Trellix Endpoint Security (ENS) is useful as an endpoint security software.
Information Security Engineer at Nhq Distribution Ltd
A good endpoint security software in the market that needs to offer more customization capabilities
Pros and Cons
- "The most valuable feature of the solution is its dashboard."
- "The customization capabilities of the solution are an area where it lacks, so it would be great if our company could customize the solution to meet the demands of our customers."
What is our primary use case?
What is most valuable?
The most valuable feature of the solution is its dashboard.
What needs improvement?
The dashboard provided by the solution needs to be improved. The customization capabilities of the solution are an area where it lacks, so it would be great if our company could customize the solution to meet the demands of our customers.
In the future, I would like technical support for the solution and its UI to be more efficient.
For how long have I used the solution?
I have been using Trellix Endpoint Security (ENS) for two years. I usually deal with a product's latest version. My company has a partnership with Trellix.
Buyer's Guide
Trellix Endpoint Security (ENS)
October 2024
Learn what your peers think about Trellix Endpoint Security (ENS). Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
What do I think about the stability of the solution?
Stability-wise, I rate the solution an eight out of ten. The solution is mostly stable, but sometimes, there is a need to do some troubleshooting.
What do I think about the scalability of the solution?
Scalability-wise, I rate the solution a seven out of ten.
How are customer service and support?
I rate the technical support an eight out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Currently, I work with CrowdStrike since my company has a partnership with it. CrowdStrike is better than Trellix Endpoint Security (ENS). CrowdStrike offers functionalities like machine learning and DLP.
How was the initial setup?
I have used the solution on the cloud and on-premises. Currently, the solution is deployed on the cloud services offered by Trellix, which I feel is a public cloud.
What's my experience with pricing, setup cost, and licensing?
I don't think there are any extra expenses besides its licensing costs.
What other advice do I have?
Maintenance of the solution is required, including some troubleshooting parts managed by five to six engineers in our company.
I recommend the solution to those planning to use it.
Not all solutions in the market are good, though I found Trellix Endpoint Security (ENS) to be a good product.
I rate the overall solution a seven out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: My company has a business relationship with this vendor other than being a customer:
Sr Manager - Information Security & Researcher at a tech services company with 1,001-5,000 employees
Enables us to do IOC-based search across the enterprise and isolate compromised devices
Pros and Cons
- "It is easy to use, flexible, and stable. Because it is a cloud-based solution and it integrates all endpoints of the cloud, we can do an IOC-based search. It can search the entire enterprise and tell us the endpoints that are possibly compromised."
- "It has a feature called Isolation. If a device is compromised, we can connect it to our SOC, and no one would be able to access it. This way we can limit the damage to the network while we are investigating."
- "Malware detection can be better. It doesn't have support and detection for the recent malware, but it has a compensatory control where it can do the behavior-based assessment and alert you when there is something malicious or unexpected. For example, when a certain user is executing the privilege command, which is not normal. These dynamic detections are good, and they compensate for malware detection."
- "It has very good integrations. However, its integration with Palo Alto was not good, and they seem to be working on it at the backend. It is not very resource-hungry, but it can be even better in terms of resource utilization. It could be improved in terms of efficiency, memory sizing, and disk consumption by agents."
- "They have something called Managed Detection and Response. They get intel from their customers, and that intel is shared with the rest of FireEye's customers. I want to subscribe to their intel, but that is not available to us."
What is our primary use case?
It can be used for ransomware detection and data exfiltration. It is also able to detect Remote Access Trojan (RAT).
What is most valuable?
It is easy to use, flexible, and stable. Because it is a cloud-based solution and it integrates all endpoints of the cloud, we can do an IOC-based search. It can search the entire enterprise and tell us the endpoints that are possibly compromised.
It has a feature called Isolation. If a device is compromised, we can connect it to our SOC, and no one would be able to access it. This way we can limit the damage to the network while we are investigating.
What needs improvement?
Malware detection can be better. It doesn't have support and detection for the recent malware, but it has a compensatory control where it can do the behavior-based assessment and alert you when there is something malicious or unexpected. For example, when a certain user is executing the privilege command, which is not normal. These dynamic detections are good, and they compensate for malware detection.
It has very good integrations. However, its integration with Palo Alto was not good, and they seem to be working on it at the backend. It is not very resource-hungry, but it can be even better in terms of resource utilization. It could be improved in terms of efficiency, memory sizing, and disk consumption by agents.
They have something called Managed Detection and Response. They get intel from their customers, and that intel is shared with the rest of FireEye's customers. I want to subscribe to their intel, but that is not available to us.
For how long have I used the solution?
I have been using this solution for two years.
What do I think about the stability of the solution?
It is stable. The FireEye team monitors it, and in case it goes down, we get an alert saying that the device is down. We either get their help or troubleshoot it ourselves to get it up and running.
What do I think about the scalability of the solution?
It is quite scalable. We have scaled it according to their sizing recommendations. They have devices for different bandwidths, models, and offices.
We have about 4,000 people who are using this product. In terms of our plans to increase its usage, we are currently studying two options. One of them will basically scale up to about 40,000 instances.
How are customer service and technical support?
Their technical support is good. For each region, they seem to have got local support that takes care of all problems. They have support teams in Singapore, India, and North America.
How was the initial setup?
Its initial setup was straightforward. I have done one installation that took about 90 minutes. Virtual installations are straightforward. Physical installations have got some networking interfaces, and one needs to go through the documentation to do it. If you have got the right configuration, it is straightforward.
What about the implementation team?
We have about five people within SOC. We manage the engineering and deployment aspects of it. It is not very resource-hungry.
For its deployment, we just needed about four people. We deployed about 14 appliances and one cloud-based instance. We have automated the deployment. We deployed it via Puppet, so the installation was fast.
Which other solutions did I evaluate?
We also use CrowdStrike Falcon, which is also endpoint security. At that time, we chose the best option based on our study. Both Falcon and FireEye were doing good in the market, so we basically went ahead with what was the best at that time. We buy the licenses for both of these and then do the deployment.
We also use Sophos, but it is signature-based. We have licenses for the normal management control software of Sophos and the agents. We have not used Sophos Intercept X. My understanding is that it is an EDR, and we look forward to doing a study on it.
What other advice do I have?
Based on my two years of experience with this solution, I would comfortably recommend this solution.
I would rate FireEye Endpoint Security an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Trellix Endpoint Security (ENS)
October 2024
Learn what your peers think about Trellix Endpoint Security (ENS). Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
Has valuable AI capabilities and good technical support services
Pros and Cons
- "The platform's most valuable features are AI capabilities and its quick updates."
- "They could provide better integration capabilities for the product with other services."
What is our primary use case?
We use the platform for managing and securing endpoints in our organization.
How has it helped my organization?
The solution's technical support services have a quick response time. It has been beneficial for our organization.
What is most valuable?
The platform's most valuable features are AI capabilities and its quick updates.
What needs improvement?
They could provide better integration capabilities for the product with other services.
For how long have I used the solution?
We have been using Trellix Endpoint Security (ENS) for two to three years. We are using the latest version and regularly update it.
What do I think about the stability of the solution?
I rate the product's stability a seven out of ten.
What do I think about the scalability of the solution?
Our corporation has approximately 13,000 Trellix Endpoint Security (ENS) users. It is a scalable product.
What was our ROI?
The solution helps manage users easier and reduces the workload for the IT team.
What's my experience with pricing, setup cost, and licensing?
The product pricing is high.
Which other solutions did I evaluate?
We are evaluating Trellix Endpoint Security (ENS) features compared to others.
What other advice do I have?
I advise others to consider the specific requirements of users, such as personal devices that may not be supported before making a purchase decision.
I rate it an eight out of ten.
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Aug 10, 2024
Flag as inappropriateSolutions Consultant at Ask4key Sdn Bhd
Efficient background scanning but performance could be improved
Pros and Cons
- "The setup is not that complex. It takes five to ten minutes to set up."
- "The performance could be better. I noticed that it slows down a bit."
What is our primary use case?
We just run it in the background and potentially scan any wireless or malicious file. It must be the same setup.
What needs improvement?
Maybe the performance could be better. I noticed that it slows down a bit when I start it up in the morning.
For how long have I used the solution?
We have had this solution for over three years now. It's enterprise security. We use the latest version.
What do I think about the stability of the solution?
It's stable. It's just that I don't have to use it very often. I can go weeks without having to deal with any issues. If something does pop up, it's usually pretty easy to fix. I just let the people who know what they're doing handle it.
What do I think about the scalability of the solution?
It's scalable enough for our needs. I don't see any problems right now. There are about 55 users in two branches of our company.
How are customer service and support?
We haven't needed to use tech support. We are an IT company, so we usually take care of our own devices.
How was the initial setup?
The setup is not that complex. It takes five to ten minutes to set up. It's mostly this is our old devices.
What about the implementation team?
It's a self-deployable solution, so we don't need any technical staff for deployment.
What's my experience with pricing, setup cost, and licensing?
We do need to pay for a license.
What other advice do I have?
Overall, I would rate the solution a six out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Owner / Consultant at a marketing services firm with 1-10 employees
A good solution that is stable and scalable with seamless deployment
Pros and Cons
- "The seamless deployment is very valuable."
- "The central monitoring dashboard needs improvement."
What is our primary use case?
We deploy the solution on-premises but we have the roadmap to migrate it on cloud. Initially, everything was on-premises, but we are moving to the cloud, which will be our first cloud migration.
What is most valuable?
The seamless deployment is very valuable.
What needs improvement?
The quality of the dashboard could be improved, and the central monitoring dashboard needs improvement. At first, we thought we were getting multiple views. One was a wholly summarized view, and the other was a more detailed view of an endpoint device. Digging into one device's detail is sometimes difficult. Additionally, the granularity of reporting can be improved. The next release could also include an extended mobile connection for the solution.
For how long have I used the solution?
We have been using this solution for approximately four months.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
The solution is scalable. Maybe in another six to eight months, we will scale to around 5,500 because we are recruiting more people, so the number may increase.
How are customer service and support?
I have not had any experience with customer service and support.
Which solution did I use previously and why did I switch?
We previously used Trend Micro. When we were deploying Trend Micro, we faced a lot of difficulties. When we acquired Trend Micro, we had no endpoint security so we had to remove an endpoint and deploy Trend Micro. As a result, deploying Trend Micro was very painful. There were frequent failures in the automatic script that Trend Micro had provided, and it took us about three and a half months to completely cover around 4,000 devices. At the same time, McAfee's deployment was seamless. There might have been an issue, but those issues never escalated. With Trend Micro, the issues escalated frequently.
We switched because of the distinction in scalability, Bluetooth and support. Additionally, one of the reasons we replaced Trend Micro was that we were raising a support ticket every month, which was embarrassing for us. We were losing five to seven tags. PSEs and the response to those PSEs were not satisfied every time.
What's my experience with pricing, setup cost, and licensing?
I rate pricing and licensing a seven out of ten.
What other advice do I have?
I rate this solution an eight out of ten. The solution is good, but the dashboard quality and granularity of reporting can be improved.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Information Security Manager at SPXFLOW
All the features of HX give the administrator control over the managed devices
What is our primary use case?
We moved on to FireEye HX as an endpoint solution. Mainly, this is the next-generation endpoint protection where it protects the endpoints not just from the office network but also from roaming. Its capability seeing today's threat actors is the best one.
How has it helped my organization?
This gives us a more secure and completely scalable zero-day model security product to the endpoint. We manage not only the software but also the next-gen AV.
What is most valuable?
All the features of HX give the administrator control over the managed devices:
- Managing is easy
- The different threat actor based signature
- Behavioural analysis
- Malware protection
- Zero-day protection
IOC based detections are really the best ones. However, the enterprise search option is a hunting option given to the admin.
What needs improvement?
- AV management based on manual scan
- Manual scan feature is not easily done
- A long way of setting hostname set, and
- Scheduling over policy which is time taking and I don't feel comfortable.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
Excellent.
What do I think about the scalability of the solution?
Performance wise, it's good. The agent does not consume much process or CPU.
How is customer service and technical support?
Great support, a well technology-minded guy with a proactive and ready-to-resolve easy attitude.
How was the initial setup?
The deployment was easy.
What about the implementation team?
In-house, and sometimes getting help from the product vendor.
What was our ROI?
Though it's expensive, it gives the security required to be trusted with the product.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Solution Architect at PentechSolution Sdn Bhd
Easy-to-manage platform with good stability
Pros and Cons
- "The technical support services are good."
- "The product’s on-premise version is costly in terms of extra charges for SQL database and Windows server licenses."
What is most valuable?
Trellix Endpoint Security (ENS) is an easy-to-manage platform.
What needs improvement?
The product’s on-premise version is costly in terms of extra charges for SQL database and Windows server licenses. It would be easier to deploy if included in the package as a virtual appliance.
For how long have I used the solution?
We have been using Trellix Endpoint Security (ENS) for two and a half years.
What do I think about the stability of the solution?
It is a stable platform.
How are customer service and support?
The technical support services are good. However, its response time could be better.
How would you rate customer service and support?
Neutral
How was the initial setup?
The initial setup is straightforward. The deployment time depends on the number of devices. It ranges from a few days to a couple of weeks. It is suitable for small as well as enterprise businesses.
What's my experience with pricing, setup cost, and licensing?
Trellix Endpoint Security (ENS) has a reasonable price.
Which other solutions did I evaluate?
We evaluated vSphere and CrowdStrike. In comparison, Trellix is an inexpensive product.
What other advice do I have?
Trellix Endpoint Security (ENS)’s cloud version is superior to the on-premise version. It should support other operating systems like Linux. I rate it a nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Information Technology Security Architect at a financial services firm with 5,001-10,000 employees
A simple to use, yet effective solution for protecting us against malware and other threats
Pros and Cons
- "The most valuable feature of this solution is its simplicity."
- "The integration and display of the dashboards have to be done better."
What is our primary use case?
We use this solution to enhance our internal defense system, protecting us against malware and advanced persistent threats.
We use the on-premises deployment model.
How has it helped my organization?
This solution has helped to protect our organization against security threats.
What is most valuable?
The most valuable feature of this solution is its simplicity. The triage process is quite effective, and it is compatible with many different systems.
What needs improvement?
We had a very large problem that has, unfortunately, not been solved. Simply put, when we start the computer the program will not start. We have encouraged FireEye to solve this problem because we have to manually start this product each and every time, and it affects almost thirty percent of our environment. From a security perspective, this is not stable.
After using various components in this solution, I get the feeling that not every part of the whole FireEye suite works perfectly with the other parts. Sometimes you have this functionality where the product has the ability to take data from one part of the solution and use it in different parts. Sometimes, however, you don't have this luxury. The solution needs more suitable dashboards that handle things from different perspectives. For example, a CEO and a technician from operations are completely different. The integration and display of the dashboards have to be done better.
For how long have I used the solution?
We have been using this solution for less than two years.
What do I think about the stability of the solution?
We have had trouble with stability because the program fails to start when the computer does.
What do I think about the scalability of the solution?
This solution is very flexible and scalable.
How are customer service and technical support?
This solution needs stronger support in Eastern Europe because of the time difference between, for example, Poland and the United States. It makes it difficult to contact technical support. In order to receive good support, we have to wait until 5:00 pm before we call. Essentially, the vender needs a better presence in more time zones, and 24/7 support would help to fix this.
Technical support has another problem, where the support from the US is better than the support elsewhere. The training and knowledge should be the same, no matter which tech support group you contact. This might be accomplished using a better internal knowledge sharing system.
Which solution did I use previously and why did I switch?
We did use another solution prior to this, but because we have the entire FireEye suite, we decided to create a more monolithic approach to security using different products. These include FireEye EX and FireEye AX, which are used for malware protection, network protection, and sandboxing. We decided that if these were good enough then we would push more for the endpoints, which is why we adopted this solution.
How was the initial setup?
The installation of this solution is straightforward from my perspective.
What other advice do I have?
I like FireEye products, and they have a huge portfolio for this solution. However, this is not a magic bullet where you can install it and your problems will disappear. The problem is with the people, rather than the tool. From my perspective, you can install every tool, but you need to have a security operations team involved in the process of analyzing, sorting, and eliminating threats.
When we started our project, we had very few people and we have realized that this had to change. The system without human intervention is useless. We needed to build more complex security operation centers to handle false positives, the triage process, and eliminating threats.
The biggest lesson that I have learned from this solution is that people need to be ready and the business needs to be ready to use it. This is not a toy. It is a very mature solution to protect the internals of the organization and it should be treated in this way.
This is not the worse product that I have seen. I've seen many, many bad products. At the same time, this is not the best product that I have seen.
I would rate this solution an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Trellix Endpoint Security (ENS) Report and get advice and tips from experienced pros
sharing their opinions.
Updated: October 2024
Popular Comparisons
CrowdStrike Falcon
Microsoft Defender for Endpoint
Fortinet FortiEDR
Cisco Secure Endpoint
SentinelOne Singularity Complete
Fortinet FortiClient
Cortex XDR by Palo Alto Networks
Elastic Security
Symantec Endpoint Security
Intercept X Endpoint
Trend Vision One Endpoint Security
Trellix Endpoint Security
Kaspersky Endpoint Security for Business
Buyer's Guide
Download our free Trellix Endpoint Security (ENS) Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- How does McAfee Endpoint Security compare with MVISION?
- How does Crowdstrike Falcon compare with FireEye Endpoint Security?
- Where can I get a fully paid for training course for McAfee MVISION Endpoint?
- What is the biggest difference between EPP and EDR products?
- Can Cylance be used with Symantec or Kaspersky endpoint solutions without conflict?
- When evaluating Endpoint Security, what aspect do you think is the most important to look for?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Which Endpoint Protection Solution offers Zero Trust (ZTN) as a feature?
- What to choose: an endpoint antivirus, an EDR solution or both?
- Are you aware of SIEM platforms that integrate both Active Directory auditing and security monitoring tools?