We just raised a $30M Series A: Read our story

FireEye Endpoint Security OverviewUNIXBusinessApplication

FireEye Endpoint Security is #9 ranked solution in EDR tools. IT Central Station users give FireEye Endpoint Security an average rating of 8 out of 10. FireEye Endpoint Security is most commonly compared to CrowdStrike Falcon:FireEye Endpoint Security vs CrowdStrike Falcon. The top industry researching this solution are professionals from a computer software company, accounting for 24% of all views.
What is FireEye Endpoint Security?

FireEye Endpoint Security is an integrated endpoint solution that detects, prevents and responds effectively to known malware and threats traditional anti-virus endpoint security products miss. It expands endpoint visibility and provides contextual frontline intelligence to help analysts automate protection, quickly determine the exact scope and level of any attack activity and adapt defenses as needed.

FireEye Endpoint Security Buyer's Guide

Download the FireEye Endpoint Security Buyer's Guide including reviews and more. Updated: December 2021

FireEye Endpoint Security Customers

Tech Resources Limited, Globe Telecom, Rizal Commercial Banking Corporation

FireEye Endpoint Security Video

FireEye Endpoint Security Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
SB
Sr Manager - Information Security & Researcher at a tech services company with 1,001-5,000 employees
Real User
Top 5Leaderboard
Enables us to do IOC-based search across the enterprise and isolate compromised devices

Pros and Cons

  • "It is easy to use, flexible, and stable. Because it is a cloud-based solution and it integrates all endpoints of the cloud, we can do an IOC-based search. It can search the entire enterprise and tell us the endpoints that are possibly compromised."
  • "It has a feature called Isolation. If a device is compromised, we can connect it to our SOC, and no one would be able to access it. This way we can limit the damage to the network while we are investigating."
  • "Malware detection can be better. It doesn't have support and detection for the recent malware, but it has a compensatory control where it can do the behavior-based assessment and alert you when there is something malicious or unexpected. For example, when a certain user is executing the privilege command, which is not normal. These dynamic detections are good, and they compensate for malware detection."
  • "It has very good integrations. However, its integration with Palo Alto was not good, and they seem to be working on it at the backend. It is not very resource-hungry, but it can be even better in terms of resource utilization. It could be improved in terms of efficiency, memory sizing, and disk consumption by agents."
  • "They have something called Managed Detection and Response. They get intel from their customers, and that intel is shared with the rest of FireEye's customers. I want to subscribe to their intel, but that is not available to us."

What is our primary use case?

It can be used for ransomware detection and data exfiltration. It is also able to detect Remote Access Trojan (RAT).

What is most valuable?

It is easy to use, flexible, and stable. Because it is a cloud-based solution and it integrates all endpoints of the cloud, we can do an IOC-based search. It can search the entire enterprise and tell us the endpoints that are possibly compromised.

It has a feature called Isolation. If a device is compromised, we can connect it to our SOC, and no one would be able to access it. This way we can limit the damage to the network while we are investigating.

What needs improvement?

Malware detection can be better. It doesn't have support and detection for the recent malware, but it has a compensatory control where it can do the behavior-based assessment and alert you when there is something malicious or unexpected. For example, when a certain user is executing the privilege command, which is not normal. These dynamic detections are good, and they compensate for malware detection.

It has very good integrations. However, its integration with Palo Alto was not good, and they seem to be working on it at the backend. It is not very resource-hungry, but it can be even better in terms of resource utilization. It could be improved in terms of efficiency, memory sizing, and disk consumption by agents.

They have something called Managed Detection and Response. They get intel from their customers, and that intel is shared with the rest of FireEye's customers. I want to subscribe to their intel, but that is not available to us.

For how long have I used the solution?

I have been using this solution for two years.

What do I think about the stability of the solution?

It is stable. The FireEye team monitors it, and in case it goes down, we get an alert saying that the device is down. We either get their help or troubleshoot it ourselves to get it up and running.

What do I think about the scalability of the solution?

It is quite scalable. We have scaled it according to their sizing recommendations. They have devices for different bandwidths, models, and offices.

We have about 4,000 people who are using this product. In terms of our plans to increase its usage, we are currently studying two options. One of them will basically scale up to about 40,000 instances.

How are customer service and technical support?

Their technical support is good. For each region, they seem to have got local support that takes care of all problems. They have support teams in Singapore, India, and North America.

How was the initial setup?

Its initial setup was straightforward. I have done one installation that took about 90 minutes. Virtual installations are straightforward. Physical installations have got some networking interfaces, and one needs to go through the documentation to do it. If you have got the right configuration, it is straightforward.

What about the implementation team?

We have about five people within SOC. We manage the engineering and deployment aspects of it. It is not very resource-hungry.

For its deployment, we just needed about four people. We deployed about 14 appliances and one cloud-based instance. We have automated the deployment. We deployed it via Puppet, so the installation was fast.

Which other solutions did I evaluate?

We also use CrowdStrike Falcon, which is also endpoint security. At that time, we chose the best option based on our study. Both Falcon and FireEye were doing good in the market, so we basically went ahead with what was the best at that time. We buy the licenses for both of these and then do the deployment.

We also use Sophos, but it is signature-based. We have licenses for the normal management control software of Sophos and the agents. We have not used Sophos Intercept X. My understanding is that it is an EDR, and we look forward to doing a study on it.

What other advice do I have?

Based on my two years of experience with this solution, I would comfortably recommend this solution.

I would rate FireEye Endpoint Security an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
RT
Manager at a tech company with 1,001-5,000 employees
Real User
Top 5
The most valuable feature is the capacity to collect all the information for forensic analysis purposes.

Pros and Cons

  • "FireEye Endpoint Security's scalability is awesome. I think it is one of the best on that front."
  • "The reports need more development. They need more details on the reports and more details taking the executive view into consideration."

What is our primary use case?

The two primary use cases are towards the process monitor and malware detection for APT (Advanced Persistent Threat).

How has it helped my organization?

FireEye Endpoint Security has improved our customers' organizations. Before a customer was with us, they may have worked with Windows Defender. This is for suspicious activity. Then they implement the next solution that is for network monitoring. With that, they deploy the EGX for info security. Now, with these components, they have a lot of visibility on their network and endpoint activity.

What is most valuable?

The most valuable feature that my customers have found with solution is the capacity to collect all the information for forensic analysis purposes.

What needs improvement?

In my personal and professional view, I think the reports need more development. They need more details on the reports and more details taking the executive view into consideration.

These reports contain the information that is gathered at the intake solutions. They are more geared for the technician and I think they need more executive information because it is important to talk to the main executives, and for them to see what is happening related to some of those suspicious activities.

For how long have I used the solution?

I have been using FireEye Endpoint Security for something like 4 years.

What do I think about the stability of the solution?

In terms of stability, we have had some issue related to the deployment and hardware requirements, because most customers need to revalidate all those requirements. For example, if your deployment was on a hyper B environment, we don't know their server. They decrease in the performance of the appliance because in some cases, the requirements are not specifically stated, including the CP or reserve for those components. For example, I may define that the memory requirement is 16 gigabytes with a specific machine build.

What do I think about the scalability of the solution?

FireEye Endpoint Security's scalability is awesome. I think it is one of the best on that front. This is because many of its steps are related to the optimization of whole the process, it's ratings and solutions with mail, social network, input solutions, and next generation CMM like Kellogg's. All these are on the single platform called FS. I sold a lot. You can see its integration with print solutions. That's very amazing.

We have companies with a lot of endpoints. We think we have something like 4000 agents and 2 main appliances.

How are customer service and technical support?

Technical support is really great. The support is generally very fast, responding within one day.

How was the initial setup?

The main deployment is very simple because it's related to the deployment of an OVA file. The physical deployment is no problem.

But the deployment needs some special knowledge about the quick console.

Deployment tales about one week or less.

What's my experience with pricing, setup cost, and licensing?

If you compare your solution without the antivirus solution, and the price of the agent, it is a little bit expensive. But when you learn more about the value of forensic analysis, you will pay those costs. The price is expensive compared with other solutions, with the competitors. But it is really fast and really flexible and the user can research the information.

Which other solutions did I evaluate?

I think they checked out Kaspersky as well.

What other advice do I have?

I would recommend to check how they might pull reports. For example, where the customer modes fall because it's an independent investigation related to an IP.

On a scale of one to ten, I would give FireEye Endpoint Security a ten, because it's the only good option.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Learn what your peers think about FireEye Endpoint Security. Get advice and tips from experienced pros sharing their opinions. Updated: December 2021.
554,873 professionals have used our research since 2012.
MK
Deputy Technical Manager (SOC Operations) at a tech services company with 1,001-5,000 employees
Real User
Top 5
Comes with useful protection features, but lacks Linux support

Pros and Cons

  • "The exploit guard and malware protection features are very useful. The logon tracker feature is also very useful. They have also given new modules such as logout backup, process backup. We ordered these modules from the FireEye market place, and we have installed these modules. We are currently exploring these features."
  • "The Linux support is very poor. I use base detection. Currently, they are providing malware protection and logon track features in Windows and Mac. These features aren't available in Linux. It will be helpful to extend these capabilities to Linux. We would also like assets grouping and device lock protection features, which are included in their roadmap."

What is our primary use case?

We want more protection for our servers. We would like to know if a real incident or something compromising is happening. Therefore, we have deployed this EDR solution.

What is most valuable?

The exploit guard and malware protection features are very useful. The logon tracker feature is also very useful. 

They have also given new modules such as logout backup, process backup. We ordered these modules from the FireEye market place, and we have installed these modules. We are currently exploring these features. 

What needs improvement?

The Linux support is very poor. I use base detection. Currently, they are providing malware protection and logon track features in Windows and Mac. These features aren't available in Linux. It will be helpful to extend these capabilities to Linux.

We would also like assets grouping and device lock protection features, which are included in their roadmap.

For how long have I used the solution?

We have been using FireEye Endpoint Security for the past two years.

What do I think about the stability of the solution?

The current version is more stable than the previous ones.

What do I think about the scalability of the solution?

It is easily scalable.

How are customer service and technical support?

My experience was 50/50. Sometimes, it was good. Sometimes, they took some time.

Which solution did I use previously and why did I switch?

We were using McAfee AV. We switched to FireEye Endpoint Security because we had some performance issues with McAfee AV. We are not facing those issues with FireEye Endpoint Security.

How was the initial setup?

It is easy to deploy. It took us a month to deploy. 

Deployment may take more time based on the architecture and the environment. With some vendors, it took us some time to analyze because there were things that we wanted to monitor, which depended on the production. Therefore, we installed it step by step, not in one step at full force.

What other advice do I have?

If you are deploying on Windows or Mac, there will be minimal issues, and you can go for this solution. With Linux, you need to understand a few features. What you expect from Windows and Mac is not available in Linux. If your main technologies are open source, then probably rethink about FireEye Endpoint Security. You can go for FireEye Endpoint Security after they have the same capabilities in Linux. Most of the features are there in their roadmap.

We mostly faced issues with Linux support. In the past, we also had issues related to communication between an agent and an endpoint where they didn't communicate, the communication got stopped automatically, or the data communication time didn't sync properly. In the later versions, they improved and resolved these issues.

I would rate this solution a seven out of ten. It's gradually growing, and a few features that we require are not there. If these requirements are satisfied, I would rate them nine or ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
LL
IT Manager at a tech services company with 51-200 employees
Real User
Top 20
Straightforward to set up, easy to use, and stable

Pros and Cons

  • "It's a stable solution with good performance."
  • "We would like to solution to offer better security."

What is our primary use case?

We primarily use the solution for security. We use it to detect threats and cyber attacks.

What is most valuable?

The product is easy to use.

It's a stable solution with good performance. 

The scalability is good.

The installation process is very straightforward.

What needs improvement?

We would like to solution to offer better security. 

For how long have I used the solution?

I've been dealing with the solution for years.

What do I think about the stability of the solution?

The product is quite stable. The performance has been good. There are no bugs or glitches. It doesn't crash or freeze. We find the product to be quite reliable.

What do I think about the scalability of the solution?

The solution is capable of scaling. It's not a problem. We have the solution on around 300 endpoints. 

We have around 150 to 160 users on the solution currently.

We do plan to increase usage in the future.

How are customer service and support?

I've never contacted technical support. I cannot speak to how helpful or responsive they are. 

How was the initial setup?

It's not a difficult solution to set up. It's pretty straightforward and simple. 

I don't recall how much time did it took. It was one of my team members that actually was occupied with the task. It was a while ago as well. I don't know anymore.

What about the implementation team?

We worked with external consultants. I don't know exactly what the scope was, however. 

What's my experience with pricing, setup cost, and licensing?

We bought a four-year license for the product. We're under a contract with them for that amount of time. 

Which other solutions did I evaluate?

We did not evaluate any other EDR products before choosing FireEye. 

What other advice do I have?

We are just customers and end-users of the product. We don't have a special business relationship with the company. 

I'm not sure which version of the solution I'm using. I don't know the version number off-hand. 

I'd rate the solution at an eight out of ten.

I'd recommend the solution to other users and organizations.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Syed Faisal
ICT Manager at SecurEyes
Real User
Top 10
Easy to use, stable, and not heavy on system resources

Pros and Cons

  • "FireEye Endpoint Security is easy to use and lightweight compared to others."
  • "Most of these types of solutions including others, such as Carbon Black and FortiEDR, all have the same features. However, Carbon Black is the leader when it comes to being robust and user-friendly and this solution should improve in those areas to stay more competitive."

What is our primary use case?

We are using this solution for endpoint security against cyber attacks.

What is most valuable?

FireEye Endpoint Security is easy to use and lightweight compared to others.

What needs improvement?

Most of these types of solutions including others, such as Carbon Black and FortiEDR, all have the same features. However, Carbon Black is the leader when it comes to being robust and user-friendly and this solution should improve in those areas to stay more competitive.

For how long have I used the solution?

I have been using FireEye Endpoint Security for a couple of months.

What do I think about the scalability of the solution?

This solution is scalable. However, it could improve to be able to be handle large-scale operations. The OS most systems are running I am not sure it can handle a lot of nodes but many companies are coming out with cloud options that should be able to manage much more nodes.

How are customer service and technical support?

Technical support can take some time to respond on the first level. They could improve the speed at which they resolve and handle support.

What about the implementation team?

We have an administrator and engineer that does the implementation and maintenance of the solution.

Which other solutions did I evaluate?

I have evaluated Carbon Black and FortiEDR.

What other advice do I have?

I would not recommend this solution to others. However, if you have a small budget then this solution could be a second option.

I rate FireEye Endpoint Security an eight out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Buyer's Guide
Download our free FireEye Endpoint Security Report and get advice and tips from experienced pros sharing their opinions.