Trellix Endpoint Detection and Response (EDR) Room for Improvement

RR
Head of Data Link at Telecom Egypt

In my opinion, Trellix Endpoint Detection and Response (EDR) is one of the best tools that I have worked with till now.

One of the issues about the product stems from the failure to work on its administrative scalability. The aforementioned area can be considered for improvement.

The interface should be easier to use, and Trellix needs to provide training to explain how to use the solution, as these are areas where the solution lacks and needs to improve.

View full review »
AM
IT Security Specialist at Commercial Bank of Ethiopia

The alert feature of McAfee MVISION Endpoint Detection and Response needs improvement because for you to get the alerts, you have to log on to the portal. What my company needs is a tool that sends you alerts. For example, if it detects a threat on your machine, it should send you an alert. My company gets the alerts instead from the antivirus software rather than the EDR. If you want to see the alerts on McAfee MVISION Endpoint Detection and Response, you have to connect to the system manually.

Another area for improvement in the tool is the reporting. My company needs weekly and monthly reports about the alerts, but you can't extract reports from McAfee MVISION Endpoint Detection and Response, so a decision was made to move to another EDR solution, particularly Microsoft Defender for Endpoint, next month. My company tested Microsoft Defender for Endpoint via a POC for one to three months.

The resource usage of McAfee MVISION Endpoint Detection and Response is also an area for improvement because it consumes a lot of memory. For example, during the on-demand scan, you can't work because of the high CPU usage. You need to schedule the scans.

McAfee MVISION Endpoint Detection and Response has a lot of modules, but my company doesn't use all modules.

View full review »
Moizuddin Sayed - PeerSpot reviewer
Senior IT Systems Administrator at IndusInd Bank ltd

The endpoints and utilization are too high, which impacts the production activity. 

There are no additional features I would add. The McAfee MVISION Endpoint Detection and Response already has multiple features required for an IT solution.

View full review »
Buyer's Guide
Trellix Endpoint Detection and Response (EDR)
March 2024
Learn what your peers think about Trellix Endpoint Detection and Response (EDR). Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
Juan Muriel - PeerSpot reviewer
IT Management Specialist at a computer software company with 10,001+ employees

The technical support must be improved. We had a problem with the Web Control plug-in with Edge and Chrome. The plug-in was disabled, and the resolution took a lot of time.

View full review »
Christian Guillén - PeerSpot reviewer
Sales Manager at Last call

For Spanish users, it is necessary to have a knowledge base specifically designed for them, which is currently not available.

Blocking other browsers should be a feature introduced in the solution. At this time, you can control Safari and Microsoft Edge. But I don't know about the other browsers.

View full review »
MD
Senior Vice President IT at AS IT Consulting Pvt. Ltd.

The product must improve the ability to work with different operating systems like Windows and macOS. The CPU utilization of the product is quite high compared to its competitors. The agent file size is higher. The number of services that run on a system is quite high. Other EDR solutions have only a single service running on it.

View full review »
Hung-LE - PeerSpot reviewer
Global Information Technology Security Analyst at Discova

Trellix purchased McAfee two years ago. At this moment, it may seem a bit difficult if I explain Trellix and McAfee separately. Trellix Endpoint Detection and Response (EDR) and McAfee MVISION Endpoint provide endpoint protection. In the future, if Trellix can compile both the products, Trellix Endpoint Detection and Response (EDR) and McAfee MVISION Endpoint, into one solution, our company need not install multiple agents, which can reduce the workload for IT and make the tool easy to manage.

The solution's downside stems from the fact that Trellix Endpoint Detection and Response (EDR) and McAfee MVISION Endpoint are not combined into a single solution, so from an improvement perspective, they need to be combined into a single solution. If both tools are combined into a single solution, it will become easier for a user to manage and deploy such a product.

View full review »
SK
Solution architect at CSP

An area for improvement in McAfee MVISION Endpoint Detection and Response is the historical search. For example: when you have information on the artifact and a precedent, you want to do a search, and that is a bit lacking in the tool.

Another area for improvement is in the automation feature of McAfee MVISION Endpoint Detection and Response, because it still needs some work in terms of integration.

What I'd like in the next release of McAfee MVISION Endpoint Detection and Response is the ability to use it with a newer security platform. This means that the information you get from network parameters such as IPS and firewalls can be pumped back to the tool, so we can match all the information to do better threat hunting. Threat hunting is only on the endpoints, so if McAfee MVISION Endpoint Detection and Response could cover everything, that would be good.

View full review »
Shashank-Gahoi - PeerSpot reviewer
Security Architect at a tech services company with 1,001-5,000 employees

The product must focus on improving the appliances. The console has a lot of bugs, and it creates many issues. It is very tedious to troubleshoot the issues sometimes. The support team does not help. We solve our problems by testing things we find on Google and other forums where people give suggestions about the product. The product has very limited options for creating policies. The product could provide more options for creating policies. The options must be customizable according to the user’s requirements.

View full review »
Alex Lapinski - PeerSpot reviewer
Cyber Security & ICT Director at Polish Security Experts Association

It is tough to comment on what needs improvement in the solution. At the moment, it is difficult to recall and comment on what needs to improve in the solution.

The solution lacks the ability to integrate with external platforms. In future releases of the solution, I would like to see the solution increase its integration capabilities with external platforms. At this moment, I want the solution to integrate with more XDR tools. The solution should provide its users an ease of administration in future releases.

My company has spoken to McAfee about their solution being on the pricier side. So, McAfee is aware that there is room for improvement in its pricing strategy.

View full review »
Bernard Van Den Heuvel - PeerSpot reviewer
Professional Services Manager at Concanon LLC

Some modules that are doing machine learning and artificial intelligence are blocking our processes.

View full review »
DA
Sr. Sales Engineer at a tech services company with 11-50 employees

One of their issues is that they were very much based on agents, whereas most of the other solutions are clientless. There were a lot of legacy issues and they needed to evolve to more of the current operating systems of Microsoft for endpoint systems and PCs. If you're clientless, your cloud-based applications sit on top of the operating system and are not built into it.

View full review »
RH
Senior Security and Risk Management Analyst at National Commercial Bank Jamaica Limited (NCB)

The dashboard and reporting features are not so user-friendly or intuitive, so they need some work.

In terms of being able to detect new threats, it would be good if the solution was not so dependent on a signature base, but instead offered a more rapid release for being able to detect zero-days. 

View full review »
MV
Senior IT Support Engineer at Mu Sigma Inc.

The graphical view for nodes must be increased.

View full review »
HT
System Engineer at CMC CSI saigon

The solution should be more compatible with macOS.

View full review »
PN
Chief Information Security Officer at Romsons

The main drawbacks are resources and processing time, as it consumes a lot of CPU and RAM.

The alert system should be improved.

Technical support is in need of improvement.

The dashboard should be improved because it needs a fresh look.

Improvement in the centralized policy enforcement is needed.

View full review »
Buyer's Guide
Trellix Endpoint Detection and Response (EDR)
March 2024
Learn what your peers think about Trellix Endpoint Detection and Response (EDR). Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.