We performed a comparison between Intercept X Endpoint and Trellix Endpoint Security based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Intercept X Endpoint combines two products into one solution, offering strong performance, server protection, and efficient threat management capabilities. Trellix Endpoint Security is highly valued for its easy administration options and reliability. Intercept X Endpoint could benefit from better integration with third-party vendors and improved support for virtual infrastructures. Reviews suggest that Trellix could reduce resource consumption and improve user-friendliness.
Service and Support: Some users found Intercept X Endpoint's support team knowledgeable and supportive, while others expressed dissatisfaction with responsiveness. Some users have found the support for Trellix Endpoint Security helpful and reliable, while others have encountered ineffective assistance and communication problems.
Ease of Deployment: Intercept X Endpoint has a straightforward initial setup, with quick installation and simple configuration and maintenance. Some users said they occasionally encountered issues that required reinstallation. The setup process for Trellix Endpoint Security varies in difficulty, depending on the user's experience with McAfee and general technical expertise.
Pricing: Intercept X Endpoint is generally seen as fairly priced, but some users think it’s on the higher end of the price scale. Some find Trellix’s price reasonable and competitive, while others believe it could be lowered.
ROI: Users say that Intercept X Endpoint offers exceptional defense against ransomware and zero-day threats, leading to a positive return on investment. Trellix Endpoint Security provides significant time savings.
"Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"It has great stability."
"Email protection is the most valuable feature of Microsoft Defender XDR."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"The portal is quite user-friendly. There is integration with Office, Intune, and other products from the same portal. From there, we can see which policies are installed on a particular machine. We also can manage devices, groups, and tagging."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"Sophos Intercept X has a host of valuable features, including its anti-malware feature, which we considered key."
"The most valuable feature of the solution is that it is less hash-based than competitors."
"We use Sophos Intercept X for Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) in our organization."
"Solution for endpoint detection and response, with good stability and scalability. Users also benefit from email protection and data loss prevention."
"The most effective features of Intercept X Endpoint for threat prevention are ransomware protection, miscellaneous behavior detection, and network threat protection."
"It is a very scalable solution."
"The most valuable features are the range and restriction."
"The most valuable feature of Sophos Intercept X is cloud management."
"The solution is broken down into different components from the portals. Web filtering, which is an added feature has been great for us."
"When Intel acquired McAfee they worked on the protocol so that all vendors can work on the same platform. It's a very big improvement in McAfee. All McAfee products talk to each other. Other vendor's products can join this platform as well so it makes it more powerful on the enterprise side for McAfee."
"The solution scales well."
"Trellix Endpoint Security's dashboard is very flexible, and I can create my own user-specific dashboard depending on user privilege or preference."
"The new central console is better than the earlier one."
"We really like the dashboard from Trellix and we've found that it's pretty informative."
"The most valuable feature is the centralized console where everything can be controlled by the administration."
"It's quite easy to install agents."
"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"Intrusion detection and prevention would be great to have with 365 Defender."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."
"Stability could be improved by avoiding frequent changes to the interface."
"The ADR functionalities feel like they aren't mature enough. It hasn't been a long time since Sophos has offered reproduction. Due to the fact that it's so young, it has fewer functionalities than other and more mature ADR solutions."
"The tool should be made compatible with Linux and Microsoft operating systems."
"The EDR could be improved, and perhaps the User Interface."
"In my opinion, there have been significant developments in the product. In my opinion, I don’t have any suggestions as of now, however I can suggest a cost deduction which will be beneficial for all the parties. It will also relieve our budget and benefit our team."
"We've had difficulty with uninstalling the solution. When we try to uninstall an old version of the basic Sophos Antivirus, it doesn't seem to uninstall completely."
"The initial setup can be difficult if you don't come in with at least some knowledge about the product."
"The main real-time scanning takes most of the processing power of my notebook."
"Installing Sophos Intercept X was not as straightforward, as we had to ask support and had to work with an integrator, though the process didn't take much time, e.g. it was completed within one hour."
"The user interface could be improved by making it more user-friendly. There are multiple solutions and there is no clear line differentiating all of them. There is a centralized console where we manage everything but most of the administrators feel a little confused when it comes to managing multiple products from a single place."
"Every time we open a ticket with McAfee, their response differs and they are not consistent."
"While we are pleased with the endpoint solution, there should also be a separate one for the firewall."
"I think it would be nice if Dynamic Application Control would come together with McAfee Endpoint Security."
"The product could do more to keep administration alerted to detected threats on endpoints."
"We know that McAfee isn't the best antivirus and it can't protect us 100%, although we are okay with the level of protection that it gives us."
"It would be helpful if the controlling of connections coming to the PC could be done from McAfee's side so that we can block those connections."
"We don't like the solution since it requires much memory consumption and consumes much CPU resources."
Intercept X Endpoint is ranked 7th in Endpoint Protection Platform (EPP) with 101 reviews while Trellix Endpoint Security is ranked 10th in Endpoint Protection Platform (EPP) with 96 reviews. Intercept X Endpoint is rated 8.4, while Trellix Endpoint Security is rated 8.0. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Fortinet FortiClient, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Intercept X Endpoint vs. Trellix Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.