We use Trellix in an OT environment where it is being used as an orchestrator to deploy endpoint security and application controls in our network. We are using its DLP product in OT end points.

We use ENS as our main antivirus tool. The activation of features within ENS and the collection of threats into a single console is a strong point. There are some features we're not using, mainly related to IT environments. For us, ENS is primarily an antivirus and adaptive threat prevention tool. The threats received from endpoints received in ePO consoles which can be relayed on SMTP server to get real time updates on threats.

The deployment of products through ePO is very useful in managing multiple endpoints and deploying policies as per organizational requirements . Working manually on those endpoints is time-consuming and tedious. Threats and case management, Automation tasks, generating reports, those are some good points to be considered.

The technical support needs some improvement. When product distribution errors occur, we have to contact technical support, which is a very tedious and time consuming task. After raising the call onto the technical support portal, usually receive a notification after 24 hours. It usually takes 3 to 4 days to conclude and resolve the issue. If 24/7 online support or a phone line where we could speak directly with technical support for real-time troubleshooting, that would be very helpful.

Licensing is another aspect where trellix should look into. Different purchases are grouped together in single user account get mixed up. Categorization of purchases and their grant numbers is not available to end user.

I have been using it for eight years.

It's very stable. If configured correctly, it's very smooth and doesn't cause frequent issues.

We have like 500 installations. It is very scalable.

I would rate the scalability a nine out of ten.

There is room for improvement in the customer service and support.

We had McAfee virus scan approved for OT endpoints but were using manual deployment methods. After introducing ePO architecture we have migrated to ENS, application control and DLP. Now, we've adopted more Trellix products.

We use symentec and txOne as well, but for standalone systems only.

I would rate my experience with the initial setup a nine out of ten, with ten being easy and one being difficult.

The deployment takes moderate amount of time. Some of the products were installed quickly, but others remain in configuration. So, it's not too fast, but it's moderately quick.

So, it takes two to three hours.

In house expertise is available for installation, deployment and management.

The pricing is reasonable.

NA

I would recommend Trellix because I am satisfied with its overall performance and functionality.

Overall, I would rate the solution an eight out of ten.

FireEye offers a great suite of tools. I like its threat analyzer and other features.

We have FireEye Endpoint Security installed on all our desktops, laptops, and servers throughout the network.

It's been crucial to monitor threats 24/7, both external and internal.

It's capable of stopping ransomware at the gateway, preventing malware, and it can even protect against zero-day attacks.

When I implemented it for one of our clients, it improved their security by almost 70 to 80%. They were using a different solution before, but after implementing Trellix Endpoint Security, they were able to block threats that the earlier solution couldn't handle.

There are only about two to three percent false positives, which isn't much. So, this solution handles false positives quite well and minimizes disruption.

The threat scanning is excellent. It uses predictive technology and I can utilize attack data to help us fine-tune our systems and network infrastructure. This protects us against current and future attacks.

Trellix Endpoint Security is a really good product. It comes from industry veterans in the US, so their technology, ease of use, and support are all excellent.

When it comes to real-time analysis capabilities, I've seen many benefits.

Integration is very easy with any system, like firewalls or any network. I can also integrate it with our mobile client.

There is room for improvement in the pricing. The price should be improved, it's high.

I have a lot of experience with FireEye. It's a solid product with several components. It was acquired by another company.

We've been using it for the last few years.

It is a very stable product. It has been a well-known name in the industry for the last 30 years or so.

Trellix has a lot of top investors in the company.

The scalability is very good. We can scale it anytime.

There are around 350 end users in our company.

Support is very good; they have local partners everywhere, so there's no issue there.

For people who still use trellis, there's a toll-free number for each country. Support is accessible 24/7.

If you buy a normal license, gold support is included. There's no need to buy platinum support. The normal support lets you talk to any Trellix Endpoint Security (ENS) technical person 24/7.

The initial setup is very straightforward and user-friendly.

It takes about 20 minutes to configure and run it.

For the deployment process, the product team itself provides a file. I get a download link in an email from the web browser. Once I start downloading, a key will be attached. You provide the names of your domains. We integrate it with Active Directory (AD), so it pulls all the users automatically.

It's a good in-house solution; we can do it yourself. Deploying this doesn't need more than one person.

An L2 technician can manage the installation in a maximum of thirty minutes if they have access to Active Directory (AD) and the main server.

Everything is on the cloud now, so you can control and log in from anywhere, anytime. Alerts via email and mobile are easy to set up.

The return on investment is very good if you choose a three-year license.

The license is a bit expensive.

Overall, I would rate the solution an eight out of ten. If you are evaluating this product, go ahead and buy it. It's a very good product. There's nothing lacking – great technology, great approach, great support, great availability.

The tool is primarily used for endpoint detection. When an event occurs on an endpoint, alarms are generated. Colleagues from my company then investigate these alarms based on a playbook. Depending on the playbook and the specific customer contract, actions may be taken, such as informing the customer or implementing endpoint containment measures.

The tool has contributed to improving our security posture. While it's just one part of our overall solution, it plays a crucial role. As we continue to evolve, we anticipate it becoming even more important alongside other aspects like network behavior and additional metrics.

The tool's most valuable feature is containment. Last year, a German company faced an external attack. We installed the product on every machine, totaling hundreds of endpoints. The Trellix agent collected information, allowing us to check the entire IT infrastructure.

The product is consolidating its portfolio into one product. It is difficult at the moment.

I have been using the product for three years.

The solution's scalability is easy. If you have Trellix Endpoint Security on-premises, you need to define how many agents you will support and consider future scaling. Different appliances are available for various scenarios. If you plan to have hundreds or thousands of agents in the future, hardware considerations become important. However, if it is deployed in the cloud, scaling up or down is easily manageable.

My experience with the product's tech support is good.

Trellix Endpoint Security (ENS)'s deployment is not difficult. There are different options available, such as using an on-prem hardware box or a virtual machine in the cloud. Setting up the virtual machine in the cloud is easy, requiring only a connection to the customer's system.

If you plan to install the solution on-premises, you bring the box to the customer and connect it to their system. This involves some configuration, such as opening a port on the firewalls. Deploying agents on the endpoints is straightforward and can be done from a central management point. The entire process takes around a day to configure, and then you are up and running.

Microsoft Defender is not cheap and from a cost perspective, Trellix Endpoint Security (ENS) is a better option.

We integrate the product into our system using API. The information, in the form of messages or alarms, is received in our system. We further process this information and incorporate it into our complete solution.

I rate the product an eight out of ten.

It serves as a comprehensive endpoint security solution that goes beyond traditional antivirus by incorporating features such as document scanning for sensitive information, approval workflows for document sharing, patch management, and advanced threat detection using AI and machine learning. It actively monitors various endpoints, including web interactions and email communications, to detect and prevent a wide range of attacks, even those that are not signature-based.

One of the standout features of this solution is its encryption capabilities and DLP functionality. It provides a robust defense against cybersecurity threats while offering user-friendly features like notifications and approval prompts. The encryption feature provides peace of mind in the event of a lost or stolen device, safeguarding sensitive conversations and data from unauthorized access. This level of protection significantly reduces the risk of extortion attempts or data breaches, making it a valuable asset for any organization. So far, I haven't experienced any security breaches or attacks.

I've encountered minor challenges related to encryption.

I have been using it for a year.

We have a user base of over one hundred individuals who use the software.

The decision to implement endpoint security software like Trellix is made at a company-wide level, involving discussions and agreements between various entities, including our parent company and potentially other subsidiaries like the one in Sweden. This decision isn't made independently by individual branches like Kenya; rather, it's coordinated and negotiated at a higher level.

I operate within a managed environment where the IT team handles the installation and setup of endpoint security software. Once installed, they provide me with the necessary details, such as login credentials and instructions for changing passwords. My role primarily involves using the machines provided to me, without needing to delve into the setup process.

Compared to the solutions, it helped us to save at least ten to twenty percent, if not more.

I would emphasize its affordability rather than merely focusing on cheapness. It provides good value by striking a balance between cost-effectiveness and feature richness.

I would recommend conducting a proof of concept to explore the features firsthand. It's essential to understand what you currently have in place, as that will help determine whether the solution is the right fit for your needs. After that, ensure that the POC is conducted efficiently so that you can make an informed decision about whether to proceed with the solution or consider other options. Overall, , I would rate it an eight out of ten. It's a good solution that meets my needs satisfactorily.

Customers use Trellix Endpoint Security as an anti-malware or antivirus solution that provides AI and machine learning features. The solution provides DAC (Dynamic Access Control) and HIPS (host intrusion prevention system) functionality in its firewall module. It also has a web control functionality, wherein we can allow, deny, or choose the category part and work it out.

Trellix Endpoint Security provides a single umbrella kind of architecture. A lot of different solutions come under a single umbrella and a single console. The most valuable features of the solution include DLP (data loss prevention), CASB (cloud access security broker) functionality, endpoint encryption, and cloud workload security. The solution also has features like application control, device control, and cloud DLP.

The solution's documentation is not streamlined and is in bits and pieces, which should be in a single format.

Trellix Endpoint Security should include the virtual patching feature in the next release.

I have been working with Trellix Endpoint Security for one year.

I rate Trellix Endpoint Security a nine out of ten for stability.

Trellix Endpoint Security has good scalability. Our customers for the solution are most enterprise businesses and government entities.

I rate the solution a nine out of ten for scalability.

The solution’s initial setup is easy.

I rate Trellix Endpoint Security ten out of ten for the ease of its initial setup.

The solution's deployment on the cloud is very fast because we give the requirement and get the solution. On-premises, the basic initial setup of the server takes about half an hour or one hour.

Trellix Endpoint Security is neither a cheap nor an expensive solution.

On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a four out of ten.

I am working with the latest version of Trellix Endpoint Security. We provide our customers with on-premises, on-cloud, and hybrid cloud deployment models for Trellix Endpoint Security.

Overall, I rate Trellix Endpoint Security an eight out of ten.

We use the product for EDR purposes.

The product has robust integration with ePO (ePolicy Orchestrator), offering centralized management capabilities. It also allows multifunctionality within a single platform. They offer endpoint and NLP protection as well.

The platform needs improvement in terms of handling heavy databases. We encounter database unavailability for a prolonged period. Its integration capabilities with security platforms like FireEye could be enhanced.

We have been using Trellix Endpoint Security for over a decade.

It is a stable product.

We manage around 20,000 endpoints for our enterprise customers. It is a scalable product.

The technical support works fast and is knowledgeable and customer-friendly.

We have to follow a step-by-step process to implement Trellix Endpoint Security. It can be deployed in the cloud and on-premises.

I recommend product deployment assistance from a consultant, distributor, or reseller.

Trellix Endpoint Security is an inexpensive platform.

I recommend Trellix Endpoint Security to people looking for endpoint protection. I rate it a nine out of ten.

It is exclusively for Endpoint security. Besides that, we have subscribed to additional features such as MDX for mobile security and recently added ESL. Previously, we had Trend Micro, and at times we utilized it for malware. Comparing the three tools, I would recommend sticking with Trend Micro or Malwarebytes.

Trellix Security Endpoint can promptly isolate any host machines directly from the console. If alerts are received and isolation is necessary, it can be accomplished through the console. The console itself holds significant value, accessible through a browser and allowing remote actions via cloud login.

If there's a possibility for remote assistance or investigation support in the future, it would be beneficial. Currently, we use another remote software for such purposes. If this feature could be included in the next version, that would be an improvement. The feature is called Remote Administration.

I have used Trellix Endpoint Security for the last two years.

It is stable and I would rate it 8 out of 10.

Scalability is 8 out of 10.

The issue with technical support lies in the response time. When submitting a complaint, there is a delay, sometimes taking one or two days for a response. This extended timeframe is considered quite lengthy.

The initial deployment of Trellix Endpoint Security involves some time to install agents on host machines. However, once in use, adding new versions and deploying agents to GPO becomes straightforward. It's possible to manually install agents on various devices, and the current process of deploying agents through GPO policies typically takes around ten to fifteen minutes per agent. The duration may vary based on internet connectivity, and it's generally faster when the machine is on the network.

I would rate it 8 out of 10 and it is very straightforward.

It is reasonably priced.

I would recommend it. I rate the solution an eight out of ten.