We performed a comparison between Trellix Endpoint Security and Forescout Platform based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Trellix Endpoint Security users like the ePolicy Orchestrator, the solution’s robust central management console. Forescout Platform stands out for its agentless visibility and advanced features like device fingerprinting. Trellix could improve by reducing resource usage, enhancing stability, and making the solution more user-friendly. Users say Forescout could be better at resolving connectivity and license issues. Users want better device compatibility and troubleshooting tools.
Service and Support: Some users say Trellix support is helpful and responsive, while others believe there is room for improvement in communication and resolution times. Some users reported positive experiences with Forescout support, but others requested better responsiveness and training.
Ease of Deployment: Setting up Trellix Endpoint Security is simple if the user has some expertise. Some users found Forescout’s setup to be simple and adaptable, while others perceived it as more complex and time-intensive.
Pricing: Trellix Endpoint Security’s pricing is considered flexible, competitive, and about average compared to other solutions. The total cost of Forescout Platform can be high depending on the level of customization and integration required.
ROI: Users reported saving time by implementing Trellix Endpoint Security. Forescout Platform yields a solid ROI by improving network access control and overall security.
Comparison Results: Our users prefer Trellix Endpoint Security over Forescout Platform based on user feedback. Users like Trellix's comprehensive management abilities and single-pane-of-glass administration. It is praised for its reliability and low false positive rate. Forescout Platform receives mixed reviews for its complex setup process and customer service. It is also considered expensive.
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."
"The summarization of emails is a valuable feature."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"The threat intelligence is excellent."
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"I can integrate Forescout with products from multiple vendors in my environment, and also, the integration is searchable. It can be used with 802.1X and non-802.1X to integrate with my existing network. I don't need to upgrade any existing networks in my system, and I don't need to replace existing devices to integrate with Forescout. I find value in not having to spend money upgrading existing devices and networks."
"Forescout Platform's most valuable features are that it is very granular. We are able to cull out a lot of information about our particular device or endpoint. The configuration and the visibility are very seamless. Overall the solution is very easy to handle and it's very comprehensive."
"Forescout is easy to integrate with a lot of end systems."
"The most valuable features of the Forescout Platform are ease of management and outstanding visibility. The visibility is simple to obtain."
"It allows for good detection of all the vendor products we have on-site."
"I have noticed that in the last year the license model has changed from licensing the whole appliance to licensing the number of devices. It's more simple for a large installation, or a user to have CounterACT as their peripheral site in the company. It's a good choice to have changed the license policy."
"The most valuable feature of the Forescout Platform is the large capacity it can handle. Additionally, the interface of the platform is good."
"The visibility is the main benefit. We now know how many devices are connected, what the use for each device is and what kind of devices we have in our environment."
"We can manage everything from the central console and it is very easy."
"I have found the most valuable features to be the ability to manage the solution from anywhere and having an overview of the companies security."
"There is a new feature where you can set thresholds for all the CPU consumption allowing for no consumption on the servers when the scans happen. It is a separate plugin or addon, and if we have it on all the virtual machines it automatically checks the resources, and based on that, it will schedule the scans. That is something that I have not seen in other antivirus solutions, such as Symantec."
"The manageability of the product itself is its most valuable aspect. You have the underlying EPO, and on top of it, you can deploy the various components as you require. This is unlike other solutions like Symantec where you have to deploy everything or nothing. With this solution, you can choose to only deploy antivirus or only deploy a firewall, or only something else. I choose the components and that deployment is done through EPO. It makes manageability very flexible."
"The DLP and user interface are the most valuable feature."
"A big advantage of McAfee Endpoint Security is the ability to manage very big environments. We are supporting environments with 200,000 to 300,000 endpoints. The ability to manage with one single console is very important for us. McAfee has phenomenally improved in terms of detection. It provides real-time detection and response with the error, Real Protect, and reputations. It is not only based on signatures but also on behavior analytics, artificial intelligence, or machine learning. We have environments that never had issues with ransomware in the last 20 years. McAfee has a very good performance in this field."
"Trellix Endpoint Security's dashboard is very flexible, and I can create my own user-specific dashboard depending on user privilege or preference."
"The solution is stable."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"The tool gives inconsistent answers and crashes a lot."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"The support could be more knowledgable to improve their offering."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"Custom integrations need to be better."
"Forescout Platform isn't flexible with connections to devices like printers and forces you to re-enter details like the MAC address after any breakdowns."
"The licensing costs are quite high. With the amount of hardware we have, we need too many licenses to make the product effective and it's ultimately just too costly."
"Logging would be one area for improvement. When we're troubleshooting, there are not a lot of clear things on Google that we can look up for ourselves. When we have an issue with it, we have to call the company to get the vendors involved. The logging of Forescout is horrible compared to other things that we've used."
"We have found that the agent-based authentication, available within this solution could be improved."
"The solution does have a bit of complexity, and there's some complexity in the deployment. Users need to be trained before undertaking an initial setup."
"The initial setup is a bit complex."
"This solution is not that easy to scale but this depends on a company's needs."
"On the next release, they should build an easier way to see a repair option within the McAfee icon on your system tray. If there was an issue, you should be able to contact the user or just right-click on "repair". That would be a very good feature to add. That could be a place of improvement, just adding that button, or customizing it."
"An area in need of improvement involves the overview, which usually does not enable one to get the value in reports."
"Tech support is not as helpful as they were in the past."
"The tool could provide more advanced protection."
"Although they have increased the complexity, it has affected the scanning speed."
"It would be nice if the solution were to allow not just on-cloud management, but on-premises, as well."
"The vendor should simplify the way they bundle the products because it's very hard to explain to customers what products contain which features."
"The solution consumes a lot of end user memory and CPU. Trellix doesn't really focus much on the anti-malware side."
Forescout Platform is ranked 14th in Extended Detection and Response (XDR) with 69 reviews while Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 94 reviews. Forescout Platform is rated 8.4, while Trellix Endpoint Security is rated 8.0. The top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Forescout Platform is most compared with Cisco ISE (Identity Services Engine), Aruba ClearPass, Fortinet FortiNAC and Nozomi Networks, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Forescout Platform vs. Trellix Endpoint Security report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.