Trellix Endpoint Security Reviews

Previously, before the transition to Trellix, we used McAfee. Following a merger, FireEye now collaborates with McAfee, utilizing its console and threat intelligence.

In terms of endpoint security, I would recommend Trellix Endpoint Security, especially for users prioritizing threat intelligence and seeking an internal solution. Trellix has proven effective in areas such as blocking capabilities, device control, and application control.

Trellix Endpoint Security offers robust access protection, addressing major concerns in prevention. It provides both application control and user access control within its access protection features.

Recently, Trellix has introduced a CDR, which involves more manual response than automatic. I believe they should enhance the system by adding features like automated response and the ability to create custom playbooks. This is crucial for an EDR solution, and currently, Trellix lacks this feature while other products offer it.

I have been using this solution for the past five years.

Previously, I would have rated it around ten, but now it's more like seven. They need to enhance the EDR part and put in more effort.

For on-premise implementation, I would rate it a six as there is a need for more scalable options during the initial setup. On the other hand, for cloud implementation, I would give it a nine because it offers enabled scalability options.

I acknowledge their technical expertise in the product, but the support has not been as satisfactory as it was with McAfee. I believe there is a need for improvement, whether it's the team's capacity or response time. Previously, the response time was excellent, but now it has increased, causing frustration among customers and creating potential issues. Reducing this delay would be beneficial.

Neutral

If someone asks for a bundled solution with strong threat detection, I would recommend Trellix because it stands out as the only bundle solution with a decent amount of threat detection. While there are other bundled solutions in the market, Trellix excels in both access and detection capabilities.

Regarding the initial setup of Trellix Endpoint Security, I am accustomed to executing it accurately. I would rate it around 8.5 or 9.I have successfully implemented Trellix Endpoint Security for up to five thousand endpoints, and the process took approximately four days. For smaller enterprises, it can be completed in about one day.

I would rate the cost as four to five, considering it's normal compared to other products. I find it nominal and worth the money.

The support phase needs improvement, specifically in reducing the time taken to respond to calls. Additionally, the EDR functionality in Intelix requires enhancement. While McAfee fulfilled product functionality even without strong support, the introduction of EDR seems to be partial and lacks automated response capabilities. The overall rating for Trellix Endpoint Security would be an eight.

Customers use Trellix Endpoint Security as an anti-malware or antivirus solution that provides AI and machine learning features. The solution provides DAC (Dynamic Access Control) and HIPS (host intrusion prevention system) functionality in its firewall module. It also has a web control functionality, wherein we can allow, deny, or choose the category part and work it out.

Trellix Endpoint Security provides a single umbrella kind of architecture. A lot of different solutions come under a single umbrella and a single console. The most valuable features of the solution include DLP (data loss prevention), CASB (cloud access security broker) functionality, endpoint encryption, and cloud workload security. The solution also has features like application control, device control, and cloud DLP.

The solution's documentation is not streamlined and is in bits and pieces, which should be in a single format.

Trellix Endpoint Security should include the virtual patching feature in the next release.

I have been working with Trellix Endpoint Security for one year.

I rate Trellix Endpoint Security a nine out of ten for stability.

Trellix Endpoint Security has good scalability. Our customers for the solution are most enterprise businesses and government entities.

I rate the solution a nine out of ten for scalability.

The solution’s initial setup is easy.

I rate Trellix Endpoint Security ten out of ten for the ease of its initial setup.

The solution's deployment on the cloud is very fast because we give the requirement and get the solution. On-premises, the basic initial setup of the server takes about half an hour or one hour.

Trellix Endpoint Security is neither a cheap nor an expensive solution.

On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a four out of ten.

I am working with the latest version of Trellix Endpoint Security. We provide our customers with on-premises, on-cloud, and hybrid cloud deployment models for Trellix Endpoint Security.

Overall, I rate Trellix Endpoint Security an eight out of ten.

It is exclusively for Endpoint security. Besides that, we have subscribed to additional features such as MDX for mobile security and recently added ESL. Previously, we had Trend Micro, and at times we utilized it for malware. Comparing the three tools, I would recommend sticking with Trend Micro or Malwarebytes.

Trellix Security Endpoint can promptly isolate any host machines directly from the console. If alerts are received and isolation is necessary, it can be accomplished through the console. The console itself holds significant value, accessible through a browser and allowing remote actions via cloud login.              

If there's a possibility for remote assistance or investigation support in the future, it would be beneficial. Currently, we use another remote software for such purposes. If this feature could be included in the next version, that would be an improvement. The feature is called Remote Administration.

I have used Trellix Endpoint Security for the last two years.

It is stable and I would rate it 8 out of 10.

Scalability is 8 out of 10. 

The issue with technical support lies in the response time. When submitting a complaint, there is a delay, sometimes taking one or two days for a response. This extended timeframe is considered quite lengthy.

Neutral

The initial deployment of Trellix Endpoint Security involves some time to install agents on host machines. However, once in use, adding new versions and deploying agents to GPO becomes straightforward. It's possible to manually install agents on various devices, and the current process of deploying agents through GPO policies typically takes around ten to fifteen minutes per agent. The duration may vary based on internet connectivity, and it's generally faster when the machine is on the network.

I would rate it 8 out of 10 and it is very straightforward. 

It is reasonably priced. 

I would recommend it. I rate the solution an eight out of ten. 

The product is fairly reliable. I have been using the DLP functionality a lot. It blocks all USB-connected devices but still allows charging external devices like phones. It keeps out any malware. It does a good job of protecting our network as an enterprise solution. I mainly use it as an antivirus and DLP solution.

The product is not easy to use. Moving around in it is cumbersome. I have heard other users saying that it is cumbersome to find things. Creating and deploying policies with DLP can be really cumbersome. It can be difficult if we don’t know how to use it. Sometimes, we have difficulty in communicating with clients. Sometimes, we have to go through troubleshooting to fix it.

I have been using the solution for 17 to 18 years. I am using the latest version of the solution.

I rate the product’s stability an eight out of ten.

I rate the solution’s scalability an eight out of ten.

It's pretty straightforward to deploy the product as an enterprise solution. I create a System Tree, and I break everything out between VMs, workstations, servers, and VLANs.

We have seen a return on investment.

I would definitely tell people to try the tool. They must go through and test out different solutions. Trellix Endpoint Security is fairly easy to use and manage for an enterprise solution. I'm in the process of getting more visibility for my service desk. The ability to lock it back down and only give what I want the service desk to see is valuable because it gives it a little bit more visibility without affecting what I've done as an enterprise admin. Overall, I rate the tool a nine out of ten.

We use Trellix Endpoint Security for pattern-based scanning. We use it on all our handsets. We also use it for behavior-based adaptive threat prevention; it's a solution that will recognize malicious behavior.

I like trap prevention DNS and threat prevention.

I would like to have the ability to have more control over the deployment in the next release. If you have this console in the cloud, you cannot make pilot groups for deploying the agents. We only have the current group. So, as soon as you inject the software, it will go directly into production, which doesn't work for us. We need to build up pilot groups slowly. We already requested to have this feature on the cloud, and we are still waiting.

I have been working with Trellix Endpoint Security for about 15 years.

Trellix Endpoint Security is mostly stable. I haven't had any false positives in the last few years.

On a scale from one to ten, I would give stability a nine.

Trellix Endpoint Security is very scalable. Our company has three users, but we have more than 3000 devices.

Technical support is good, and that's an important thing to have. They are very helpful and care about our needs. The best thing is that they speak German, and we can talk to them naturally in our language.

The initial setup is quite straightforward.

Trellix Endpoint Security is best suited for large companies. I would tell potential users to find an excellent partner to configure and build a basic policy setup. A third-level contact is also essential if it's not part of your daily responsibility. 

On a scale from to ten, I would give Trellix Endpoint Security a nine.

We use it for protecting our system nodes. It's run on Windows 7 and Windows 10.

The solution is stable.

You can scale the product.

Overall it's a good product that works well. 

Technical support is always available and very helpful.

The antivirus component is very good.

It's not very user-friendly as sometimes you have to install the agents and then the agents do not get deleted from the database. Due to this, we have to manually delete it from the nodes and then again we have to install it again. When distributing the product, sometimes things get confused and we need to clean up the temporary folder.

The initial setup isn't so easy. You need to know what you are doing. 

The products are getting obsolete too early. That's one of the issues we have with McAfee. They're coming up with new products too early. We installed 10.5 in 2016, and then in 2019, or 2020, we got 10.7. Now, 10.5 is obsolete. They are upgrading the versions too fast. Due to the fact that we have a subscription, we have to upgrade it to the next level which creates some maintenance issues. 

I have been working with the solution since 2016. 

The solution is stable. There are no bugs or glitches. It doesn't crash or freeze. 

The only thing is the reliability. It changes so fast and versions become obsolete and it creates maintenance issues for us. 

The solution is scalable. We do plan to increase usage. Earlier, we had VirusScan Enterprise, however, now, as it is integrated into the ENS threat prevention, we are migrating.

We have 15 or 20 users on the solution right now. 

We have found the technical support to be very helpful. They are responsive and available when we need them to help us troubleshoot. We are satisfied with their level of service.

We haven't really used another solution in place of McAfee, although we do also use Symantec.

The initial setup is not so straightforward. It's difficult if you aren't used to McAfee. It takes time to get the hang of it. 

I'm just a customer and an end-user. I don't have a business relationship with McAfee.

I'd rate the solution at an eight out of ten. 

It serves as a comprehensive endpoint security solution that goes beyond traditional antivirus by incorporating features such as document scanning for sensitive information, approval workflows for document sharing, patch management, and advanced threat detection using AI and machine learning. It actively monitors various endpoints, including web interactions and email communications, to detect and prevent a wide range of attacks, even those that are not signature-based.

One of the standout features of this solution is its encryption capabilities and DLP functionality. It provides a robust defense against cybersecurity threats while offering user-friendly features like notifications and approval prompts. The encryption feature provides peace of mind in the event of a lost or stolen device, safeguarding sensitive conversations and data from unauthorized access. This level of protection significantly reduces the risk of extortion attempts or data breaches, making it a valuable asset for any organization. So far, I haven't experienced any security breaches or attacks.

I've encountered minor challenges related to encryption.

I have been using it for a year.

We have a user base of over one hundred individuals who use the software.

The decision to implement endpoint security software like Trellix is made at a company-wide level, involving discussions and agreements between various entities, including our parent company and potentially other subsidiaries like the one in Sweden. This decision isn't made independently by individual branches like Kenya; rather, it's coordinated and negotiated at a higher level.

I operate within a managed environment where the IT team handles the installation and setup of endpoint security software. Once installed, they provide me with the necessary details, such as login credentials and instructions for changing passwords. My role primarily involves using the machines provided to me, without needing to delve into the setup process.

Compared to the solutions, it helped us to save at least ten to twenty percent, if not more. 

I would emphasize its affordability rather than merely focusing on cheapness. It provides good value by striking a balance between cost-effectiveness and feature richness.

I would recommend conducting a proof of concept to explore the features firsthand. It's essential to understand what you currently have in place, as that will help determine whether the solution is the right fit for your needs. After that, ensure that the POC is conducted efficiently so that you can make an informed decision about whether to proceed with the solution or consider other options. Overall, , I would rate it an eight out of ten. It's a good solution that meets my needs satisfactorily.

We build our own use cases and those provided by the vendor for specific upcoming attack scenarios. Configuring the rule set using Trellix Endpoint Security is very much flexible based on the IOCs.

Trellix Endpoint Security is good for doing containment immediately. We can get visibility of processes or services running all over the enterprise, where the agent gets information on a particular end-user system. Since Trellix Endpoint Security keeps the data for three months, we can get a complete picture of the files downloaded from the end user mission. So Trellix Endpoint Security is very helpful when you do forensics. The only drawback is that we cannot change its format, and there is no workaround currently.

The most valuable feature of Trellix Endpoint Security is containment, which takes less than a minute. It also has a dual containment feature. Trellix Endpoint Security is also useful for taking the triage image, which takes roughly thirty minutes. So it's pretty fast, and we have multiple configuration sets. We can precisely take a triage image based on what you want, like endpoint logs, antivirus logs, or the RAM.

Currently, Trellix Endpoint Security can't find the running mutexes, while other open-source products can do it. Mutex is something like a malware user. Secondly, the solution should support multiple output formats for the triage image. Currently, the solution has only Mandiant format, where you can't use tools like volatility to analyze the memory image.

It would be good if Trellix Endpoint Security had a good visualization like other products, such as SentinelOne and Carbon Black.

I have been using Trellix Endpoint Security for one year and six months.

I rate Trellix Endpoint Security a seven out of ten for stability because it crashes frequently and requires a lot of maintenance.

I rate Trellix Endpoint Security a nine out of ten for scalability. We have plans to increase the usage of the solution in the future.

I rate Trellix Endpoint Security an eight out of ten for ease of initial setup.

I rate Trellix Endpoint Security a nine out of ten for pricing.

I am using the latest version of Trellix Endpoint Security. Using Trellix Endpoint Security depends upon the user's organizational needs. If their only concern is containing and taking the triage image, and if they are comfortable doing forensics with a deadline, then they can use Trellix Endpoint Security. But if some companies want to integrate their in-house or third-party tools, Trellix Endpoint Security is not a good option.

Overall, I rate Trellix Endpoint Security a nine out of ten.