Trellix is one of the best legacy endpoint protection solutions, but we're also looking at Crowdstrike. Other solutions have advantages over Trellix in brand awareness and local presence. 

The company needs to do more to build its presence in this country. I've never seen an account manager or sales rep show up to an in-person event in South Africa. Other companies like Trend Micro have offices here. 

We evaluated three vendors. We decided to go to McAfee Endpoint Security for better availability, ease of use, and deployment.

I prefer FireEye to solutions like CrowdStrike, Carbon Black, and Trend Micro which are not as user-friendly. FireEye is also easier to integrate with the SIEM, so all the logs get pushed and there are no issues getting the device integrated with SIEM. 

We also use CrowdStrike Falcon, which is also endpoint security. At that time, we chose the best option based on our study. Both Falcon and FireEye were doing good in the market, so we basically went ahead with what was the best at that time. We buy the licenses for both of these and then do the deployment.

We also use Sophos, but it is signature-based. We have licenses for the normal management control software of Sophos and the agents. We have not used Sophos Intercept X. My understanding is that it is an EDR, and we look forward to doing a study on it.

We definitely evaluated other products and continue to. We have to put our case forward for justifying our products and solutions within our company and with our clients. It has been an experience with the POC. Whatever the product and features, the cost-benefit analysis has to be taken in terms of leaky security. That may not matter for certain situations and products, but from our testing and experience, it will definitely matter for this product right now.  

Our company has to make a decision about whether they have to switch to a different product internally. If we try to become a partner with a certain company and begin to resell that to other clients, we can get a better price in a negotiation. This may affect the product we end up using.  

We definitely need to explore a lot. In this case, it will take a lot of time to consider the benefits of various products and cost-benefits.  

Being a reseller, we handle many different endpoint products and have evaluated several of them. When comparing to Symantec, for example, McAfee is better in that they have multiple agents and multiple consoles. We also work with CrowdStrike and Cylance.

Some of our customers prefer McAfee because they started with an on-premises solution, which is a good thing. Not every company is cloud-ready, yet. Some of them have hybrid configurations, where they have on-premises protection as well as cloud-based protection.

Price-wise, McAfee is less expensive than CrowdStrike or Cylance, although not as cheap as Kaspersky or Sophos. I would say that it is reasonable, for the feature set.

There were other solutions in use, but that was before I joined my department, so I don't know which solutions were used before my company went with McAfee MVISION Endpoint.

I have evaluated Carbon Black and FortiEDR.

We evaluated vSphere and CrowdStrike. In comparison, Trellix is an inexpensive product. 

We also looked at Palo Alto Networks Traps and Trend Micro.

I think they checked out Kaspersky as well.

We are currently, exploring other solutions.

It was a very hard decision to make. We did a comparison with some other competitor products. One of them was Palo Alto Networks Cortex XDR, which was the biggest competitor at that time. We even checked Microsoft ATP and McAfee. So, we compared a couple of products before selecting FireEye.

We did not evaluate any other EDR products before choosing FireEye. 

We did look at other vendors, like Cylance. We chose FireEye because they have a long history, which results in stability.