CrowdStrike Falcon Identity Protection delivers identity threat detection and response (ITDR) capabilities, protecting organizations from identity-based attacks in real time. It unifies identity and endpoint protection. Falcon® Identity Protection ensures comprehensive visibility and protection across on-premises, cloud, and hybrid identity environments. By baselining normal user behavior, it detects and prevents malicious identity activity, stopping adversaries in their tracks. It also extends…
N/A
Trend Vision One Endpoint Security
Score 8.2 out of 10
N/A
The Trend Vision One Endpoint Security platform provides antivirus and malware detection, and endpoint visibility. The product suite can be extended with associated applications that cover mobile endpoint protection, endpoint encryption, as well as network and server vulnerability protection.
Identity Protection is well suited for organizations that need to be monitor AD/Entra for suspicious activity. During a Penetration Test our MDR didn't alert on some odd protocol implementations, but ITDR did. It is also simple to setup for MFA on RDP as well. There are other solutions for it, but found I got more out of ITDR than I did from Duo. ITDR is less suited for smaller organizations since it has a 250-seat minimum. They should lower it to at least 100.
Before Trend Micro OfficeScan we used Symantec Endpoint Protection and although it was very easy to deploy and to update agents it couldn't find a virus if you pointed it out with a neon sign. We were always getting hit with different viruses but since we migrated to Trend we no longer have that problem. Trend has definitely been preventing those kind of outbreaks successfully.
The product has two important aspects, centralized console and an agent which is typically installed on every machine. When the product is installed on a dedicated server then all computers can readily get updated while in the same network (provided the agent is installed on every machine). This helps the machine to avoid any kind of virus attacks.
Even if the machines are not in the same network where the console is being run it can directly get all updates from the Trend Micro server directly and the machine is still protected. Hence, it is not necessary that users have to visit the office or internal network to get the update, once the agent is installed on the machine then they can get the update from anywhere as long as the machine has access to the Internet.
Once the agent is installed on the machine the users can themselves do a full scan and even check the logs themselves.
Only thing I would have to say that's negative is the reporting aspect. Basic reporting is good but still lacks some details. This is a problem with many of the software vendors I have encountered in the past as well. Reporting is still much better than most.
It is very easy to stick with a vendor year after year, and it is also easy to see the faults in a product and want to change. This is the first time I have renewed with an antiviurs provider as others have been less than ideal and caused issues where there were none before, so while it isn't perfect, it is the best of the bunch currently and I am hopeful that it will continue to improve in future versions.
While the product is solid, I do find there are an excessive number of sections you can navigate to. It takes some time getting used to, but it is a very powerful product. It's not something you'll master right off the bat.
The dashboard is user-friendly and allows for an IT admin to quickly deploy the software. The users do not even notice the program running in the background. From the dashboard the IT department can monitor all the workstations for issues and maintain good health of the network.
It has been difficult at sometimes, the support people at one point told me that they couldn't tell me information about OfficeScan because it was knowledge that was passed down from engineer to engineer. The issue was that if you used the msi for the install any further installs would require the msi to have the same exact name or else the install fails and corrupts the install. This information is not listed anywhere on trends website. Support kept trying to get me to use the exe for installs instead, but we use SCCM and msi's work better. We had to write a script to come up with a solution so that we could uninstall the software and install the new software. Trend did provide the technical expertise to help with the script and had us work with one of the developers in order to resolve that issue. So they did fix their screw up but it took a while and several complaints.
When comparing to Cisco Duo, I felt like the product offered more than just MFA on RDP. When comparing to Silverfort, it came down to pricing. Silverfort was double the cost and I didn't like how Silverfort had separate SKUs. If you wanted MFA on everything the cost increased dramatically.
For me, Trend Micro Apex One with its low performance is the best option at the time to buy a solution like this, with its flexibility through on-premises or saas deployment options you can choose the option that best fix to you, has an advanced automated threat detection and response against an ever-growing variety of threats.
Being able to see right away during a Penetration Test that the product detected anomalies, but our MDR service didn't. It allowed us to go back to the MDR service to show them the results and fix the issue from slipping through the cracks.
By satisfying the requirements from our insurance provider, our premiums didn't go up (MFA on RDP).
Since the product is a full suite of protection rolled into a single product, we've seen ROI through cost reduction and simplified management. And while we haven't measured performance, one would logically assume that systems will perform better with a single product installed vs several.
While we haven't measured performance, one would logically assume that systems will perform better with a single product installed vs several.
