We performed a comparison between Trellix Endpoint Security and Forescout Platform based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Trellix Endpoint Security users like the ePolicy Orchestrator, the solution’s robust central management console. Forescout Platform stands out for its agentless visibility and advanced features like device fingerprinting. Trellix could improve by reducing resource usage, enhancing stability, and making the solution more user-friendly. Users say Forescout could be better at resolving connectivity and license issues. Users want better device compatibility and troubleshooting tools.
Service and Support: Some users say Trellix support is helpful and responsive, while others believe there is room for improvement in communication and resolution times. Some users reported positive experiences with Forescout support, but others requested better responsiveness and training.
Ease of Deployment: Setting up Trellix Endpoint Security is simple if the user has some expertise. Some users found Forescout’s setup to be simple and adaptable, while others perceived it as more complex and time-intensive.
Pricing: Trellix Endpoint Security’s pricing is considered flexible, competitive, and about average compared to other solutions. The total cost of Forescout Platform can be high depending on the level of customization and integration required.
ROI: Users reported saving time by implementing Trellix Endpoint Security. Forescout Platform yields a solid ROI by improving network access control and overall security.
Comparison Results: Our users prefer Trellix Endpoint Security over Forescout Platform based on user feedback. Users like Trellix's comprehensive management abilities and single-pane-of-glass administration. It is praised for its reliability and low false positive rate. Forescout Platform receives mixed reviews for its complex setup process and customer service. It is also considered expensive.
"We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"Defender is easy to use. It has a nice console, and everything is all in one place."
"The integration between all the Defender products is the most valuable feature."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."
"The product is very easy to use."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"The initial setup is easy, taking no more than two or three weeks."
"Its feature that I have found most valuable is that it is very granular. You can configure granular controls just as you want those policies to be implemented. It gives you that flexibility to go granular in how you want your controls to be implemented. That's something I like about it."
"The best parts of Forescout Platform are its orchestration features, discovery capabilities, classification buckets, and flexibility in creating policies."
"This solution can be used to organize guest portals, integrate switches, and create policies. Some of its standard use cases also include completing key process upgrades and anti-virus of Windows OS."
"The product is very easy to work with and easy to deploy."
"The user management has been very easy for the most part."
"Within three or four days, we have complete visibility of your infrastructure on the network. Compared to other solutions, the deployment of the solution is easier and we can close the project quickly."
"Forescout Platform has made it possible to block people working near our construction sites who should not have access to our network."
"It has improved my organization because it helps with visibility, in terms of security. We can see the actual attack and can contain it. The antivirus can detect that."
"The detection is great and the solution is constantly improving."
"It also allows multifunctionality within a single platform."
"The solution offers very good endpoint security."
"The manageability of the product itself is its most valuable aspect. You have the underlying EPO, and on top of it, you can deploy the various components as you require. This is unlike other solutions like Symantec where you have to deploy everything or nothing. With this solution, you can choose to only deploy antivirus or only deploy a firewall, or only something else. I choose the components and that deployment is done through EPO. It makes manageability very flexible."
"I have found many of the features to be useful."
"The most valuable features of the solution include DLP (data loss prevention), CASB (cloud access security broker) functionality, endpoint encryption, and cloud workload security."
"The product helps us by contacting us if there are any virus attacks on our system."
"The data recovery and backup could be improved."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"Regarding pricing, there is room for improvement to enhance competitiveness with other vendors and solutions."
"The solution needs more definitive pricing. The costs are hard to nail down."
"The installation is not secure because it takes high admin privileges."
"The solution could always improve by adding more features to make it more robust."
"They should improve features related to IT security. ForeScout should analyze behavior to see if the behavior is malicious behavior and block this device. They should develop the ability to analyze the behavior of the device in my environment."
"Forescout Platform could improve the vulnerability management as well as the control on the endpoint, which needs to be connected to my network."
"Multitenancy should be included in the next version so it could be used as a managed service provider."
"Forescout Platform needs to improve how the device works in preventing rogue servers."
"Currently, Trellix Endpoint Security can't find the running mutexes, while other open-source products can do it."
"There are two main areas that require improvement. One is the size of the packages. Although I'll admit manageability is good, if I want to deploy, let's say just the antivirus or just the firewall, each of those package sizes are quite large. They are sometimes as big as 200MB or 250MB. When I have operations in remote areas where connectivity is always poor, it's difficult. To deploy such a package in a remote location over the internet or something like that is always challenging."
"The price of the solution is high in Asia."
"There are certain shortcomings in the features concerning DLP in Trellix, where certain additions must be made in the future."
"It can be quite complicated to learn McAfee Endpoint Security and to feel comfortable with the environment."
"We’re facing remote installation issues sometimes:"
"The solution could use better updates and fewer bugs."
"The user interface could be improved by making it more user-friendly. There are multiple solutions and there is no clear line differentiating all of them. There is a centralized console where we manage everything but most of the administrators feel a little confused when it comes to managing multiple products from a single place."
Forescout Platform is ranked 12th in Extended Detection and Response (XDR) with 69 reviews while Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 95 reviews. Forescout Platform is rated 8.4, while Trellix Endpoint Security is rated 8.0. The top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Forescout Platform is most compared with Cisco ISE (Identity Services Engine), Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks and Ivanti Endpoint Security for Endpoint Manager, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Forescout Platform vs. Trellix Endpoint Security report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.