We performed a comparison between Intercept X Endpoint and Trellix Endpoint Security based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Intercept X Endpoint combines two products into one solution, offering strong performance, server protection, and efficient threat management capabilities. Trellix Endpoint Security is highly valued for its easy administration options and reliability. Intercept X Endpoint could benefit from better integration with third-party vendors and improved support for virtual infrastructures. Reviews suggest that Trellix could reduce resource consumption and improve user-friendliness.
Service and Support: Some users found Intercept X Endpoint's support team knowledgeable and supportive, while others expressed dissatisfaction with responsiveness. Some users have found the support for Trellix Endpoint Security helpful and reliable, while others have encountered ineffective assistance and communication problems.
Ease of Deployment: Intercept X Endpoint has a straightforward initial setup, with quick installation and simple configuration and maintenance. Some users said they occasionally encountered issues that required reinstallation. The setup process for Trellix Endpoint Security varies in difficulty, depending on the user's experience with McAfee and general technical expertise.
Pricing: Intercept X Endpoint is generally seen as fairly priced, but some users think it’s on the higher end of the price scale. Some find Trellix’s price reasonable and competitive, while others believe it could be lowered.
ROI: Users say that Intercept X Endpoint offers exceptional defense against ransomware and zero-day threats, leading to a positive return on investment. Trellix Endpoint Security provides significant time savings.
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"The product integrates security into one tool instead of having third-party security tools."
"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"The product is very easy to use."
"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"The base product and the anti-malware feature are most valuable."
"The most valuable features are the cloud administration and the strength of the ransomware protection."
"The forensics within the solution are quite good. The ransomware mitigation is also impressive."
"The stability on offer is fine."
"It provides a feature for scanning and analyzing endpoints, which is a value-add for our infrastructure. With the advancements in the Advanced Persistent Threats (APTs), Sophos Intercept X analyzes an APT and the behavior of the endpoints. It then gives us a detailed dashboard with more information about the endpoints and their security and risk level. While deploying Sophos Intercept X, we identified a lot of vulnerability and risky endpoints that our previous solution didn't cover, which proved that this solution is the best."
"The solution is scalable."
"Sophos Intercept X is a complete endpoint solution."
"The most valuable feature is the supervisory side of it where we can watch the throughputs, and even the loading of the device, to see how much traffic is happening."
"When Intel acquired McAfee they worked on the protocol so that all vendors can work on the same platform. It's a very big improvement in McAfee. All McAfee products talk to each other. Other vendor's products can join this platform as well so it makes it more powerful on the enterprise side for McAfee."
"The detection is great and the solution is constantly improving."
"Initially, the DLP was very valuable for disabling access to USB drives."
"Dynamic Application Containment."
"We like the management of the ePO, and we like the management console."
"The solution is broken down into different components from the portals. Web filtering, which is an added feature has been great for us."
"The manageability of the product itself is its most valuable aspect. You have the underlying EPO, and on top of it, you can deploy the various components as you require. This is unlike other solutions like Symantec where you have to deploy everything or nothing. With this solution, you can choose to only deploy antivirus or only deploy a firewall, or only something else. I choose the components and that deployment is done through EPO. It makes manageability very flexible."
"The initial setup is straightforward, not complex."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"The support team is not competent or responsive."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"We should be able to use the product on devices like Apple, Linux, etc."
"The mobile app support for Android and iOS is difficult and needs improvement."
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."
"The deployment part needs to be improved."
"It would be a value-add if they can include integration with other technologies or solutions, like Fortinet, Blue Coat, etc."
"We've had difficulty with uninstalling the solution. When we try to uninstall an old version of the basic Sophos Antivirus, it doesn't seem to uninstall completely."
"Intercept X needs more reporting and device management features, so I can get messages from PCs that let me know if I need to do something with them."
"The technical support is the lone sore-point when dealing with this product."
"It consumes a lot of resources, and something needs to be done for that."
"The problem is that if you have a lot of different components going on, each managed under a different umbrella, then you're going to be spending a lot of time hopping back and forth between the different components to see, "Well, I got hit here. What did my firewall see? I got hit in the firewall, the firewall says it allowed that attack in, did it land on anything to compromise any of my endpoints?""
"The after sales service and support could be improved."
"The endpoint has room for improvement because it's restrictive, it's very sensitive. Sometimes it can delete something that you need and so sometimes you have to disable the antivirus."
"We don't like the solution since it requires much memory consumption and consumes much CPU resources."
"Every time we open a ticket with McAfee, their response differs and they are not consistent."
"It can be quite complicated to learn McAfee Endpoint Security and to feel comfortable with the environment."
"We have had some of our clients not happy with McAfee Endpoint Security because it blocks some of the applications they are trying to use. They should make it easier to unblock applications."
"We know that McAfee isn't the best antivirus and it can't protect us 100%, although we are okay with the level of protection that it gives us."
"Support-wise they need to be better."
"The solution consumes a lot of end user memory and CPU. Trellix doesn't really focus much on the anti-malware side."
Intercept X Endpoint is ranked 7th in Endpoint Protection Platform (EPP) with 101 reviews while Trellix Endpoint Security is ranked 10th in Endpoint Protection Platform (EPP) with 94 reviews. Intercept X Endpoint is rated 8.4, while Trellix Endpoint Security is rated 8.0. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Fortinet FortiClient, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Intercept X Endpoint vs. Trellix Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.