The solution has some offline issues sometimes. Sometimes it will not communicate with the server, and we need to manually restart items. When Microsoft updates, we need to ensure Trend Micro also updates. Sometimes they are out of sync.
Cyber Security Engineer at Amazure Technologies Private Limited
Real User
Top 5
2024-11-11T16:06:12Z
Nov 11, 2024
There were challenges in uninstalling the Trend Micro solution from certain endpoints. 20% to 30% of endpoints faced difficulty in cleaning or uninstalling the software, and we required additional documentation and technical support.
Information Security Coordinator at a maritime company with 10,001+ employees
Real User
Top 5
2024-05-16T20:57:00Z
May 16, 2024
Initially, it isn't easy to understand the console because most of the applications integrate through Visual One. When we create a new dashboard, it takes some time to adapt, but the IT staff does not have any problems.
When I create and implement a new policy, it takes a couple of hours to apply to the devices. I would like the ability to customize the report notifications and who they are sent to.
Director of Information Technology at a hospitality company with 10,001+ employees
Real User
Top 5
2024-04-02T14:49:00Z
Apr 2, 2024
The menus can be more user-friendly or easier. For example, if we want to enable access to the USB ports, it should be more user-friendly. It is not easy. We need to navigate through several menus to be able to give access.
Learn what your peers think about Trend Vision One Endpoint Security. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
While the single console offers partial end-to-end visibility into our IT security environment, we leverage additional solutions to achieve comprehensive coverage, so this area can be improved by Apex One.
Information Security Specialist at Ministry of Education Computer Center
Real User
Top 10
2024-02-07T12:49:00Z
Feb 7, 2024
We have had some false positives with Apex One's ransomware detection. We received an alert, but it wasn't a ransomware attack. When we did an investigation, we found it was only malware.
Tata Medical Center logo Senior IT Infrastructure Supervisor at Tata Medical Center
Real User
Top 10
2023-12-14T12:24:00Z
Dec 14, 2023
There is a need for enhancement in certain reporting formats. For instance, if I need information about the impact of a specific virus or a particular email in terms of infections over the past two or three months, the current reporting system lacks this capability. Currently, I have to manually input the details, generate a report, and then extract the information from the entire Excel sheet. I would prefer an improvement where this filtering capability is available directly in the initial report. There are two notable points that need consideration. Firstly, the technicalities of Trend Micro are evolving due to the software's cloud nature. Secondly, as a client, such as a hospital and not an IT-focused organization, we require a more user-friendly approach. Trend Micro should consider simplifying processes for clients like us, acknowledging that not every organization is an IT company. We want to maintain our focus on our core business rather than having to divert attention to IT.
The application and web controls have room for improvement. A fully integrated endpoint security system, encompassing EDR, should include application control, web control, device control, patch management, and encryption. This comprehensive solution would be highly appealing to customers, as they currently rely on multiple tools to address these security needs. Moreover, an EDR solution would provide visibility into endpoint vulnerabilities, such as unpatched systems, enabling proactive remediation. These features would undoubtedly enhance the value proposition of Trend Micro's security offerings.
Owner at a tech services company with 1-10 employees
Real User
Top 20
2023-09-20T09:40:00Z
Sep 20, 2023
In terms of protecting points against threats, it's hard to answer the question. I'd only worked for it for a couple of months. From what I'd seen, we weren't able to see well reporting-wise. For example, what it does, what it catches, and what it prevents, Defender 365 is way more advanced and transparent. The reporting can be improved. We'd like to have had broader insights as to what was happening on a machine. As a user or as an administrator, you should be able to see what the product actually does. You would like to see what's happening. What's scanning, et cetera, and it doesn't do a good job like Defender 365 does. We had some pretty severe issues in a VDI environment. Every time a machine reboots, it needs to fetch the latest updates. However, we had some caching issues, and Trend Micro did not update some specific components which caused VMs to fall out or some people not to be able to work on their VDI anymore. We had some support cases open with Trend Micro, however, it was not easy at all. It was pretty hard to comprehend our specific situation as it was a little in-depth.
Some of our customers need to add cache file signatures in Trend Micro Apex One, but it is currently not a supported feature. Trend Micro Apex One can become the market leader by improving its signature base, patterns, security profiles, engines, and integration with multiple vendors.
We'd like to have access to more learning materials to help us understand the solution better. It would be great if the company offered some core courses. It would be better if it was easier to administer Apex One. Right now, it is moderate.
Unit Head Infrastructure at First Woman Bank Limited
Real User
Top 20
2023-08-10T07:02:00Z
Aug 10, 2023
Apex One could improve endpoint patching. For example, Kaspersky can download Microsoft updates and install them. Having that feature in the cloud application would help a lot.
The resources used by Trend Micro Apex One during scanning could be improved. Once the endpoint scanning starts, it may run up to two to three hours; and other applications slow down during that time. The solution can be improved to utilize fewer system resources, like memory and hard disk, during scanning.
The UI has room for improvement. Trend Micro Apex One does not allow us to select a user and deploy a product while creating a new policy and adding users. For example, this limitation occurs when trying to add a USB block.
IÂ believe that Trend Micro Apex One Team needs to improve reporting so we can get a good dashboard and reporting on the Trend Micro Apex One console.Â
In future releases, I would like to see more advanced protection. Trend Micro Apex One could improve advanced threat protection or include more in-depth endpoint protection.
The solution needs to have SDR in it. So, SDR is an area where the solution needs to work and improve itself. Since I am not working extensively with this solution, I am not in a position to comment on what other additional features need to be added to it.
There is room for improvement in the behavior filtering and control of Trend Micro. Currently, this feature is not functioning correctly, which is evident in the behavioral backset basset on signatures like visors, but the behavior filtering is not working properly and needs to be improved.
Private Consultant at a university with 201-500 employees
Reseller
2022-11-16T16:03:04Z
Nov 16, 2022
The solution could be more proactive by using AI to assess the production landscape and compete with other products that fully support Linux. For example, the old version of Apex did not support some kernels in the Linux environment. But their new version called Vision is supporting Linux and you're going to want all that compatibility. It is important that the solution stay on top of the latest trends.
Head of Business Development at a tech services company with 51-200 employees
Real User
2022-11-02T13:13:15Z
Nov 2, 2022
It is not user-friendly. If they improve this side and make it more user-friendly, then it'll be helpful for IT admins in terms of operating the solution. It's just a bit complex to learn and use at this point, compared to other endpoints. Sometimes the solution cannot support legacy PCs. The product can be a bit heavy.
We had some problems with Trend Micro Apex One doing the updates and patches. Some of the other vendor's support has said that Trend Micro Apex One receives database signatures updates too late. Trend Micro Apex One consumes a bit more resources of your PCs than we would like to have consumed. We do not scan during busy hours of the network because it slows down my data network. What we have done is, we have kept everything after business hours. We have a scheduled scanning in our networks. I have two operating systems running on my computer and when I start scanning Trend Micro Apex One consumes too many resources, such as processor power. For example, when you are in business hours and the scanning starts, your other operations in software, such as Excel, will have the performance slow down. Overall his solution is good. I have worked with other solutions, such as Kaspersky, and it consumes approximately 35 to 40 percent of the maximum resources and Trend Micro Apex One consumes approximately 40 percent of the resources. The best thing is the delegation gene of this Trend Micro is amazing.
General Manager at a tech services company with 11-50 employees
Real User
2022-02-14T17:32:57Z
Feb 14, 2022
I would like to see the initial setup simplified to make it less complicated, and the price reduced. Normally, I've seen the price of any antivirus for the first year where they will give you a free price comparison and a discount of 30%, 40%, but the second year, after renewal, they'll give you the normal standard list price.
Network Specialist at a computer software company with 1,001-5,000 employees
Real User
2022-02-02T19:19:54Z
Feb 2, 2022
The device, e.g. laptop, becomes slow after installing Trend Micro Apex One, so this is an area for improvement. The security it provides is okay, but it causes slow performance after installation. Personally, I don't like this software, because I can install and use other solutions that won't affect the performance of my laptop, though Trend Micro Apex One has many uses.
Head of IT Department at a maritime company with 5,001-10,000 employees
Real User
2022-02-02T06:51:05Z
Feb 2, 2022
Trend Micro Apex One can be at times heavy on resources, but I did not notice any difference as an end-user. If certain alerts could be translated into day-to-day English with some action plans, a few points, what to do, and how to do it, that would help me personally as IT Manager. They have some recommendations regarding the vulnerability of the endpoint. They take you to some very technical information and if you are not a security engineer or security-trained you might not understand what they're talking about. We are a small company and it would benefit if things were explained better, we cannot afford a dedicated Trend Micro Apex One engineer.
IT Administrator at a manufacturing company with 501-1,000 employees
Real User
2022-01-25T06:29:00Z
Jan 25, 2022
The only improvement I can see is that it occasionally warns us about callbacks, and there's almost no way to trace it back other than a Windows service, making it difficult to completely eliminate it, or know what program is creating the callback. The only thing that I would like to see changed or improved in the next release is when it reports C&C callbacks, to make it easier to trace, to see what's doing that, whether it's a program checking for updates or a malicious program. At this time, all it says is that it's a C&C callback and then traces back to a Windows Service.
Security Engineer at a tech services company with 501-1,000 employees
Real User
2022-01-17T06:08:00Z
Jan 17, 2022
I would like to see a sandboxing feature in the next release - which is currently something being supported by a third party - in addition to EDR capability on the cloud applications.
IT Engineer at a healthcare company with 10,001+ employees
Real User
Top 20
2021-12-17T09:25:00Z
Dec 17, 2021
Apex One has some room for improvement on the agent side. I want to get more from the logs and those kinds of things. I want to see whether the agent has the proper updates or any issues with the machine itself. Also, if Trend Micro could add some more tools that I can use in my daily troubleshooting in the future, I think that would be good.
DGM-IT at a construction company with 10,001+ employees
Real User
2021-12-15T10:02:00Z
Dec 15, 2021
The main thing they need to improve is their reporting functionality and the forensics for their on-premise consult. They do not have very good reporting features or forensic functionality in the on-premise version. They need to improve that. They have a cloud version called Trend Micro XDR. It has that functionality, but they do not have that kind of thing on the on-premise solution. The things I would like to see improved in future releases are better price and support, and the reporting functionality in the on-premise solution.
Cyber Security Engineer at a tech services company with 201-500 employees
Real User
2021-12-15T04:51:00Z
Dec 15, 2021
I would suggest making the on-prem and cloud versions easier to manage via Apex One Central, a centralized management platform for customers and agents.
When Trend Micro Apex One detects malware it should take action immediately. For example, detection and deletion. The end-user at times experiences slow performance on their work station, this should improve. In the future, the solution should include the XDR feature.
Lead Systems Engineer at a computer software company with 10,001+ employees
Real User
2021-10-25T15:47:28Z
Oct 25, 2021
Trend Micro Apex One could improve by providing signatureless detection, reducing the agent's needed system resources to increase performance, and enhance further the vulnerability assessment feature. These changes would be very helpful in the future.
All the features in Trend Micro Apex One are not compatible or functional for all the different operating systems. For example, they have fewer features in other operating systems compared to what they have for Microsoft Windows. It would be nice if they could have one solution which all functions work on all kinds of operating systems. It would be much easier for those who have different operating systems in their environment to have one solution.
Assistance Manager-IT at ONGC Petro additions Limited
Real User
2021-09-06T15:02:37Z
Sep 6, 2021
The integration needs to be improved. We are using the IDLP models and DLP models. When integrating we are having some issues with the customization of our DLP policies. The DLP model needs improvement. When compared to other market DLP products it is not as strong.
While we consider all the features to be valuable, we occasionally encounter issues with the performance. My technical team would be in a better position than I to address these. The technical support should be more proactive. I rate it as an eight out ten. There should be better support for ransomeware. It would be nice to see proper security terms, technical improvisations in terms of security.
There are some things that could make Trend Micro Apex One better. They could improve the integration with Active Directory. As Apex One has its own structure it is very difficult to click on files. Once integrated, it can import the OE structure of the Active Directory. It will make it very easy to click on files and get back to control. We also use the device control, which is host named. I have to either lock or allow a hostname. By default, it is locked. For example, USB access and drive access will be blocked in the organization. If you need to allow some endpoints, we have to allow that particular hostname. Now anybody can log in to that host and use that USB access, but it should be user-based. I would suggest that Trend Micro Web Proxy, TMWS a proxy solution that has a separate function integrate into one single agent. Currently, you have one endpoint with one agent for the anti-malware DLP and another agent, for the proxy. If they could integrate both into a single agent. That would be great.
Networking & Security Specialist at a tech services company with 51-200 employees
Real User
2021-06-01T18:39:51Z
Jun 1, 2021
I am a supervisor for the technical team. My technical team has used the product for the most part. I don't use the solution in a technical sense and therefore it is difficult to discuss what might be lacking or where changes may need to be made. The integration capabilities could be a bit better. right now, it's my understanding that they are not as strong as they could be. It's an aspect that could be improved in future releases.
Sr.Customer Engineer- Projects at a tech services company with 201-500 employees
Real User
2021-05-25T12:10:00Z
May 25, 2021
The endpoints should be addressed. Occasionally, certain driver versions, such as the original PC drivers and the ones that are HP, would read something as an external threat and this would cause us problems. In reality, these were nothing more than false alarms. In a big environment, this presented an issue at the time. The issue was, in fact, internal and not external, such as that originating from a driver, like a graphics card driver, or a DLL file. Alarms were going off in all our PC's and this was a problem we encountered with a major customer of ours. However, a patch was released and the problem was dealt with. The support could also be better. Don't get me wrong. I am not saying that the solution is not user friendly, but some of the patches are creating problems, such as those of the driver that we are struggling to trace out.
The console is divided into two parts. One for the policy and configuration, another for agent management. I'd like to see the different interface components combined into one, or be allowed to get to the agent management portion without having to log into the main console. Another item that I would like to see change is the fact that, on occasion, the console will be updated and items that I once knew the location of have moved to a different location. I would like to see a model where we are alerted to the changes as they happen.
Security Engineer at a tech services company with 51-200 employees
Real User
2021-05-12T12:39:36Z
May 12, 2021
The main issue of the product is that it's lacking features and in that sense it's not a fully mature product. There is currently no global exclusion list available and some features are not available. I think this will improve in the future.
The driving force behind Trend Micro is not wanting two different agents on the same machine. If the cloud proxy could be on the same agent, it would increase our footprint on the client machine. Instead of running two agents, we think it would be better to run a single one. The only concern that I have is with Trend Micro not having Cloud Proxy integrated into the same agent and the same console. They have two different products, Cloud Proxy, and Anti-malware with DLP, which the only reason we are considering replacing it. It should have a single agent, as competitors are offering.
We're still in the early stages of using the solution. We need more time to do some installations and work with the product to really be able to evaluate it completely. We had some challenges with the initial setup. The solution should adjust its pricing for the smaller market we are in.
System Engineer at a comms service provider with 11-50 employees
Reseller
2021-02-19T15:51:20Z
Feb 19, 2021
Trend Micro's reporting is lacking in a lot of ways. Right now, I have some customers that want the report to be customized, and we're having trouble with the customization of the reports in general. They need to make the features more flexible to meet the needs of clients. It's far too difficult to customize right now. It would be ideal if the solution could be simplified a bit. The product needs to execute faster. It's an aspect that can be improved upon in future releases.
Product Specialist at a comms service provider with 501-1,000 employees
Reseller
2021-02-09T10:53:06Z
Feb 9, 2021
I would like to see behavior analysis capabilities included. This type of module can effectively detect an attack, like ransomware. This is not something that I have at the moment. The dashboard could be a little bit easier.
IT Manger at a engineering company with 501-1,000 employees
Real User
Top 10
2021-02-08T13:21:00Z
Feb 8, 2021
We have found that this product is a bit heavy on the endpoints. This seems to be largely the fault of multiple processing on the identity side. If they could improve this identity protection on the endpoint so that it could take up fewer resources on the machines, it would be a marked improvement. We have had one problem. When we go to use corporate licenses, we'd like to have the ability to distribute them all over the globe. However, they work under a SAS model, and not all entities can use the SAS model. They are bound by one license key with one setup. If they had three to five SAS models linked to one key, it would be much better.
Infraestructura & Seguridad TI at a pharma/biotech company with 51-200 employees
Real User
2021-02-03T07:51:10Z
Feb 3, 2021
Trend Micro should make the agent lighter. When we run the scanning process, it consumes a lot of memory, and the performance is degraded. It is very invasive. It could be lighter. When we used Symantec, we didn't have this problem when we ran our scanning process. It worked like a charm. On the endpoints, it didn't feel like that the process is running, whereas, in Trend Micro Apex One, we can feel that the endpoint is running slow. Sometimes it even hangs. Scanning should be faster.
Technical Security Consultant at a computer software company with 501-1,000 employees
Real User
2020-12-21T18:59:30Z
Dec 21, 2020
We have received many complaints about how slow the system is on the first day of implementation. When implementing and you don't have a third-party tool, it can be difficult. Most people are working from home and using their own network to connect to the local office, so implementing these authorities can be challenging.
Network Administrator at a computer software company with 11-50 employees
Real User
2020-12-08T18:18:50Z
Dec 8, 2020
Trend Micro is a basic solution, but the problem is that it is more exclusive. There are two products, one is for the endpoint for the client, and the other is for the sever, but the server is even more exclusive. There are some features that are not available in OfficeScan. For example, IBS. In the next release, I would like to see IBS included in OfficeScan.
VP - Engineering and Customer Solutions at a comms service provider with 51-200 employees
Real User
2020-11-30T13:27:00Z
Nov 30, 2020
The policies tend to be a bit more complex to set up, so we do need some expertise in setting up the policies. This requires some preparation and knowledge.
Solutions Engineer at a tech services company with 11-50 employees
Real User
2020-11-25T21:15:08Z
Nov 25, 2020
The portal is a little bit slow in loading. The cloud portal or management control should be a little faster. There seems to be a lot of load on their servers over there. Maybe they are using one server for multiple customers. It would be great if they can increase server performance in the cloud. Its technical support and reporting can be improved. There is no proper reporting, and there is no PDF or things like that. They should include detailed reporting. An attack happened at a client's site, but we couldn't get the report on the same day. We were unable to provide a detailed report to our client. We approached the technical support, and even they didn't give proper answers. They need to improve the reporting capabilities, or the technical team should support us in providing these reports. They should include reporting in the solution. They should also insert sandbox analysis in Apex One.
Senior Manager Information Security at a financial services firm with 1,001-5,000 employees
Real User
2020-10-29T08:02:41Z
Oct 29, 2020
The solution could use signatureless detection. The EDR capabilities should be built into the solution. In my opinion, the native endpoint product should have the capability of EDR also. The product should be capable of actually building some behavior-based analytics so that it can actually detect signature lists.
Trend Micro does region-based scanning — the threats are shown in different regions. I did some workshops based on tracking zero-day vulnerabilities, etc. Trend Micro's coverage and scans can be broadened to encompass different types of classified threats based on different parameters. For example, say I want to filter out all of the threats in The United States. In this case, I will see the US region and I will see the number of threats that are present on my infrastructure. This is referred to as threat intelligence. When I was in this workshop, the filters always recommend that we start with the region as a first parameter. Once you get into the region (the US region), you might look at the different data centers within the US, then within the different data centers, you can drill down on the folder — on the number of hosts. The host can then be extracted from the region and the region can be marked red. Red means there are a lot of vulnerabilities in a particular region. If Multiple hosts have multiple vulnerabilities, then the entire region will be marked red. Trend Micro somewhat shows this on their dashboard. In other words, the parameters should be improved, including zero-day filtering. They should include easy-to-use connectors to make it easier to connect to SIEM. The integration environment has to be available so it can easily connect to SIEM. Also, you should be able to perform more scans.
Executive at a manufacturing company with 11-50 employees
Real User
2020-10-15T11:35:10Z
Oct 15, 2020
When I was setting this up for one of my clients, I was not able to deploy the DLP. It was not working and I think that this area is in need of improvement.
CIO at a manufacturing company with 201-500 employees
Real User
2020-10-05T06:40:02Z
Oct 5, 2020
For Trend Micro in general, I would like to see better technical responses. We had a few issues with the former product (Office Scan - this is not an EDR product). We did not get any useful answer from technical support. As a conesquence, there is room for improvement as it comes to our future use of Apex One - let's see how this will evolve.
Technical Lead Specialist at Hitachi Systems, Ltd.
Real User
2020-08-30T08:33:31Z
Aug 30, 2020
The integration capabilities of the solution could be improved. In a DLT context, the solution needs more features. The DLT needs to be more fully fleshed out. Trend Micro claims that they are security provider, not the compliance provider, and the DLT is a completely compliance-based solution.
Technology and Information Systems Manager at a construction company with 501-1,000 employees
Real User
2020-08-05T06:59:30Z
Aug 5, 2020
From the client perspective, there are situations where some of the updates still require a complete reboot of the system and the problem there is from an end user perspective. We have to make sure, particularly with people who work remotely, that they actually are rebooting their machines and not just putting them to sleep. If the updates didn't require rebooting that would make a big difference. I'd like to see a single back pane between the end points as well as on the service side of things. I know they're working on that at the present time and it will be great when it's done.
Manager Cyber Security at Dept. of the Premier and Cabinet
Real User
2020-07-22T08:17:21Z
Jul 22, 2020
We're actually looking to upgrade to more sophisticated ADL products. We need a more sophisticated endpoint. We need to have the ability to automate those instant response processes.
System Administrator at a manufacturing company with 1,001-5,000 employees
Real User
2020-06-28T08:51:00Z
Jun 28, 2020
It works okay. The management console itself looks pretty much like the regular Office Mechanics. We are looking into different solutions, like SentinelOne and Sophos. We might continue with Apex One, it also depends on budget and pricing.
Manager of Information Technology at a engineering company with 201-500 employees
Real User
2020-06-28T08:51:00Z
Jun 28, 2020
The CPU usage when scanning stays too high and we have run into bottlenecks where Apex One consumes a lot of CPU cycles. The on-premises set up is daunting. It's been five years of this where they (Microsoft) have two updates a year, sometimes three. By now Trend Micro should have come up with a solution where they don't have us block the updates and wait for them to be fixed. There are times where Trend applies an update and that update doesn't fully apply. We then have to go in and run a manual VBS file that they have provided to us to do a proper uninstall of the application which is painful to do as we have a huge distributed workforce and many remote users. It isn't always easy to chase down remote users.
I think the one place where we like where they lacking is in a unified style dashboard. We've got multiple reporting in all the various components, but they need something to tie all of it together. There's deep discovery, deep security, and we've got a lot of different layers, and then we need something to tie all of this back together from an MIS point of view. I think that's the one place Trend Micro can spend a little bit more time on. But operationally, it's phenomenal.
Presales & Implementation Engineer at a tech services company with 11-50 employees
Real User
2020-05-07T05:03:35Z
May 7, 2020
I think there could be improvement in a couple of areas, particularly with technical support and making the solution more user friendly. They could channel their video more efficiently and develop a root functionality solution control across all functions.
I think if they invest in better training and training partners, it could be even better but they have good coverage here in the Middle East now, especially in Egypt. I cannot recommend something right now. Trend Micro covers many things but there is something called ATP, advanced threat prevention and it would improve the solution if they invested in this technology.
Operations Manager at a financial services firm with 201-500 employees
Real User
2019-08-30T04:51:00Z
Aug 30, 2019
The alert, or warning function, needs to be improved. Two days ago I received an email from the system regarding an incident that was detected with a client who received a great deal of spam, in excess of forty-five thousand emails.
Product performance needs improvement. Customers face the same performance issues on the endpoint of the product. We need improvement on that side. Trend Micro needs to include the OfficeScan application control and protection all in one agent. That application control is not properly working, it is affecting the system performance. When we enable that particular functionality, it doesn't load on the machine. We need improvement on that side of it.
DSI at a museum or institution with 201-500 employees
Real User
Top 20
2019-07-10T12:01:00Z
Jul 10, 2019
They have gateway protection for emails, but they're not good enough. They really have to improve it. They really have to improve it because it produces many false positives with spam. The pricing can always be improved upon. Newly added features should be free.
We had a few compatibility issues while updating certain drivers. We had a few occasions where we had to temporarily turn off the solution on our clients' computers to upgrade the drivers. It's not completely the fault of the antivirus provider. The problem is with the Microsoft Windows system and the drivers themselves. It's a shared responsibility. Trend Micro needs some kind of included warning when OfficeScan senses that somebody is updating some drivers that have known issues. I have the same problem occur also with other products, so it's not specific to Trend Micro OfficeScan. It's a typical problem.
I would like to see a data-loss prevention module. We need that in our organization. There is also room for improvement in next-gen attacks protection.
Senior Consultant- Information Security at a tech services company with 5,001-10,000 employees
Reseller
2019-01-07T10:01:00Z
Jan 7, 2019
I am expecting an Apple featured IDLP solution with OfficeScan, where we have only IDLP. Also, the ADR functionality in our OfficeScan solution would be a nice addition. Genrally, the ADR solutions are the only failed ends of the solutions we have found with Trend Micro.
Trend Vision One Endpoint Security delivers comprehensive antivirus, data protection, and device management. It offers robust threat detection and is deployable on-premises or via the cloud, making it versatile for endpoint security across organizations.Emphasizing reliable endpoint security, Trend Vision One guards workstations and servers with extended detection and response features. Its machine learning-driven threat detection offers protection from malware and viruses, including zero-day...
The solution has some offline issues sometimes. Sometimes it will not communicate with the server, and we need to manually restart items. When Microsoft updates, we need to ensure Trend Micro also updates. Sometimes they are out of sync.
There were challenges in uninstalling the Trend Micro solution from certain endpoints. 20% to 30% of endpoints faced difficulty in cleaning or uninstalling the software, and we required additional documentation and technical support.
Pricing could be improved. It's a little bit expensive.
Initially, it isn't easy to understand the console because most of the applications integrate through Visual One. When we create a new dashboard, it takes some time to adapt, but the IT staff does not have any problems.
When I create and implement a new policy, it takes a couple of hours to apply to the devices. I would like the ability to customize the report notifications and who they are sent to.
The menus can be more user-friendly or easier. For example, if we want to enable access to the USB ports, it should be more user-friendly. It is not easy. We need to navigate through several menus to be able to give access.
While the single console offers partial end-to-end visibility into our IT security environment, we leverage additional solutions to achieve comprehensive coverage, so this area can be improved by Apex One.
We have had some false positives with Apex One's ransomware detection. We received an alert, but it wasn't a ransomware attack. When we did an investigation, we found it was only malware.
There is a need for enhancement in certain reporting formats. For instance, if I need information about the impact of a specific virus or a particular email in terms of infections over the past two or three months, the current reporting system lacks this capability. Currently, I have to manually input the details, generate a report, and then extract the information from the entire Excel sheet. I would prefer an improvement where this filtering capability is available directly in the initial report. There are two notable points that need consideration. Firstly, the technicalities of Trend Micro are evolving due to the software's cloud nature. Secondly, as a client, such as a hospital and not an IT-focused organization, we require a more user-friendly approach. Trend Micro should consider simplifying processes for clients like us, acknowledging that not every organization is an IT company. We want to maintain our focus on our core business rather than having to divert attention to IT.
The time required for Apex One to notify us of detection in the central console should be reduced.
The performance could always be improved. The solution has separate XDR agents. They should be working as one agent with Apex One.
The application and web controls have room for improvement. A fully integrated endpoint security system, encompassing EDR, should include application control, web control, device control, patch management, and encryption. This comprehensive solution would be highly appealing to customers, as they currently rely on multiple tools to address these security needs. Moreover, an EDR solution would provide visibility into endpoint vulnerabilities, such as unpatched systems, enabling proactive remediation. These features would undoubtedly enhance the value proposition of Trend Micro's security offerings.
There needs to be more integration with third parties. They need to integrate the DLP with the EDR.
I would like to have DLP features implemented into Apex One. We have a lot of customers asking about DLP.
Apex One's account security could be improved.
In terms of protecting points against threats, it's hard to answer the question. I'd only worked for it for a couple of months. From what I'd seen, we weren't able to see well reporting-wise. For example, what it does, what it catches, and what it prevents, Defender 365 is way more advanced and transparent. The reporting can be improved. We'd like to have had broader insights as to what was happening on a machine. As a user or as an administrator, you should be able to see what the product actually does. You would like to see what's happening. What's scanning, et cetera, and it doesn't do a good job like Defender 365 does. We had some pretty severe issues in a VDI environment. Every time a machine reboots, it needs to fetch the latest updates. However, we had some caching issues, and Trend Micro did not update some specific components which caused VMs to fall out or some people not to be able to work on their VDI anymore. We had some support cases open with Trend Micro, however, it was not easy at all. It was pretty hard to comprehend our specific situation as it was a little in-depth.
It could be more customizable. Some clients' systems are slow after the installation of Apex One.
Some of our customers need to add cache file signatures in Trend Micro Apex One, but it is currently not a supported feature. Trend Micro Apex One can become the market leader by improving its signature base, patterns, security profiles, engines, and integration with multiple vendors.
Trend Micro Apex One should have a DLP module.
We'd like to have access to more learning materials to help us understand the solution better. It would be great if the company offered some core courses. It would be better if it was easier to administer Apex One. Right now, it is moderate.
Apex One could improve endpoint patching. For example, Kaspersky can download Microsoft updates and install them. Having that feature in the cloud application would help a lot.
The resources used by Trend Micro Apex One during scanning could be improved. Once the endpoint scanning starts, it may run up to two to three hours; and other applications slow down during that time. The solution can be improved to utilize fewer system resources, like memory and hard disk, during scanning.
The UI has room for improvement. Trend Micro Apex One does not allow us to select a user and deploy a product while creating a new policy and adding users. For example, this limitation occurs when trying to add a USB block.
IÂ believe that Trend Micro Apex One Team needs to improve reporting so we can get a good dashboard and reporting on the Trend Micro Apex One console.Â
The tool needs to improve its dashboard so that all the products can be managed from a single console.
In future releases, I would like to see more advanced protection. Trend Micro Apex One could improve advanced threat protection or include more in-depth endpoint protection.
The solution needs to have SDR in it. So, SDR is an area where the solution needs to work and improve itself. Since I am not working extensively with this solution, I am not in a position to comment on what other additional features need to be added to it.
There is room for improvement in the behavior filtering and control of Trend Micro. Currently, this feature is not functioning correctly, which is evident in the behavioral backset basset on signatures like visors, but the behavior filtering is not working properly and needs to be improved.
I think that this product needs to improve the data loss prevention port.
The customization has room for improvement. I would like to have the ability to see what files are being scanned live.
I can't think of any specific areas that need improvement.
The solution could be more proactive by using AI to assess the production landscape and compete with other products that fully support Linux. For example, the old version of Apex did not support some kernels in the Linux environment. But their new version called Vision is supporting Linux and you're going to want all that compatibility. It is important that the solution stay on top of the latest trends.
It is not user-friendly. If they improve this side and make it more user-friendly, then it'll be helpful for IT admins in terms of operating the solution. It's just a bit complex to learn and use at this point, compared to other endpoints. Sometimes the solution cannot support legacy PCs. The product can be a bit heavy.
Reduce resource utilization.
This solution should be more secure, in my opinion. The security features need improvement.
We had some problems with Trend Micro Apex One doing the updates and patches. Some of the other vendor's support has said that Trend Micro Apex One receives database signatures updates too late. Trend Micro Apex One consumes a bit more resources of your PCs than we would like to have consumed. We do not scan during busy hours of the network because it slows down my data network. What we have done is, we have kept everything after business hours. We have a scheduled scanning in our networks. I have two operating systems running on my computer and when I start scanning Trend Micro Apex One consumes too many resources, such as processor power. For example, when you are in business hours and the scanning starts, your other operations in software, such as Excel, will have the performance slow down. Overall his solution is good. I have worked with other solutions, such as Kaspersky, and it consumes approximately 35 to 40 percent of the maximum resources and Trend Micro Apex One consumes approximately 40 percent of the resources. The best thing is the delegation gene of this Trend Micro is amazing.
I would like to see the initial setup simplified to make it less complicated, and the price reduced. Normally, I've seen the price of any antivirus for the first year where they will give you a free price comparison and a discount of 30%, 40%, but the second year, after renewal, they'll give you the normal standard list price.
The device, e.g. laptop, becomes slow after installing Trend Micro Apex One, so this is an area for improvement. The security it provides is okay, but it causes slow performance after installation. Personally, I don't like this software, because I can install and use other solutions that won't affect the performance of my laptop, though Trend Micro Apex One has many uses.
Trend Micro Apex One can be at times heavy on resources, but I did not notice any difference as an end-user. If certain alerts could be translated into day-to-day English with some action plans, a few points, what to do, and how to do it, that would help me personally as IT Manager. They have some recommendations regarding the vulnerability of the endpoint. They take you to some very technical information and if you are not a security engineer or security-trained you might not understand what they're talking about. We are a small company and it would benefit if things were explained better, we cannot afford a dedicated Trend Micro Apex One engineer.
The only improvement I can see is that it occasionally warns us about callbacks, and there's almost no way to trace it back other than a Windows service, making it difficult to completely eliminate it, or know what program is creating the callback. The only thing that I would like to see changed or improved in the next release is when it reports C&C callbacks, to make it easier to trace, to see what's doing that, whether it's a program checking for updates or a malicious program. At this time, all it says is that it's a C&C callback and then traces back to a Windows Service.
I would like to see a sandboxing feature in the next release - which is currently something being supported by a third party - in addition to EDR capability on the cloud applications.
The scans in Trend Micro Apex One take a very long time and it takes up my system resources. I do not receive alerts. These areas could improve.
Apex One has some room for improvement on the agent side. I want to get more from the logs and those kinds of things. I want to see whether the agent has the proper updates or any issues with the machine itself. Also, if Trend Micro could add some more tools that I can use in my daily troubleshooting in the future, I think that would be good.
The main thing they need to improve is their reporting functionality and the forensics for their on-premise consult. They do not have very good reporting features or forensic functionality in the on-premise version. They need to improve that. They have a cloud version called Trend Micro XDR. It has that functionality, but they do not have that kind of thing on the on-premise solution. The things I would like to see improved in future releases are better price and support, and the reporting functionality in the on-premise solution.
I would suggest making the on-prem and cloud versions easier to manage via Apex One Central, a centralized management platform for customers and agents.
The solution could improve security. It is important to always keep the organization secure.
When Trend Micro Apex One detects malware it should take action immediately. For example, detection and deletion. The end-user at times experiences slow performance on their work station, this should improve. In the future, the solution should include the XDR feature.
The technical support could have better response time. It is quite time consuming and takes a day for them to get back to us.
Trend Micro Apex One could improve by making the user interface more user-friendly.
Trend Micro Apex One could improve by providing signatureless detection, reducing the agent's needed system resources to increase performance, and enhance further the vulnerability assessment feature. These changes would be very helpful in the future.
All the features in Trend Micro Apex One are not compatible or functional for all the different operating systems. For example, they have fewer features in other operating systems compared to what they have for Microsoft Windows. It would be nice if they could have one solution which all functions work on all kinds of operating systems. It would be much easier for those who have different operating systems in their environment to have one solution.
The integration needs to be improved. We are using the IDLP models and DLP models. When integrating we are having some issues with the customization of our DLP policies. The DLP model needs improvement. When compared to other market DLP products it is not as strong.
While we consider all the features to be valuable, we occasionally encounter issues with the performance. My technical team would be in a better position than I to address these. The technical support should be more proactive. I rate it as an eight out ten. There should be better support for ransomeware. It would be nice to see proper security terms, technical improvisations in terms of security.
Trend Micro Apex One could improve by having better integration in the future.
There are some things that could make Trend Micro Apex One better. They could improve the integration with Active Directory. As Apex One has its own structure it is very difficult to click on files. Once integrated, it can import the OE structure of the Active Directory. It will make it very easy to click on files and get back to control. We also use the device control, which is host named. I have to either lock or allow a hostname. By default, it is locked. For example, USB access and drive access will be blocked in the organization. If you need to allow some endpoints, we have to allow that particular hostname. Now anybody can log in to that host and use that USB access, but it should be user-based. I would suggest that Trend Micro Web Proxy, TMWS a proxy solution that has a separate function integrate into one single agent. Currently, you have one endpoint with one agent for the anti-malware DLP and another agent, for the proxy. If they could integrate both into a single agent. That would be great.
The solution could improve by making the interface less confusing, it needs to be simplified.
Its pricing should be improved. In some cases, the user interface was not ready for our proof of concept. It wasn't a beta phase service.
No product can ever be rated a ten out of ten. They are always improving on one aspect or another.
I'd like to see extra dashboards and more analytics.
I am a supervisor for the technical team. My technical team has used the product for the most part. I don't use the solution in a technical sense and therefore it is difficult to discuss what might be lacking or where changes may need to be made. The integration capabilities could be a bit better. right now, it's my understanding that they are not as strong as they could be. It's an aspect that could be improved in future releases.
The endpoints should be addressed. Occasionally, certain driver versions, such as the original PC drivers and the ones that are HP, would read something as an external threat and this would cause us problems. In reality, these were nothing more than false alarms. In a big environment, this presented an issue at the time. The issue was, in fact, internal and not external, such as that originating from a driver, like a graphics card driver, or a DLL file. Alarms were going off in all our PC's and this was a problem we encountered with a major customer of ours. However, a patch was released and the problem was dealt with. The support could also be better. Don't get me wrong. I am not saying that the solution is not user friendly, but some of the patches are creating problems, such as those of the driver that we are struggling to trace out.
The integration could improve in this solution.
The console is divided into two parts. One for the policy and configuration, another for agent management. I'd like to see the different interface components combined into one, or be allowed to get to the agent management portion without having to log into the main console. Another item that I would like to see change is the fact that, on occasion, the console will be updated and items that I once knew the location of have moved to a different location. I would like to see a model where we are alerted to the changes as they happen.
The main issue of the product is that it's lacking features and in that sense it's not a fully mature product. There is currently no global exclusion list available and some features are not available. I think this will improve in the future.
The driving force behind Trend Micro is not wanting two different agents on the same machine. If the cloud proxy could be on the same agent, it would increase our footprint on the client machine. Instead of running two agents, we think it would be better to run a single one. The only concern that I have is with Trend Micro not having Cloud Proxy integrated into the same agent and the same console. They have two different products, Cloud Proxy, and Anti-malware with DLP, which the only reason we are considering replacing it. It should have a single agent, as competitors are offering.
It would be great it can support endpoint encryption.
We're still in the early stages of using the solution. We need more time to do some installations and work with the product to really be able to evaluate it completely. We had some challenges with the initial setup. The solution should adjust its pricing for the smaller market we are in.
More integration with different platforms would be great, as everyone seems to want the solution to integrate with each team.
The support could be more customer-friendly, although my experience with them has been okay.
Trend Micro's reporting is lacking in a lot of ways. Right now, I have some customers that want the report to be customized, and we're having trouble with the customization of the reports in general. They need to make the features more flexible to meet the needs of clients. It's far too difficult to customize right now. It would be ideal if the solution could be simplified a bit. The product needs to execute faster. It's an aspect that can be improved upon in future releases.
I would like to see behavior analysis capabilities included. This type of module can effectively detect an attack, like ransomware. This is not something that I have at the moment. The dashboard could be a little bit easier.
We have found that this product is a bit heavy on the endpoints. This seems to be largely the fault of multiple processing on the identity side. If they could improve this identity protection on the endpoint so that it could take up fewer resources on the machines, it would be a marked improvement. We have had one problem. When we go to use corporate licenses, we'd like to have the ability to distribute them all over the globe. However, they work under a SAS model, and not all entities can use the SAS model. They are bound by one license key with one setup. If they had three to five SAS models linked to one key, it would be much better.
Trend Micro should make the agent lighter. When we run the scanning process, it consumes a lot of memory, and the performance is degraded. It is very invasive. It could be lighter. When we used Symantec, we didn't have this problem when we ran our scanning process. It worked like a charm. On the endpoints, it didn't feel like that the process is running, whereas, in Trend Micro Apex One, we can feel that the endpoint is running slow. Sometimes it even hangs. Scanning should be faster.
We have received many complaints about how slow the system is on the first day of implementation. When implementing and you don't have a third-party tool, it can be difficult. Most people are working from home and using their own network to connect to the local office, so implementing these authorities can be challenging.
We are completely satisfied with the functionality of the product, but the reporting should be more granular.
Trend Micro is a basic solution, but the problem is that it is more exclusive. There are two products, one is for the endpoint for the client, and the other is for the sever, but the server is even more exclusive. There are some features that are not available in OfficeScan. For example, IBS. In the next release, I would like to see IBS included in OfficeScan.
The policies tend to be a bit more complex to set up, so we do need some expertise in setting up the policies. This requires some preparation and knowledge.
The portal is a little bit slow in loading. The cloud portal or management control should be a little faster. There seems to be a lot of load on their servers over there. Maybe they are using one server for multiple customers. It would be great if they can increase server performance in the cloud. Its technical support and reporting can be improved. There is no proper reporting, and there is no PDF or things like that. They should include detailed reporting. An attack happened at a client's site, but we couldn't get the report on the same day. We were unable to provide a detailed report to our client. We approached the technical support, and even they didn't give proper answers. They need to improve the reporting capabilities, or the technical team should support us in providing these reports. They should include reporting in the solution. They should also insert sandbox analysis in Apex One.
Occasionally, the system may be a bit slow.
The solution could use signatureless detection. The EDR capabilities should be built into the solution. In my opinion, the native endpoint product should have the capability of EDR also. The product should be capable of actually building some behavior-based analytics so that it can actually detect signature lists.
Trend Micro does region-based scanning — the threats are shown in different regions. I did some workshops based on tracking zero-day vulnerabilities, etc. Trend Micro's coverage and scans can be broadened to encompass different types of classified threats based on different parameters. For example, say I want to filter out all of the threats in The United States. In this case, I will see the US region and I will see the number of threats that are present on my infrastructure. This is referred to as threat intelligence. When I was in this workshop, the filters always recommend that we start with the region as a first parameter. Once you get into the region (the US region), you might look at the different data centers within the US, then within the different data centers, you can drill down on the folder — on the number of hosts. The host can then be extracted from the region and the region can be marked red. Red means there are a lot of vulnerabilities in a particular region. If Multiple hosts have multiple vulnerabilities, then the entire region will be marked red. Trend Micro somewhat shows this on their dashboard. In other words, the parameters should be improved, including zero-day filtering. They should include easy-to-use connectors to make it easier to connect to SIEM. The integration environment has to be available so it can easily connect to SIEM. Also, you should be able to perform more scans.
When I was setting this up for one of my clients, I was not able to deploy the DLP. It was not working and I think that this area is in need of improvement.
For Trend Micro in general, I would like to see better technical responses. We had a few issues with the former product (Office Scan - this is not an EDR product). We did not get any useful answer from technical support. As a conesquence, there is room for improvement as it comes to our future use of Apex One - let's see how this will evolve.
The integration capabilities of the solution could be improved. In a DLT context, the solution needs more features. The DLT needs to be more fully fleshed out. Trend Micro claims that they are security provider, not the compliance provider, and the DLT is a completely compliance-based solution.
From the client perspective, there are situations where some of the updates still require a complete reboot of the system and the problem there is from an end user perspective. We have to make sure, particularly with people who work remotely, that they actually are rebooting their machines and not just putting them to sleep. If the updates didn't require rebooting that would make a big difference. I'd like to see a single back pane between the end points as well as on the service side of things. I know they're working on that at the present time and it will be great when it's done.
We're actually looking to upgrade to more sophisticated ADL products. We need a more sophisticated endpoint. We need to have the ability to automate those instant response processes.
It works okay. The management console itself looks pretty much like the regular Office Mechanics. We are looking into different solutions, like SentinelOne and Sophos. We might continue with Apex One, it also depends on budget and pricing.
The CPU usage when scanning stays too high and we have run into bottlenecks where Apex One consumes a lot of CPU cycles. The on-premises set up is daunting. It's been five years of this where they (Microsoft) have two updates a year, sometimes three. By now Trend Micro should have come up with a solution where they don't have us block the updates and wait for them to be fixed. There are times where Trend applies an update and that update doesn't fully apply. We then have to go in and run a manual VBS file that they have provided to us to do a proper uninstall of the application which is painful to do as we have a huge distributed workforce and many remote users. It isn't always easy to chase down remote users.
The reports are not eye-catching from the customer's point of view, which is something that should be improved.
I think the one place where we like where they lacking is in a unified style dashboard. We've got multiple reporting in all the various components, but they need something to tie all of it together. There's deep discovery, deep security, and we've got a lot of different layers, and then we need something to tie all of this back together from an MIS point of view. I think that's the one place Trend Micro can spend a little bit more time on. But operationally, it's phenomenal.
I think there could be improvement in a couple of areas, particularly with technical support and making the solution more user friendly. They could channel their video more efficiently and develop a root functionality solution control across all functions.
I think if they invest in better training and training partners, it could be even better but they have good coverage here in the Middle East now, especially in Egypt. I cannot recommend something right now. Trend Micro covers many things but there is something called ATP, advanced threat prevention and it would improve the solution if they invested in this technology.
The alert, or warning function, needs to be improved. Two days ago I received an email from the system regarding an incident that was detected with a client who received a great deal of spam, in excess of forty-five thousand emails.
Product performance needs improvement. Customers face the same performance issues on the endpoint of the product. We need improvement on that side. Trend Micro needs to include the OfficeScan application control and protection all in one agent. That application control is not properly working, it is affecting the system performance. When we enable that particular functionality, it doesn't load on the machine. We need improvement on that side of it.
They have gateway protection for emails, but they're not good enough. They really have to improve it. They really have to improve it because it produces many false positives with spam. The pricing can always be improved upon. Newly added features should be free.
We had a few compatibility issues while updating certain drivers. We had a few occasions where we had to temporarily turn off the solution on our clients' computers to upgrade the drivers. It's not completely the fault of the antivirus provider. The problem is with the Microsoft Windows system and the drivers themselves. It's a shared responsibility. Trend Micro needs some kind of included warning when OfficeScan senses that somebody is updating some drivers that have known issues. I have the same problem occur also with other products, so it's not specific to Trend Micro OfficeScan. It's a typical problem.
I would like to see a data-loss prevention module. We need that in our organization. There is also room for improvement in next-gen attacks protection.
Include AI.
I am expecting an Apple featured IDLP solution with OfficeScan, where we have only IDLP. Also, the ADR functionality in our OfficeScan solution would be a nice addition. Genrally, the ADR solutions are the only failed ends of the solutions we have found with Trend Micro.
Recently, we had a malware attack and considered looking at other cloud solutions because of this breach.