Trellix Endpoint Security Reviews

I work for a company that is a McAfee partner. We sell the solution, and we have engineers that implement the solutions. Basically, I am part of the technical staff that implements the solution on-premise.

We use endpoint security for our clients. We configure policies to scan the computer every single day in some cases and every week or even every moment. Basically, it protects the endpoint, and we have policies to do advanced threat protection.

Thanks to the implementation of this tool, we have managed to avoid massive virus infection, have visibility into console events and be able to implement action plans to contain threats.

Threat prevention is valuable because most clients use other solutions like antivirus as part of web protection. I don't find that kind of solution useful. We use the firewall to protect the client's network or even blocks and some kind of traffic that the computer received. The ATP model, I think, is one of the most important features because it can protect the computer when an application doesn't work as expected. It will alert and send messages to the ePO, and we can see everything.

The local technical support could be better. It would also help if the engineers can develop some automation features for the on-prem ePO. For example, in the on-prem ePO, you can store the endpoint using the IP address or using text, or using the default version. But in the MVISION ePO, you don't have that kind of feature. It's complicated to sort the endpoint because you have to do it manually.

I also think the detailed level of the detection could be better. In some cases, it's very complicated to figure out which file is the one that is actually impacted, depending on the dashboard you see. The dashboard is one of the most important things in the ePO because it's where you can see everything in a central location. But sometimes, you need to change from one view to another view to find what you're looking for.

I have been using McAfee Endpoint Security for about three years.

It's very stable. It works as expected, and I am very happy with this solution.

This is a very flexible product. It can be installed on a single physical or virtual server, or well installed on a windows cluster, and if you want to explore other modes it can also be implemented in the AWS cloud or as a SAAS.

In some cases, if the report comes from India or America, it's basically an open and shut case. But if the support comes from Latin America, you probably have to scale that problem to another area or another region. You need a person that has more experience with the product.

No. 

The initial setup can be both straightforward or complex. Some documentation on clients is very slow. Basically, we spent time implementing the ePO version because sometimes the database from the ePO is too big, and we need to do some things to the database to shrink the space, and it doesn't always work as expected. Sometimes, we have to follow one, two, or three steps to get the data and various scenarios to increase the number of steps because troubleshooting wasn't working.

If we implement MVISION, eventually, it would take around three hours because we have to install the software on the server. We have to do all the upgrades and implement some upgrades to the ePO software. Basically, it's three hours, but it can take five to six hours, depending on the data's size.

We implement this solution for our customers. If you are an engineer, and you have the experience, you can do it. If someone doesn't have experience with the OS, with Windows, or with the product, you might need specialized engineers.

For the issue of implementation costs, you require that the partner you use has qualified personnel to carry out this activity or you can use the professional services of McAfee, but these can be somewhat expensive.

Our clients ask us about other solutions like Cylance. I have one client that uses CrowdStrike. If you compare Cylance and McAfee Endpoint Security, the main difference is support. 

McAfee is excellent. You can ask any questions, and with a couple of clicks, you will find the answer to the issue. If you don't find it, you can open a support ticket. Sometimes, the McAfee solutions are very complex to configure. Just in some topics, but on the other hand, very simple to configure.

I recommend that the client needs to be aware of what McAfee can do for them. If the engineer can implement the solution, he'll just follow the book, and he's not going to get the best experience from the product.

To not impact the computer or the endpoint's performance, you need to finetune the policies. If the engineer doesn't have that kind of experience, you won't get the best out of the product. The client needs to get an engineer with a lot of performance tuning experience to get the most out of the product.

On a scale from one to ten, I would give McAfee Endpoint Security a nine.

Controlling and Monitoring Change
Change control processes are often reactive and require manual responses, an ineffective approach to combating today’s threats and handling the growing number of devices in the IT infrastructure. The Security Connected approach from McAfee ensures that every desktop, server, application, network device, and database is in the scope of a change control solution, giving you critical visibility into who is using your systems and what activities are taking place.

Enabling Consumerization of the Workforce
A flood of iPhones, iPads, Android devices, and employee-owned laptops is hitting the workplace, bringing better productivity but also new security risks. Learn how businesses can effectively and securely enable the use of consumer-owned devices in the enterprise by protecting how data is being manipulated and controlling network access across mobile devices, laptops, desktops, and virtual desktops.

Managing Security and Risk
Limit your exposure to security risks that reveal customer data and internal assets. This solution guide addresses the importance of implementing a strategic security and risk management program focused on prevention and protection — helping you reduce incidents and risks throughout your entire IT infrastructure.

Obtaining Benefit from PCI
McAfee helps enterprises take a formal, strategic approach to meeting PCI DSS requirements — an implementation that can yield other cost saving and operational benefits to the business. McAfee compliance solutions automatically assess compliance status, proactively respond to any issues or potential violations, and continuously monitor controls across the enterprise.

Protecting Information
Your company’s sensitive information, including intellectual property, financial records, and personal information about employees and customers, is an attractive target for cybercriminals. The Security Connected approach from McAfee helps you secure sensitive information on databases, file servers, smartphones, email servers, and USB drives — while keeping it accessible to multiple users and groups.

Protecting Information from Insider Threats
Don’t overlook the threats to your data and network from company insiders. To address these risks, McAfee provides a new level of visibility into your organization with security controls that work together across endpoints, networks, and data to improve incident detection, protection, and response capabilities.

The following are the main features of the McAfee Suite:

1. Threat/risk protection at the core level: All of the components , including the antivirus and exploit functionalities, all communicate with each other on a real-time basis.
2. Machine learning: The McAfee Suite consists of sophisticated learning algorithms in order to precisely identify and confirm the presence of any malware, primarily based on their signature profiles.
3. The containment of applications: With this feature, your IT security staff can mitigate the damaging impacts of malicious files (such as those found in phishing emails) and other types of malware by blocking them from entering further into your network infrastructure, and from there, isolating them.
4. Endpoint Detection and Response (EDR): EDR is now fully integrated into the McAfee Suite and is completely automated. Any risks and threats can be curtailed by just a few clicks of the mouse.
5. Centralized management: The McAfee ePolicy Orchestrator is a specific tool that allows for your IT Security staff to a get a much greater visibility and insight into your network infrastructure with easy-to-use and understandable at-a-glance dashboards.
6. Proactive learning analysis: With machine learning algorithms, the McAfee Suite can quickly create models of your organization’s cyber-threat landscape and what potential malware attack vectors could like in the future.
7. Sophisticated levels of anti-malware protection: The engine that drives the McAfee Suite is updated on a 24-7 basis via the McAfee Global Threat Intelligence feeds.
8. Advanced threat forensic capabilities: With this functionality, your IT security staff can quickly determine where the malware resides in your network infrastructure, how they evolved and penetrated your lines of defense, and how long they have stayed in your systems.
9. Malware behavior monitoring: This tool of the McAfee Suite can actually record the “behavior” of the malware in question while also studying its Attack Techniques and Procedures (TPPs). It comes with a comprehensive alert system and can even provide a sophisticated review (or “playback”) for the network administrator.
10. Migration assistant: This functionality allows for your IT security staff to quickly migrate network security policies from legacy platforms into the McAfee Suite.

Business Support some times lazy but once they on board they will get the job done.

With McAfee ePO software, you can scale your network vertically or horizontally.

• Vertical scalability — Adding and upgrading to bigger, faster hardware to manage larger and larger environments. Scaling vertically is accomplished by upgrading your server hardware, and installing McAfee ePO on multiple servers throughout your network, each with its own database.
• Horizontal scalability — Increasing the size of the environment that one McAfee ePOserver can manage. Scaling horizontally is accomplished by installing additional Agent Handlers, all sharing a single database.

  Make sure the McAfee ePO infrastructure is scaled to handle major peaks in outbreak situations.

Technical support is getting better now, but previously, the support was not optimum or not available.  when we opened a case, the engineer took too much time to listen to us and then they collect all the information. But then he never came back to us. Sometimes, five days, three days, sometimes even two months would pass and nothing would happen. But now I can see that the tremendous change. From the moment you open a case, in the next hour, you will get a response from the technical support, so now I'm feeling that the support is getting better.

Installing McAfee products is very easy. Not only at the endpoint. Any McAfee product, because of the Product and Installation guide available with good detailing,and the availability in the community & knowledge base articles. Most of the blogs you find even outside of the McAfee community, which help me in the deployment of McAfee products. So installation never seems to be hard for me.

Experts

20 Months or less depending on each organization

There are many other endpoint security solutions that are available today, but McAfee Suite has several distinct advantages when you make a procurement decision. For example:

• All of the information, data, malware signature profiles, intelligence gathering, alerts, warnings and so on can be accessed and viewed very easily from just one console
• You do not have to overspend on security technology, because all of the features described earlier comes as one unified, cohesive set. McAfee Suite also leverages all of the existing security features of the operating systems and virtualized environments also previously mentioned. So in the end, there is really nothing more that you need to add on
• McAfee Suite can work as a single security solution for all kinds and types of device hardware and software such as workstations, servers, wireless/mobile devices, containers, virtual instances, and even those objects found in the Internet of Things (IoT)
• McAfee Suite has been comprehensively tested by certified third parties and has proven itself in the real world

As of July 2016 we updated our version of Endpoint encryption from V5.03 to V7.03 with an updated deployment console it is much more convenient to navigate and to recover the user \ machine password process is so less cumbersome ..

thumbs up to this version ...

All the care facilities are mandated by the State to protect patient information. McAfee Complete Endpoint Protection has helped us to enforce that mandate, protecting both staff and patient information data. That's why the most value that it provides to us is simply and obviously the fact that it does a very good job of overall endpoint encryption.

The virus scanning in Enterprise V8 needs improvement. Also, the spyware protection needs to be be more expansive.

We've used it for six years.

The deployment from the ePolicy Orchestator console to either re-imaged or rebuilt laptops was sporadic and not reliable enough to be standalone.

We have had no issues with the stability.

We have had no issues scaling it for our needs.

very good ....

Technical support is excellent. We've worked with them a lot over the years, some days for hours at a time.

SafeBoot encryption was purchased by McAfee shortly after we deployed it to our fleet of laptops. We simply inherited it by use of encryption.

The initial setup was straightforward, as we tried to automate the deployment of AV. However, it got more cumbersome after that, requiring a lot more of our time and resources.

It was implemented by our in-house team and then deployed using the McAfee ePolicy server that's designated for McAfee deployments only.

This was all managed by our IT director.

Overall, the product is good. You need to get advice on the overall deployment to your infrastructure from McAfee before any roll-out.

Some of the solution's primary use cases include successfully adding devices through ESM GUI and setting up data storage via ELM.

Trellix Endpoint Security's dashboard is very flexible, and I can create my own user-specific dashboard depending on user privilege or preference.

With Trellix Endpoint Security, adding a device as a data source can be done one by one. Whenever I try to add a device like a firewall or a server, the accounts are enrolled one by one per added data source. It would be a lot easier if I could add multiple user accounts within a single device.

I have been testing Trellix Endpoint Security for around three months.

I have tried to contact the solution's technical support team. Whenever I tried to ask for partner support, the Trellix website would ask for my company email details. Then an email would come to my inbox saying that Trellix would get back to me shortly, but unfortunately, they did not. So I couldn't contact Trellix Endpoint Security's technical support.

I have worked with other security tools, such as CrowdStrike. The flexibility of the dashboard and filtering are useful features in Trellix Endpoint Security. Also, adding different elements to the SIEM infrastructure is not that complicated with Trellix Endpoint Security.

There's no need for any additional configuration settings to install Trellix Endpoint Security. You just access the web UI, and that's it.

It took me two months to implement Trellix Endpoint Security because of our company's hardware limitations.

My implementation strategy for Trellix Endpoint Security was to build a demonstration based on what the company would like me to do. So I built a SIEM infrastructure and got the images of the different tools first. Then from there, I tried to connect the different devices before I connected the data sources.

My advice is that users should have a fair background in MQL, which really helps a lot in investigating.

Overall, I rate Trellix Endpoint Security an eight out of ten.

I use this solution for system security protection.

McAfee has helped our organization by keeping all of our computer systems secure from viruses or other intrusions.

The most valuable feature is the centralized console where everything can be controlled by the administration. McAfee is always improving and is coming out with advanced cloud strategies, you can always rely on them now and for many years ahead.

There are times the solution has some additional software added that is not fully integrated properly, such as Exchange Group Shield. It is quite old and is not fully integrated properly and could be improved.

In an upcoming release, there could be an improvement in performance. There are times the solution can use a lot of resources on the local machines. This normally happens when the system is scanning, the end-user can really notice the performance change. After every new version that is released, there are improvements made. However, there is still room for improvement.

I have been using this solution for approximately 15 years.

The stability is good, whenever there is an issue there is an update or solution to fix it shortly after.

The scalability has been good for us, we have not expanded very much to know more.

The technical support could be improved. We currently have business support and this has been a lot better than the regular support. The business support is more responsive and the resolutions are more thorough. 

The price of the solution is fair, we have a complete security package.

The solution is very good but it is useful and important to have good experience with the endpoint testing machine.

I rate McAfee Endpoint Security nine out of ten.

The most valuable feature that I've found most useful is the availability of seamless AES 256 full-disk encryption.

I don't need to worry about the content of a laptop if it's lost or stolen. It provides better security of laptops when doing foreign travel.

I think encryption needs to move to an all hardware-based solution. Software encryption is less efficient than hardware-based. Intel purchased McAfee a few years ago, so this company is set up from the chipset point-of-view.

We've used it for six years.

Initially, we ran into issues running full-disk encryption and certain versions of disk defragmentation software. However, this has now been resolved.

There have been no issues with the stability.

We have had no issues scaling it for our needs.

9/10. I've found technical support to be very good and responsive.

We selected this endpoint protection solution due to its multi-platform support, not just Windows (e.g BitLocker). Other reasons were that it has enterprise key storage and recovery, which is very important to us.

It's fairly easy to get going. It's been around for a while now, and there are lots of use cases. You just just need to follow the best practice installation documentation.

We implemented it with the help of a McAfee vendor team.

Everything has a cost. During the initial product evaluation, price was considered but it was not a show stopper.

The central management console, ePO, is very useful. It incorporates file/folder encryption as well as encrypted thumb drive registration and policy management.

We primarily use the solution for endpoint security.

The remote installation capabilities are very helpful for us. Its automatic installation is a good feature.

The malware detection is very good. 

The features, for the most part, are reliable. When installed as endpoint security, ransomware detected on any endpoint will be automatically quarantined there. It's then disconnected from the network and users are able to clean up that particular wireless area.

The initial setup isn't too difficult.

The solution scales well.

The solution offers good patches pretty regularly.

The solution takes up a high amount of memory and can cause the system to hang.

The malware detection, as good as it is, does not seem to be deployed correctly. It's not doing system quarantine. If a system gets attacked by ransomware, it's not going to be quarantined correctly.

If someone wants to filter or asks the system, "Please remove that antivirus we don't want it here," due to the fact that we don't want to work on a specific system, we get frustrated as it won't remove itself. It just starts scanning when we don't want it to and it begins to slow down everything when we need to do important work. 

We would like there to be better reports that we could take to management to have them be able to look at.

Recently, we have seen that Ransomware updating is starting with just SQL services. It would be nice if it was offered across the board.

I've been using the solution for about one year at this point. It hasn't been too long.

While the system is stable and we are getting malware protection, we've found that the one big thing is that we are getting performance issues. Every system goes slow. There is a significant slowdown when we install the McAfee agent. That's one of the big issues we're just facing continually.

The solution scales quite well. If a company needs to expand it, it can do so with ease.

We don't get any support from McAfee. If the endpoint server is down or something is not working, or the data is not connected, you may need technical support, however, in truth, we haven't had any type of these problems. From the server-side, it was working perfectly, providing the proper reports. We haven't had any real issues and therefore haven't needed to reach out.

I have some experience with Sophos and Trend Micro Apex One. I find them to be a bit better than McAfee in terms of capabilities.

The initial setup is pretty straightforward. It's not overly complex. A company shouldn't have any issues with the implementation process. It's pretty normal, pretty standard.

We're just a customer and an end-user.

We're doing the latest version of the solution. I do not have the version number on-hand.

50% of companies are facing ransomware issues right now. We have also faced that in the past. That's why we have looked into Apex One. We have installed that. All systems are under Apex One. Everything is updated, however, it's not protected as it's not continuously communicating with the data centers. They are not updating the algorithm as they should. They need to make improvements to that part. 

Overall, I would rate the solution eight out of ten.

I'd recommend the solution for companies just working with a few documents, however, if you are an enterprise, you might find that the solution slows down your system and it could affect your work in general.

We use this product for endpoint server protection and content security.

What I like best is the integrated end-to-end security that works with the security information and events manager. It's a complete suite.

Technical support is an area that can be improved because sometimes, the response time is a bit slow and the explanation is short.

We have been using McAfee Endpoint Security for three years.

This is a stable product.

McAfee Endpoint Security is scalable. We have approximately 3,000 users.

We have used technical support in the past and I find that their response time can be a little bit slow. Also, they provide less of an explanation than we expect.

At this time, we use the complete suite of McAfee solutions. However, we used to use Trend Micro.

The initial setup is pretty straightforward because it comes with the central admin manager. This means that it can be deployed or pushed from this console.

It takes a couple of hours to roll this solution out to about 500 users.

My in-house team is responsible for deployment and maintenance. There are three people in our support team.

If the price of this product were lower then it would be much more attractive.

Since the maintenance is done by our own team, the price of the subscription should really be cheaper.

This is indeed a premium product when compared to others.

Feature-wise, I am happy with this product and we have no plans to change it at the moment. It is a product that I recommend.

I would rate this solution an eight out of ten.