I'm working on a project for the Hong Kong library system under the Hong Kong government. They provide workstations in the library for citizens to access the Internet. The ENS needs to be installed on all the PCs in the library. Another part involves the CSWA for the server farm. They are upgrading the entire library system, including the rental system, book search, eBooks, multimedia, and other services. The CSWA modules are primarily for the backend servers, including Linux and Windows.

Detection and response functionality meet our requirements, but the support is poor.

HIPS protects server files from being modified or deleted by unauthorized users. It's primarily deployed in the web tier.

It is a bit technical. The user interface has some significant limitations, mainly when using HIPS on the server side, to protect files from being changed or deleted by hackers, users, or administrators. The UI only allows for the inclusion of files using wildcards. 

For example, it can protect an entire directory or a subdirectory, but it doesn't let you select specific files within a directory.

I have been using Trellix Endpoint Security (ENS) as an implementor for two years.

We haven't had any system crashes or problems in most cases. SolidCore is not compatible with some kernels, which is causing problems. Endpoint, HIPS, and anti-theft are working fine so far. 

I rate the solution’s stability as seven out of ten.

We use one ePO server to manage around four thousand endpoints, including servers. This single server effectively handles this load.

It is suitable for medium and large enterprises.

I rate the solution’s scalability as seven out of ten.

Support is poor. A module called Solidcore needs to match with the OS kernel in one area. The support for this module has been slow because it doesn't match the latest OS. As a result, we haven't been able to upgrade our OS because McAfee does not support the latest version. We've also encountered issues where the product can't be upgraded or installed successfully. We're managing over 300 servers and 3,000 workstations. Upgrading has been a nightmare with this setup.

It provides a slow response. Sometimes, getting feedback takes a few days, and that is also not to the point.

Positive

The initial setup is easy and straightforward. Determining specific modules and functions often involves a lot of trial and error. Deployment takes only a couple of days.

Overall, I rate the solution a seven out of ten.

We use the platform for managing and securing endpoints in our organization.

The solution's technical support services have a quick response time. It has been beneficial for our organization. 

The platform's most valuable features are AI capabilities and its quick updates. 

They could provide better integration capabilities for the product with other services.

We have been using Trellix Endpoint Security (ENS) for two to three years. We are using the latest version and regularly update it.

I rate the product's stability a seven out of ten. 

Our corporation has approximately 13,000 Trellix Endpoint Security (ENS) users. It is a scalable product.

The solution helps manage users easier and reduces the workload for the IT team.

The product pricing is high. 

We are evaluating Trellix Endpoint Security (ENS) features compared to others. 

I advise others to consider the specific requirements of users, such as personal devices that may not be supported before making a purchase decision.

I rate it an eight out of ten. 

The solution is a reliable and mature product. Its reporting function is robust, and the user interface is easy to use. End users can create customized reports with detailed reporting for any computer and export them in PDF or other formats. This reporting capability is very robust.

The ePO console is very efficient and doesn't hang or freeze. Its console is more stable and reliable than other products like Kaspersky, Symantec, or Microsoft. The ePO is very reliable for managing computers and servers; you can find all options in this one application.

The tool has automation capabilities. It can automatically deploy, scan, fetch reports, and update. FireEye, now part of the solution, combines great with its other features. It acquired FireEye, which now includes Network Detection and Response and Network Security Platform capabilities. It can detect network threats and gather network information. The NSP is very robust. I'd rate it ten out of ten. 

The solution needs to improve its virtual patching capabilities. One area where it could improve is by offering a patch management solution bundled with its security products. This would make it even more competitive against solutions like Kaspersky that offer this feature.

I have been working with the product since 2008. 

The solution is a very stable product. There are no significant issues with stability. It works very efficiently on both large and medium scales, and its reliability is very good, especially regarding management duties and reporting.

The tool stands out compared to competitors like Trend Micro, CrowdStrike, and Microsoft. Microsoft offers virtual patching, which is slightly better than the solution.

The tool's deployment is very quick and automated. I can deploy it on 100 nodes within half an hour to an hour. If you have a fast network setup, it can be as quick as 10 to 15 minutes for 100 computers. This is because it uses an agent that works robustly in network environments.

The solution is not an expensive tool. Compared to other options, it's mostly average-priced. I've deployed it for customers ranging from 100 nodes to over 5,000 nodes. Its renewal prices are very low, and it offers both perpetual and subscription licenses. With a perpetual license, the product will keep working as long as it's not end-of-life, which benefits companies.

The tool is suitable for small, medium, and enterprise businesses. I'd give it a ten out of ten for its productivity, reliability, control, and manageability. Its management console is particularly robust - I haven't seen anything similar from other vendors.

Trellix Endpoint Security is a cloud-based solution in which all the servers are installed with a McAfee Trellix agent, and that agent manages the server for any potential damage or threat.

It's crucial to always keep the antivirus and anti-malware software updated, which is implemented automatically by the agent of Trellix Endpoint Security. The agent, as part of the solution, continuously monitors the system and transmits data to the central server, where the latest antivirus definitions and remedy features are implemented across the systems. 

I have been using Trellix Endpoint Security for a year. 

The solution is stable enough and implements monitoring requirements effectively. In some applications, it has been found that the solution can make a system lag in pace and thus impact the performance. If the aforementioned scenario occurs, then an administrator needs to run a benefits vs. risks analysis to decide whether to continue with the antivirus or not. 

I would rate the scalability a ten out of ten. The product can be installed in almost any environment, you just need to purchase a license and install the product. The licenses should be procured as per the user needs. 

For a paid version of Trellix Endpoint Security, satisfying customer support can be experienced. 

The setup of Trellix Endpoint Security is extremely easy. The deployment process involves installing an agent on the system. The moment the antivirus agent's service commences, it immediately connects to the central server and becomes completely operational. 

The website of Trellix Endpoint Security conveys a deployer about which agent should be used as per the operating system; if it's Windows, then the Windows agent needs to be installed. 

There is an international virus database and all products like Trellix Endpoint Security have to sync the virus definition data with the international database. As part of the vulnerability assessment, the antivirus software developing companies have to keep their data synced with the centralized database.

Whenever any vulnerability or an attack is identified, immediately a vulnerability report is generated and uploaded. Following the aforementioned incident, all the antivirus companies immediately update their virus eradicating tools so that new or unknown attacks can be easily mitigated. New viruses, Trojans, or attacks are being invented and circulated all the time, so companies have to consistently keep updating their system. 

The antivirus agent keeps running and analyzing the system it's installed in, but there is no effective data regarding the analysis or detection. For instance, suppose a virus intervened in your system at 12:00 AM and immediately it was detected, then you can claim the antivirus solution to be the most effective.

I would definitely recommend that others use Trellix Endpoint Security; in an enterprise environment, they must have an antivirus, including the local and remote systems, if used. I would overall rate Trellix Endpoint Security as nine out of ten. The solution doesn't need to be integrated with other tools to function effectively. 

Trellix Endpoint Security is a reliable and developed product and our company's customers are satisfied with the security offered by the product. 

The product has a robust reporting feature and a user-friendly interface. Using Trellix Endpoint Security, users can easily create customized, detailed reports and export them as PDF or Excel files. The solution's ePO console is highly efficient and does not get hanged.

The console of other competitor products from Kaspersky, Symantec, and Microsoft is very complicated. The comprehensive ePO feature of Trellix Endpoint Security is highly reliable for the management of systems and servers. 

Patch management can be included as a feature in the solution. 

As part of our company, we have been working with the solution since 2008. 

It's a very stable product. 

Our organization provides Trellix Endpoint Security as a solution to small, medium, and large enterprises. 

Tech support from Trellix Endpoint Security is better than that of its competitors. I would rate the tech support a seven out of ten. 

Neutral

The deployment time of the solution depends on the number of nodes that need to be set up. For example, 100 nodes can be setup in 30 minutes. The solution agent works robustly in the network environment leading to shorter setup time, especially if a fast network setup already exists. 

Trellix Endpoint Security is an affordable tool. Its renewal price is also quite low. The product is available as a subscription license or a perpetual license. 

At our company, we have also worked with CrowdStrike, Trend Micro, Microsoft and McAfee solutions. Trend Micro is the only tool that offers virtual patching. 

The tool offers automation in multiple segments of deployment, scanning, and fetching reports. FireEye can also be easily integrated with the tool, offering an efficient combination.  

Trellix Endpoint Security offers NDR and NSP network security across platforms and device sensors by obtaining network information for threat detection. I would rate Trellix Endpoint Security a nine out of ten. 

The solution's productivity, reliability, and manageability control are outstanding. 

We use the solution for malware, fall behavior, and data loss prevention.

The Trellix Endpoint Security, when used in conjunction with EDR and Insight, enhances the visibility of events in the central management console, enabling us to identify events more effectively. Furthermore, Endpoint Security actively prevents threats from spreading. It reduced the action time a lot.

Trellix provides a data view of the Alpha systems with Trellix installs and makes small changes to the central management console. Nothing on the endpoints themselves works, but it focuses more on the management side.

I have been using Trellix Endpoint Security for 14 years.

I rate the solution’s stability an eight out of ten.

This solution is used by 33,000 users and covers different operating systems. I rate the solution’s scalability an eight out of ten.

We do get quick responses from support. However, it sometimes takes a bit longer to reach the final solution, particularly if something unusual requires additional investigation time.

Neutral

The initial setup is very easy and takes two hours to complete.

Trellix Endpoint Security offers substantial cost savings by reducing recovery expenses. These savings can exceed three hundred percent at this stage.

The AI portion is quite good. It is already built into the product; it does assist us. 

We have five engineers to maintain the solution.

Overall, I rate the solution an eight out of ten.

We use Trellix in an OT environment where it is being used as an orchestrator to deploy endpoint security and application controls in our network. We are using its DLP product in OT end points.

We use ENS as our main antivirus tool. The activation of features within ENS and the collection of threats into a single console is a strong point. There are some features we're not using, mainly related to IT environments. For us, ENS is primarily an antivirus and adaptive threat prevention tool. The threats received from endpoints received in ePO consoles which can be relayed on SMTP server to get real time updates on threats.

The deployment of products through ePO is very useful in managing multiple endpoints and deploying policies as per organizational requirements . Working manually on those endpoints is time-consuming and tedious. Threats and case management, Automation tasks, generating reports, those are some good points to be considered.

The technical support needs some improvement. When product distribution errors occur, we have to contact technical support, which is a very tedious and time consuming task. After raising the call onto the technical support portal, usually receive a notification after 24 hours. It usually takes 3 to 4 days to conclude and resolve the issue. If 24/7 online support or a phone line where we could speak directly with technical support for real-time troubleshooting, that would be very helpful.

Licensing is another aspect where trellix should look into. Different purchases are grouped together in single user account get mixed up. Categorization of purchases and their grant numbers is not available to end user.

I have been using it for eight years. 

It's very stable. If configured correctly, it's very smooth and doesn't cause frequent issues.

We have like 500 installations. It is very scalable. 

I would rate the scalability a nine out of ten.

There is room for improvement in the customer service and support.

Positive

We had McAfee virus scan approved for OT endpoints but were using manual deployment methods. After introducing ePO architecture we have migrated to ENS, application control and DLP. Now, we've adopted more Trellix products. 

We use symentec and txOne as well, but for standalone systems only.

I would rate my experience with the initial setup a nine out of ten, with ten being easy and one being difficult. 

The deployment takes moderate amount of time. Some of the products were installed quickly, but others remain in configuration. So, it's not too fast, but it's moderately quick.

So, it takes two to three hours.

In house expertise is available for installation, deployment and management.

The pricing is reasonable. 

NA

I would recommend Trellix because I am satisfied with its overall performance and functionality.

Overall, I would rate the solution an eight out of ten.