Armis headquartered in Palo Alto offers an agentless, enterprise-class security platform to address the new threat landscape of unmanaged and IoT devices, an out-of-band sensing technology to discover and analyze all managed, unmanaged, and IoT devices—from traditional devices like laptops and smartphones to new unmanaged smart devices like smart TVs, webcams, printers, HVAC systems, industrial robots, medical devices and more. Armis discovers devices on and off the network, continuously…
N/A
Trend Vision One Endpoint Security
Score 8.0 out of 10
N/A
The Trend Vision One Endpoint Security platform provides antivirus and malware detection, and endpoint visibility. The product suite can be extended with associated applications that cover mobile endpoint protection, endpoint encryption, as well as network and server vulnerability protection.
We started an entirely new network segregation implementation for security policies. Armis was unparalleled at helping us find rogue static IP-assigned devices in our old network and helped us identify what they were so we could tackle the challenge of moving everything to the new network VLANs. Another use case is finding a specific device or a specific user account to track their activity. The layout is phenomenal, and the data is easy to understand and drill down into for further information. The new AVM (Asset Vulnerability Management) section is awesome to help us find the out-of-date devices or other risks on the network to figure out where we are most vulnerable and at risk. If you're looking for a way to have Armis auto patch vulnerabilities - that's only on the radar from what I've heard - but currently, it is an amazing tool for finding and detailing the CVEs and other risks. You can create policies to block specific risky behaviors, but currently, at the time of writing, there isn't any automated patching or remediation to known CVEs found on a device.
Before Trend Micro OfficeScan we used Symantec Endpoint Protection and although it was very easy to deploy and to update agents it couldn't find a virus if you pointed it out with a neon sign. We were always getting hit with different viruses but since we migrated to Trend we no longer have that problem. Trend has definitely been preventing those kind of outbreaks successfully.
The product has two important aspects, centralized console and an agent which is typically installed on every machine. When the product is installed on a dedicated server then all computers can readily get updated while in the same network (provided the agent is installed on every machine). This helps the machine to avoid any kind of virus attacks.
Even if the machines are not in the same network where the console is being run it can directly get all updates from the Trend Micro server directly and the machine is still protected. Hence, it is not necessary that users have to visit the office or internal network to get the update, once the agent is installed on the machine then they can get the update from anywhere as long as the machine has access to the Internet.
Once the agent is installed on the machine the users can themselves do a full scan and even check the logs themselves.
I've requested integration with Mosyle Manager for our Apple MDM products - it is on the radar but slow going - Mosyle has an API and a free 30-day trial, so implementation shouldn't be difficult - but honestly, other than that - Armis support has been astonishing, and there are so many integrations already - it's small potatoes.
Considering Armis has all the data collected and parsed - it would be nice to see a back-end system for those of us who are true nerds and want to really dig into the Syslog data and analyze packets directly - however, building some quick queries is probably easier if you know what you are looking for anyway - which is probably why this is a backward way of my own thinking and no fault of Armis at all. They make the interface so easy to use it's not necessary, but it hurts my inner geek.
Only thing I would have to say that's negative is the reporting aspect. Basic reporting is good but still lacks some details. This is a problem with many of the software vendors I have encountered in the past as well. Reporting is still much better than most.
It is very easy to stick with a vendor year after year, and it is also easy to see the faults in a product and want to change. This is the first time I have renewed with an antiviurs provider as others have been less than ideal and caused issues where there were none before, so while it isn't perfect, it is the best of the bunch currently and I am hopeful that it will continue to improve in future versions.
The dashboard is user-friendly and allows for an IT admin to quickly deploy the software. The users do not even notice the program running in the background. From the dashboard the IT department can monitor all the workstations for issues and maintain good health of the network.
It has been difficult at sometimes, the support people at one point told me that they couldn't tell me information about OfficeScan because it was knowledge that was passed down from engineer to engineer. The issue was that if you used the msi for the install any further installs would require the msi to have the same exact name or else the install fails and corrupts the install. This information is not listed anywhere on trends website. Support kept trying to get me to use the exe for installs instead, but we use SCCM and msi's work better. We had to write a script to come up with a solution so that we could uninstall the software and install the new software. Trend did provide the technical expertise to help with the script and had us work with one of the developers in order to resolve that issue. So they did fix their screw up but it took a while and several complaints.
Armis is kind of a total conglomeration of a ton of different tools/systems, and depending on how you want to set it up can do almost anything a lot of these other tools can do - and in some cases, even better. It doesn't do software deployment or other things like SCCM I have listed, but the reporting side is so much better than SCCM's interface. As far as data breaches, user/device activity tracking, vulnerability outlook, network scanning, device identification, and agentless miracles of magic - Armis is the king.
For me, Trend Micro Apex One with its low performance is the best option at the time to buy a solution like this, with its flexibility through on-premises or saas deployment options you can choose the option that best fix to you, has an advanced automated threat detection and response against an ever-growing variety of threats.
Since the product is a full suite of protection rolled into a single product, we've seen ROI through cost reduction and simplified management. And while we haven't measured performance, one would logically assume that systems will perform better with a single product installed vs several.
While we haven't measured performance, one would logically assume that systems will perform better with a single product installed vs several.
