We performed a comparison between Trellix Endpoint Security and CrowdStrike Falcon based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Trellix Endpoint Security users like the ePolicy Orchestrator, the solution’s robust central management console. CrowdStrike Falcon stands out for its minimal impact on system performance, optimal resource utilization, and precise detection of threats. Trellix could improve by reducing resource usage, enhancing stability, and making the solution more user-friendly. Users say CrowdStrike Falcon would benefit from adding a sandbox feature and more detailed firewall management options.
Service and Support: Some users say Trellix support is helpful and responsive, while others believe there is room for improvement in communication and resolution times. CrowdStrike Falcon's customer service is considered prompt and helpful.
Ease of Deployment: Setting up Trellix Endpoint Security is simple if the user has some expertise. CrowdStrike Falcon's setup is considered to be simple and efficient, with deployment times ranging from a few days to a month. While there may be some challenges during installation, they are generally manageable.
Pricing: Trellix Endpoint Security’s pricing is considered flexible, competitive, and about average compared to other solutions. Some users find CrowdStrike Falcon costly and think the price should be lowered to make it more competitive.
ROI: Users reported saving time by implementing Trellix Endpoint Security. CrowdStrike Falcon offers cost savings by decreasing the required number of engineers and eliminating the need for onsite servers.
Comparison Results: Trellix Endpoint Security is preferred over CrowdStrike Falcon. Users appreciate Trellix for its unified management capabilities, including a robust central console that enables simplified administration of all programs. They also value its stability, reliability, and resource efficiency. Users faulted CrowdStrike Falcon for its lack of specific features like sandboxing and granular firewall controls.
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"The solution has improved my organization by automating the detection and reporting of unwanted applications so we're aware of them and can respond appropriately."
"The managed services are distinguished, responsive, dynamic, flexible, and assertive when taking action."
"The most valuable feature is that we don't need to re-image machines as much as we had to."
"The initial setup is very simple."
"There's almost no maintenance required. It's very low if there's any at all."
"Everything we've done with CrowdStrike is due to Arctic Wolf. We don't even need to get alerts from CrowdStrike anymore. It'll send those to Arctic Wolf, and then Arctic Wolf analyzes those and let us know if there's a major issue."
"Its integration capability is valuable. It integrates easily with any OS."
"CrowdStrike Falcon's most valuable feature is the fact that it's not getting in the way of our workforce and their workflow."
"The initial setup of Trellix Endpoint Security was straightforward."
"This product has the capability to check a wide range of vulnerabilities and devices."
"The product’s stability and security features enhance user protection and organizational security."
"It's quite easy to install agents."
"It provides a robust defense against cybersecurity threats while offering user-friendly features like notifications and approval prompts."
"Dynamic Application Containment."
"The DLP and user interface are the most valuable feature."
"The thing that I like is that they have gathered almost all the products in one management server, the ePolicy Orchestrator."
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"There is room for improvement in managing multiple customer IDs."
"The product could be more accurate in terms of performance."
"I would like to see the machine learning feature enhanced."
"CrowdStrike Falcon could improve by adding manual scanning or serverless scanning. It is not available at this time."
"There are some aspects of the UI that could use some improvement, e.g., working in groups. I build a group, then I have to manually assign prevention policies, update policies, etc., but there is no function to copy that group. So, if I wanted to make a subgroup for troubleshooting or divide workstations into groups of laptops and desktops, then I have to manually build a brand new group. I can't just copy a build from one to another. Additionally, in order to do any work within a group, I have to first do the work on the respective prevention policy page or individual policy page, then remove the group if the group is assigned to a different prevention policy, remove the prevention policy, and then add the new one in. So, it can get a little hectic. It would be easier if I could add and remove things from the group page rather than having to go into the policy pages to do it."
"The detection time has room for improvement."
"The biggest issue with Falcon as a standalone product is it doesn't have very much reporting."
"Sometimes CrowdStrike changes the GUI, and they need to be better at informing us and providing guidance concerning that."
"The solution's documentation is not streamlined and is in bits and pieces, which should be in a single format."
"An area of improvement for this solution is to make it easier to manage."
"We have a lot of problems with the user experience and it's difficult to implement. MacAfee's better than the ancient anti-virus solutions but it's a little slow to resolve. Many files with malware were destroyed through the network, and MacAfee doesn't detect anything."
"It would be helpful if the controlling of connections coming to the PC could be done from McAfee's side so that we can block those connections."
"It didn't work well for some of the use cases. We have different use cases for each entity. Their support is also not good and needs improvement."
"There are two main areas that require improvement. One is the size of the packages. Although I'll admit manageability is good, if I want to deploy, let's say just the antivirus or just the firewall, each of those package sizes are quite large. They are sometimes as big as 200MB or 250MB. When I have operations in remote areas where connectivity is always poor, it's difficult. To deploy such a package in a remote location over the internet or something like that is always challenging."
"We’re facing remote installation issues sometimes:"
"Every time we open a ticket with McAfee, their response differs and they are not consistent."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 105 reviews while Trellix Endpoint Security is ranked 12th in Endpoint Protection Platform (EPP) with 94 reviews. CrowdStrike Falcon is rated 8.8, while Trellix Endpoint Security is rated 8.0. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security and SentinelOne Singularity Complete, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), Cortex XDR by Palo Alto Networks, Trend Micro Deep Security and Kaspersky Endpoint Security for Business. See our CrowdStrike Falcon vs. Trellix Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.