We primarily use Trellix for drive encryption and malware prevention, but we also use some advanced features, such as centralized control and policy management.
Trellix Endpoint Security
TrellixExternal reviews
78 reviews
from
and
External reviews are not included in the AWS star rating for the product.
It integrates well with other solutions, but the vendor needs more of a local presence and faster response
What is our primary use case?
How has it helped my organization?
Trellix enables us to customize and centrally manage policies. We can set on-prem policies and synchronize them with the cloud.
What is most valuable?
Trellix integrates well with most SIEM and data classification solutions.
What needs improvement?
You do not have access to all the features when you use the Trellix web interface. For example, you cannot do device or drive encryption from the web interface. Also, when we're working with customers, it's sometimes challenging to get sales support. Delays mean we might lose an opportunity. Lastly, Trellix lacks some documentation about custom features.
I would like to see Trellix add database activity monitoring. They don't have a plan for this, and there isn't a significant roadmap around it. They have an enterprise service manager, which is sort of like a SIEM, but there is no roadmap. I want to see a clearer roadmap for integrating specific critical solutions like PAM and other things, too.
For how long have I used the solution?
I have used Trellix ENS for two to three years.
What do I think about the stability of the solution?
Trellix ENS is stable.
What do I think about the scalability of the solution?
Trellix is scalable with some limitations. I recommend it for small or medium-sized businesses. The integration needs to be simplified for it to work in an enterprise with a large, complex environment.
How are customer service and support?
I rate Trellix support six out of 10. They need more local presence in South Africa and a faster response. Other distributors work through a partner system. There are also some challenges due to the merger of McAfee and FireEye to form Trellix and some legacy issues around a lack of innovation.
Standard support is included with the subscription, and there are layers of escalation when you open a ticket. You can pay extra to get premium support, which is priced separately.
How was the initial setup?
Trellix is easy to deploy if you have enough skills. Some customers think they can do it alone without professional services, but the deployment doesn't go smoothly. They have misconfigurations, which become a problem. They have issues when they are renewing the license because they didn't scale sufficiently in the beginning. The deployment time can range from five days to three months, depending on the size and complexity of your environment.
What's my experience with pricing, setup cost, and licensing?
Trellix is reasonably priced, but the cost goes up by about 7 to 10 percent annually, so some of our customers complain at renewal time. The license is based on the number of devices. There are discounts as you add more devices, so you may pay $15 per device or up to $50 per device.
Standard support is included with the subscription for the first year, but you'll pay for the deployment costs. In the next year, you'll pay only for the license and support.
Which other solutions did I evaluate?
Trellix is one of the best legacy endpoint protection solutions, but we're also looking at Crowdstrike. Other solutions have advantages over Trellix in brand awareness and local presence.
The company needs to do more to build its presence in this country. I've never seen an account manager or sales rep show up to an in-person event in South Africa. Other companies like Trend Micro have offices here.
What other advice do I have?
I rate Trellix Endpoint Security six out of 10. I would give it a seven or an eight if not for the vendor's shortcomings in terms of support and local presence. The scale and speed of response make a difference. It's an excellent product that may not be perceived as such because of how it's supported and the awareness of potential customers.
Before implementing Trellix, you should take time to understand the core use cases you want to achieve and match them to specific features. You should also do a limited proof of concept with the vendor or a distributor.
Impacts performance of servers negatively but it does protect us against threats
What is our primary use case?
This is an anti-virus and firewall solution. We have over 5,000 users and we are customers of Trellix.
What is most valuable?
Provides endpoint security protection against malware and the like.
What needs improvement?
Trellix tends to get in the way and really impacts the performance of the servers quite negatively.
For how long have I used the solution?
We've been using this product for around 20 years.
How was the initial setup?
I wasn't involved in the initial setup.
What other advice do I have?
I'd recommend that potential users of this solution look for something more modern, for a newer company providing innovative solutions. I rate this solution five out of 10.
Useful for containment and taking a triage image
What is our primary use case?
We build our own use cases and those provided by the vendor for specific upcoming attack scenarios. Configuring the rule set using Trellix Endpoint Security is very much flexible based on the IOCs.
How has it helped my organization?
Trellix Endpoint Security is good for doing containment immediately. We can get visibility of processes or services running all over the enterprise, where the agent gets information on a particular end-user system. Since Trellix Endpoint Security keeps the data for three months, we can get a complete picture of the files downloaded from the end user mission. So Trellix Endpoint Security is very helpful when you do forensics. The only drawback is that we cannot change its format, and there is no workaround currently.
What is most valuable?
The most valuable feature of Trellix Endpoint Security is containment, which takes less than a minute. It also has a dual containment feature. Trellix Endpoint Security is also useful for taking the triage image, which takes roughly thirty minutes. So it's pretty fast, and we have multiple configuration sets. We can precisely take a triage image based on what you want, like endpoint logs, antivirus logs, or the RAM.
What needs improvement?
Currently, Trellix Endpoint Security can't find the running mutexes, while other open-source products can do it. Mutex is something like a malware user. Secondly, the solution should support multiple output formats for the triage image. Currently, the solution has only Mandiant format, where you can't use tools like volatility to analyze the memory image.
It would be good if Trellix Endpoint Security had a good visualization like other products, such as SentinelOne and Carbon Black.
For how long have I used the solution?
I have been using Trellix Endpoint Security for one year and six months.
What do I think about the stability of the solution?
I rate Trellix Endpoint Security a seven out of ten for stability because it crashes frequently and requires a lot of maintenance.
What do I think about the scalability of the solution?
I rate Trellix Endpoint Security a nine out of ten for scalability. We have plans to increase the usage of the solution in the future.
How was the initial setup?
I rate Trellix Endpoint Security an eight out of ten for ease of initial setup.
What's my experience with pricing, setup cost, and licensing?
I rate Trellix Endpoint Security a nine out of ten for pricing.
What other advice do I have?
I am using the latest version of Trellix Endpoint Security. Using Trellix Endpoint Security depends upon the user's organizational needs. If their only concern is containing and taking the triage image, and if they are comfortable doing forensics with a deadline, then they can use Trellix Endpoint Security. But if some companies want to integrate their in-house or third-party tools, Trellix Endpoint Security is not a good option.
Overall, I rate Trellix Endpoint Security a nine out of ten.
Great visibility of devices and ability to push out products to client machines
What do you like best about the product?
Love that you can view all managed and unmanaged devices and have the ability to push out products to both types of devices.
What do you dislike about the product?
Times where certain products start to malfunction and removing it from a particular computer may become tricky to do
What problems is the product solving and how is that benefiting you?
providing security and vulnerability protection for all of our end-user devices
McAfee Enterprise Log Manager allows to store & manage logs intelligently & efficiently for search
What do you like best about the product?
McAfee Enterprise Log Manager stores all the logs universally & can be accessed easily. It is a hybrid system & easy to integrate with any device. It supports log analysis & search.
What do you dislike about the product?
McAfee Enterprise Log Manager can improve its UI. Their cost can be made more low for all enterprise
What problems is the product solving and how is that benefiting you?
McAfee Enterprise Log Manager Collects, Compresses & stores all the log data. It provides data with details of IP Source & Destination, Identity context, topological network information, Policy & privacy information. It supports flexible storage pools. It is intelligent log management
Best Saas based security management tool
What do you like best about the product?
It is a cloud based console that manages the various security devices, platform and network all from a single console. Compare to other products it is easy to understand.
What do you dislike about the product?
The console will lag sometimes when we have to detect. There will be frequent updates for the products. The drive encryption is lacking in cloud platform compare to on-prem.
What problems is the product solving and how is that benefiting you?
It is the best device control and antivirus solution. We can block each and every product from connecting the endpoint. The detecting virus and malware is great.
Recommendations to others considering the product:
It is the best Saas product for security. It will detect the malware and phishing without any fail. It has good features that We can see out there.
McAfee SIEM Review
What do you like best about the product?
The ESM console is the best tool. The level of customization available in McAfee SIEM makes it unique
What do you dislike about the product?
The GUI can be improved as the competitor products look better in feel. Apart from that, there are no issues.
What problems is the product solving and how is that benefiting you?
Its one of the industry-leading SIEM solutions. it provides the NOC/SOC engineers to drill down to the logs with its advanced feature sets.
Thoughts on McAfee ESM
What do you like best about the product?
The offering package, The tool supports both on-prem and cloud environments and affordable compared to other tools in the market.
What do you dislike about the product?
Customer support and it is unfriendly to install with seeking McAfee's tech professional's help. And without SME is close to impossible to complete the setup.
What problems is the product solving and how is that benefiting you?
SOC Monitoring, Cyberthreat detection, and log correlation. It has majorly helped in finding real-time attacks and remediating those threats in real-time.
Recommendations to others considering the product:
The market's new tool has a good reputation in NAM and EU regions but still has a lot of potentials when the tool is configured perfectly.
Centralized dashboard for having a control over all the threats and its entry points, awesome..!!!
What do you like best about the product?
One person can have a look on the entire status of the security from one dashboard.
What do you dislike about the product?
Some features are good but a little hard to understand and implement.
What problems is the product solving and how is that benefiting you?
Syncing of all the security products.
McAfee Enterprise Log Search Helps Utilize Network Security Logs For Troubleshooting
What do you like best about the product?
It provides wide range of search, analytics and log management facilities which can be utilized by collaborating teams. Once the initial setup has been done, then doing slight modifications and setting up monitoring rules is very easy.
What do you dislike about the product?
The integration with AWS cloud, Ali cloud and Google cloud is not fully fleshed out and appears to lack key features. The user interface looks feels incomplete and needs improvement.The interface buttons lack sensitivity and at times required multiple clicks to engage.
What problems is the product solving and how is that benefiting you?
Troubleshooting. A real cost-benefit over current tools our company presently use.
showing 51 - 60