We performed a comparison between CrowdStrike Falcon and Trellix Endpoint Security (ENS) based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product detects and blocks threats and is more proactive than firewalls."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The most valuable feature is the analysis, because of the beta structure."
"The solution was relatively easy to deploy."
"The features I like the most are the response time and the dashboard are both excellent."
"The most valuable feature of CrowdStrike Falcon is crowdsourcing intelligence."
"The detection and response console is the most valuable feature."
"The CrowdStrike Falcon dashboard is good, and we haven't had any problems with it."
"The UI is simple and self-explanatory. Everything is easy to understand."
"CrowdStrike Falcon's scalability is good. We have thousands of students using this solution."
"It provides very good protection and the ability to crosscheck environments."
"CrowdStrike enables the infrastructure managers to visualize all the events and get information about the network."
"MVISION Endpoint is so much easier and so much simpler for the lay security personnel to handle."
"The most valuable network security feature is the network sandbox solution. This sandbox feature works on traffic flow."
"It is a really strong solution for endpoint security."
"Provides protection against threats."
"The technical support services are good."
"It has a feature called Isolation. If a device is compromised, we can connect it to our SOC, and no one would be able to access it. This way we can limit the damage to the network while we are investigating."
"What I like most about McAfee MVISION Endpoint is that it's very user-friendly. You do need some knowledge on how to navigate the portal, but as soon as you've gained that knowledge, navigation will no longer be an issue. I have no complaints about McAfee MVISION Endpoint. For me, the product is perfect the way it is. It's great right now, and it's doing good as it is."
"It is scalable and stable and the initial setup is the easiest part of using the product."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"I haven't seen the use of AI in the solution."
"Cannot be used on mobile devices with a secure connection."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"It takes about two business days for initial support, which is too slow in urgent situations."
"We'd like to see more one-to-one product presentations for the distribution channels."
"The skillsets needed to run CrowdStrike Falcon are extensive if you want to get the most value out of the tool."
"The solution could improve by providing more types of reports because it's in the detection span you cannot re-export anything. If it could be exported to a CSV file directly there it would help a lot. I currently need to do this by API to get what I need."
"I would like to see a more accurate integration and an option to check the local machine."
"I would like to see equal support across all versions. Aside from that, I would say most of the features are there."
"For CrowdStrike to work, all the machines need to have an internet connection. This makes it challenging to assist customers without an internet connection. We would like to have a mechanism or relay to make this possible."
"I've found that CrowdStrike's technical support could benefit from increased technical expertise."
"We can't do scanning audits or device blocking or application control."
"I have experience with a product called SentinelOne, which has a feature that allows for the customization of query languages. I would like to see such a feature for CloudStrike."
"Endpoint resource utilization causes high levels of instability and that is something that needs improvement."
"Looking at the current ePolicy orchestrator, and the transition of most vendors to the cloud, they need to do an improvement with the current dashboard or the overall aesthetic of their GUI."
"I hope the solution can be used in cloud systems going forward."
"Upgrading to new versions isn't easy and it can take a long time. Also, other solutions' tamper protection features are better than FireEye's. Clients should have access to our local information, but they shouldn't change settings on the system itself."
"Sometimes, one might face issues with the scalability of the product. The aforementioned area can be considered for improvement."
"In some cases, the detection part was not accurate enough. We opened a few cases for the vendor to help us with some miscategorized findings on the endpoints. There were some false positive detections, and we had to work with the vendor to get them tested. We even had some incidents that were not detected. It was a black box type of solution for us."
"There should be better integration between the ePolicy Orchestrator and FireEye console. The integration of both consoles should be better."
"The product is consolidating its portfolio into one product. It is difficult at the moment."
More Trellix Endpoint Security (ENS) Pricing and Cost Advice →
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 107 reviews while Trellix Endpoint Security (ENS) is ranked 19th in Endpoint Protection Platform (EPP) with 49 reviews. CrowdStrike Falcon is rated 8.8, while Trellix Endpoint Security (ENS) is rated 7.6. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Trellix Endpoint Security (ENS) writes "Reliable with good independent modules and a straightforward setup". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and VMware Carbon Black Endpoint, whereas Trellix Endpoint Security (ENS) is most compared with Trellix Endpoint Security, Microsoft Defender for Endpoint, Trellix Endpoint Detection and Response (EDR), Open EDR and SentinelOne Singularity Complete. See our CrowdStrike Falcon vs. Trellix Endpoint Security (ENS) report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Hello, I think it doesn't make sense to just compare device protection and automated response security solutions, it's missing to protect identities, devices, and insider access. I think: The best and most valuable option is Microsoft.
Microsoft 365 Defender is a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks.
With the integrated Microsoft 365 Defender solution, security professionals can stitch together the threat signals that each of these products receive and determine the full scope and impact of the threat; how it entered the environment, what it's affected, and how it's currently impacting the organization. Microsoft 365 Defender takes automatic action to prevent or stop the attack and self-heal affected mailboxes, endpoints, and user identities.
Microsoft 365 Defender services includes:
1. Microsoft Defender for Endpoint, is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.
2. Microsoft Defender for Office 365, Plan 1 protects email and collaboration from zero-day malware, phish, and business email compromise, Plan 2 adds post-breach investigation, hunting, and response, as well as automation, and simulation (for training).
3. Microsoft Defender for Identity, a cloud service that helps protect your enterprise hybrid environments from multiple types of advanced targeted cyber-attacks and insider threats.
4. Microsoft Cloud App Security, is a Cloud Access Security Broker (CASB) that operates on multiple clouds. It provides rich visibility, control over data travel, and sophisticated analytics to identify and combat cyber threats across all your cloud services.
If the end customer already has Microsoft 365 in companies or educational institutions, they already have the collaboration tools, only the security and endpoint management tools should be added, all with Microsoft 365 E5/A5, no more investment is being made, it is being consolidated, visibility is gained, responses are automated, the fatigue of operating so many security events that you do not have the time or personnel to review them decrease.
I hope this has generated value for you.