We performed a comparison between Microsoft Defender for Endpoint and Trellix Endpoint Security based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Microsoft Defender for Endpoint excels in file protection, encryption, and ransomware defense. It integrates seamlessly with other Microsoft security products. Users appreciate its user-friendly interface and scalability. Trellix Endpoint Security is highly valued for its easy administration options and reliability. Users say Microsoft Defender for Endpoint should improve its central console and auto-recovery feature. Users also requested better reporting capabilities and integration with third-party platforms. Reviews suggest that Trellix could reduce resource consumption and improve user-friendliness.
Service and Support: Microsoft customer service garnered mixed feedback. Some praised the fast response times and expertise of the support engineers, while others were dissatisfied with slow replies and a lack of coordination among the support teams. Some users have found Trellix support helpful and reliable, while others have encountered ineffective assistance and communication problems.
Ease of Deployment: Microsoft Defender for Endpoint's setup is straightforward, especially when it’s preloaded on Windows 10. While it can be more complex for larger organizations, it is generally considered simple, particularly for smaller companies or those familiar with Microsoft environments. The setup process for Trellix Endpoint Security varies in difficulty, depending on the user's experience with McAfee and general technical expertise.
Pricing: Reviewers say Microsoft Defender for Endpoint is fairly priced, noting that it is typically included for free with Windows or Microsoft Office 365 subscriptions. However, some users believe that Microsoft's pricing could be more affordable, and others noted that their licensing models can be complex. Some find Trellix’s price reasonable and competitive, while others believe it could be lowered.
ROI: Microsoft Defender for Endpoint delivers cost savings, enhanced efficiency, and heightened threat management. Trellix Endpoint Security provides significant time savings.
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"The most valuable feature is the analysis, because of the beta structure."
"I get alerts when scripts are detected in the environment."
"The solution was relatively easy to deploy."
"The product detects and blocks threats and is more proactive than firewalls."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The stability is very good."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"Microsoft Defender for Endpoint is easy to load and it runs quietly in the background, unlike other solutions."
"File protection is the most valuable feature. Antivirus security on the Level OS, Microsoft Defender, and Microsoft Guard for 2019."
"It has Kusto Query Language (KQL), so we can use our own queries to find anything."
"We can react to threats faster and stop them from spreading from one machine to another. It protects from suspicious email attachment downloads. It will lock down the SOC and the workstations."
"I like that it's easy to deploy because it already comes with Windows 10. Overall, it has all the features that we need. Easy to deploy, comes with updates, and comes with Windows updates. You don't have to really manage or update the signature."
"We have just started to implement it. It is useful for protection from malware and ransomware."
"The most valuable feature of Microsoft Defender for Endpoint is that it is embedded into the Windows system. Additionally, the performance is good and simple to maintain."
"The solution has an easy-to-use interface, is always updated, and is user-friendly."
"We receive good protection with this solution."
"We like the management of the ePO, and we like the management console."
"The detection is great and the solution is constantly improving."
"The primary reason the solution is good is because of its ease-of-use."
"The most valuable feature is ease of use."
"The product helps us by contacting us if there are any virus attacks on our system."
"It also allows multifunctionality within a single platform."
"The manageability of the product itself is its most valuable aspect. You have the underlying EPO, and on top of it, you can deploy the various components as you require. This is unlike other solutions like Symantec where you have to deploy everything or nothing. With this solution, you can choose to only deploy antivirus or only deploy a firewall, or only something else. I choose the components and that deployment is done through EPO. It makes manageability very flexible."
"Detections could be improved."
"The solution should address emerging threats like SQL injection."
"We'd like to see more one-to-one product presentations for the distribution channels."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"Windows Firewall is integrated with Windows Defender. Over the last few days, I have had a problem with defining a wildcard on Windows Firewall. For example, I wanted to pull out the connection of my program and install a software package with a lot of executable files. I wanted to prevent it from accessing the internet. I could not select executables by using a wildcard. I had to select a single executable with its full name."
"Microsoft Defender for Endpoint can improve by providing more and different types of reports."
"Microsoft Defender for Endpoint could improve by adding more security features."
"If there were more template queries in the library, that would make it much easier. They could have basic things, like, "Where's the IP for this user?" or, "What file was downloaded from this user?" If there were more of those basic queries that would help."
"The time to generate certain alerts on our dashboard can take between 45 minutes to an hour, and I am unsure of the factors that influence this duration."
"The central console needs improvement. Both McAfee and Symantec antivirus have dashboards. These integrate with a server and work on my antivirus or some other product. However, with Microsoft Defender, you use Microsoft Group Policy Object. Defender does not provide a central console. Therefore, if you implement Defender, then maybe use another tool for the central view."
"We encountered some issues when we were trying to enable automatic updates from our group policy."
"Integrating this with third-party systems has some complexity involved."
"I would like this solution to do what Palo Alto traps does because I would only need to run this one product."
"The user interface could be improved by making it more user-friendly. There are multiple solutions and there is no clear line differentiating all of them. There is a centralized console where we manage everything but most of the administrators feel a little confused when it comes to managing multiple products from a single place."
"Its pricing needs to be improved."
"Although they have increased the complexity, it has affected the scanning speed."
"It can be quite complicated to learn McAfee Endpoint Security and to feel comfortable with the environment."
"The local technical support could be better."
"There are certain shortcomings in the features concerning DLP in Trellix, where certain additions must be made in the future."
"We experienced some bad behavior when we first installed the product. The system also starts slowly in some instances. If for some reason this solution crashes, we could lose all our data."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews while Trellix Endpoint Security is ranked 11th in Endpoint Protection Platform (EPP) with 96 reviews. Microsoft Defender for Endpoint is rated 8.0, while Trellix Endpoint Security is rated 8.0. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, Cortex XDR by Palo Alto Networks, SentinelOne Singularity Complete and Fortinet FortiClient, whereas Trellix Endpoint Security is most compared with Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks, Trend Micro Deep Security and SentinelOne Singularity Complete. See our Microsoft Defender for Endpoint vs. Trellix Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.