Trellix Endpoint Detection and Response (EDR) Reviews

The product works as a preventive tool. It checks for signatures as well as behaviors.

If there is any malicious behavior in the workstation or server, the tool stops or isolates it automatically and generates alerts. It creates reports on the incidents and provides the details to us. The product is very easy to scale and implement.

The product must focus on improving the appliances. The console has a lot of bugs, and it creates many issues. It is very tedious to troubleshoot the issues sometimes. The support team does not help. We solve our problems by testing things we find on Google and other forums where people give suggestions about the product. The product has very limited options for creating policies. The product could provide more options for creating policies. The options must be customizable according to the user’s requirements.

I have been using the solution for more than two years.

I rate the tool’s stability an eight out of ten.

The tool is scalable. We have implemented it across the organization. I would recommend the tool for both small and large companies.

The support team is the worst. The support team must improve its knowledge.

Negative

We used an anti-malware solution before we started using Trellix.

The solution is deployed on the cloud. The initial setup was simple.

The deployment took nearly a month. Trellix’s team helped us deploy the product. They were helpful during the purchasing and implementation process. Four or five people in the organization manage and maintain the solution.

The product’s pricing is reasonable. However, we have to have a minimum contract of three years. The licensing model is not so good. Advanced threat intelligence features are very expensive.

We are planning to change the vendor. We have one more year of contract on the product. Companies must use EDR, but they must research before choosing vendors. Overall, I rate the solution an eight out of ten.

My company's clients use the solution to detect the early stages of attacks and to react to the strange things that happen on the endpoints.

Visualization of cyberattacks is one of the most valuable features of the solution.

It is tough to comment on what needs improvement in the solution. At the moment, it is difficult to recall and comment on what needs to improve in the solution.

The solution lacks the ability to integrate with external platforms. In future releases of the solution, I would like to see the solution increase its integration capabilities with external platforms. At this moment, I want the solution to integrate with more XDR tools. The solution should provide its users an ease of administration in future releases.

My company has spoken to McAfee about their solution being on the pricier side. So, McAfee is aware that there is room for improvement in its pricing strategy.

I have been using McAfee MVISION Endpoint Detection and Response for over two years. So, my company has a partnership with McAfee. Though I don't remember the version of the solution I am working on, it is the latest one since it is a common security practice to use the updated version of the tool.

It is a stable solution. Stability-wise, I rate the solution a nine out of ten.

I won't be able to comment on the solution's scalability since, at the moment, we do not need to consider scalability or expansion. However, it is probably easy to scale up since the solution is deployed on AWS. My company has clients who run small, medium, and enterprise-sized businesses. The number of uses using the solution depends upon the company or business size. So, there have been times when a client using the solution has over 1000 users using the tool.

I rate the solution's technical support team a nine and a half or ten out of ten.

Positive

The solution's initial setup process was easy and straightforward. On a scale of one to ten, where one is difficult and ten is very easy, I rate the solution's initial setup a ten out of ten. The solution is usually deployed on the cloud platform.

The solution is usually deployed on the cloud platform. Though unsure, I feel the solution is deployed using AWS since I am referring to the users in Europe. The deployment process took place over a few days. The deployment process is covered by the client and distribution services team. The deployment process involves fire and forget, wherein the agent is sent to the user. All the settings are within the agents, and only the installation needs to be done for the deployment process to be completed.

On a scale of one to ten, where one is low and ten is high, I rate the solution's pricing an eight out of ten. McAfee MVISION Endpoint Detection and Response is pricey compared to other solutions in the market.

Though I cannot remember the approximate licensing cost of the solution, it would definitely depend upon the customer, the overall pricing of the solution, and the additional features.

One needs to incur retention costs in addition to the standard licensing fees paid for the solution.

I would tell those planning to use the solution in the future that if they already have McAfee products, then they should go for it since the solution integrates well with other McAfee tools and with some endpoint protection platforms or DLP that are deployed on-premises.

The software will have bugs in them at some point, and bug-related issues are to be taken care of by technical support. Our company reports such issues, and the technical support team tries to resolve them. Presently, this process works well for us. Overall, I rate the product an eight out of ten.

We're looking at the logs, and the customer defines the solution's use cases.

Trellix Endpoint Detection and Response is a user-friendly solution. The biggest strength of the solution is that it's an integrated product that includes EDR and antivirus. It's not like you have different technologies for different solutions.

Some modules that are doing machine learning and artificial intelligence are blocking our processes.

I have been using Trellix Endpoint Detection and Response for one year.

Overall, I rate Trellix Endpoint Detection and Response an eight out of ten.

This is more of a cloud-based clientless type solution, for file-based security. 

The solution is scalable and the product has a good strategy when everything is in place. 

One of their issues is that they were very much based on agents, whereas most of the other solutions are clientless. There were a lot of legacy issues and they needed to evolve to more of the current operating systems of Microsoft for endpoint systems and PCs. If you're clientless, your cloud-based applications sit on top of the operating system and are not built into it.

It's reasonably stable. They made some changes to the architecture and that always creates issues. 

The solution is scalable. 

They had pretty good tech support. I think a lot of what happened to McAfee, from my perspective, was everything went offshore to India and for US customers, there is a language barrier that created problems.

The initial setup was relatively complicated and used a lot of resources - CPU resources, memory, disk.

There are a lot of companies in this space now and they are all pretty close to each other in terms of what they offer. I think those that are more user-friendly, and have the agentless client have the advantage over the legacy companies with older architecture. 

They lost a lot of product managers and engineering managers in the breakup. That said, I think this is a good product with a good strategy, they just haven't quite reached maturity yet.  

I rate this solution eight out of 10. 

We use the solution to detect different threats.

Trellix has a user-friendly interface.

Everything is normal, but it's not up to the mark compared to other solutions. It isn't easy to manage. The detection rate is also not reasonable. Trellix does not support Linux and Mac.

I have used Trellix Endpoint Detection and Response (EDR) for 1 year.

I rate the solution’s stability a six out of ten.

Earlier, 10,000 users were using this solution.

I rate the solution’s scalability a six out of ten.

Support is good. They provide a swift response.

I have used Symantec. It is a user-friendly solution with good performance and easy deployment. Support is also good.

The initial setup is easy. We use email deployment. Sometimes, we use third-party tools like SSCM to deploy.

The product has agent-based costs.

We need to get special training for maintenance. Maintenance is very easy, but it requires engineers.

Overall, I rate the solution a six out of ten.

We use this solution to protect our endpoints, meaning our workstation laptops.

The most valuable features of the solution are the ability to isolate or quarantine devices and block or detect Ransomware and other well-known tools that are used to exploit vulnerabilities on devices.

The dashboard and reporting features are not so user-friendly or intuitive, so they need some work.

In terms of being able to detect new threats, it would be good if the solution was not so dependent on a signature base, but instead offered a more rapid release for being able to detect zero-days. 

My company has been using McAfee MVISION Endpoint Detection and Response for about seven months. 

The solution is stable. 

The solution is easily scalable. 

Their technical support is better than some of the competitors in the space. To make a direct comparison, it's definitely better than Symantec Broadcom.

The initial setup takes a bit of work, but it can be done. It's not easy. It's not hard. It's in between.

I would rate this solution as a seven out of ten.

The solution is used for threat hunting and incident response.

Trellix is a good solution. It helps with real-time monitoring and alerts. We are pretty satisfied with it. The product is user-friendly. It improves our security posture.

The graphical view for nodes must be increased.

I have been using the solution for two years.

The tool’s stability is good.

The tool is scalable.

We need three to four months to learn the tool. We were given training. It is not difficult if we read the documents properly.

The price is reasonable.

We were looking for other solutions. Whoever is interested in the product can learn to use it. Overall, I rate the solution an eight out of ten.

Please share how Trellix Endpoint Detection and Response has improved your organization. If it didn't, please explain why.

The solution should be more compatible with macOS.

The solution is stable. I rate it a nine out of ten.

The solution is scalable. Since we are from the banking industry, we have 10,000 users for the solution.

We have two architects, five engineers and two technical support personnel for deployment.

The pricing for Trellix Endpoint Detection and Response (EDR) is good.

I rate Trellix Endpoint Detection and Response a seven out of ten.