We performed a comparison between NetWitness XDR and Trellix Endpoint Detection and Response (EDR) based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is stable and scalable."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The solution was relatively easy to deploy."
"Exceptions are easy to create and the interface is easy to follow with a nice appearance."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The most valuable feature is the analysis, because of the beta structure."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"It is stable. We have been using it for some time, without any issues."
"It's a scalable solution. We have around five to eight customers using RSA NetWitness Endpoint, and we hope to increase the number of users."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"RSA NetWitness does market analysis in a more granular form. It gives you full visibility."
"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."
"Technical support is knowledgeable."
"This solution allows us to locate the malware in real-time."
"It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great."
"When Trellix detects some threats, the device is isolated in a quarantine zone for examination."
"The product provides a one-click recovery of encrypted files."
"The product's initial setup phase was very straightforward since you just need to install it, and it works."
"It is a scalable solution and very easy to use."
"The product is user-friendly."
"If there is any malicious behavior in the workstation or server, the tool stops or isolates it automatically and generates alerts."
"The most valuable feature I found in McAfee MVISION Endpoint Detection and Response is the guided analytics or guided EDR investigation."
"The most valuable features of the solution are the ability to isolate or quarantine devices and block or detect Ransomware and other well-known tools that are used to exploit vulnerabilities on devices."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"ZTNA can improve latency."
"We find the solution to be a bit expensive."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The support needs improvement."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."
"The contamination feature could be improved."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."
"RSA NetWitness Network could improve on integration with non-native application integration."
"The solution is modular, for example you can buy the RSA ePack, which you buy as a module is not part of the conduit solution. They could include it and have it as an all-in-one solution."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"The console has a lot of bugs, and it creates many issues."
"Trellix does not support Linux and Mac."
"The main drawbacks are resources and processing time, as it consumes a lot of CPU and RAM."
"The solution's downside stems from the fact that Trellix Endpoint Detection and Response (EDR) and McAfee MVISION Endpoint are not combined into a single solution, so from an improvement perspective, they need to be combined into a single solution."
"For Spanish users, it is necessary to have a knowledge base specifically designed for them, which is currently not available."
"The solution lacks the ability to integrate with external platforms. In future releases of the solution, I would like to see the solution increase its integration capabilities with external platforms."
"Some modules that are doing machine learning and artificial intelligence are blocking our processes."
"The endpoints and utilization are too high, which impacts the production activity."
More Trellix Endpoint Detection and Response (EDR) Pricing and Cost Advice →
NetWitness XDR is ranked 37th in Endpoint Detection and Response (EDR) with 15 reviews while Trellix Endpoint Detection and Response (EDR) is ranked 22nd in Endpoint Detection and Response (EDR) with 17 reviews. NetWitness XDR is rated 8.0, while Trellix Endpoint Detection and Response (EDR) is rated 7.4. The top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". On the other hand, the top reviewer of Trellix Endpoint Detection and Response (EDR) writes "Multifeatured, with web control, advanced threat protection, and threat prevention capabilities, but its alerting and reporting features need improvement". NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Microsoft Defender for Endpoint, whereas Trellix Endpoint Detection and Response (EDR) is most compared with Trellix Endpoint Security (ENS), Trellix Active Response, Cynet, CrowdStrike Falcon and Microsoft Defender for Endpoint. See our NetWitness XDR vs. Trellix Endpoint Detection and Response (EDR) report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.