We performed a comparison between Trellix Endpoint Security and Forescout Platform based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Trellix Endpoint Security users like the ePolicy Orchestrator, the solution’s robust central management console. Forescout Platform stands out for its agentless visibility and advanced features like device fingerprinting. Trellix could improve by reducing resource usage, enhancing stability, and making the solution more user-friendly. Users say Forescout could be better at resolving connectivity and license issues. Users want better device compatibility and troubleshooting tools.
Service and Support: Some users say Trellix support is helpful and responsive, while others believe there is room for improvement in communication and resolution times. Some users reported positive experiences with Forescout support, but others requested better responsiveness and training.
Ease of Deployment: Setting up Trellix Endpoint Security is simple if the user has some expertise. Some users found Forescout’s setup to be simple and adaptable, while others perceived it as more complex and time-intensive.
Pricing: Trellix Endpoint Security’s pricing is considered flexible, competitive, and about average compared to other solutions. The total cost of Forescout Platform can be high depending on the level of customization and integration required.
ROI: Users reported saving time by implementing Trellix Endpoint Security. Forescout Platform yields a solid ROI by improving network access control and overall security.
Comparison Results: Our users prefer Trellix Endpoint Security over Forescout Platform based on user feedback. Users like Trellix's comprehensive management abilities and single-pane-of-glass administration. It is praised for its reliability and low false positive rate. Forescout Platform receives mixed reviews for its complex setup process and customer service. It is also considered expensive.
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"The integration with other Microsoft solutions is the most valuable feature."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"It has great stability."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"The most valuable aspect is undoubtedly the exploration capability"
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"The most valuable features of ForeScout is the fact that it can do network access control either with 802.1x or without 802.1x."
"The most valuable feature of the Forescout Platform it's highly customizable and flexible."
"The most valuable feature is the blocking of USB devices."
"The most valuable features are remote access and administration scripts."
"Forescout is easy to integrate with a lot of end systems."
"Forescout CounterACT has allowed us to better open our access and control wireless access globally from our HQ. This allows us to monitor the network access for every office globally. This has improved overall security, reducing risk and opening up the opportunity to provide greater end user flexibility."
"Forescout Platform provides multiple features. They have a very effective device fingerprinting in their cloud. You do not need to add any devices manually, such as in Mac devices. Other solutions you have to add IoT devices and OT devices manually. This is one of the major areas that Forescout Platform is excelling in."
"Being able to actively identify the client without a certificate allows you to control every device on your network regardless of the make, model, and software running. This allows for end-to-end security."
"It provides a robust defense against cybersecurity threats while offering user-friendly features like notifications and approval prompts."
"The product has a robust reporting feature"
"The endpoint protection and disk encryption features are the most valuable."
"The most valuable features are the adaptive tech on McAfee."
"I have found the most valuable features to be the ability to manage the solution from anywhere and having an overview of the companies security."
"The initial setup is straightforward, not complex."
"The product is fairly reliable."
"McAfee EndPoint Security has a lot of good features that work well if they are implemented properly."
"Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"The licensing is a nightmare and has room for improvement."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
"If older network devices are used there can be some compatibility issues while using the Forescout Platform. Additionally, if the switches that are deployed in your infrastructure are not captured properly to the endpoints there might be some difficulties with Forescout Platform trying to monitor the network traffic. Traffic management is an area the vendor should work on."
"The solution could always improve by adding more features to make it more robust."
"Two things can be improved in the Forescout Platform. First of all, the support for some certain proprietary protocols from other vendors, but they are very widely used. If the TechEx from Cisco, was added to Forescout, then it will be a full solution for me."
"This solution is not that easy to scale but this depends on a company's needs."
"Forescout needs to improve its cloud management and remote connectivity."
"The solution needs more definitive pricing. The costs are hard to nail down."
"Forescout Platform needs to improve how the device works in preventing rogue servers."
"As a product, there is nothing to complain about. However, they should improve their overall support. You need that level of knowledge, that level of information is clearly not available. First and foremost, that information is not accessible. The second point to mention is that once you purchase the later support and services. That is, they will continue to charge you for every service."
"There are certain shortcomings in the features concerning DLP in Trellix, where certain additions must be made in the future."
"The solution should provide a more easy way to uninstall it on specific stations."
"It would be nice if the solution was a bit more stable."
"Support-wise they need to be better."
"The solution takes up a high amount of memory and can cause the system to hang."
"McAfee Endpoint Protection could improve the word control feature."
"Although they have increased the complexity, it has affected the scanning speed."
"I would like to have the ability to have more control over the deployment in the next release. If you have this console in the cloud, you cannot make pilot groups for deploying the agents. We only have the current group. So, as soon as you inject the software, it will go directly into production, which doesn't work for us. We need to build up pilot groups slowly. We already requested to have this feature on the cloud, and we are still waiting."
Forescout Platform is ranked 12th in Extended Detection and Response (XDR) with 69 reviews while Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 95 reviews. Forescout Platform is rated 8.4, while Trellix Endpoint Security is rated 8.0. The top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Forescout Platform is most compared with Cisco ISE (Identity Services Engine), Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks and Ivanti Endpoint Security for Endpoint Manager, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Forescout Platform vs. Trellix Endpoint Security report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.