We performed a comparison between Intercept X Endpoint and Trellix Endpoint Security based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Intercept X Endpoint combines two products into one solution, offering strong performance, server protection, and efficient threat management capabilities. Trellix Endpoint Security is highly valued for its easy administration options and reliability. Intercept X Endpoint could benefit from better integration with third-party vendors and improved support for virtual infrastructures. Reviews suggest that Trellix could reduce resource consumption and improve user-friendliness.
Service and Support: Some users found Intercept X Endpoint's support team knowledgeable and supportive, while others expressed dissatisfaction with responsiveness. Some users have found the support for Trellix Endpoint Security helpful and reliable, while others have encountered ineffective assistance and communication problems.
Ease of Deployment: Intercept X Endpoint has a straightforward initial setup, with quick installation and simple configuration and maintenance. Some users said they occasionally encountered issues that required reinstallation. The setup process for Trellix Endpoint Security varies in difficulty, depending on the user's experience with McAfee and general technical expertise.
Pricing: Intercept X Endpoint is generally seen as fairly priced, but some users think it’s on the higher end of the price scale. Some find Trellix’s price reasonable and competitive, while others believe it could be lowered.
ROI: Users say that Intercept X Endpoint offers exceptional defense against ransomware and zero-day threats, leading to a positive return on investment. Trellix Endpoint Security provides significant time savings.
"I have found the ability to delete unwanted threats beneficial."
"It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints."
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"Microsoft Defender XDR is scalable."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing."
"This product integrates well with Sophos firewalls and should be seriously considered by Sophos Firewall clients."
"Malware protection and application blocking are absolutely great. The DLP and malware features are very helpful. It is also very user-friendly, reliable, and scalable. It is easy to set up. We are also happy with its price and support."
"It is not just a simple virus scanning product. It handles more advanced needs."
"We find the app control and its threat protection to be the best features."
"It is a very scalable solution."
"It is a practically maintenance free intelligent system that independently protects environments from malicious attacks."
"The most valuable features are the cloud administration and the strength of the ransomware protection."
"The initial setup is pretty straightforward."
"It has a very simple like multi-tenancy option and scalability is outstanding."
"The most valuable feature is the centralized console where everything can be controlled by the administration."
"This is a good solution for antivirus and malware protection."
"Anyone can use it, the protection is good, and they have all of the features."
"It's quite easy to install agents."
"The installation is pretty straightforward."
"The new central console is better than the earlier one."
"The most valuable features of the solution include DLP (data loss prevention), CASB (cloud access security broker) functionality, endpoint encryption, and cloud workload security."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"Stability could be improved by avoiding frequent changes to the interface."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"The policies could be nicer to manage."
"The performance offered by the product needs improvement."
"We are considering switching from this solution as a result of the closer integration needed between the firewall systems and the EDR."
"Sophos Intercept X could improve on its setup process. They could make it easier to have a baseline set up for the system, or at least provide more understanding of what the baseline is when you first install it. This could be a matter of lack of training on my part, but it's difficult to receive training on solutions that are not Cisco. Cisco is the only vendor with classes or courses."
"There is room for improvement in terms of stability and updates."
"There is some issue with the reporting and refreshing information on resources that have been eliminated."
"The solution is heavy in the usage of resources, you can notice the performance decrease. This should prove in the future."
"If Sophos Intercept allows users to restrict website access based on specific needs, such as streaming new videos for business purposes, we would prefer to use that."
"There are certain shortcomings in the features concerning DLP in Trellix, where certain additions must be made in the future."
"With McAfee, if there is a zero-day vulnerability, you have to download the patch for it from the McAfee website, then apply it to your endpoint."
"Technical support is an area that can be improved because sometimes, the response time is a bit slow and the explanation is short."
"An area of improvement for this solution is to make it easier to manage."
"The solution has problematic encryption, which needs reforming."
"We have had some of our clients not happy with McAfee Endpoint Security because it blocks some of the applications they are trying to use. They should make it easier to unblock applications."
"The platform needs improvement in terms of handling heavy databases."
"Trellix lacked email protection when it was a McAfee product. They added this feature during the merger with FireEye, but it hasn't been fully integrated. The core features will be integrated into the next release. FireEye has several solutions for EDR and sandboxing."
Intercept X Endpoint is ranked 7th in Endpoint Protection Platform (EPP) with 101 reviews while Trellix Endpoint Security is ranked 10th in Endpoint Protection Platform (EPP) with 95 reviews. Intercept X Endpoint is rated 8.4, while Trellix Endpoint Security is rated 8.0. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Fortinet FortiClient, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Intercept X Endpoint vs. Trellix Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.