Trellix Endpoint Security

I am using Trellix Endpoint Security Platform for endpoint security, AV scanning, device USB locking, device scanning, and comprehensive security solutions.

Mostly for patching purposes and device scanning, Trellix Endpoint Security Platform helps me with all security scanning activities I perform in my daily work.

I am using Trellix Endpoint Security Platform to secure my endpoint, and this covers all my use cases.

One of the best features of Trellix Endpoint Security Platform is its endpoint security, and I have been using it for the last four and a half to five years, so I can say this is one of the best EDR endpoint security solutions I have ever seen.

The features that make Trellix Endpoint Security Platform stand out for me are ease of use and analytics, which I really appreciate the most.

Trellix Endpoint Security Platform positively impacts my organization, ensuring we are compliant with SOC 2, HIPAA, and all other compliance requirements, so there are no issues with that.

I think a reporting feature for Trellix Endpoint Security Platform, such as weekly Excel export or predefined templates for compliance reviews, would be beneficial if it could pre-build templates for download to provide to our compliance team for review.

I have been using Trellix Endpoint Security Platform for the last three to four years.

Trellix Endpoint Security Platform is stable, and we have not faced any downtime issues.

Trellix Endpoint Security Platform's scalability is good since we started using it with 1,000 users, and now it has scaled to almost 4,500 users with no issues.

The customer support for Trellix Endpoint Security Platform is responsive and helpful.

We have not faced any issues, so we have not raised any cases, but from what I have experienced, customer support should be good.

I started with Trellix Endpoint Security Platform only, so I did not previously use a different solution.

I have seen a return on investment with Trellix Endpoint Security Platform, especially with fewer employees on management because I have only one employee managing 4,000 to 5,000 endpoints, which also saves our time and resource costs.

My experience with pricing for Trellix Endpoint Security Platform was good; in India, the pricing was very competitive compared to CrowdStrike and Palo Alto.

We did not evaluate other options before choosing Trellix Endpoint Security Platform because we had a very good relationship with the Trellix account manager.

Compared to CrowdStrike, I think Trellix Endpoint Security Platform covers everything, so I don't think anything needs to be added immediately. One of my friends is also using CrowdStrike, and I was comparing it with CrowdStrike as well, so even in Trellix Endpoint Security Platform, everything is covered.

My advice to others looking into using Trellix Endpoint Security Platform is that they should go ahead with Trellix Endpoint Security Platform, request a demo, conduct a POC, and see how it works for their organization.

I think Trellix Endpoint Security Platform needs to expand its sales team in India as they have very few sales team members to capture the market.

I have given this product a rating of 10.

My main use case for Trellix Endpoint Security Platform  is when we are working behind the firewall in the office, where everything is protected, and I don't have to worry about users accessing potentially malicious websites. However, when we bring devices back home to work and we aren't always connected to a VPN, we may unknowingly click on malicious links or download harmful content, which is where Trellix Endpoint Security Platform  comes into play by warning users about risky sites and blocking unwanted downloads.

One specific example where Trellix Endpoint Security  Platform protected our organization occurred when many users received anonymous emails prompting them to click on suspicious links for surveys or rewards; the AI-driven platform successfully intervened on several occasions, blocking connections that could have allowed hackers access to our network.

The best feature of Trellix Endpoint Security  Platform, in my opinion, is the AI-driven behavioral analysis because it enables real-time protection without relying solely on predefined signatures, effectively addressing sophisticated threats that try to bypass traditional systems.

The Data Loss Prevention feature, which is one of the key highlights of Trellix Endpoint Security Platform, is crucial because it helps us stop zero-day threats and ensures that our endpoints are protected even if we unintentionally click on harmful content.

The features of Trellix Endpoint Security Platform have greatly improved my day-to-day work; I no longer lose sleep over potential data breaches or ransomware attacks as the solution gives me peace of mind, allowing my users to work from various locations with less concern about security.

A feature I believe is often overlooked is the lightweight agent of Trellix Endpoint Security Platform, which doesn't burden system resources, allowing older machines to run smoothly while still providing robust security measures.

Trellix Endpoint Security Platform has positively impacted my organization by improving productivity because we can focus on our work rather than security concerns; the platform manages our threats effectively, allowing us to devote more time to our actual productivity.

At this point in time, I don't foresee any improvements needed for Trellix Endpoint Security Platform, as I am very satisfied with its performance.

I have been using Trellix Endpoint Security Platform for almost seven to eight months since we deployed it to protect our endpoints from the sophisticated threats we see each and every day.

Trellix Endpoint Security Platform is very stable, with no downtime or issues.

The scalability of Trellix Endpoint Security Platform is excellent; it can easily grow with our organization's needs by simply buying licenses and deploying them.

I am satisfied with the customer support for Trellix Endpoint Security Platform; they have provided the assistance I needed.

I would rate customer support an eight on a scale of one to ten.

I have not used a different solution previously.

It was very easy to integrate Trellix Endpoint Security Platform with our other security tools and IT systems; I didn't encounter any complexities during the process.

I don't have specific numbers regarding the return on investment at this time, but Trellix Endpoint Security Platform has certainly been beneficial for us.

My experience with pricing, setup cost, and licensing for Trellix Endpoint Security Platform has been straightforward, with no unexpected surprises; it is relatively lesser compared to other peers in the domain.

I have only identified competitors, but I have not evaluated any other options before choosing Trellix Endpoint Security Platform.

Trellix Endpoint Security Platform handles updates and patches very smoothly and automatically without any challenges that I have to address.

At this point in time, I haven't faced any challenges with policy management or setting up rules within Trellix Endpoint Security Platform.

Trellix Endpoint Security Platform handles threat detection and response fast enough for my needs, as everything is managed automatically without waiting.

I am unable to comment specifically on compliance requirements, but I am certain that Trellix Endpoint Security Platform helps meet our regulations and standards effectively.

Trellix Endpoint Security Platform is the most user-friendly endpoint platform available on the market today for both admins and end-users.

My advice to others looking into using Trellix Endpoint Security Platform is to go for it; you will not regret the decision. I have rated this product nine out of ten.

My main use case for Trellix Endpoint Security Platform  is securing endpoints, specifically computer workstations. I use Trellix Endpoint Security Platform  to deploy group security policies, which is a typical task for securing those endpoints or workstations.

The best features Trellix Endpoint Security  Platform offers allow for quick access to the specific features via the user interface. Quick access to features helps me in my daily work because having it allows me to complete my job quickly, though I don't use a particular feature most often. In just about two or three clicks, I can deploy the group security policies, making it a unique and helpful feature. Trellix Endpoint Security  Platform has positively impacted my organization by allowing us to deploy group security policies for multiple endpoints in a matter of a couple of minutes.

Trellix Endpoint Security Platform is great the way it is, and I see no need for improvement. There isn't anything, even small, that I think could be improved, including user interface or reporting.

Trellix Endpoint Security Platform is stable.

I don't know how Trellix Endpoint Security Platform's scalability is.

I would tell others looking into using Trellix Endpoint Security Platform to go ahead and use the platform. I give Trellix Endpoint Security Platform a perfect score because it has a simple user interface and simple application. I rate Trellix Endpoint Security Platform a 10 out of 10.

For day-to-day work, I mainly use Trellix Endpoint Security Platform  for threat detection across employee devices, unblocking US reports, blocking users from using Bluetooth, and drive encryption. I check the dashboard of the agents daily to know if systems that are currently updated are communicating with the agent.

I rely on Trellix Endpoint Security Platform  for detection, threat detection on the dashboard, security events, last communication, and encrypted devices.

For the threat detection feature, whenever you get an alert, you can see the sites users visited and narrow it down to the time, which gives you facts. You are not asking the user and the user is not playing with what you tell them. You are telling the user this is what they did. I have the fact that this is the time they logged into the site, this is how it ended up there, this is how the malicious effect happened, the time it occurred, the link they clicked, the website they used, and the browser they used to access the site. The specific benefits for me are that whenever a user tries to plug in an external drive which is not allowed, we get a pop-up immediately showing the user with the computer name trying to use a plug-in device or external drive which is not allowed. An email is sent immediately to the user to let them know that this is not permitted. The user receives an alert on their end, but even if they are not visible enough or not sensitive enough to see the alert, there is also an email sent to the user stating it is not allowed.

One thing that stood out is that I appreciate the fact that Trellix Endpoint Security  Platform has centralized management and many reporting features, and it is easy to use. I had training with the vendor just once, and I was able to navigate through everything and carry out health checks on my own, which is very valuable. The dashboard tells you which agents are not compliant and allows you to ping an agent to know when last it communicated. It has the feature that tells you down to the MAC address of the system, which is very useful. I am able to know the current IP address and in some environments, I can know the last time the user communicated with the network and the last IP the person used. I could even drill down to know the department of the user instead of struggling to find it, which is very helpful. The MAC address always tells me the MAC address and the current computer name.

Trellix Endpoint Security  Platform makes my work seamless and is a quality platform. Trellix Endpoint Security Platform can do many things that a lot of people do not know about. It can actually do the work of BitLocker  and lock your drive. When your system is stolen, the person that steals your system or whoever takes it will not be able to access the drive. It locks, so you need to type in your username with a password before you can access the drive. Without that, the laptop is useless. For port blocking, many people do not know that Trellix Endpoint Security Platform has a feature where you can block your ports and block USB. For management staff, you do not want to block the USB ports or block the Bluetooth from them. There is a template where you can filter the management staff and exempt them from that role.

There was a time a colleague's laptop got stolen, and the good thing was the agent was communicating. We pushed the last subject that was communicating so the people that stole the laptop were not able to access anything. They were later caught, but due to the camera, the laptop was useless for them. The beauty is that all the company's important documents and users' data were kept safe. There was no trespass from anyone because they were not able to access the drive. The only way someone could have accessed it would be to format, but that would mean losing lots of data.

There was a time we were trying to get ISO certification and we were looking for examples to share with the ISO team. We actually used Trellix Endpoint Security Platform to display everything. The compliance section shows you how many systems helped with the compliance of the laptop and how regular the detection has been. It shows all that on the dashboard, which was very impressive. When the ISO examiner saw it, they were impressed by the compliance demonstration. That was one of the reasons that led to our certification. Any time we do the purging to drill down and take out old systems that have not communicated and bring in new ones, it is seamless. I just pull the template, install the agent, and I am good to go. Within a few minutes, I can see it on the dashboard. It captures everything on the system, including the person's name, the username, who logged in, and who logged on to the system next. It saves time because I do not need to search manually or open an Excel sheet for that. We save time doing the inventory in Excel. Whenever we need new inventory, I just export from the Trellix Endpoint Security Platform dashboard straight to my laptop, which is much better than manually inputting.

What could be better is the performance impact on some machines and the complexity of configuration.

There was one time I had to wait because it was a different time zone. I was in Nigeria back then and the support was in India, so we had to wait to get in touch. However, it was fantastic. The support representative did a great job, so I commend the customer service team.

A colleague of mine complained once about the interface, saying they do not prefer it because it is a bit overwhelming for newer admins. Perhaps they can improve that, and maybe because the workflow sometimes requires clicking on this to go to that place. It might be better to reduce the workflow complexity. However, for me, it is seamless. I appreciate new technology and exploring new things, and for me, it was a good experience. They could reduce the complexity of the workflow and the policy configuration workflow, which would be good for newer admins.

Trellix Endpoint Security Platform does the work for enterprise security, but there is definitely room for improvement to enhance usability and performance. As for other features, I am thinking that perhaps there could be a feature where instead of some users not preferring to update their system or push patches, Trellix Endpoint Security Platform could push critical patches to workstations. That would be beneficial instead of using another tool for that function. Trellix Endpoint Security Platform could do that, providing one centralized tool that can help and improve the process. The centralization for everything and pushing critical patches would be something the Trellix team can look into.

There was one time I had to wait because it was a different time zone. I was in Nigeria back then and the support was in India, so we had to wait to get in touch. However, it was fantastic. The support representative did a great job, so I commend the customer service team.

There was a time we were trying to get ISO certification and we were looking for examples to share with the ISO team. We actually used Trellix Endpoint Security Platform to display everything. The compliance section shows you how many systems helped with the compliance of the laptop and how regular the detection has been. It shows all that on the dashboard, which was very impressive. When the ISO examiner saw it, they were impressed by the compliance demonstration. That was one of the reasons that led to our certification. Any time we do the purging to drill down and take out old systems that have not communicated and bring in new ones, it is seamless. I just pull the template, install the agent, and I am good to go. Within a few minutes, I can see it on the dashboard. It captures everything on the system, including the person's name, the username, who logged in, and who logged on to the system next. It saves time because I do not need to search manually or open an Excel sheet for that. We save time doing the inventory in Excel. Whenever we need new inventory, I just export from the Trellix Endpoint Security Platform dashboard straight to my laptop, which is much better than manually inputting.

I joined when Trellix Endpoint Security Platform was already set up, so I do not know much about the pricing, setup cost, and licensing. I was a new admin and it was seamless for me. I found it easy to understand the workflow, which is brilliant.

I joined the company when they were already using Trellix Endpoint Security Platform, so I just started using it immediately. I did not know if there was any other evaluation. Probably the company had to evaluate other vendors to see which one was best, but for them to choose Trellix Endpoint Security Platform, it was a good choice.

For a startup company that does not want to hire a security team, the IT support person can just handle Trellix Endpoint Security Platform. It reduces the cost of hiring a whole security team for this purpose. Trellix Endpoint Security Platform places a dashboard that your IT support person can use, which saves costs. I was managing it before the company set up a security team when there was not one in place.

I always recommend Trellix Endpoint Security Platform to anybody and any startup company. I have been promoting Trellix Endpoint Security Platform because anything that is good for me, I want other people to also experience it. The advice I give to other people is that they should not hesitate to try it because it is a good platform and they will not regret it.

It is awesome working with Trellix Endpoint Security Platform every time and every day. It makes work seamless, faster, and saves time. I do not have to struggle to navigate it. The visibility is narrowed down to all the systems and all the information I need. The company just needs to improve the experience for newer admins, and that is all. I am giving this review a perfect rating of ten out of ten.

My main use case for Trellix Endpoint Security Platform is SOC monitoring for the whole endpoint plus network monitoring of the client systems.

A specific example of how I use Trellix Endpoint Security Platform for endpoint or network monitoring in my daily work is that we had alerts set up through rules via the SOC, and whenever something went wrong, it gave a flag via those rules that we set up on the SIEM. Via the SIEM platforms, we would get an alert for a malicious IP address or a quarantine mail or some file that is on someone's system which is malicious with a malicious hash value, and we used to investigate those.

The best features Trellix Endpoint Security Platform offers would be the timeline monitoring and the detailed parsing of the metafields, which were accurate when we wanted to know what time it had occurred, what the file name was, and what the hash value was. The parsing is good.

The timeline monitoring specifically helps me in my day-to-day work because it definitely makes the investigation faster for us. We get to see and open up the timeline of the users and the endpoints, and we get to see what they have done, how they have done it, and if a certain file or the certain IOC has occurred before in the history.

Trellix Endpoint Security Platform has not really impacted my organization positively. Some of the features that it had did not work quite well, for which we had to switch again. Trellix definitely came with its down points, as it had issues with the patches and the update rollouts, and some of the features did not work.

Trellix Endpoint Security Platform can be improved by having more user-centric features. Competitors like CrowdStrike and Microsoft Defender have a very user-centric UI, and it is easier to see the visibility is much more. The menus and the dashboards are interactive, they have some response, some touch and feel to it. Trellix does not have either of those features, so it is very bland, and the simple things would be done after taking the long route, with menus within menus. This definitely needs to improve, plus the customer support.

The issues with patches and rollouts include a scenario where we had this issue whereby when we wanted to import multiple alerts for reports, we could only select 50 or 60 at one time. Whereas the other SIEMs give you more flexibility on selecting the bunch of reports and just exporting them directly, which was a limiting factor and it definitely slowed down the whole automation of the process. When we tried to reach out to the team, they did not help us with the rollout.

There are multiple other improvements needed for Trellix Endpoint Security Platform. The rules are a bit hard to tweak, and to tweak a rule, you would have to go very deep into the system, which again leads to more alerts, more detections, and ultimately more fatigue within the SOC analysts. It basically needs a lot of fine-tuning from the developers, but unfortunately, they are not open to feedback.

I have been using Trellix Endpoint Security Platform for one to one and a half years.

In my experience, Trellix Endpoint Security Platform was stable for the most part, but sometimes during the off-hours, they would have downtimes for 30 minutes to one hour, and sometimes they had some issues in the connectors, and we had to contact the support. Sometimes it was a mess, and I have never seen that with other SIEM providers.

Trellix Endpoint Security Platform is not very scalable because it is a legacy system, and we have to go very deep in order to pop connectors and all. It is not readily expandable.

The customer support is the worst part of Trellix Endpoint Security Platform. They do not support, they do not reply on time, and they take a lot of time when they have a ticket open.

I did not previously use a different solution, but after this, we switched to a different solution. I cannot reveal the name because of the NDA, but we had to switch because of the issues that I mentioned before.

I have seen a return on investment with Trellix Endpoint Security Platform because we had Trellix for two years continuously and the deal was renewed, so I believe they definitely saw the profit.

Before choosing Trellix Endpoint Security Platform, we had evaluated other options like Palo Alto, CrowdStrike, and Defender, and based on the pricing factor, I think we went for Trellix.

My advice to others looking into using Trellix Endpoint Security Platform is if you are looking for a cost factor, then you can go for it, but know that it will come with its limitations in the UI, customer support, and the scalability. I would rate Trellix Endpoint Security Platform overall as a six out of ten because Trellix has more issues being a legacy SIEM compared to other SIEMs in the market which are its competitors. Being someone who has worked on multiple SIEM platforms and environments, I know the differences.