Endpoint Security's scalability is awesome. I think it is one of the best on that front. This is because many of its steps are related to the optimization of whole the process, it's ratings and solutions with mail, social network, input solutions, and next generation CMM like Kellogg's. All these are on the single platform called FS. I sold a lot. You can see its integration with print solutions. That's very amazing.

We have companies with a lot of endpoints. We think we have something like 4000 agents and 2 main appliances.

Technical support is really great. The support is generally very fast, responding within one day.

The main deployment is very simple because it's related to the deployment of an OVA file. The physical deployment is no problem.

But the deployment needs some special knowledge about the quick console.

Deployment tales about one week or less.

If you compare your solution without the antivirus solution, and the price of the agent, it is a little bit expensive. But when you learn more about the value of forensic analysis, you will pay those costs. The price is expensive compared with other solutions, with the competitors. But it is really fast and really flexible and the user can research the information.

I think they checked out Kaspersky as well.

I would recommend to check how they might pull reports. For example, where the customer modes fall because it's an independent investigation related to an IP.

On a scale of one to ten, I would give FireEye Endpoint Security a ten, because it's the only good option.

FireEye Endpoint Security is positioned as an Endpoint Detection and Response (EDR) product. 

We are a distributor of the FireEye product. We offer a combination FireEye package. We offer the product in many sectors, like banking and government.

We use the latest version.

We offer it in a private cloud model for our customers who want to build a security operations centers in their environment.

The most valuable network security feature is the network sandbox solution. This sandbox feature works on traffic flow. Detects multi stages attacks based on MVX analytics engine which detects zero-day, multi-flow and other evasive attacks with dynamic, signature-less analysis in a safe, virtual environment. It stops infection and compromise phases of the cyber-attack kill chain by identifying never-before-seen exploits and malware.

It has capabilities like machine learning and endpoint protection as an antivirus.

The investigation and forensic analysis have been most helpful.

They could use a Host Intrusion Prevention System (HIPS) and application control module.

If you have another endpoint product running on the same machine, you have to fine tune functions from FireEye to avoid performance and user experience issues.

It is stable. There are zero false positive solutions, not like other solutions.

We plan to increase our usage.

They have a strong technical support.

Before FireEye, we used McAfee Endpoint Protection and Trend Micro.

The setup was straightforward.

Our deployment and implementation strategies have to remain agile. Every customer requirement is different. Some implementations require a direct connection and so it will take, for SMB customers, a day more or less. For larger enterprises according to the distribution and the need for more trenches with lots of internet gateways, it could take up to five days. E.g., the deployment could take two to three days with 500 users.

Our technical team does the implementation.

We require two to three people for deployment and maintenance.

The current pricing is much better than before because they now offer product-related promotions along with some changes in product licensing. The new pricing model is better than before.

It is a yearly subscription-based product, which includes the license and hardware. There is also a subscription for technical support up to five years.

It is inexpensive with a competitive price.

We also looked at Palo Alto Networks Traps and Trend Micro.

It offers protection from the latest threats.

MVISION Endpoint is the management software for McAfee that manages the Windows Defender. It manages the Windows Defender anti-malware, Windows Defender Exploit Guard, and Windows Defender Firewall. These are the three main components that McAfee manages centrally from an ePO, and that ePO can be an on-premises ePO management server, or it can be an MVISION ePO management server on McAfee cloud. So, management can be both on the cloud and on-premises.

It's simple and very easy to use. Before MVISION Endpoint, McAfee had their own Endpoint Security software called ENS, which included their anti-malware engine. Even though ENS was a comprehensive product and a very good product as well, it was confusing for some professionals. 

In the times that we live in now, an IT personnel, even a specialized one, is a generalist. So you have an IT person who is managing the firewall and endpoint security, and also managing the ERP and backups, and the switches as well. Everything in the environment will be handed over to a single person.

A product like McAfee ENS is pretty extensive and allows for advanced configurations, especially for security professionals. However, IT personnel often fail to configure it properly. MVISION Endpoint is so much easier and so much simpler for the lay security personnel to handle. This is what I really like about it.

McAfee has an on-premises ePO server, which you can install on your environment. You can add your infrastructure and push the agents all from the console; so you literally don't have to do anything on your own. From the dashboard, you'll push the agents, install them, configure them, and manage them all from the console.

McAfee has several MVISION products. It will be really amazing if they could be consolidated into one dashboard. As of now, I know that this is on the roadmap and is expected to be released very soon. It'll unify the management of the various MVISION portfolios. It will be a great tool for improvement.

Instead of needing separate management consoles to manage some of the products in the portfolio, a unified console for MVISION Cloud, MVISION EDR, MVISION Endpoint, MVISION DLP, and the remaining MVISION portfolio would be great. I believe that McAfee is addressing this at present.

A drawback with the cloud MVISION ePO is that you can't push agents from the cloud portal. You need to download that agent, and you need to figure out a way to install that agent into the machines.

I'd like to see MVISION Endpoint for other platforms because MVISION Endpoint is only compatible with Windows 10 and Windows 2016 and above. If I were using a Linux operating system, I would not be able to use MVISION Endpoint.

I'd like to see it in the Mac operating system as well. I'd like to see cross-compatibility, which would be great. Even though McAfee has a simpler product for Androids and the iOS, it would be great to see the ease of use of MVISION Endpoint across the portfolio.

I've been using it for two years.

McAfee doesn't provide the security software. It manages the security software which is built in to the Windows 10 and Windows Servers 2016 and above. Unlike McAfee ENS, which uses its own software to do the scanning and its own signature database that could add lots of clutter to the operating system, MVISION Endpoint uses Windows Defender, so there's no added overhead for the machines. As a result, it is pretty stable.

In terms of scalability, you can deploy as many agents to as many machines and protect them from the ePO, whether it's an on-premises ePO or one on the cloud.

Technical support is great. I didn't have to interact with them that much, but they provided good support at the times when I had to reach them. They were responsive; that is, I'd get a response within the same day.

In my experience, the installation has been straightforward.

The only major issue is that if a client is going to have his ePO on the cloud, his management server will be on the cloud. So I will need to push agents to lots of machines. There is no automated deployment from the cloud to on-premises machines. That means that I need to download the McAfee agents and have to take care of the deployment and the automation on my own.

Customers would need to purchase a license. If a customer purchases an MVISION Endpoint license, he may use that license to install ENS. It's a flexible license where you have the option to either use the McAfee security software or the Windows Defender managed by McAfee, which is MVISION Endpoint.

With MVISION Endpoint, even if you don't know about cybersecurity, you can just turn on the protection checkbox. It's that easy. It was really relatable to my experience with Sophos because the configuration there was also that simple, so I really liked it.

For those who can't afford expensive cybersecurity professionals but are responsible for configuring the security of the organization, MVISION Endpoint is a good product to go with. It's flexible, and you can manage it from the cloud or on-premises.

At present, it is often used by small businesses because of its ease of use, configuration, and deployment.

It's been around on the market for a long time, and has undergone many improvements. So, on a scale from one to ten, I would rate McAfee MVISION Endpoint at eight.