Trellix ESM Valuable Features
Daniel Durian
Information Security Manager at SM Prime Holdings
Valuable features such as threat monitoring and threat feed from McAfee. It will automatically block the threats based on its threat severity. Alerts will be analyzed and hunted if there are occurrences on other hosts. Using McAfee SIEM, you may know if the technology controls implemented is working effectively since you will have a view on all mitigated threats from the firewalls as well as feed from end-point protection.
View full review »
LAWAL YUSUF
IT auditor at SHEFFIELD HALLAM UNIVERSITY
The product’s most valuable feature is log monitoring.
View full review »
Usman Ali
Principal Engineer at Emerson
The product works better than other vendors available in the market. It can be easily deployed with the other solutions.
View full review »Buyer's Guide
Trellix ESM
March 2024
Learn what your peers think about Trellix ESM. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
767,847 professionals have used our research since 2012.
GencJakupi
Information Technology Security Analyst at a financial services firm with 201-500 employees
The support I have received from the vendor has been great.
View full review »ES
Ersa Spahiu
Security Engineer at PC Store
The most valuable feature of the solution is that the integration is really easy. Using the product is very easy. The product is user-friendly, but its use needs to be planned.
View full review »
Amirsaeed Iloukhani
Security Consultant at Bank Meli Exchange
The most valuable features of McAfee ESM are intrusion detection, malware protection, and the device controller.
View full review »MV
reviewer927423
Senior Security Specialist at a manufacturing company with 10,001+ employees
It is user-friendly. The notification part of McAfee ESM is very easy.
View full review »CM
Carmen Marsh
CEO at Inteligencia
The most valuable feature is that if the scanning does find something, it quarantines it. Then you can decide what you are going to do with it. It doesn't just stop everything but actually tells you there's a quarantine, that these files are in quarantine. You have to deal with them. That's good.
If you don't keep up with updates, they pop up until you actually do something. That's a good thing because we want protection.
View full review »
Chetankumar Savalagimath
Delivery Manager at a tech services company with 1,001-5,000 employees
The most valuable feature in ESM is its search and reporting feature. It's really nice.
View full review »SW
Steve Wiles
Technical Support Engineer at a comms service provider with 10,001+ employees
The ease of use is the most valuable feature. Over the years I have always been using this solution and have become comfortable with it.
View full review »LA
Laeeq Ahmed
IT Security Lead at a tech services company with 10,001+ employees
VirusScan Enterprise provides protection against real-time malware attacks.
We use it for logging the network traffic, when required.
It blocks the things which are not to be allowed. It has an adaptive mode where it learns for itself.
LL
reviewer1514295
VP Cyber Security & IT at a computer software company with 1,001-5,000 employees
AA
AwaisAbbasi
Operations Manager at a aerospace/defense firm with 5,001-10,000 employees
The security can't be compromised. The security features on offer are the most valuable feature and are why it's really worth having as a product like this in our organization.
View full review »
it_user1033191
Security Product Manager at a financial services firm with 5,001-10,000 employees
The most valuable feature is the capability to correlate different events from different platforms that we feed into it. It makes it easier to engineer the box on our side so that we can realize what is happening and do something about it. It gives us the tools to know what's happening and make a change in one of the downstream platforms to reject a connection or the like.
View full review »WA
Cybersecon67
Cyber Security Consultant at a computer software company with 51-200 employees
The most valuable features of this solution are the logging and the dashboards.
This solution integrates easily and very well with other technologies. We are creating custom connectors for some of the technologies that our customers are using.
View full review »MA
Miguel Vergel Adajar
Systems Engineer at First Datacorp
Trellix ESM is very user-friendly.
View full review »it_user1369827
Information Security Engineer at a financial services firm with 51-200 employees
Compared to other solutions, the user interface is good.
The correlations that it discovers are helpful.
The reporting is good.
View full review »VA
Victor Alexandrescu
IT Consultant and Project Manager at a government with 1-10 employees
There are more than two hundred out-of-the-box rules.
We have been using the advanced correlation agent.
View full review »it_user128397
Manager of System Security at a tech services company with 10,001+ employees
The Dashboard Views are the most valuable feature since it visualizes network and security-related use cases we develop. This visualization clearly articulates the current and past state of network traffic and correlation rule hits.
I also value the ability to integrate with third-party threat feeds, including McAfee’s feed, in order to sift through the data to find any anomalies. Through this process, we have further hardened the network security and perimeter security of our clients.
View full review »it_user182445
ICT Security Officer at a healthcare company with 1,001-5,000 employees
Dashboards, which can be customized to display alerts and queries, and rules, which trigger alerts, are the most valuable features for us.
View full review »it_user732735
Threat Intelligence Engineer (Security Engineering Team) at a government with 10,001+ employees
It's SIEM. Obviously, normalization of data is the biggest factor.
View full review »it_user374493
Security Consultant, Presale and System Engineer at a tech services company with 501-1,000 employees
Doing Incident analysis in my opinion with ESM is easier than other solutions. There are a lot of ways to build queries and a great filter engine; if you provide ESM with the Advanced Correlation Engine and Global Threat Intelligence you can raise your infrastructure to be a complete advanced SOC.
View full review »SH
reviewer1152327
Assistant Vice President at a financial services firm with 1,001-5,000 employees
McAfee as a whole is a good solution.
View full review »LR
itmanager1231232
IT Manager at a tech services company with 10,001+ employees
- Ease of use.
- Quick training period.
RN
Business8c2a
Business System Analyst at a consultancy with 5,001-10,000 employees
The ability to secure my data is the most important feature.
It is easy to use. I just need to enter the username and the password and it protects my data.
View full review »SK
reviewer1614318
Vice President Cyber Security Practice Head at a tech services company with 1,001-5,000 employees
I like the ease of deployment.
View full review »MA
reviewer1427199
Information Security Officer at a tech services company with 51-200 employees
It is easy to use and deploy. It comes with user-friendly manuals.
View full review »AS
Amlan Sahoo
Systems-Engineer at a tech services company with 10,001+ employees
This is the first SIEM product that I have used. My impressions so far are that I like the vendor support from McAfee and the overall architecture looks simple.
View full review »it_user380976
Information Security Analyst at a tech services company with 501-1,000 employees
The most valuable feature for us is that it comes with many correlations, reports, and dashboards already available. It's also very easy to use.
View full review »MN
ITsece56457
IT Security Analyst at Ingenium Group
Ability to create own views. Statistical (normalised) views help to highlight inconsistencies, which may need further investigation
View full review »it_user380976
Information Security Analyst at a tech services company with 501-1,000 employees
The easy interface is the most valuable feature.
View full review »Buyer's Guide
Trellix ESM
March 2024
Learn what your peers think about Trellix ESM. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
767,847 professionals have used our research since 2012.
Buyer's Guide
Download our free Trellix ESM Report and get advice and tips from experienced pros
sharing their opinions.
Updated: March 2024
Product Categories
Security Information and Event Management (SIEM)Popular Comparisons
Splunk Enterprise Security
SentinelOne Singularity Complete
Microsoft Sentinel
Elastic Security
IBM Security QRadar
Microsoft Defender XDR
LogRhythm SIEM
Rapid7 InsightIDR
Fortinet FortiSIEM
Cybereason Endpoint Detection & Response
USM Anywhere
Exabeam Fusion SIEM
ArcSight Enterprise Security Manager (ESM)
ManageEngine EventLog Analyzer
NetWitness Platform
Buyer's Guide
Download our free Trellix ESM Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More:
- Primary Use Case
- Valuable Features
- Room for Improvement
- Customer Service and Support
- Initial Setup
- ROI
- Pricing
- Other Advice
- Has anyone got experience in deployment of a SIEM solution?
- IBM QRadar is rated above competitors (McAfee, Splunk, LogRhythm) in Gartner's 2020 Magic Quandrant. Agree/Disagree?
- What Solution for SIEM is Best To Be NIST 800-171 Compliant?
- When evaluating Security Information and Event Management (SIEM), what aspect do you think is the most important feature to look for?
- What are the main differences between Nessus and Arcsight?
- Which is the best SIEM solution for a government organization?
- What is the difference between IT event correlation and aggregation?
- What Is SIEM Used For?
- What Questions Should I Ask Before Buying SIEM?
- RSA-EMC vs. other SIEM products?
