We performed a comparison between Trellix Endpoint Security and Forescout Platform based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Trellix Endpoint Security users like the ePolicy Orchestrator, the solution’s robust central management console. Forescout Platform stands out for its agentless visibility and advanced features like device fingerprinting. Trellix could improve by reducing resource usage, enhancing stability, and making the solution more user-friendly. Users say Forescout could be better at resolving connectivity and license issues. Users want better device compatibility and troubleshooting tools.
Service and Support: Some users say Trellix support is helpful and responsive, while others believe there is room for improvement in communication and resolution times. Some users reported positive experiences with Forescout support, but others requested better responsiveness and training.
Ease of Deployment: Setting up Trellix Endpoint Security is simple if the user has some expertise. Some users found Forescout’s setup to be simple and adaptable, while others perceived it as more complex and time-intensive.
Pricing: Trellix Endpoint Security’s pricing is considered flexible, competitive, and about average compared to other solutions. The total cost of Forescout Platform can be high depending on the level of customization and integration required.
ROI: Users reported saving time by implementing Trellix Endpoint Security. Forescout Platform yields a solid ROI by improving network access control and overall security.
Comparison Results: Our users prefer Trellix Endpoint Security over Forescout Platform based on user feedback. Users like Trellix's comprehensive management abilities and single-pane-of-glass administration. It is praised for its reliability and low false positive rate. Forescout Platform receives mixed reviews for its complex setup process and customer service. It is also considered expensive.
"The solution is well integrated with applications. It is easy to maintain and administer."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."
"I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."
"It has great stability."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"Its feature that I have found most valuable is that it is very granular. You can configure granular controls just as you want those policies to be implemented. It gives you that flexibility to go granular in how you want your controls to be implemented. That's something I like about it."
"Within three or four days, we have complete visibility of your infrastructure on the network. Compared to other solutions, the deployment of the solution is easier and we can close the project quickly."
"Being able to sort on device types or devices with open ports is helpful when narrowing down assets of possible misconfigured devices that may be vulnerable on the network. We can take action on those devices based off of corporate policy."
"The most valuable features are remote access and administration scripts."
"You can quickly filter your view of devices and zero in on the ones you want using a variety of tools, such as what subnet it is on or what it has been classified as."
"The scalability is good."
"The initial setup is easy, taking no more than two or three weeks."
"The threat prevention feature provides complete visibility."
"It has a very simple like multi-tenancy option and scalability is outstanding."
"Trellix Endpoint Security's dashboard is very flexible, and I can create my own user-specific dashboard depending on user privilege or preference."
"It is a stable solution...The solution's technical support is good."
"It's easy to use."
"When Intel acquired McAfee they worked on the protocol so that all vendors can work on the same platform. It's a very big improvement in McAfee. All McAfee products talk to each other. Other vendor's products can join this platform as well so it makes it more powerful on the enterprise side for McAfee."
"The product has a robust reporting feature"
"The product is quite user-friendly."
"The endpoint security, antivirus and firewall are the most valuable features of Trellix Endpoint Security."
"Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"The licensing is a nightmare and has room for improvement."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"When adding what is in scope to a policy, it would be nice if you could select multiple policies instead of one policy at a time to add what is in the scope for network segmentation. I have found that during the install and configuration of the policies that if you want to modify multiple policies or enable multiple policies that you need to define what is in the scope (IP range or segments) one rule at a time. This caused some slow downs when implementing policies."
"Forescout Platform isn't flexible with connections to devices like printers and forces you to re-enter details like the MAC address after any breakdowns."
"As a user, if I am using a laptop that is Wi-Fi connected, Forescout identifies my port connectivity as one user license, and if I take that same laptop with the same username to a wired network, which is also the same network that is used for the Wi-Fi connection, Forescout detects it as a separate license."
"I should be able to integrate my Forescout with any other third party security technology, to build that connected security strategy."
"When we automate an email to send to a user, sometimes it gets blocked, but that has nothing to do with Forescout. It depends on the mail gateway that we use or integrate with."
"Better integration with third-party vendors is needed because as it is now, the list of third-party solutions that we can integrate and automate is quite limited."
"It's scalable, but not without a big investment. It doesn't do so well at the branch. At the home office, it does okay and not so well at the branch."
"For the user, the policy that they have implemented sometimes needs adjustments. Sometimes the features that the customer asks for aren't involved in the main installation, and I need to bolt an add-on in. However, I never know if this policy is the right one when I do this."
"Every time we open a ticket with McAfee, their response differs and they are not consistent."
"On the next release, they should build an easier way to see a repair option within the McAfee icon on your system tray. If there was an issue, you should be able to contact the user or just right-click on "repair". That would be a very good feature to add. That could be a place of improvement, just adding that button, or customizing it."
"The product is not easy to use."
"The local technical support could be better."
"The product could do more to keep administration alerted to detected threats on endpoints."
"I would like to see more integration with third-party products."
"It would be nice if the solution was a bit more stable."
"The interface is complex."
Forescout Platform is ranked 12th in Extended Detection and Response (XDR) with 69 reviews while Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 95 reviews. Forescout Platform is rated 8.4, while Trellix Endpoint Security is rated 8.0. The top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Forescout Platform is most compared with Cisco ISE (Identity Services Engine), Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks and Ivanti Endpoint Security for Endpoint Manager, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Forescout Platform vs. Trellix Endpoint Security report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.