Trellix Endpoint Security (ENS) Reviews

We are using this solution for endpoint security against cyber attacks.

FireEye Endpoint Security is easy to use and lightweight compared to others.

Most of these types of solutions including others, such as Carbon Black and FortiEDR, all have the same features. However, Carbon Black is the leader when it comes to being robust and user-friendly and this solution should improve in those areas to stay more competitive.

I have been using FireEye Endpoint Security for a couple of months.

This solution is scalable. However, it could improve to be able to be handle large-scale operations. The OS most systems are running I am not sure it can handle a lot of nodes but many companies are coming out with cloud options that should be able to manage much more nodes.

Technical support can take some time to respond on the first level. They could improve the speed at which they resolve and handle support.

We have an administrator and engineer that does the implementation and maintenance of the solution.

I have evaluated Carbon Black and FortiEDR.

I would not recommend this solution to others. However, if you have a small budget then this solution could be a second option.

I rate FireEye Endpoint Security an eight out of ten.

The two primary use cases are towards the process monitor and malware detection for APT (Advanced Persistent Threat).

FireEye Endpoint Security has improved our customers' organizations. Before a customer was with us, they may have worked with Windows Defender. This is for suspicious activity. Then they implement the next solution that is for network monitoring. With that, they deploy the EGX for info security. Now, with these components, they have a lot of visibility on their network and endpoint activity.

The most valuable feature that my customers have found with solution is the capacity to collect all the information for forensic analysis purposes.

In my personal and professional view, I think the reports need more development. They need more details on the reports and more details taking the executive view into consideration.

These reports contain the information that is gathered at the intake solutions. They are more geared for the technician and I think they need more executive information because it is important to talk to the main executives, and for them to see what is happening related to some of those suspicious activities.

I have been using FireEye Endpoint Security for something like 4 years.

In terms of stability, we have had some issue related to the deployment and hardware requirements, because most customers need to revalidate all those requirements. For example, if your deployment was on a hyper B environment, we don't know their server. They decrease in the performance of the appliance because in some cases, the requirements are not specifically stated, including the CP or reserve for those components. For example, I may define that the memory requirement is 16 gigabytes with a specific machine build.

FireEye Endpoint Security's scalability is awesome. I think it is one of the best on that front. This is because many of its steps are related to the optimization of whole the process, it's ratings and solutions with mail, social network, input solutions, and next generation CMM like Kellogg's. All these are on the single platform called FS. I sold a lot. You can see its integration with print solutions. That's very amazing.

We have companies with a lot of endpoints. We think we have something like 4000 agents and 2 main appliances.

Technical support is really great. The support is generally very fast, responding within one day.

The main deployment is very simple because it's related to the deployment of an OVA file. The physical deployment is no problem.

But the deployment needs some special knowledge about the quick console.

Deployment tales about one week or less.

If you compare your solution without the antivirus solution, and the price of the agent, it is a little bit expensive. But when you learn more about the value of forensic analysis, you will pay those costs. The price is expensive compared with other solutions, with the competitors. But it is really fast and really flexible and the user can research the information.

I think they checked out Kaspersky as well.

I would recommend to check how they might pull reports. For example, where the customer modes fall because it's an independent investigation related to an IP.

On a scale of one to ten, I would give FireEye Endpoint Security a ten, because it's the only good option.

FireEye Endpoint Security is positioned as an Endpoint Detection and Response (EDR) product. 

We are a distributor of the FireEye product. We offer a combination FireEye package. We offer the product in many sectors, like banking and government.

We use the latest version.

We offer it in a private cloud model for our customers who want to build a security operations centers in their environment.

The most valuable network security feature is the network sandbox solution. This sandbox feature works on traffic flow. Detects multi stages attacks based on MVX analytics engine which detects zero-day, multi-flow and other evasive attacks with dynamic, signature-less analysis in a safe, virtual environment. It stops infection and compromise phases of the cyber-attack kill chain by identifying never-before-seen exploits and malware.

It has capabilities like machine learning and endpoint protection as an antivirus.

The investigation and forensic analysis have been most helpful.

They could use a Host Intrusion Prevention System (HIPS) and application control module.

If you have another endpoint product running on the same machine, you have to fine tune functions from FireEye to avoid performance and user experience issues.

It is stable. There are zero false positive solutions, not like other solutions.

We plan to increase our usage.

They have a strong technical support.

Before FireEye, we used McAfee Endpoint Protection and Trend Micro.

The setup was straightforward.

Our deployment and implementation strategies have to remain agile. Every customer requirement is different. Some implementations require a direct connection and so it will take, for SMB customers, a day more or less. For larger enterprises according to the distribution and the need for more trenches with lots of internet gateways, it could take up to five days. E.g., the deployment could take two to three days with 500 users.

Our technical team does the implementation.

We require two to three people for deployment and maintenance.

The current pricing is much better than before because they now offer product-related promotions along with some changes in product licensing. The new pricing model is better than before.

It is a yearly subscription-based product, which includes the license and hardware. There is also a subscription for technical support up to five years.

It is inexpensive with a competitive price.

We also looked at Palo Alto Networks Traps and Trend Micro.

It offers protection from the latest threats.

MVISION Endpoint is the management software for McAfee that manages the Windows Defender. It manages the Windows Defender anti-malware, Windows Defender Exploit Guard, and Windows Defender Firewall. These are the three main components that McAfee manages centrally from an ePO, and that ePO can be an on-premises ePO management server, or it can be an MVISION ePO management server on McAfee cloud. So, management can be both on the cloud and on-premises.

It's simple and very easy to use. Before MVISION Endpoint, McAfee had their own Endpoint Security software called ENS, which included their anti-malware engine. Even though ENS was a comprehensive product and a very good product as well, it was confusing for some professionals. 

In the times that we live in now, an IT personnel, even a specialized one, is a generalist. So you have an IT person who is managing the firewall and endpoint security, and also managing the ERP and backups, and the switches as well. Everything in the environment will be handed over to a single person.

A product like McAfee ENS is pretty extensive and allows for advanced configurations, especially for security professionals. However, IT personnel often fail to configure it properly. MVISION Endpoint is so much easier and so much simpler for the lay security personnel to handle. This is what I really like about it.

McAfee has an on-premises ePO server, which you can install on your environment. You can add your infrastructure and push the agents all from the console; so you literally don't have to do anything on your own. From the dashboard, you'll push the agents, install them, configure them, and manage them all from the console.

McAfee has several MVISION products. It will be really amazing if they could be consolidated into one dashboard. As of now, I know that this is on the roadmap and is expected to be released very soon. It'll unify the management of the various MVISION portfolios. It will be a great tool for improvement.

Instead of needing separate management consoles to manage some of the products in the portfolio, a unified console for MVISION Cloud, MVISION EDR, MVISION Endpoint, MVISION DLP, and the remaining MVISION portfolio would be great. I believe that McAfee is addressing this at present.

A drawback with the cloud MVISION ePO is that you can't push agents from the cloud portal. You need to download that agent, and you need to figure out a way to install that agent into the machines.

I'd like to see MVISION Endpoint for other platforms because MVISION Endpoint is only compatible with Windows 10 and Windows 2016 and above. If I were using a Linux operating system, I would not be able to use MVISION Endpoint.

I'd like to see it in the Mac operating system as well. I'd like to see cross-compatibility, which would be great. Even though McAfee has a simpler product for Androids and the iOS, it would be great to see the ease of use of MVISION Endpoint across the portfolio.

I've been using it for two years.

McAfee doesn't provide the security software. It manages the security software which is built in to the Windows 10 and Windows Servers 2016 and above. Unlike McAfee ENS, which uses its own software to do the scanning and its own signature database that could add lots of clutter to the operating system, MVISION Endpoint uses Windows Defender, so there's no added overhead for the machines. As a result, it is pretty stable.

In terms of scalability, you can deploy as many agents to as many machines and protect them from the ePO, whether it's an on-premises ePO or one on the cloud.

Technical support is great. I didn't have to interact with them that much, but they provided good support at the times when I had to reach them. They were responsive; that is, I'd get a response within the same day.

In my experience, the installation has been straightforward.

The only major issue is that if a client is going to have his ePO on the cloud, his management server will be on the cloud. So I will need to push agents to lots of machines. There is no automated deployment from the cloud to on-premises machines. That means that I need to download the McAfee agents and have to take care of the deployment and the automation on my own.

Customers would need to purchase a license. If a customer purchases an MVISION Endpoint license, he may use that license to install ENS. It's a flexible license where you have the option to either use the McAfee security software or the Windows Defender managed by McAfee, which is MVISION Endpoint.

With MVISION Endpoint, even if you don't know about cybersecurity, you can just turn on the protection checkbox. It's that easy. It was really relatable to my experience with Sophos because the configuration there was also that simple, so I really liked it.

For those who can't afford expensive cybersecurity professionals but are responsible for configuring the security of the organization, MVISION Endpoint is a good product to go with. It's flexible, and you can manage it from the cloud or on-premises.

At present, it is often used by small businesses because of its ease of use, configuration, and deployment.

It's been around on the market for a long time, and has undergone many improvements. So, on a scale from one to ten, I would rate McAfee MVISION Endpoint at eight.

We want more protection for our servers. We would like to know if a real incident or something compromising is happening. Therefore, we have deployed this EDR solution.

The exploit guard and malware protection features are very useful. The logon tracker feature is also very useful. 

They have also given new modules such as logout backup, process backup. We ordered these modules from the FireEye market place, and we have installed these modules. We are currently exploring these features. 

The Linux support is very poor. I use base detection. Currently, they are providing malware protection and logon track features in Windows and Mac. These features aren't available in Linux. It will be helpful to extend these capabilities to Linux.

We would also like assets grouping and device lock protection features, which are included in their roadmap.

We have been using FireEye Endpoint Security for the past two years.

The current version is more stable than the previous ones.

It is easily scalable.

My experience was 50/50. Sometimes, it was good. Sometimes, they took some time.

We were using McAfee AV. We switched to FireEye Endpoint Security because we had some performance issues with McAfee AV. We are not facing those issues with FireEye Endpoint Security.

It is easy to deploy. It took us a month to deploy. 

Deployment may take more time based on the architecture and the environment. With some vendors, it took us some time to analyze because there were things that we wanted to monitor, which depended on the production. Therefore, we installed it step by step, not in one step at full force.

If you are deploying on Windows or Mac, there will be minimal issues, and you can go for this solution. With Linux, you need to understand a few features. What you expect from Windows and Mac is not available in Linux. If your main technologies are open source, then probably rethink about FireEye Endpoint Security. You can go for FireEye Endpoint Security after they have the same capabilities in Linux. Most of the features are there in their roadmap.

We mostly faced issues with Linux support. In the past, we also had issues related to communication between an agent and an endpoint where they didn't communicate, the communication got stopped automatically, or the data communication time didn't sync properly. In the later versions, they improved and resolved these issues.

I would rate this solution a seven out of ten. It's gradually growing, and a few features that we require are not there. If these requirements are satisfied, I would rate them nine or ten.

Trellix Endpoint Security (ENS) is an easy-to-manage platform.

The product’s on-premise version is costly in terms of extra charges for SQL database and Windows server licenses. It would be easier to deploy if included in the package as a virtual appliance.

We have been using Trellix Endpoint Security (ENS) for two and a half years.

It is a stable platform.

The technical support services are good. However, its response time could be better.

Neutral

The initial setup is straightforward. The deployment time depends on the number of devices. It ranges from a few days to a couple of weeks. It is suitable for small as well as enterprise businesses.

Trellix Endpoint Security (ENS) has a reasonable price.

We evaluated vSphere and CrowdStrike. In comparison, Trellix is an inexpensive product. 

Trellix Endpoint Security (ENS)’s cloud version is superior to the on-premise version. It should support other operating systems like Linux. I rate it a nine out of ten.

We are a solution provider and McAfee MVISION Endpoint is one of the products that we implement for our clients. Our clients use it to help manage their security.

The most valuable feature is user-based policy provision. It allows for greater granularity.

Our clients use the VPN to create secure connections to their servers.

A policy-editing console should be added.

Having automatic updates would be helpful.

We have been dealing with this product for about two years.

We are completing two deployments each week and I don't have any comments with regards to stability. I would say that it's stable enough.

We have about 20 clients who are using this solution and it is easy to scale. I would estimate the number of users to be about 400.

McAfee has good support and they are very responsive.

We deal with endpoint solutions from several vendors including Sophos, Symantec, and CrowdStrike. We are still using Symantec in parallel with McAfee.

The capabilities of these products are similar and the real difference is in the support. McAfee has the best support nowadays, as Symantec takes too long to respond.

The initial setup sometimes has to be done manually because of issues with Active Directory. That said, it is not normally complex. Complexity can come from using export files because McAfee does not have a policy-editing console.

One of the recent deployments we completed required three of us 15 days. This including training people in different locations.

We implement and deploy this product for our clients.

Licensing fees are billed on a yearly basis.

I would rate this solution an eight out of ten.

We use McAfee MVISION Endpoint to protect our environment.

I am satisfied with this solution.

The performance is good. 

I would like to see more automation.

I have been working with McAfee MVISION Endpoint for at least ten years.

McAfee MVISION Endpoint is a stable solution.

In our company, we have 650 users.

At this time, there are no plans to increase our usage.

Technical support is good.

I did not complete the installation myself.

We have a team of five to maintain and deploy this solution.

I had some assistance from a technician.

Licensing fees are paid yearly.

We are currently, exploring other solutions.

I would recommend this solution for others who are interested in using it.

I would rate the McAfee MVISION Endpoint solution an eight out of ten.