Aptible Deploy (formerly Aptible Enclave) is a container orchestration platform built for developers that automates security best practices and controls needed for deploying and scaling Dockerized apps in regulated industries. Aptible Deploy is ISO 27001-certified and can be used to support requirements for HIPAA, ISO 27001, SOC 2, NIST 800-53, and other frameworks.
N/A
Jamf Protect
Score 9.0 out of 10
N/A
Developed exclusively for macOS, Jamf Protect provides a solution to maintain endpoint compliance, monitor for, respond to, and remediate security incidents on macOS with minimal impact to the device and end-user experience. Jamf Protect detects Mac-specific threats, and prevents known malware from running on devices and quarantines them for later analysis. Jamf Protect forwards data to a system of record to ensure a security posture, fleetwide, stays compliant by monitoring security settings on…
N/A
Trend Vision One Endpoint Security
Score 8.6 out of 10
N/A
The Trend Vision One Endpoint Security platform provides antivirus and malware detection, and endpoint visibility. The product suite can be extended with associated applications that cover mobile endpoint protection, endpoint encryption, as well as network and server vulnerability protection.
I would recommend Aptible Deploy to my colleagues because of its responsiveness and efficiency for environment and application provisioning. The product is extremely useful for creating health applications due to its built-in security and compliance protocols for HIPAA and HITRUST. The automated database backups were also a nice touch for failover scenarios, as is the included horizontal scaling. The horizontal scaling automatically defaults toward high availability as well.
If the environment is predominantly Apple based then Jamf Protect is a strong solution for providing EDR capabilities to endpoints. The detection capabilities are up to par with other leading EDR tools and it integrates well with Jamf MDM. Additionally, the compliance, telemetry, log forwarding, and USB device management being included as part of Jamf Protect provide good ROI.
Before Trend Micro OfficeScan we used Symantec Endpoint Protection and although it was very easy to deploy and to update agents it couldn't find a virus if you pointed it out with a neon sign. We were always getting hit with different viruses but since we migrated to Trend we no longer have that problem. Trend has definitely been preventing those kind of outbreaks successfully.
Low resource use Protected Agent - stops tampering with agent and is not a resource hog
Managed and custom Analytics - along with the out of the box Analytics provided by JAMF, admins can also set up their own to focus on areas of concern eg NISTcompliance items
Vendor support - support is very responsive and knowledgeable
The product has two important aspects, centralized console and an agent which is typically installed on every machine. When the product is installed on a dedicated server then all computers can readily get updated while in the same network (provided the agent is installed on every machine). This helps the machine to avoid any kind of virus attacks.
Even if the machines are not in the same network where the console is being run it can directly get all updates from the Trend Micro server directly and the machine is still protected. Hence, it is not necessary that users have to visit the office or internal network to get the update, once the agent is installed on the machine then they can get the update from anywhere as long as the machine has access to the Internet.
Once the agent is installed on the machine the users can themselves do a full scan and even check the logs themselves.
Only thing I would have to say that's negative is the reporting aspect. Basic reporting is good but still lacks some details. This is a problem with many of the software vendors I have encountered in the past as well. Reporting is still much better than most.
It is very easy to stick with a vendor year after year, and it is also easy to see the faults in a product and want to change. This is the first time I have renewed with an antiviurs provider as others have been less than ideal and caused issues where there were none before, so while it isn't perfect, it is the best of the bunch currently and I am hopeful that it will continue to improve in future versions.
Jamf Protect is easy to manage. It is a separate interface from Jamf MDM which is nice for Security Operations teams. It allows Security teams to manage only the Security aspects without having to dig through all of the MDM configurations. For exception uses cases, Jamf Protect does provide options to customize settings where needed.
The dashboard is user-friendly and allows for an IT admin to quickly deploy the software. The users do not even notice the program running in the background. From the dashboard the IT department can monitor all the workstations for issues and maintain good health of the network.
It has been difficult at sometimes, the support people at one point told me that they couldn't tell me information about OfficeScan because it was knowledge that was passed down from engineer to engineer. The issue was that if you used the msi for the install any further installs would require the msi to have the same exact name or else the install fails and corrupts the install. This information is not listed anywhere on trends website. Support kept trying to get me to use the exe for installs instead, but we use SCCM and msi's work better. We had to write a script to come up with a solution so that we could uninstall the software and install the new software. Trend did provide the technical expertise to help with the script and had us work with one of the developers in order to resolve that issue. So they did fix their screw up but it took a while and several complaints.
Aptible makes managing HIPAA/HITRUST compliance simpler when compared to Microsoft Azure. Passing audits is technically easier when using Aptible. Aptible provides a log drain to deliver logs via Syslog or HTTPS for long-term log storage. Microsoft Azure does not have a portal specifying when controls are in place, something which Aptible does.
In some aspects, Jamf Protect was far superior to the others mentioned above. The only downside I can see is that it is only macOS which could be a problem for hybrid environments.
For me, Trend Micro Apex One with its low performance is the best option at the time to buy a solution like this, with its flexibility through on-premises or saas deployment options you can choose the option that best fix to you, has an advanced automated threat detection and response against an ever-growing variety of threats.
Less time in configuring servers. This is essentially a server-less platform.
Cost savings by using usage-based cloud
CLI can be scripted to provide full automation, even though a deployment takes about 20 minutes; that time can be even further reduced and spent elsewhere
Since the product is a full suite of protection rolled into a single product, we've seen ROI through cost reduction and simplified management. And while we haven't measured performance, one would logically assume that systems will perform better with a single product installed vs several.
While we haven't measured performance, one would logically assume that systems will perform better with a single product installed vs several.
