We performed a comparison between CrowdStrike Falcon and Trellix Endpoint Security (ENS) based on real PeerSpot user reviews.
Find out in this report how the two EPP (Endpoint Protection for Business) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"It is stable and scalable."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The product's initial setup phase is very easy."
"The price is low and quite competitive with others."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"CrowdStrike Falcon is effortless to use, and it's a cloud-specific platform. You only need to deploy the light agents on the licensed endpoints, and you're ready to work. Your dashboards will tell you the number of the endpoints being protected and the incidents. There are also incident dashboards with alerts that will tell you about the details."
"The ability to execute real-time response, or, that you can connect to the agent and see exactly what processes are operating, is the most important feature of this solution."
"The most valuable features of CrowdStrike Falcon include Falcon Fusion workflows and endpoint detection capabilities."
"As long as the machine is connected to the Internet, and CrowdStrike is running, then it will be on and we will have visibility; no VPNing in or making some type of network connection. CrowdStrike always there and running in the background; for us, that is big. We wanted something that could give us data as long as the machines connected to the Internet and be almost invisible to the employees."
"I like the Overwatch feature the most."
"Enables us to understand what processes are running on the system, what registry keys have been enabled."
"As an EDR tool, we can integrate log management and event management. The solution deals with threats automatically, that's the advantage."
"CrowdStrike Falcon's most valuable feature is the fact that it's not getting in the way of our workforce and their workflow."
"The performance is good."
"The exploit guard and malware protection features are very useful. The logon tracker feature is also very useful. They have also given new modules such as logout backup, process backup. We ordered these modules from the FireEye market place, and we have installed these modules. We are currently exploring these features."
"The most valuable feature is the integration between environments."
"What I like most about McAfee MVISION Endpoint is that it's very user-friendly. You do need some knowledge on how to navigate the portal, but as soon as you've gained that knowledge, navigation will no longer be an issue. I have no complaints about McAfee MVISION Endpoint. For me, the product is perfect the way it is. It's great right now, and it's doing good as it is."
"The most valuable feature is user-based policy provision."
"MVISION offers decent protection."
"We have a cloud-based instance, so we can deploy all our configurations through the cloud. That's the beauty of FireEye."
"Provides protection against threats."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"Detections could be improved."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"The SIEM could be improved."
"I haven't seen the use of AI in the solution."
"We find the solution to be a bit expensive."
"We'd like to see more one-to-one product presentations for the distribution channels."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"CrowdStrike Suites and the way that it bundles things can be a bit challenging. It should be easier to integrate with the other stuff that they sell or be included with what they sell. We have one piece, then they are talking about another piece on vulnerability management all of the sudden, and we don't own that piece. We can see it in the console, but nothing shows up. It simply appears within the tool as an option, but we can't use it without purchasing it."
"I would like to see a little bit more in the offline scanning ability. This just comes from my background in what I have done in other positions. They only scan on demand, so I always have this fear that we sometimes maybe email out a dormant virus and can be held liable for that. That is something where I would like to see a little bit more robustness to the tool."
"The portal can be clunky to navigate at times and has room for improvement."
"The current database schema presents challenges and has potential for improvement."
"There is room for improvement in managing multiple customer IDs."
"We can do a threat analysis of any machine at any time, but that threat analysis is very limited."
"Support, particularly related to after-sales and after deployment, could be improved a bit. If you need to connect to support, it takes at least a day to reach the support team and get a proper reply."
"The malware analysis could be improved, as that's what we use the solution for the most and that change would make it a better EDR tool."
"They have something called Managed Detection and Response. They get intel from their customers, and that intel is shared with the rest of FireEye's customers. I want to subscribe to their intel, but that is not available to us."
"Impacts performance of the servers quite negatively."
"The central monitoring dashboard needs improvement."
"The customization capabilities of the solution are an area where it lacks, so it would be great if our company could customize the solution to meet the demands of our customers."
"It has very good integrations. However, its integration with Palo Alto was not good, and they seem to be working on it at the backend. It is not very resource-hungry, but it can be even better in terms of resource utilization. It could be improved in terms of efficiency, memory sizing, and disk consumption by agents."
"From an improvement perspective, I want everything in the solution to be free."
"Endpoint resource utilization causes high levels of instability and that is something that needs improvement."
"Malware detection can be better. It doesn't have support and detection for the recent malware, but it has a compensatory control where it can do the behavior-based assessment and alert you when there is something malicious or unexpected. For example, when a certain user is executing the privilege command, which is not normal. These dynamic detections are good, and they compensate for malware detection."
More Trellix Endpoint Security (ENS) Pricing and Cost Advice →
Protect your organization from all threats - not just malware - even when computers and servers aren’t connected to the internet. Start your free trial and deploy CrowdStrike Falcon within minutes to start receiving full threat protection.
CrowdStrike Falcon is ranked 3rd in EPP (Endpoint Protection for Business) with 101 reviews while Trellix Endpoint Security (ENS) is ranked 17th in EPP (Endpoint Protection for Business) with 46 reviews. CrowdStrike Falcon is rated 8.6, while Trellix Endpoint Security (ENS) is rated 7.6. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Trellix Endpoint Security (ENS) writes "It integrates well with other solutions, but the vendor needs more of a local presence and faster response". CrowdStrike Falcon is most compared with Microsoft Defender XDR, Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and Trend Vision One, whereas Trellix Endpoint Security (ENS) is most compared with Trellix Endpoint Security, Microsoft Defender for Endpoint, Trellix Endpoint Detection and Response (EDR), Open EDR and SentinelOne Singularity Complete. See our CrowdStrike Falcon vs. Trellix Endpoint Security (ENS) report.
See our list of best EPP (Endpoint Protection for Business) vendors and best EDR (Endpoint Detection and Response) vendors.
We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Hello, I think it doesn't make sense to just compare device protection and automated response security solutions, it's missing to protect identities, devices, and insider access. I think: The best and most valuable option is Microsoft.
Microsoft 365 Defender is a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks.
With the integrated Microsoft 365 Defender solution, security professionals can stitch together the threat signals that each of these products receive and determine the full scope and impact of the threat; how it entered the environment, what it's affected, and how it's currently impacting the organization. Microsoft 365 Defender takes automatic action to prevent or stop the attack and self-heal affected mailboxes, endpoints, and user identities.
Microsoft 365 Defender services includes:
1. Microsoft Defender for Endpoint, is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.
2. Microsoft Defender for Office 365, Plan 1 protects email and collaboration from zero-day malware, phish, and business email compromise, Plan 2 adds post-breach investigation, hunting, and response, as well as automation, and simulation (for training).
3. Microsoft Defender for Identity, a cloud service that helps protect your enterprise hybrid environments from multiple types of advanced targeted cyber-attacks and insider threats.
4. Microsoft Cloud App Security, is a Cloud Access Security Broker (CASB) that operates on multiple clouds. It provides rich visibility, control over data travel, and sophisticated analytics to identify and combat cyber threats across all your cloud services.
If the end customer already has Microsoft 365 in companies or educational institutions, they already have the collaboration tools, only the security and endpoint management tools should be added, all with Microsoft 365 E5/A5, no more investment is being made, it is being consolidated, visibility is gained, responses are automated, the fatigue of operating so many security events that you do not have the time or personnel to review them decrease.
I hope this has generated value for you.