FireEye Endpoint Security Review

Comes with useful protection features, but lacks Linux support

What is our primary use case?

We want more protection for our servers. We would like to know if a real incident or something compromising is happening. Therefore, we have deployed this EDR solution.

What is most valuable?

The exploit guard and malware protection features are very useful. The logon tracker feature is also very useful. 

They have also given new modules such as logout backup, process backup. We ordered these modules from the FireEye market place, and we have installed these modules. We are currently exploring these features. 

What needs improvement?

The Linux support is very poor. I use base detection. Currently, they are providing malware protection and logon track features in Windows and Mac. These features aren't available in Linux. It will be helpful to extend these capabilities to Linux.

We would also like assets grouping and device lock protection features, which are included in their roadmap.

For how long have I used the solution?

We have been using FireEye Endpoint Security for the past two years.

What do I think about the stability of the solution?

The current version is more stable than the previous ones.

What do I think about the scalability of the solution?

It is easily scalable.

How are customer service and technical support?

My experience was 50/50. Sometimes, it was good. Sometimes, they took some time.

Which solution did I use previously and why did I switch?

We were using McAfee AV. We switched to FireEye Endpoint Security because we had some performance issues with McAfee AV. We are not facing those issues with FireEye Endpoint Security.

How was the initial setup?

It is easy to deploy. It took us a month to deploy. 

Deployment may take more time based on the architecture and the environment. With some vendors, it took us some time to analyze because there were things that we wanted to monitor, which depended on the production. Therefore, we installed it step by step, not in one step at full force.

What other advice do I have?

If you are deploying on Windows or Mac, there will be minimal issues, and you can go for this solution. With Linux, you need to understand a few features. What you expect from Windows and Mac is not available in Linux. If your main technologies are open source, then probably rethink about FireEye Endpoint Security. You can go for FireEye Endpoint Security after they have the same capabilities in Linux. Most of the features are there in their roadmap.

We mostly faced issues with Linux support. In the past, we also had issues related to communication between an agent and an endpoint where they didn't communicate, the communication got stopped automatically, or the data communication time didn't sync properly. In the later versions, they improved and resolved these issues.

I would rate this solution a seven out of ten. It's gradually growing, and a few features that we require are not there. If these requirements are satisfied, I would rate them nine or ten.

Which deployment model are you using for this solution?

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment