CoSoSys Endpoint Protector Room for Improvement

AJ
Senior Engineer at GIG kuwait

We are using it to only apply media restrictions. When we are installing a new agent, we have to install EPP manually on a device. It would be great if the installations can be done from the server instead of me going to each PC or device to implement EPP or using a policy. They should have some sort of system so that a domain admin can install EPP on all PCs from a central manager. 

After EPP is installed, the upgrade can be done from the EPP console, but they don't always work. Sometimes, there are minor issues with upgrades, but we are able to sort them with the help of their support. The EPP support is great.

View full review »
SunnyKumar - PeerSpot reviewer
Senior IT Engineer at Instawork

I've encountered some latency issues that appear to be related to the internet speed. When I install the agent on the laptop, the internet speed often drops from 100 MBPS to around 80 MBPS or even as low as 50 MBPS at times. The slow response seems to be connected to the fact that all network traffic is routed through this agent. The challenge arises when trying to analyze the logs, as every single click and action, even a single command in GitHub, generates a multitude of logs. This makes it difficult to extract relevant information. It would be helpful to implement filtering mechanisms so that we can sort and view the data based on software and vendor, providing more clarity and ease in analysis.

View full review »
Naman Verma. - PeerSpot reviewer
Security Delivery Specialist at a consultancy with 10,001+ employees

Endpoint Protector, in particular, had some features to be desired for the Mac operating system. The controls it provided were not adequate with Mac machines, especially with the new application registry feature.

View full review »
Buyer's Guide
CoSoSys Endpoint Protector
March 2024
Learn what your peers think about CoSoSys Endpoint Protector. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
BH
Information Technology Security Engineer at a comms service provider with 10,001+ employees

Endpoint Protector provides a single platform to support Windows, macOS, and Linux devices. There is some improvement that is needed there. The policies must be created per OS and in a large deployment with the diverse OS platform use case which can get a little bit unwieldy. Room for improvement there could be a way to clone a policy and map the old policy to the new policy on a new OS. Right now, you would just have to open it up on two different screens and map it manually, but a way to clone it to a new OS and map the differences or map the similarities would be room for improvement.

I would rate the role-based access features for administrators a six out of ten. There's work to be done on the granularity of roles that can be assigned to an administrator but there is role-based administrator access present. That's why it's not a zero rating.

We would probably make better use of tier1 support texts and give them granular abilities within the user interface to help us administer it and then move it to a different tier 2 tech support if the role-based permissions were more granular.

A feature request would be treating a deny list as an exit point. We'd also like to have the ability to tie an allow list to a group rather than a policy so that the allow list follows the group of users or computers. Whatever policy they hit they're always allowed certain URLs. That would be a nice feature for management purposes. 

It could also use some minor UI improvements. There's a little bit of inconsistency in the UI that takes some getting used to.

View full review »
SomnathMukherjee - PeerSpot reviewer
IT consultant at Independent Consultant

It would be better if they had an inbound restriction feature. For example, I work out of my home from my personal computer. All my policies can be deployed while working. When I am done, I should be able to use my machine as my personal machine, and all these policies should be waived. In the next release, I want time bound restriction of the policies because most of these users were working out of home and using their personal computers.

View full review »
RG
Interactive Developer at Customer Communications Group, Inc.

This product provides zero-day protection for macOS, although I'm currently dealing with an issue on the most recent rollout of the Endpoint client that doesn't seem to be fully functioning. It is absolutely important to me, but it has not been successful. This is something that they are definitely working on resolving. I've had multiple IT consults where we've brought on a couple of developers to try and figure out what's going on with the Mac's most recent update versus their most recent update.

View full review »
BL
Security Architect at a tech services company with 11-50 employees

The policy engine could use a bit of work. They're definitely going in the right direction. We've been working with them over the last few weeks to try and optimize that. But it's reasonably clear that they're just not putting as much effort into the policy engine as into other things, like content discovery.

It's somewhat lacking in terms of the granularity of the policies that you can create. Because this is a Mac environment, you have slim pickings. You have really good detection mechanisms, like Code42, but a lot of those players don't operate at the medium business size. So, in terms of the market segment, CoSoSys is really the only player that will be able to still effectively pick up on it, so they're the only game in town on policy. They don't really have much competition in this segment.

View full review »
Shiv Ram - PeerSpot reviewer
Assistant Manager at Bharti Airtel Limited

They have many predefined classifiers in terms of data identifiers, and they should improve this. 

As per the market perspectives, the data is driven and the usage is totally modernized. Digitally, there are lots of inventions and the data usage depends on the cloud.

View full review »
MP
IT Specialist at TresVista Financial Services Pvt. Ltd.

We are currently facing an issue where it is blocking the Winman software, which is something that we don't want to happen because we use it in our accounts department to pay taxes.

There is no option or support available for DriveHQ. 

View full review »
RW
Core Facilities & ICT Manager at MJB International LLC/ Al Masaood John Brown LLC

When you want to uninstall and reinstall, there are a lot of issues. You have to do a lot of workarounds to reinstall Endpoint Protector. This is a major issue that we have constantly because we still have old systems with XP. While there are only very few, we need to run them because there are machines attached that only run on XP. When we need to uninstall and reinstall on XP or Windows 10, we have serious issues left in the Registry Editor everywhere. There is a lot of manual interference to get the reinstallation to work. For the uninstallation of Endpoint Protector, they need to work on this so it doesn't leave any leftovers behind.

View full review »
Alexandru Hagea - PeerSpot reviewer
Network and Security Lead at Accesa

CoSoSys Endpoint Protector has many predefined classifiers for data identifiers. It needs to improve in terms of policy customization. I observed that fewer policies were available, which needs to be improved so that users can modify and view policies based on their requirements and create their templates. The audit part could be added. With our current architecture, we have a lot of alerts, for example, when a user requests access to a policy temporarily for a business requirement. We can make an automatic request mechanism that would work for this type of scenario, which would help us sleep better at night.

View full review »
VS
IT Manager at a tech vendor with 11-50 employees

I would like to see an alert feature that when a system is started, it checks to make sure that the client has the most up-to-date policies. Before the policies are updated, nothing can be done on the system.

View full review »
SB
Director /Founder at a energy/utilities company with 51-200 employees

The only aspect that prevents it from being a perfect solution is the occasional slower response time.

View full review »
Dan Pham Ich - PeerSpot reviewer
Assistant It Manager at New system vietnam

Endpoint Protector would be improved with more DLP templates.

View full review »
Sivakumar Mahathevan - PeerSpot reviewer
Head of MSP Division at Halodata

Because it is only an Endpoint Protector at this point in time, it does not have a network DLP component. There's only an endpoint DLP component. In the future, it would be good if a network DLP component could be embedded and extended to have network DLP capabilities.

View full review »
AV
BDM at Hercules Infotech Pvt Ltd

CoSoSys Endpoint Protector's network-level DLP and integration with mail servers need improvement.

View full review »
MC
IT Manager of Information Technology Operations Manager at astrafaelcomsys.com

A lot of things can be improved. Especially customization could be a lot better.

Sometimes there are issues like when I write a policy to block finance sites. It also blocks the banking sites I have not included. Sometimes it also blocks commands I send to the machine while using Matrix software. 

Whenever this happens, I have to go into the software and choose the packet inspection option or something similar. Then I have to send the command again to the machine, and if it doesn't work, I have to contact the support team. These are some of the issues I have dealt with.

View full review »
CM
CTO at a aerospace/defense firm with 201-500 employees

The reports and analysis could be improved. There could be a little more data, and the logs could be a little more granular, but it's nothing major. It does what it needs to do, and it's fine. 

The alerts could be a little bit more intuitive, but again, it's not a big deal. It's just if I had to choose something, that's what it would be.

View full review »
PB
People Operations Manager at a tech services company with 11-50 employees

There are times when the server needs to be updated, and it would help if I got a notification for when the newest version comes out, because at the moment, I'm going in every now and then and checking. Sometimes it comes out and I didn't know it had come out. It would be super-helpful if I got a notification saying, "It's time to update the server."

View full review »
SG
Head IT at Trantor

I bought it for my Windows, Linux, and Mac platform. Frankly speaking, I'm not happy with the product. The reason is that they have not tested the product in their environment. You can't really install it on any endpoint, because you never know what will happen.

I have faced issues which shouldn't be related to this product. This product is purely a DLP, so it should only protect my data. I don't know what is happening with their agent or what is happening with the software, but it messes up my endpoint. For example, people are facing bandwidth issues. Before I deployed this on an endpoint, people were getting internet speeds of 40 or 50 Mbps. After deploying it, that would come down to 10 Mbps. And if I uninstalled the agent, it would go back to 50 Mbps.

In my experience, they claim their product is very good, but I don't think so.

Software should be such that if you deploy it on any machine, it should not come up with issues. If it is blocking things I can understand that the engine behind the software is very good. But it is blocking things that are not required to be blocked.

The major challenge was my Linux environment, and that is why I took this product—to get it deployed on my Linux machine. But if I want to deploy it on Linux 1, 2, or 20, or some other Linux distribution, I need to reach out to the support team to get the agents. If I have paid for licenses, they should be on the portal so I can download all the different versions freely.

If I want to install it on any machine, I need to give the version of that machine and they will give me the agent. You don't know whether that agent is the latest one or not. And if you face challenges you have to go back to the support team again and say, "I have deployed it and I'm facing this issue." They will give you another version. I can't tell you all the challenges we have faced. I have not deployed it on a single Linux machine, and it was for Linux that I bought this product. I have just put it on Windows, because on Windows I am facing fewer issues compared to Mac and Linux.

It is not a straightforward installation or a straightforward configuration, for me or the end-user.

View full review »
MH
Manager of IT Infrastructure at a comms service provider with 10,001+ employees

Some CoSoSys features do need to be improved. For example, in Linux a user can remove a getent anytime. There is no control there on the file structure in Linux. So if this solution could give us information on what users removed in the dashboard, it would help us. If CoSoSys applied this sort of improvement, it would help us a lot.

View full review »
DS
Consultant at a tech services company with 501-1,000 employees

As a host DLP solution, it has granular controls and features. It misses Network level DLP and SaaD DLP offerings. If CoSoSys comes up with a suite of Host DLP, along with Network DLP and SaaS DLP, it will cover all of the aspects of a DLP solution.

Various other products provide us a complete suite of solutions covering Host, Network, and SaaS aspects. Examples of these are Forcepoint and Digital Guardian.

View full review »
Buyer's Guide
CoSoSys Endpoint Protector
March 2024
Learn what your peers think about CoSoSys Endpoint Protector. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.