Trellix Endpoint Security (ENS) Reviews

We're using MVISION Endpoint for the protection of our endpoint devices.

What I like most about McAfee MVISION Endpoint is that it's very user-friendly. You do need some knowledge on how to navigate the portal, but as soon as you've gained that knowledge, navigation will no longer be an issue.

I have no complaints about McAfee MVISION Endpoint. For me, the product is perfect the way it is. It's great right now, and it's doing good as it is.

So far, McAfee MVISION Endpoint ticks off all of our boxes, but its pricing could always be better.

I started using MVISION Endpoint last year. It was preceded by the MVISION ePO.

McAfee MVISION Endpoint is a stable product.

McAfee MVISION Endpoint has no issues in terms of scalability. You just need money to make scaling up possible.

The support for McAfee MVISION Endpoint is okay. I have no complaints about it.

On a scale of one to five, where one is bad and five is good, I would rate support for the product as four out of five.

The initial setup for McAfee MVISION Endpoint is pretty easy.

We used a consultant for the deployment of McAfee MVISION Endpoint.

I don't have information on ROI from McAfee MVISION Endpoint because a separate unit takes care of those calculations.

Pricing for McAfee MVISION Endpoint is not very good, and I would rate its cost three out of five, though I won't be able to mention how much its actual price is.

There were other solutions in use, but that was before I joined my department, so I don't know which solutions were used before my company went with McAfee MVISION Endpoint.

I have some experience with McAfee MVISION Endpoint, and I'm currently using it. I can't remember the exact version of the solution which I'm using, but it's the latest version.

My company is a customer of McAfee MVISION Endpoint.

My company is a telco, so I don't have the exact user count, but it's surely more than a hundred. All roles within my company use the product, even people at the highest levels.

At the moment, there's no plan to increase usage of McAfee MVISION Endpoint within the company.

My advice for people looking into implementing McAfee MVISION Endpoint is to use the demo, roll it out within your organization, utilize its functionalities, and let it work for you.

In terms of rating, I'm giving McAfee MVISION Endpoint a solid eight because it does what's needed and it works, so no complaints.

McAfee MVISION Endpoint is used for endpoint security across all platforms, including mobile and desktop users. 

All endpoint-related activities for which the company has a charter.

In my opinion, it's a pretty good product.

I have not received any complaints about the performance.

I would like to see more local integration for the applications that we use. We are looking forward to having more unified management.

We have been using McAfee MVISION Endpoint for one year. We have recently implemented it.

McAfee MVISION Endpoint has been stable.

We have not yet scaled it, but I believe that it is scalable.

Our organization has 7,000 users.

I'm not sure if the technical teams have done so, but I haven't contacted technical support.

We are using Cisco Umbrella, as well as McAfee.

Our own team performed the installation. I didn't hear any complaints, so I guess it's pretty simple.

To deploy and maintain, we have a team of two administrators and one manager.

It is based on an annual subscription.

I would definitely recommend McAfee MVISION Endpoint because it is cloud-based app management and requires little maintenance.

I would rate, McAfee MVISION Endpoint, an eight out of ten.

We are using this solution for endpoint security against cyber attacks.

FireEye Endpoint Security is easy to use and lightweight compared to others.

Most of these types of solutions including others, such as Carbon Black and FortiEDR, all have the same features. However, Carbon Black is the leader when it comes to being robust and user-friendly and this solution should improve in those areas to stay more competitive.

I have been using FireEye Endpoint Security for a couple of months.

This solution is scalable. However, it could improve to be able to be handle large-scale operations. The OS most systems are running I am not sure it can handle a lot of nodes but many companies are coming out with cloud options that should be able to manage much more nodes.

Technical support can take some time to respond on the first level. They could improve the speed at which they resolve and handle support.

We have an administrator and engineer that does the implementation and maintenance of the solution.

I have evaluated Carbon Black and FortiEDR.

I would not recommend this solution to others. However, if you have a small budget then this solution could be a second option.

I rate FireEye Endpoint Security an eight out of ten.

The two primary use cases are towards the process monitor and malware detection for APT (Advanced Persistent Threat).

FireEye Endpoint Security has improved our customers' organizations. Before a customer was with us, they may have worked with Windows Defender. This is for suspicious activity. Then they implement the next solution that is for network monitoring. With that, they deploy the EGX for info security. Now, with these components, they have a lot of visibility on their network and endpoint activity.

The most valuable feature that my customers have found with solution is the capacity to collect all the information for forensic analysis purposes.

In my personal and professional view, I think the reports need more development. They need more details on the reports and more details taking the executive view into consideration.

These reports contain the information that is gathered at the intake solutions. They are more geared for the technician and I think they need more executive information because it is important to talk to the main executives, and for them to see what is happening related to some of those suspicious activities.

I have been using FireEye Endpoint Security for something like 4 years.

In terms of stability, we have had some issue related to the deployment and hardware requirements, because most customers need to revalidate all those requirements. For example, if your deployment was on a hyper B environment, we don't know their server. They decrease in the performance of the appliance because in some cases, the requirements are not specifically stated, including the CP or reserve for those components. For example, I may define that the memory requirement is 16 gigabytes with a specific machine build.

FireEye Endpoint Security's scalability is awesome. I think it is one of the best on that front. This is because many of its steps are related to the optimization of whole the process, it's ratings and solutions with mail, social network, input solutions, and next generation CMM like Kellogg's. All these are on the single platform called FS. I sold a lot. You can see its integration with print solutions. That's very amazing.

We have companies with a lot of endpoints. We think we have something like 4000 agents and 2 main appliances.

Technical support is really great. The support is generally very fast, responding within one day.

The main deployment is very simple because it's related to the deployment of an OVA file. The physical deployment is no problem.

But the deployment needs some special knowledge about the quick console.

Deployment tales about one week or less.

If you compare your solution without the antivirus solution, and the price of the agent, it is a little bit expensive. But when you learn more about the value of forensic analysis, you will pay those costs. The price is expensive compared with other solutions, with the competitors. But it is really fast and really flexible and the user can research the information.

I think they checked out Kaspersky as well.

I would recommend to check how they might pull reports. For example, where the customer modes fall because it's an independent investigation related to an IP.

On a scale of one to ten, I would give FireEye Endpoint Security a ten, because it's the only good option.

We want more protection for our servers. We would like to know if a real incident or something compromising is happening. Therefore, we have deployed this EDR solution.

The exploit guard and malware protection features are very useful. The logon tracker feature is also very useful. 

They have also given new modules such as logout backup, process backup. We ordered these modules from the FireEye market place, and we have installed these modules. We are currently exploring these features. 

The Linux support is very poor. I use base detection. Currently, they are providing malware protection and logon track features in Windows and Mac. These features aren't available in Linux. It will be helpful to extend these capabilities to Linux.

We would also like assets grouping and device lock protection features, which are included in their roadmap.

We have been using FireEye Endpoint Security for the past two years.

The current version is more stable than the previous ones.

It is easily scalable.

My experience was 50/50. Sometimes, it was good. Sometimes, they took some time.

We were using McAfee AV. We switched to FireEye Endpoint Security because we had some performance issues with McAfee AV. We are not facing those issues with FireEye Endpoint Security.

It is easy to deploy. It took us a month to deploy. 

Deployment may take more time based on the architecture and the environment. With some vendors, it took us some time to analyze because there were things that we wanted to monitor, which depended on the production. Therefore, we installed it step by step, not in one step at full force.

If you are deploying on Windows or Mac, there will be minimal issues, and you can go for this solution. With Linux, you need to understand a few features. What you expect from Windows and Mac is not available in Linux. If your main technologies are open source, then probably rethink about FireEye Endpoint Security. You can go for FireEye Endpoint Security after they have the same capabilities in Linux. Most of the features are there in their roadmap.

We mostly faced issues with Linux support. In the past, we also had issues related to communication between an agent and an endpoint where they didn't communicate, the communication got stopped automatically, or the data communication time didn't sync properly. In the later versions, they improved and resolved these issues.

I would rate this solution a seven out of ten. It's gradually growing, and a few features that we require are not there. If these requirements are satisfied, I would rate them nine or ten.

FireEye Endpoint Security is positioned as an Endpoint Detection and Response (EDR) product. 

We are a distributor of the FireEye product. We offer a combination FireEye package. We offer the product in many sectors, like banking and government.

We use the latest version.

We offer it in a private cloud model for our customers who want to build a security operations centers in their environment.

The most valuable network security feature is the network sandbox solution. This sandbox feature works on traffic flow. Detects multi stages attacks based on MVX analytics engine which detects zero-day, multi-flow and other evasive attacks with dynamic, signature-less analysis in a safe, virtual environment. It stops infection and compromise phases of the cyber-attack kill chain by identifying never-before-seen exploits and malware.

It has capabilities like machine learning and endpoint protection as an antivirus.

The investigation and forensic analysis have been most helpful.

They could use a Host Intrusion Prevention System (HIPS) and application control module.

If you have another endpoint product running on the same machine, you have to fine tune functions from FireEye to avoid performance and user experience issues.

It is stable. There are zero false positive solutions, not like other solutions.

We plan to increase our usage.

They have a strong technical support.

Before FireEye, we used McAfee Endpoint Protection and Trend Micro.

The setup was straightforward.

Our deployment and implementation strategies have to remain agile. Every customer requirement is different. Some implementations require a direct connection and so it will take, for SMB customers, a day more or less. For larger enterprises according to the distribution and the need for more trenches with lots of internet gateways, it could take up to five days. E.g., the deployment could take two to three days with 500 users.

Our technical team does the implementation.

We require two to three people for deployment and maintenance.

The current pricing is much better than before because they now offer product-related promotions along with some changes in product licensing. The new pricing model is better than before.

It is a yearly subscription-based product, which includes the license and hardware. There is also a subscription for technical support up to five years.

It is inexpensive with a competitive price.

We also looked at Palo Alto Networks Traps and Trend Micro.

It offers protection from the latest threats.

MVISION Endpoint is the management software for McAfee that manages the Windows Defender. It manages the Windows Defender anti-malware, Windows Defender Exploit Guard, and Windows Defender Firewall. These are the three main components that McAfee manages centrally from an ePO, and that ePO can be an on-premises ePO management server, or it can be an MVISION ePO management server on McAfee cloud. So, management can be both on the cloud and on-premises.

It's simple and very easy to use. Before MVISION Endpoint, McAfee had their own Endpoint Security software called ENS, which included their anti-malware engine. Even though ENS was a comprehensive product and a very good product as well, it was confusing for some professionals. 

In the times that we live in now, an IT personnel, even a specialized one, is a generalist. So you have an IT person who is managing the firewall and endpoint security, and also managing the ERP and backups, and the switches as well. Everything in the environment will be handed over to a single person.

A product like McAfee ENS is pretty extensive and allows for advanced configurations, especially for security professionals. However, IT personnel often fail to configure it properly. MVISION Endpoint is so much easier and so much simpler for the lay security personnel to handle. This is what I really like about it.

McAfee has an on-premises ePO server, which you can install on your environment. You can add your infrastructure and push the agents all from the console; so you literally don't have to do anything on your own. From the dashboard, you'll push the agents, install them, configure them, and manage them all from the console.

McAfee has several MVISION products. It will be really amazing if they could be consolidated into one dashboard. As of now, I know that this is on the roadmap and is expected to be released very soon. It'll unify the management of the various MVISION portfolios. It will be a great tool for improvement.

Instead of needing separate management consoles to manage some of the products in the portfolio, a unified console for MVISION Cloud, MVISION EDR, MVISION Endpoint, MVISION DLP, and the remaining MVISION portfolio would be great. I believe that McAfee is addressing this at present.

A drawback with the cloud MVISION ePO is that you can't push agents from the cloud portal. You need to download that agent, and you need to figure out a way to install that agent into the machines.

I'd like to see MVISION Endpoint for other platforms because MVISION Endpoint is only compatible with Windows 10 and Windows 2016 and above. If I were using a Linux operating system, I would not be able to use MVISION Endpoint.

I'd like to see it in the Mac operating system as well. I'd like to see cross-compatibility, which would be great. Even though McAfee has a simpler product for Androids and the iOS, it would be great to see the ease of use of MVISION Endpoint across the portfolio.

I've been using it for two years.

McAfee doesn't provide the security software. It manages the security software which is built in to the Windows 10 and Windows Servers 2016 and above. Unlike McAfee ENS, which uses its own software to do the scanning and its own signature database that could add lots of clutter to the operating system, MVISION Endpoint uses Windows Defender, so there's no added overhead for the machines. As a result, it is pretty stable.

In terms of scalability, you can deploy as many agents to as many machines and protect them from the ePO, whether it's an on-premises ePO or one on the cloud.

Technical support is great. I didn't have to interact with them that much, but they provided good support at the times when I had to reach them. They were responsive; that is, I'd get a response within the same day.

In my experience, the installation has been straightforward.

The only major issue is that if a client is going to have his ePO on the cloud, his management server will be on the cloud. So I will need to push agents to lots of machines. There is no automated deployment from the cloud to on-premises machines. That means that I need to download the McAfee agents and have to take care of the deployment and the automation on my own.

Customers would need to purchase a license. If a customer purchases an MVISION Endpoint license, he may use that license to install ENS. It's a flexible license where you have the option to either use the McAfee security software or the Windows Defender managed by McAfee, which is MVISION Endpoint.

With MVISION Endpoint, even if you don't know about cybersecurity, you can just turn on the protection checkbox. It's that easy. It was really relatable to my experience with Sophos because the configuration there was also that simple, so I really liked it.

For those who can't afford expensive cybersecurity professionals but are responsible for configuring the security of the organization, MVISION Endpoint is a good product to go with. It's flexible, and you can manage it from the cloud or on-premises.

At present, it is often used by small businesses because of its ease of use, configuration, and deployment.

It's been around on the market for a long time, and has undergone many improvements. So, on a scale from one to ten, I would rate McAfee MVISION Endpoint at eight.

We are a solution provider and McAfee MVISION Endpoint is one of the products that we implement for our clients. Our clients use it to help manage their security.

The most valuable feature is user-based policy provision. It allows for greater granularity.

Our clients use the VPN to create secure connections to their servers.

A policy-editing console should be added.

Having automatic updates would be helpful.

We have been dealing with this product for about two years.

We are completing two deployments each week and I don't have any comments with regards to stability. I would say that it's stable enough.

We have about 20 clients who are using this solution and it is easy to scale. I would estimate the number of users to be about 400.

McAfee has good support and they are very responsive.

We deal with endpoint solutions from several vendors including Sophos, Symantec, and CrowdStrike. We are still using Symantec in parallel with McAfee.

The capabilities of these products are similar and the real difference is in the support. McAfee has the best support nowadays, as Symantec takes too long to respond.

The initial setup sometimes has to be done manually because of issues with Active Directory. That said, it is not normally complex. Complexity can come from using export files because McAfee does not have a policy-editing console.

One of the recent deployments we completed required three of us 15 days. This including training people in different locations.

We implement and deploy this product for our clients.

Licensing fees are billed on a yearly basis.

I would rate this solution an eight out of ten.