The detection and response capabilities need to be improved. The product is not sharp enough in catching viruses, and we often have to use additional components alongside the pure endpoint security. Symantec, for example, might be better in this area.
Technical consultant at a construction company with 51-200 employees
Consultant
Top 20
2024-08-12T08:05:00Z
Aug 12, 2024
It is a bit technical. The user interface has some significant limitations, mainly when using HIPS on the server side, to protect files from being changed or deleted by hackers, users, or administrators. The UI only allows for the inclusion of files using wildcards. For example, it can protect an entire directory or a subdirectory, but it doesn't let you select specific files within a directory.
Learn what your peers think about Trellix Endpoint Security (ENS). Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
Information Security Professional Manager at Hermeticon
Real User
Top 10
2023-08-09T06:25:15Z
Aug 9, 2023
Performance is a problematic area in the solution needing improvement. There are some weird problems in the endpoint protection or security of the solution.
You do not have access to all the features when you use the Trellix web interface. For example, you cannot do device or drive encryption from the web interface. Also, when we're working with customers, it's sometimes challenging to get sales support. Delays mean we might lose an opportunity. Lastly, Trellix lacks some documentation about custom features. I would like to see Trellix add database activity monitoring. They don't have a plan for this, and there isn't a significant roadmap around it. They have an enterprise service manager, which is sort of like a SIEM, but there is no roadmap. I want to see a clearer roadmap for integrating specific critical solutions like PAM and other things, too.
The only challenge we found is the integration with its product modules. It has a DPP. That integration, we felt, is slightly complex. The complexity of advanced modules can be improved. They could do some improvements so that it is easier to deploy the advanced modules. We would like more in their advanced modules or ATP.
Owner / Consultant at a marketing services firm with 1-10 employees
Real User
2022-09-27T11:55:18Z
Sep 27, 2022
The quality of the dashboard could be improved, and the central monitoring dashboard needs improvement. At first, we thought we were getting multiple views. One was a wholly summarized view, and the other was a more detailed view of an endpoint device. Digging into one device's detail is sometimes difficult. Additionally, the granularity of reporting can be improved. The next release could also include an extended mobile connection for the solution.
Solutions Engineer at Trends and Technologies, Inc
Real User
Top 20
2022-06-19T05:54:09Z
Jun 19, 2022
Looking at the current ePolicy orchestrator, and the transition of most vendors to the cloud, they need to do an improvement with the current dashboard or the overall aesthetic of their GUI. They need to just keep up with the current trends. It's still a bit old-looking. That said, with the CASB, their other solutions their cloud solutions, they're already on the way with that. They are working on improving things. The initial setup can be a bit difficult. They should offer further application control. The way of doing the application control is based on an inventory scan. It would be great and it would be at par with other solutions if they would be able to improve that into a category-based application control.
We're still looking for weaknesses. The product is still quite new for us. That said, so far, every time I have thought, "I wonder if it can do this or it can do that." I've been able to do it. McAfee has also asked us for feedback, and we noticed when we gave them suggestions, they worked to implement them. For example, we asked for the ability to leverage Windows Defender instead of creating an endpoint. They've just put that in so you can choose now what you want to do. You can change that deployment and push it out without any intervention by the client as well. The initial setup can be a bit complicated for those unfamiliar with the product.
Technical Presales Consultant/ Engineer at Ingram Micro
MSP
Top 5
2021-05-08T11:56:01Z
May 8, 2021
McAfee has several MVISION products. It will be really amazing if they could be consolidated into one dashboard. As of now, I know that this is on the roadmap and is expected to be released very soon. It'll unify the management of the various MVISION portfolios. It will be a great tool for improvement. Instead of needing separate management consoles to manage some of the products in the portfolio, a unified console for MVISION Cloud, MVISION EDR, MVISION Endpoint, MVISION DLP, and the remaining MVISION portfolio would be great. I believe that McAfee is addressing this at present. A drawback with the cloud MVISION ePO is that you can't push agents from the cloud portal. You need to download that agent, and you need to figure out a way to install that agent into the machines. I'd like to see MVISION Endpoint for other platforms because MVISION Endpoint is only compatible with Windows 10 and Windows 2016 and above. If I were using a Linux operating system, I would not be able to use MVISION Endpoint. I'd like to see it in the Mac operating system as well. I'd like to see cross-compatibility, which would be great. Even though McAfee has a simpler product for Androids and the iOS, it would be great to see the ease of use of MVISION Endpoint across the portfolio.
The biggest problem we had with this product was when the DDoS (Distributed Denial of Service) did not respond well to a threat. We experienced one virus attack that the product did not catch. I do not know the exact CDC (Communication Device Class) details. That time, we did an analysis, but the systems crashed. We could not even access the infected file servers. Because we could not access the servers in that attack, we could not even remove all the threats. Eventually, what we had to do is find out which servers got infected and then we had to roll back those servers to a previous backup. It left us in a little bit of a vulnerable situation. It ended up not being what we hoped for in an endpoint solution. Because McAfee was infected, other endpoint protections were also affected that made the situation more difficult to resolve. Improvements that I would like to see in MVISION would be to provide some additional features for the cloud to make their product a one-stop solution. For example, every organization is going into hybrid-cloud. That may allow part of a solution on-site. That can be part of multi-tier platforms and would be more flexible. What they can do is offer more in order to be a leader in innovation for different architectures rather than for enterprise only. For example, the endpoint security product uses every desktop like service. They have the features for the hardware detection and the platform access, then on the application layers. These three layers are a part of the firewall. So these are the firewall and then there are other things they could be offering as a single source to create a more secure environment as a proactive solution. This is something that definitely could be improved, especially with intrusion detection and intervention. It is very important to do more to cover the security of these more invasive practices. So, they could improve things with a web application firewall, and improve intrusion detection and prevention. Those should be the key areas which they are focusing on right now to improve the utility of the product moving forward. If you have a look into the Gartner report, there are many companies that are making advances in this category of product and it means competition for McAfee.
Technical Presales Consultant - Solutions Architect at Nexus Technologies,Inc.
Reseller
2020-07-22T08:17:24Z
Jul 22, 2020
Endpoint resource utilization causes high levels of instability and that is something that needs improvement. Our clients are concerned about how it can affect their endpoints and do not want the CPU overburdened.
Trellix Endpoint Security (ENS) is a comprehensive solution designed to protect organizations from advanced cyber threats. With its advanced threat detection capabilities, ENS provides real-time visibility into endpoint activities, enabling proactive threat hunting and response.
It leverages machine learning algorithms to identify and block sophisticated malware, ransomware, and zero-day attacks. ENS also offers robust data loss prevention (DLP) features, preventing sensitive...
The detection and response capabilities need to be improved. The product is not sharp enough in catching viruses, and we often have to use additional components alongside the pure endpoint security. Symantec, for example, might be better in this area.
It is a bit technical. The user interface has some significant limitations, mainly when using HIPS on the server side, to protect files from being changed or deleted by hackers, users, or administrators. The UI only allows for the inclusion of files using wildcards. For example, it can protect an entire directory or a subdirectory, but it doesn't let you select specific files within a directory.
They could provide better integration capabilities for the product with other services.
Sometimes, one might face issues with the scalability of the product. The aforementioned area can be considered for improvement.
There is room for improvement in the pricing. The price should be improved, it's high.
The product is consolidating its portfolio into one product. It is difficult at the moment.
The solution should respond faster. Whenever Trelix runs, the system slows down.
The product could be flexible and offer better pricing. They should make it free, open-source software.
The product needs to reduce the usage of RAM and CPU.
Performance is a problematic area in the solution needing improvement. There are some weird problems in the endpoint protection or security of the solution.
You do not have access to all the features when you use the Trellix web interface. For example, you cannot do device or drive encryption from the web interface. Also, when we're working with customers, it's sometimes challenging to get sales support. Delays mean we might lose an opportunity. Lastly, Trellix lacks some documentation about custom features. I would like to see Trellix add database activity monitoring. They don't have a plan for this, and there isn't a significant roadmap around it. They have an enterprise service manager, which is sort of like a SIEM, but there is no roadmap. I want to see a clearer roadmap for integrating specific critical solutions like PAM and other things, too.
Trellix tends to get in the way and really impacts the performance of the servers quite negatively.
We'd like better UI on the management screen. It could be a bit simplified, which would make it easier to use.
The only challenge we found is the integration with its product modules. It has a DPP. That integration, we felt, is slightly complex. The complexity of advanced modules can be improved. They could do some improvements so that it is easier to deploy the advanced modules. We would like more in their advanced modules or ATP.
The quality of the dashboard could be improved, and the central monitoring dashboard needs improvement. At first, we thought we were getting multiple views. One was a wholly summarized view, and the other was a more detailed view of an endpoint device. Digging into one device's detail is sometimes difficult. Additionally, the granularity of reporting can be improved. The next release could also include an extended mobile connection for the solution.
I'm not feeling any critical care is missing in the solution. It is a very heavy tool, unfortunately. It could always be a bit more stable.
So far, McAfee MVISION Endpoint ticks off all of our boxes, but its pricing could always be better.
Looking at the current ePolicy orchestrator, and the transition of most vendors to the cloud, they need to do an improvement with the current dashboard or the overall aesthetic of their GUI. They need to just keep up with the current trends. It's still a bit old-looking. That said, with the CASB, their other solutions their cloud solutions, they're already on the way with that. They are working on improving things. The initial setup can be a bit difficult. They should offer further application control. The way of doing the application control is based on an inventory scan. It would be great and it would be at par with other solutions if they would be able to improve that into a category-based application control.
The email protection isn't efficient enough, and I'd like to see DLP features in the next release.
The price of McAfee MVISION Endpoint could improve.
I would like to see more automation.
I would like to see more local integration for the applications that we use. We are looking forward to having more unified management.
We're still looking for weaknesses. The product is still quite new for us. That said, so far, every time I have thought, "I wonder if it can do this or it can do that." I've been able to do it. McAfee has also asked us for feedback, and we noticed when we gave them suggestions, they worked to implement them. For example, we asked for the ability to leverage Windows Defender instead of creating an endpoint. They've just put that in so you can choose now what you want to do. You can change that deployment and push it out without any intervention by the client as well. The initial setup can be a bit complicated for those unfamiliar with the product.
McAfee has several MVISION products. It will be really amazing if they could be consolidated into one dashboard. As of now, I know that this is on the roadmap and is expected to be released very soon. It'll unify the management of the various MVISION portfolios. It will be a great tool for improvement. Instead of needing separate management consoles to manage some of the products in the portfolio, a unified console for MVISION Cloud, MVISION EDR, MVISION Endpoint, MVISION DLP, and the remaining MVISION portfolio would be great. I believe that McAfee is addressing this at present. A drawback with the cloud MVISION ePO is that you can't push agents from the cloud portal. You need to download that agent, and you need to figure out a way to install that agent into the machines. I'd like to see MVISION Endpoint for other platforms because MVISION Endpoint is only compatible with Windows 10 and Windows 2016 and above. If I were using a Linux operating system, I would not be able to use MVISION Endpoint. I'd like to see it in the Mac operating system as well. I'd like to see cross-compatibility, which would be great. Even though McAfee has a simpler product for Androids and the iOS, it would be great to see the ease of use of MVISION Endpoint across the portfolio.
The biggest problem we had with this product was when the DDoS (Distributed Denial of Service) did not respond well to a threat. We experienced one virus attack that the product did not catch. I do not know the exact CDC (Communication Device Class) details. That time, we did an analysis, but the systems crashed. We could not even access the infected file servers. Because we could not access the servers in that attack, we could not even remove all the threats. Eventually, what we had to do is find out which servers got infected and then we had to roll back those servers to a previous backup. It left us in a little bit of a vulnerable situation. It ended up not being what we hoped for in an endpoint solution. Because McAfee was infected, other endpoint protections were also affected that made the situation more difficult to resolve. Improvements that I would like to see in MVISION would be to provide some additional features for the cloud to make their product a one-stop solution. For example, every organization is going into hybrid-cloud. That may allow part of a solution on-site. That can be part of multi-tier platforms and would be more flexible. What they can do is offer more in order to be a leader in innovation for different architectures rather than for enterprise only. For example, the endpoint security product uses every desktop like service. They have the features for the hardware detection and the platform access, then on the application layers. These three layers are a part of the firewall. So these are the firewall and then there are other things they could be offering as a single source to create a more secure environment as a proactive solution. This is something that definitely could be improved, especially with intrusion detection and intervention. It is very important to do more to cover the security of these more invasive practices. So, they could improve things with a web application firewall, and improve intrusion detection and prevention. Those should be the key areas which they are focusing on right now to improve the utility of the product moving forward. If you have a look into the Gartner report, there are many companies that are making advances in this category of product and it means competition for McAfee.
A policy-editing console should be added. Having automatic updates would be helpful.
Endpoint resource utilization causes high levels of instability and that is something that needs improvement. Our clients are concerned about how it can affect their endpoints and do not want the CPU overburdened.