We performed a comparison between NetWitness XDR and Trellix Endpoint Security (ENS) based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The solution was relatively easy to deploy."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great."
"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."
"Ability to isolate the machine when there are malicious files."
"The interface of this solution is very flexible and easy to use."
"RSA NetWitness does market analysis in a more granular form. It gives you full visibility."
"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"It's a scalable solution. We have around five to eight customers using RSA NetWitness Endpoint, and we hope to increase the number of users."
"The setup is not that complex. It takes five to ten minutes to set up."
"The stability has been great."
"Technical support is excellent."
"It is a stable solution...It is a scalable solution."
"It is very valuable in finding out unknown malware."
"Provides protection against threats."
"The features we have found most valuable have been containment as well as the ability to triage agent activities."
"FireEye Endpoint Security is easy to use and lightweight compared to others."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"We find the solution to be a bit expensive."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"FortiEDR can be improved by providing more detailed reporting."
"The support needs improvement."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"The solution lacks a reporting engine."
"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."
"RSA NetWitness Network could improve on integration with non-native application integration."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."
"They could also increase or improve the scalability because to my knowledge the biggest bandwidth can only support up to 10 gigs of input."
"MVISION Endpoint is only compatible with Windows 10 and Windows 2016 and above. If I were using a Linux operating system, I would not be able to use MVISION Endpoint."
"There should be better integration between the ePolicy Orchestrator and FireEye console. The integration of both consoles should be better."
"There is room for improvement in the pricing. The price should be improved, it's high."
"The central monitoring dashboard needs improvement."
"Malware detection can be better. It doesn't have support and detection for the recent malware, but it has a compensatory control where it can do the behavior-based assessment and alert you when there is something malicious or unexpected. For example, when a certain user is executing the privilege command, which is not normal. These dynamic detections are good, and they compensate for malware detection."
"The solution needs to work on memory consumption. It is too high."
"If you have another endpoint product running on the same machine, you have to fine tune functions from FireEye to avoid performance and user experience issues."
More Trellix Endpoint Security (ENS) Pricing and Cost Advice →
NetWitness XDR is ranked 41st in Endpoint Protection Platform (EPP) with 15 reviews while Trellix Endpoint Security (ENS) is ranked 19th in Endpoint Protection Platform (EPP) with 49 reviews. NetWitness XDR is rated 8.0, while Trellix Endpoint Security (ENS) is rated 7.6. The top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". On the other hand, the top reviewer of Trellix Endpoint Security (ENS) writes "Reliable with good independent modules and a straightforward setup". NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Vectra AI, whereas Trellix Endpoint Security (ENS) is most compared with Trellix Endpoint Security, Microsoft Defender for Endpoint, CrowdStrike Falcon, Trellix Endpoint Detection and Response (EDR) and Open EDR. See our NetWitness XDR vs. Trellix Endpoint Security (ENS) report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.