We performed a comparison between Elastic Security and Trellix Endpoint Security (ENS) based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Additionally, when it comes to EDR, there are more tools available to assist with client work."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Fortinet is very user-friendly for customers."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"We like Elastic Security because it's a REST API-based solution. That's the primary reason we use it."
"It's open-source and free to use."
"The most valuable features are the speed, detail, and visualization. It has the latest standards."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"It's simple and easy to use."
"Elastic has a lot of beats, such as Winlogbeat and Filebeat. Beats are the agents that have to be installed on the terminals to send the data. When we install beats or Elastic agents on every terminal, they don't overload the terminals. In other SIEM solutions such as Splunk or QRadar, when beats or agents are installed on endpoints, they are very heavy for the terminals. They consume a lot of power of the terminals, whereas Elastic agents hardly consume any power and don't overload the terminals."
"The cost is reasonable. It's not overly pricey."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"The platform’s most valuable features are ease of use, integration, and deployment."
"The most valuable network security feature is the network sandbox solution. This sandbox feature works on traffic flow."
"I have not received any complaints about the performance."
"The most valuable feature is user-based policy provision."
"Provides good mobile device protection."
"It's good that it periodically scans all my drives. I can stay up to date with the status of my drivers and update them if needed."
"The exploit guard and malware protection features are very useful. The logon tracker feature is also very useful. They have also given new modules such as logout backup, process backup. We ordered these modules from the FireEye market place, and we have installed these modules. We are currently exploring these features."
"A great console with a user-friendly GUI."
"The support needs improvement."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"It takes about two business days for initial support, which is too slow in urgent situations."
"FortiEDR can be improved by providing more detailed reporting."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The solution should address emerging threats like SQL injection."
"The dashboard isn't easy to access and manage."
"There are connectors to gather logs for Windows PCs and Linux PCs, but if we have to get the logs from Syslog then we have to do it manually, and this should be automated."
"Email notification should be done the same way as Logentries does it."
"Anything that supports high availability or ease of deployment in a highly available environment would help to improve this solution."
"Improvements in Elastic Security could include refining and normalizing queries to make them more user-friendly, enhancing the user experience with better documentation, and addressing any latency issues."
"It's a little bit of a learning curve to understand the logic of searching for things and trying to find what you're looking for in Elastic Security."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"This solution is very hard to implement."
"The interface could be more user friendly because it is sometimes hard to deal with."
"Most of these types of solutions including others, such as Carbon Black and FortiEDR, all have the same features. However, Carbon Black is the leader when it comes to being robust and user-friendly and this solution should improve in those areas to stay more competitive."
"The way that signatures work when using this solution could be improved. They could be more user friendly. We would like the ability to select a client's signature from a menu or file share to save time."
"Upgrading to new versions isn't easy and it can take a long time. Also, other solutions' tamper protection features are better than FireEye's. Clients should have access to our local information, but they shouldn't change settings on the system itself."
"The customization capabilities of the solution are an area where it lacks, so it would be great if our company could customize the solution to meet the demands of our customers."
"The solution lacks device control."
"You do not have access to all the features when you use the Trellix web interface. For example, you cannot do device or drive encryption from the web interface. Also, when we're working with customers, it's sometimes challenging to get sales support. Delays mean we might lose an opportunity. Lastly, Trellix lacks some documentation about custom features."
"The product is consolidating its portfolio into one product. It is difficult at the moment."
"Intrusion detection and intervention seem to be falling behind the competition."
More Trellix Endpoint Security (ENS) Pricing and Cost Advice →
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews while Trellix Endpoint Security (ENS) is ranked 18th in Endpoint Detection and Response (EDR) with 49 reviews. Elastic Security is rated 7.6, while Trellix Endpoint Security (ENS) is rated 7.6. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Trellix Endpoint Security (ENS) writes "Reliable with good independent modules and a straightforward setup". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Trellix Endpoint Security (ENS) is most compared with Trellix Endpoint Security, Microsoft Defender for Endpoint, CrowdStrike Falcon, Trellix Endpoint Detection and Response (EDR) and Intercept X Endpoint. See our Elastic Security vs. Trellix Endpoint Security (ENS) report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.