Trellix Endpoint Security Reviews

In Trellix Endpoint Security, I use all modules, including firewall and web control, except for encryption.

There are certain shortcomings in the features concerning DLP in Trellix, where certain additions must be made in the future.

I have been using Trellix Endpoint Security for five years. My company is a customer of the solution.

It is a stable solution. If I consider using Trellix Endpoint Security right now, I won't find it a problem since it is a good product to use.

There are around 800 users of the solution in my company.

The solution's technical support is good. Whenever I open or raise a ticket with Trellix's support team, I get a response from their end.

I rate the technical support a nine out of ten.

Positive

The implementation part of the product is not difficult. From an implementation perspective, I find the product to be good enough.

For me, the product's deployment in all endpoints takes an hour, and it is a simple process. I don't know if the deployment process is still simple or not and whether improvements have been made to the solution.

I find Trellix Endpoint Security to be a good product. In Trellix Endpoint Security, it is not simple to understand the policies and rules, but it is good as an antivirus product. Trellix Endpoint Security is not easy to use, especially since the mechanism of communication is not very good.

I rate the overall product an eight out of ten.

I have found DLP to be a valuable feature.

When it comes to DLP or McAfee Security Encryption, with which I am happy, I like to make use of the solution for Vault, but find that the encryption is problematic. The system needs reforming. Suppose the solution is utilized on a laptop or desktop and the client wishes to make an assignment to another person but forgot his password. The data cannot be archived or backed up. 

I have been using McAfee Endpoint Security for the past five years.

The solution is reliable.

Previously, I used the solution for a single site consisting of nearly 300 users. However, as I found it to also be a good tool for DLP endpoint, I now use it for another client with nearly 700 users.

Counting from one to ten, this being the highest, I fully support the solution's technical services.

The initial setup is very simple, allowing a person to get the videos or documents on the internet. 

The deployment takes one to two days.

I do licensing on an annual basis and this is what I always recommend to my clients over the monthly option. This is because all my clients are long-term and do not wish to pay on a monthly basis, instead preferring licenses of, perhaps, three years with an additional one or two year option. 

I am using the latest version of the solution minus one. 

Some of our clients deploy the solution on-premises and others use clouds, such as AWS or IBM Cloud. I'm actually a service partner with IBM Cloud and the community manager with AWS Cloud.

We currently have two or three clients utilizing the solution and it can be said that it is a good product. 

The solution is really good and competitively priced, so someone wishing to secure his enterprise or make use of it in an inexpensive fashion should do so. 

I would rate it a seven out of ten. 

I work for a company that is a McAfee partner. We sell the solution, and we have engineers that implement the solutions. Basically, I am part of the technical staff that implements the solution on-premise.

We use endpoint security for our clients. We configure policies to scan the computer every single day in some cases and every week or even every moment. Basically, it protects the endpoint, and we have policies to do advanced threat protection.

Thanks to the implementation of this tool, we have managed to avoid massive virus infection, have visibility into console events and be able to implement action plans to contain threats.

Threat prevention is valuable because most clients use other solutions like antivirus as part of web protection. I don't find that kind of solution useful. We use the firewall to protect the client's network or even blocks and some kind of traffic that the computer received. The ATP model, I think, is one of the most important features because it can protect the computer when an application doesn't work as expected. It will alert and send messages to the ePO, and we can see everything.

The local technical support could be better. It would also help if the engineers can develop some automation features for the on-prem ePO. For example, in the on-prem ePO, you can store the endpoint using the IP address or using text, or using the default version. But in the MVISION ePO, you don't have that kind of feature. It's complicated to sort the endpoint because you have to do it manually.

I also think the detailed level of the detection could be better. In some cases, it's very complicated to figure out which file is the one that is actually impacted, depending on the dashboard you see. The dashboard is one of the most important things in the ePO because it's where you can see everything in a central location. But sometimes, you need to change from one view to another view to find what you're looking for.

I have been using McAfee Endpoint Security for about three years.

It's very stable. It works as expected, and I am very happy with this solution.

This is a very flexible product. It can be installed on a single physical or virtual server, or well installed on a windows cluster, and if you want to explore other modes it can also be implemented in the AWS cloud or as a SAAS.

In some cases, if the report comes from India or America, it's basically an open and shut case. But if the support comes from Latin America, you probably have to scale that problem to another area or another region. You need a person that has more experience with the product.

No. 

The initial setup can be both straightforward or complex. Some documentation on clients is very slow. Basically, we spent time implementing the ePO version because sometimes the database from the ePO is too big, and we need to do some things to the database to shrink the space, and it doesn't always work as expected. Sometimes, we have to follow one, two, or three steps to get the data and various scenarios to increase the number of steps because troubleshooting wasn't working.

If we implement MVISION, eventually, it would take around three hours because we have to install the software on the server. We have to do all the upgrades and implement some upgrades to the ePO software. Basically, it's three hours, but it can take five to six hours, depending on the data's size.

We implement this solution for our customers. If you are an engineer, and you have the experience, you can do it. If someone doesn't have experience with the OS, with Windows, or with the product, you might need specialized engineers.

For the issue of implementation costs, you require that the partner you use has qualified personnel to carry out this activity or you can use the professional services of McAfee, but these can be somewhat expensive.

Our clients ask us about other solutions like Cylance. I have one client that uses CrowdStrike. If you compare Cylance and McAfee Endpoint Security, the main difference is support. 

McAfee is excellent. You can ask any questions, and with a couple of clicks, you will find the answer to the issue. If you don't find it, you can open a support ticket. Sometimes, the McAfee solutions are very complex to configure. Just in some topics, but on the other hand, very simple to configure.

I recommend that the client needs to be aware of what McAfee can do for them. If the engineer can implement the solution, he'll just follow the book, and he's not going to get the best experience from the product.

To not impact the computer or the endpoint's performance, you need to finetune the policies. If the engineer doesn't have that kind of experience, you won't get the best out of the product. The client needs to get an engineer with a lot of performance tuning experience to get the most out of the product.

On a scale from one to ten, I would give McAfee Endpoint Security a nine.

Controlling and Monitoring Change
Change control processes are often reactive and require manual responses, an ineffective approach to combating today’s threats and handling the growing number of devices in the IT infrastructure. The Security Connected approach from McAfee ensures that every desktop, server, application, network device, and database is in the scope of a change control solution, giving you critical visibility into who is using your systems and what activities are taking place.

Enabling Consumerization of the Workforce
A flood of iPhones, iPads, Android devices, and employee-owned laptops is hitting the workplace, bringing better productivity but also new security risks. Learn how businesses can effectively and securely enable the use of consumer-owned devices in the enterprise by protecting how data is being manipulated and controlling network access across mobile devices, laptops, desktops, and virtual desktops.

Managing Security and Risk
Limit your exposure to security risks that reveal customer data and internal assets. This solution guide addresses the importance of implementing a strategic security and risk management program focused on prevention and protection — helping you reduce incidents and risks throughout your entire IT infrastructure.

Obtaining Benefit from PCI
McAfee helps enterprises take a formal, strategic approach to meeting PCI DSS requirements — an implementation that can yield other cost saving and operational benefits to the business. McAfee compliance solutions automatically assess compliance status, proactively respond to any issues or potential violations, and continuously monitor controls across the enterprise.

Protecting Information
Your company’s sensitive information, including intellectual property, financial records, and personal information about employees and customers, is an attractive target for cybercriminals. The Security Connected approach from McAfee helps you secure sensitive information on databases, file servers, smartphones, email servers, and USB drives — while keeping it accessible to multiple users and groups.

Protecting Information from Insider Threats
Don’t overlook the threats to your data and network from company insiders. To address these risks, McAfee provides a new level of visibility into your organization with security controls that work together across endpoints, networks, and data to improve incident detection, protection, and response capabilities.

The following are the main features of the McAfee Suite:

1. Threat/risk protection at the core level: All of the components , including the antivirus and exploit functionalities, all communicate with each other on a real-time basis.
2. Machine learning: The McAfee Suite consists of sophisticated learning algorithms in order to precisely identify and confirm the presence of any malware, primarily based on their signature profiles.
3. The containment of applications: With this feature, your IT security staff can mitigate the damaging impacts of malicious files (such as those found in phishing emails) and other types of malware by blocking them from entering further into your network infrastructure, and from there, isolating them.
4. Endpoint Detection and Response (EDR): EDR is now fully integrated into the McAfee Suite and is completely automated. Any risks and threats can be curtailed by just a few clicks of the mouse.
5. Centralized management: The McAfee ePolicy Orchestrator is a specific tool that allows for your IT Security staff to a get a much greater visibility and insight into your network infrastructure with easy-to-use and understandable at-a-glance dashboards.
6. Proactive learning analysis: With machine learning algorithms, the McAfee Suite can quickly create models of your organization’s cyber-threat landscape and what potential malware attack vectors could like in the future.
7. Sophisticated levels of anti-malware protection: The engine that drives the McAfee Suite is updated on a 24-7 basis via the McAfee Global Threat Intelligence feeds.
8. Advanced threat forensic capabilities: With this functionality, your IT security staff can quickly determine where the malware resides in your network infrastructure, how they evolved and penetrated your lines of defense, and how long they have stayed in your systems.
9. Malware behavior monitoring: This tool of the McAfee Suite can actually record the “behavior” of the malware in question while also studying its Attack Techniques and Procedures (TPPs). It comes with a comprehensive alert system and can even provide a sophisticated review (or “playback”) for the network administrator.
10. Migration assistant: This functionality allows for your IT security staff to quickly migrate network security policies from legacy platforms into the McAfee Suite.

Business Support some times lazy but once they on board they will get the job done.

With McAfee ePO software, you can scale your network vertically or horizontally.

• Vertical scalability — Adding and upgrading to bigger, faster hardware to manage larger and larger environments. Scaling vertically is accomplished by upgrading your server hardware, and installing McAfee ePO on multiple servers throughout your network, each with its own database.
• Horizontal scalability — Increasing the size of the environment that one McAfee ePOserver can manage. Scaling horizontally is accomplished by installing additional Agent Handlers, all sharing a single database.

  Make sure the McAfee ePO infrastructure is scaled to handle major peaks in outbreak situations.

Technical support is getting better now, but previously, the support was not optimum or not available.  when we opened a case, the engineer took too much time to listen to us and then they collect all the information. But then he never came back to us. Sometimes, five days, three days, sometimes even two months would pass and nothing would happen. But now I can see that the tremendous change. From the moment you open a case, in the next hour, you will get a response from the technical support, so now I'm feeling that the support is getting better.

Installing McAfee products is very easy. Not only at the endpoint. Any McAfee product, because of the Product and Installation guide available with good detailing,and the availability in the community & knowledge base articles. Most of the blogs you find even outside of the McAfee community, which help me in the deployment of McAfee products. So installation never seems to be hard for me.

Experts

20 Months or less depending on each organization

There are many other endpoint security solutions that are available today, but McAfee Suite has several distinct advantages when you make a procurement decision. For example:

• All of the information, data, malware signature profiles, intelligence gathering, alerts, warnings and so on can be accessed and viewed very easily from just one console
• You do not have to overspend on security technology, because all of the features described earlier comes as one unified, cohesive set. McAfee Suite also leverages all of the existing security features of the operating systems and virtualized environments also previously mentioned. So in the end, there is really nothing more that you need to add on
• McAfee Suite can work as a single security solution for all kinds and types of device hardware and software such as workstations, servers, wireless/mobile devices, containers, virtual instances, and even those objects found in the Internet of Things (IoT)
• McAfee Suite has been comprehensively tested by certified third parties and has proven itself in the real world

As of July 2016 we updated our version of Endpoint encryption from V5.03 to V7.03 with an updated deployment console it is much more convenient to navigate and to recover the user \ machine password process is so less cumbersome ..

thumbs up to this version ...

All the care facilities are mandated by the State to protect patient information. McAfee Complete Endpoint Protection has helped us to enforce that mandate, protecting both staff and patient information data. That's why the most value that it provides to us is simply and obviously the fact that it does a very good job of overall endpoint encryption.

The virus scanning in Enterprise V8 needs improvement. Also, the spyware protection needs to be be more expansive.

We've used it for six years.

The deployment from the ePolicy Orchestator console to either re-imaged or rebuilt laptops was sporadic and not reliable enough to be standalone.

We have had no issues with the stability.

We have had no issues scaling it for our needs.

very good ....

Technical support is excellent. We've worked with them a lot over the years, some days for hours at a time.

SafeBoot encryption was purchased by McAfee shortly after we deployed it to our fleet of laptops. We simply inherited it by use of encryption.

The initial setup was straightforward, as we tried to automate the deployment of AV. However, it got more cumbersome after that, requiring a lot more of our time and resources.

It was implemented by our in-house team and then deployed using the McAfee ePolicy server that's designated for McAfee deployments only.

This was all managed by our IT director.

Overall, the product is good. You need to get advice on the overall deployment to your infrastructure from McAfee before any roll-out.

Some of the solution's primary use cases include successfully adding devices through ESM GUI and setting up data storage via ELM.

Trellix Endpoint Security's dashboard is very flexible, and I can create my own user-specific dashboard depending on user privilege or preference.

With Trellix Endpoint Security, adding a device as a data source can be done one by one. Whenever I try to add a device like a firewall or a server, the accounts are enrolled one by one per added data source. It would be a lot easier if I could add multiple user accounts within a single device.

I have been testing Trellix Endpoint Security for around three months.

I have tried to contact the solution's technical support team. Whenever I tried to ask for partner support, the Trellix website would ask for my company email details. Then an email would come to my inbox saying that Trellix would get back to me shortly, but unfortunately, they did not. So I couldn't contact Trellix Endpoint Security's technical support.

I have worked with other security tools, such as CrowdStrike. The flexibility of the dashboard and filtering are useful features in Trellix Endpoint Security. Also, adding different elements to the SIEM infrastructure is not that complicated with Trellix Endpoint Security.

There's no need for any additional configuration settings to install Trellix Endpoint Security. You just access the web UI, and that's it.

It took me two months to implement Trellix Endpoint Security because of our company's hardware limitations.

My implementation strategy for Trellix Endpoint Security was to build a demonstration based on what the company would like me to do. So I built a SIEM infrastructure and got the images of the different tools first. Then from there, I tried to connect the different devices before I connected the data sources.

My advice is that users should have a fair background in MQL, which really helps a lot in investigating.

Overall, I rate Trellix Endpoint Security an eight out of ten.

I use this solution for system security protection.

McAfee has helped our organization by keeping all of our computer systems secure from viruses or other intrusions.

The most valuable feature is the centralized console where everything can be controlled by the administration. McAfee is always improving and is coming out with advanced cloud strategies, you can always rely on them now and for many years ahead.

There are times the solution has some additional software added that is not fully integrated properly, such as Exchange Group Shield. It is quite old and is not fully integrated properly and could be improved.

In an upcoming release, there could be an improvement in performance. There are times the solution can use a lot of resources on the local machines. This normally happens when the system is scanning, the end-user can really notice the performance change. After every new version that is released, there are improvements made. However, there is still room for improvement.

I have been using this solution for approximately 15 years.

The stability is good, whenever there is an issue there is an update or solution to fix it shortly after.

The scalability has been good for us, we have not expanded very much to know more.

The technical support could be improved. We currently have business support and this has been a lot better than the regular support. The business support is more responsive and the resolutions are more thorough. 

The price of the solution is fair, we have a complete security package.

The solution is very good but it is useful and important to have good experience with the endpoint testing machine.

I rate McAfee Endpoint Security nine out of ten.

The most valuable feature that I've found most useful is the availability of seamless AES 256 full-disk encryption.

I don't need to worry about the content of a laptop if it's lost or stolen. It provides better security of laptops when doing foreign travel.

I think encryption needs to move to an all hardware-based solution. Software encryption is less efficient than hardware-based. Intel purchased McAfee a few years ago, so this company is set up from the chipset point-of-view.

We've used it for six years.

Initially, we ran into issues running full-disk encryption and certain versions of disk defragmentation software. However, this has now been resolved.

There have been no issues with the stability.

We have had no issues scaling it for our needs.

9/10. I've found technical support to be very good and responsive.

We selected this endpoint protection solution due to its multi-platform support, not just Windows (e.g BitLocker). Other reasons were that it has enterprise key storage and recovery, which is very important to us.

It's fairly easy to get going. It's been around for a while now, and there are lots of use cases. You just just need to follow the best practice installation documentation.

We implemented it with the help of a McAfee vendor team.

Everything has a cost. During the initial product evaluation, price was considered but it was not a show stopper.

The central management console, ePO, is very useful. It incorporates file/folder encryption as well as encrypted thumb drive registration and policy management.