We performed a comparison between Microsoft Defender for Endpoint and Trellix Endpoint Detection and Response (EDR) based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The setup is pretty simple."
"This is stable and scalable."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"It's one of the best antiviruses on the market."
"Defender is stable. The performance is good."
"The solution has an easy-to-use interface, is always updated, and is user-friendly."
"It comes included with the Windows license."
"Microsoft Defender is always running. It is doing its job, so it is fine. I don't have any issues with the way it was implemented or how we are running it. We have been upgrading IT throughout the years, but there have been no issues."
"It is stable and very easy to use."
"It's great for investigating what's happening on a machine. They show a whole bunch of machine timeline events that are related to a security incident. They have quite good details on the things related to threat and vulnerability management, such as any weakness that has been disclosed publicly, assets that are exposed, and if there is an exploit active in the wild for that vulnerability. It can provide you with all such information, which is cool."
"We have liked the fact that it comes with Microsoft Windows 10 and it is constantly updated with all new virus definitions. It is also updated with new security features on a regular basis."
"Blocking browser navigation is a feature of the solution with which we have experienced success."
"The product's initial setup phase was very straightforward since you just need to install it, and it works."
"Trellix Endpoint Detection and Response (EDR) offers endpoint protection and helps collect information while also allowing users to investigate malicious files in an IT environment...It is a stable solution...It is a scalable solution."
"The most valuable features of the solution are the ability to isolate or quarantine devices and block or detect Ransomware and other well-known tools that are used to exploit vulnerabilities on devices."
"The product is user-friendly."
"Trellix has a user-friendly interface."
"The product provides a one-click recovery of encrypted files."
"The most valuable feature I found in McAfee MVISION Endpoint Detection and Response is the guided analytics or guided EDR investigation."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"The SIEM could be improved."
"ZTNA can improve latency."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"We'd like to see more one-to-one product presentations for the distribution channels."
"A challenge is that it is not a multi-tenant solution. Microsoft's tenant is a licensed tenant. I'm an MSSP. So, I have multiple customers. In Microsoft's world, that means that I can't just buy an E5 license and give that out to all my customers. That won't work because all of the customer data resides within a single tenant in Microsoft's world. Other products—such as SentinelOne, Palo Alto Cortex, CrowdStrike, et cetera—are multi-tenant. So, I can have it at the top of the pyramid for my analyst to look into it and see all the customers, but each customer's data is separate. If the customer wants to look at what we see, they would only see their data, whereas in the Microsoft world, if I've got multiple customers connected to the same Microsoft tenant, they would see everybody else's data, which is a privacy problem in Europe. It is not possible to share the data, and it is a breach of privacy."
"Microsoft Windows Defender doesn't have a game mode."
"The initial setup can be a bit complex."
"There could be an increase in security for the solution."
"The file scanning has room for improvement. Many people use macros within their files, so there should be a mechanism that helps us to scan them for malicious payloads."
"In terms of improvements for their technical support, a focus on enhancing response times could be beneficial."
"If the solution could be integrated more with Defender for Cloud, to be more unified, that would help. It is good now, but even more integration could be done with Defender for Cloud. We see two different portals. If Defender for Endpoint could be ported to the CSPM, Defender for Cloud, that would make things even easier for us."
"It needs to improve the cybersecurity for lateral movements. For example, when a hacker tries to enter a machine, they try to get the password by doing a lateral movement."
"The solution lacks the ability to integrate with external platforms. In future releases of the solution, I would like to see the solution increase its integration capabilities with external platforms."
"The dashboard and reporting features are not so user-friendly or intuitive, so they need some work."
"The solution's downside stems from the fact that Trellix Endpoint Detection and Response (EDR) and McAfee MVISION Endpoint are not combined into a single solution, so from an improvement perspective, they need to be combined into a single solution."
"The alert feature of McAfee MVISION Endpoint Detection and Response needs improvement because for you to get the alerts, you have to log on to the portal. What my company needs is a tool that sends you alerts. For example, if it detects a threat on your machine, it should send you an alert. My company gets the alerts instead from the antivirus software rather than the EDR. If you want to see the alerts on McAfee MVISION Endpoint Detection and Response, you have to connect to the system manually. Another area for improvement in the tool is the reporting. My company needs weekly and monthly reports about the alerts, but you can't extract reports from McAfee MVISION Endpoint Detection and Response, so a decision was made to move to another EDR solution, particularly Microsoft Defender for Endpoint, next month. My company tested Microsoft Defender for Endpoint via a POC for one to three months. The resource usage of McAfee MVISION Endpoint Detection and Response is also an area for improvement because it consumes a lot of memory. For example, during the on-demand scan, you can't work because of the high CPU usage. You need to schedule the scans. McAfee MVISION Endpoint Detection and Response has a lot of modules, but my company doesn't use all modules."
"The CPU utilization of the product is quite high compared to its competitors."
"Some modules that are doing machine learning and artificial intelligence are blocking our processes."
"Trellix does not support Linux and Mac."
"The main drawbacks are resources and processing time, as it consumes a lot of CPU and RAM."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
More Trellix Endpoint Detection and Response (EDR) Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Detection and Response (EDR) with 182 reviews while Trellix Endpoint Detection and Response (EDR) is ranked 22nd in Endpoint Detection and Response (EDR) with 17 reviews. Microsoft Defender for Endpoint is rated 8.0, while Trellix Endpoint Detection and Response (EDR) is rated 7.4. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Trellix Endpoint Detection and Response (EDR) writes "Multifeatured, with web control, advanced threat protection, and threat prevention capabilities, but its alerting and reporting features need improvement". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Microsoft Intune, whereas Trellix Endpoint Detection and Response (EDR) is most compared with Trellix Endpoint Security (ENS), Trellix Active Response, Cynet, CrowdStrike Falcon and Trend Vision One. See our Microsoft Defender for Endpoint vs. Trellix Endpoint Detection and Response (EDR) report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.