I have had challenges in the past with Trellix Collaboration Security for implementation because of issues related to compatibility. Since we worked in a global company with different operating systems, it was necessary to create different plans and different actions to implement the product.One thing I really do not prefer in Trellix Collaboration Security is not related to the console. I am a McAfee fan since the McAfee tool, and I find the console of Trellix Collaboration Security to be very user-friendly and easy to use. However, I do not know if it is related to the architecture of the product. Of course, we have modern threats based on behaviors and zero days. We have today CrowdStrike and SentinelOne, where we have better results based on threats and behavior, where it is possible to create a simulation environment based on the file detected and based on it, confirm if it really is malicious or not. In general, I believe Trellix Collaboration Security improved the console based on the last console of McAfee, but I think it is possible to improve more. It really is a good product, but in my view, it needs to improve detection based on behaviors. Regarding automations, I have implemented Trellix Collaboration Security here at Johnson & Johnson, and I implemented it in the same situation at Santander Bank and BNP Paribas Bank, where I created automations to export data for different metrics, including malicious detections, compliance, baselines, scans, last scans based on the seven days, and checking of patterns. I export everything to CSV files. Based on that, I create Power BI dashboards, and in these Power BI dashboards, I have a more executive view for different metrics to provide to myself, my manager, or director to create an executive view based on it. Another important point we use here at Johnson & Johnson and other companies is a data hub or a SIEM solution, such as Elastic or ArcSight, where we select some logs to be sent and use it to build reports and metrics.
I would like to see the addition of email digital protection features, such as anti-spam and antivirus, not just sandboxing, in the on-premises solution.
There is a need for improved integration with totally different products, such as a rapid server. This is currently challenging since the management console becomes overloaded with logs, which complicates troubleshooting.
Technology is an area that is evolving every day. As changes are introduced on a day-to-day basis, I feel that my company should evaluate the products we use. In general, our company should make the tool more robust to protect our systems.
Learn what your peers think about Trellix Collaboration Security. Get advice and tips from experienced pros sharing their opinions. Updated: December 2025.
Network Security Services at ACE Managed Securty Services
Real User
Top 20
Nov 24, 2022
One thing that needs improvement with FireEye Email Security is its ability to automatically quarantine malicious emails. In some cases, the software fails to identify a malicious email, leading to it being delivered to the recipient's inbox. This can potentially put the recipient's computer at risk for infection.
Another area where FireEye Email Security could use improvement is in its reporting features. The reports generated by the software are often difficult to understand and lack important details. This can make it difficult for businesses to determine whether or not their email security system is effective at preventing spam and malware from entering their network.
There are two pain points that I experienced. One of them is it's not quite mature. Sometimes especially zero-day spam emails can be passed to the user's inbox. Sometimes customers are disturbed about that, however, it's not a big problem.
System Engineer at a tech vendor with 51-200 employees
Real User
Nov 3, 2021
I do some configurations on the backend. The cloud product is not open to the customers. If the system itself could be more open to the customer, I'd be able to configure it more specifically. The custom tailoring is limited. Not only for the FireEye product, but whether it's Forcepoint, or Cisco, etc., language support for the Korean language is needed, for console pages or everything to be translated. Everything is in English and Korean customers face a hardship with it.
Sr Manager - Information Security & Researcher at a tech services company with 1,001-5,000 employees
Real User
Aug 31, 2021
I would like the solution to be able to automatically quarantine the malicious emails before getting to the user's mailbox and continue with regular email operations. This could result in the user clicking the email before the purge operation is completed. As an additional feature, I hope for more interactive emails.
If they want to be as primary or best solution, they need to have better email management features. SMTP handling is sometimes poor because you do not have a lot of options for routing. For example, if you are using IronPort and FireEye, and you want to do some complex routing and features, IronPort will beat FireEye with no effort. The email gateway environment does its work as long as it is not too complex or sophisticated you will notice some decrease in performance.
The spam detection feature could be better. As users, we don't have any control. It detects and blocks spam based on spam engine conditions. But many emails that shouldn't be blocked are getting blocked this way, and we have to raise a ticket for the False Negative cases and it takes time to get resolved. Every time we raise ticket, support requests received original email sample all the time to resolve the cases which is not possible to provide all the time.
The reporting aspect of the solution needs improvement. The solution needs to offer antivirus and antispam features onto the on-premises deployment model.
Trellix Collaboration Security is a comprehensive solution designed to protect sensitive data and ensure secure collaboration within organizations. With the increasing reliance on digital platforms for communication and collaboration, it is crucial to have robust security measures in place. Trellix Collaboration Security offers a range of features to safeguard data and prevent unauthorized access.
One of the key features of Trellix Collaboration Security is its advanced encryption...
I have had challenges in the past with Trellix Collaboration Security for implementation because of issues related to compatibility. Since we worked in a global company with different operating systems, it was necessary to create different plans and different actions to implement the product.One thing I really do not prefer in Trellix Collaboration Security is not related to the console. I am a McAfee fan since the McAfee tool, and I find the console of Trellix Collaboration Security to be very user-friendly and easy to use. However, I do not know if it is related to the architecture of the product. Of course, we have modern threats based on behaviors and zero days. We have today CrowdStrike and SentinelOne, where we have better results based on threats and behavior, where it is possible to create a simulation environment based on the file detected and based on it, confirm if it really is malicious or not. In general, I believe Trellix Collaboration Security improved the console based on the last console of McAfee, but I think it is possible to improve more. It really is a good product, but in my view, it needs to improve detection based on behaviors. Regarding automations, I have implemented Trellix Collaboration Security here at Johnson & Johnson, and I implemented it in the same situation at Santander Bank and BNP Paribas Bank, where I created automations to export data for different metrics, including malicious detections, compliance, baselines, scans, last scans based on the seven days, and checking of patterns. I export everything to CSV files. Based on that, I create Power BI dashboards, and in these Power BI dashboards, I have a more executive view for different metrics to provide to myself, my manager, or director to create an executive view based on it. Another important point we use here at Johnson & Johnson and other companies is a data hub or a SIEM solution, such as Elastic or ArcSight, where we select some logs to be sent and use it to build reports and metrics.
I would like to see the addition of email digital protection features, such as anti-spam and antivirus, not just sandboxing, in the on-premises solution.
There is a need for improved integration with totally different products, such as a rapid server. This is currently challenging since the management console becomes overloaded with logs, which complicates troubleshooting.
Technology is an area that is evolving every day. As changes are introduced on a day-to-day basis, I feel that my company should evaluate the products we use. In general, our company should make the tool more robust to protect our systems.
The solution must provide features to scan QR codes for threats. Nowadays, threats are embedded inside QR codes.
In the next release, I'd like to see them provide more integration features.
One thing that needs improvement with FireEye Email Security is its ability to automatically quarantine malicious emails. In some cases, the software fails to identify a malicious email, leading to it being delivered to the recipient's inbox. This can potentially put the recipient's computer at risk for infection.
Another area where FireEye Email Security could use improvement is in its reporting features. The reports generated by the software are often difficult to understand and lack important details. This can make it difficult for businesses to determine whether or not their email security system is effective at preventing spam and malware from entering their network.
FireEye needs single sign-on. They say it's on their roadmap. They should also implement support for Microsoft Authenticator app for 2FA.
There are two pain points that I experienced. One of them is it's not quite mature. Sometimes especially zero-day spam emails can be passed to the user's inbox. Sometimes customers are disturbed about that, however, it's not a big problem.
I would like to see this solution become more flexible.
I do some configurations on the backend. The cloud product is not open to the customers. If the system itself could be more open to the customer, I'd be able to configure it more specifically. The custom tailoring is limited. Not only for the FireEye product, but whether it's Forcepoint, or Cisco, etc., language support for the Korean language is needed, for console pages or everything to be translated. Everything is in English and Korean customers face a hardship with it.
I would like the solution to be able to automatically quarantine the malicious emails before getting to the user's mailbox and continue with regular email operations. This could result in the user clicking the email before the purge operation is completed. As an additional feature, I hope for more interactive emails.
If they want to be as primary or best solution, they need to have better email management features. SMTP handling is sometimes poor because you do not have a lot of options for routing. For example, if you are using IronPort and FireEye, and you want to do some complex routing and features, IronPort will beat FireEye with no effort. The email gateway environment does its work as long as it is not too complex or sophisticated you will notice some decrease in performance.
The spam detection feature could be better. As users, we don't have any control. It detects and blocks spam based on spam engine conditions. But many emails that shouldn't be blocked are getting blocked this way, and we have to raise a ticket for the False Negative cases and it takes time to get resolved. Every time we raise ticket, support requests received original email sample all the time to resolve the cases which is not possible to provide all the time.
The reporting aspect of the solution needs improvement. The solution needs to offer antivirus and antispam features onto the on-premises deployment model.