We performed a comparison between Intercept X Endpoint and Trellix Endpoint Security based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Intercept X Endpoint combines two products into one solution, offering strong performance, server protection, and efficient threat management capabilities. Trellix Endpoint Security is highly valued for its easy administration options and reliability. Intercept X Endpoint could benefit from better integration with third-party vendors and improved support for virtual infrastructures. Reviews suggest that Trellix could reduce resource consumption and improve user-friendliness.
Service and Support: Some users found Intercept X Endpoint's support team knowledgeable and supportive, while others expressed dissatisfaction with responsiveness. Some users have found the support for Trellix Endpoint Security helpful and reliable, while others have encountered ineffective assistance and communication problems.
Ease of Deployment: Intercept X Endpoint has a straightforward initial setup, with quick installation and simple configuration and maintenance. Some users said they occasionally encountered issues that required reinstallation. The setup process for Trellix Endpoint Security varies in difficulty, depending on the user's experience with McAfee and general technical expertise.
Pricing: Intercept X Endpoint is generally seen as fairly priced, but some users think it’s on the higher end of the price scale. Some find Trellix’s price reasonable and competitive, while others believe it could be lowered.
ROI: Users say that Intercept X Endpoint offers exceptional defense against ransomware and zero-day threats, leading to a positive return on investment. Trellix Endpoint Security provides significant time savings.
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"Microsoft Defender XDR is scalable."
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"I have found the ability to delete unwanted threats beneficial."
"I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc."
"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."
"Intercept X's smart prevention it's very good as so are its machine learning capabilities for troubleshooting channels and files."
"The most valuable features of Sophos Intercept X are the minimal configuration needed for the end user and the central view of all the endpoints. There are plenty of tools to control and manage the endpoints. Additionally, there is the capability of connecting the endpoint to the CLI."
"What I have found the most valuable about Sophos Intercept X is the ease of use with management administration and the solution's ability to stop exploits and ransomware."
"The Managed Detection and Response service provided by Intercept X Endpoint is highly valuable. With a team of 600-700 individuals monitoring systems, they swiftly respond to attacks, either informing us to isolate or directly removing threats. This full MDR service is especially recommended for sectors like finance, where data security is critical. The deep learning technology within Intercept X Endpoint enhances our security posture by analyzing behaviors and algorithms to differentiate between legitimate users and threats, effectively preventing attacks on our network infrastructure."
"We use Sophos Intercept X for Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) in our organization."
"The initial setup is simple."
"The most valuable features are the range and restriction."
"The solution is scalable."
"McAfee EndPoint Security has a lot of good features that work well if they are implemented properly."
"The most valuable feature of Trellix Endpoint Security is containment, which takes less than a minute."
"It's quite easy to install agents."
"The central management console is powerful. You can manage endpoints, DLP, encryption, and all the other features from a single console."
"The installation is pretty straightforward."
"The product has a robust reporting feature"
"It has a very simple like multi-tenancy option and scalability is outstanding."
"The solution is broken down into different components from the portals. Web filtering, which is an added feature has been great for us."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."
"Stability could be improved by avoiding frequent changes to the interface."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"Sophos Intercept X could improve on its setup process. They could make it easier to have a baseline set up for the system, or at least provide more understanding of what the baseline is when you first install it. This could be a matter of lack of training on my part, but it's difficult to receive training on solutions that are not Cisco. Cisco is the only vendor with classes or courses."
"The pricing could be a bit lower to match the normal retail pricing."
"This product does not handle USB drives well."
"There is room for improvement in terms of stability and updates."
"The initial setup can be a bit challenging."
"The customer service and support could be improved in regards to response time. It could be faster."
"It's a bit heavy on the computers. So once you install it, the computer slows down. It is a resource-intensive solution."
"There should be a report including a flowchart or diagram. It will be useful to evaluate the software’s effectiveness."
"The solution needs to offer better local technical support."
"It would be a lot easier if I could add multiple user accounts within a single device."
"Trellix lacked email protection when it was a McAfee product. They added this feature during the merger with FireEye, but it hasn't been fully integrated. The core features will be integrated into the next release. FireEye has several solutions for EDR and sandboxing."
"I would like to see more integration with third-party products."
"The initial setup isn't so easy. You need to know what you are doing."
"Users can just install software into their computers. We need some sort of application control system that, if there are any pieces of software that are not whitelisted, then the solution could flag it or maybe alert the administers. That would be very helpful."
"Although they have increased the complexity, it has affected the scanning speed."
"The solution has problematic encryption, which needs reforming."
Intercept X Endpoint is ranked 7th in Endpoint Protection Platform (EPP) with 101 reviews while Trellix Endpoint Security is ranked 10th in Endpoint Protection Platform (EPP) with 95 reviews. Intercept X Endpoint is rated 8.4, while Trellix Endpoint Security is rated 8.0. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Fortinet FortiClient, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Intercept X Endpoint vs. Trellix Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.