Microsoft System Center Endpoint Protection is a malware, spyware, antivirus and endpoint protection application available formerly with System Center Configuration Manager (SCCM), which later became Microsoft Endpoint Manager. It is a legacy product, with older versions reaching end of support, and is not available as a standalone product.
N/A
Trellix Endpoint Security ENS
Score 8.5 out of 10
N/A
Trellix Endpoint Security (ENS) solutions apply proactive threat intelligence and defenses across the entire attack lifecycle to keep organizations safer and more resilient.
It is well suited in environments that want a simple AV product/solution that, for the most part, can be easily deployed to client endpoints. It is also good for environments that want something that is easy to use by end-users, and also doesn't use a whole lot of system resources. It is less suited for environments that want an AV solution that is more robust feature-wise, or has more configurable options for the end-users. It is also less suited for those organizations that want an AV product to have the highest detection rate in the industry.
It provides great web security and will protect your devices against viruses and malware when paired with other security software and hardware. For instance, we have multiple layers of security set up so if McAfee misses something then one of our other barriers will catch the infection or intrusion before it reaches the network. I would not suggest using this product as a standalone agent because I do not think it will be as effective when working by itself. The dashboard also makes it convenient to manage devices, policies, and settings from wherever you are so it's an ideal solution for any IT department to use. I would just suggest using something else as a backup so your network isn't left vulnerable.
Microsoft System Center Endpoint Protection offers exceptional threat protections for signature-based "known" threats.
The signatures are constantly updated and management of this application is super easy with the use of Microsoft SCCM.
The application is very much a "set it and let it" type of deployment. Once you install it, there are very little configuration or changes that need to be made.
The product could improve in the area of having better mechanisms in place with how the SCEP client is deployed/installed from the server on the management side. We have run into this firsthand with the client not installing on an endpoint, and then having to take the time to investigate why it was not installing.
A second improvement that can be made is to keep trying to improve the products detection rate for finding malware/viruses. The case can be made that there are some products out there that do a better job at this and have a higher detection rate.
The amount of false detections especially the negative ones needed to be reduced.
It requires more optimization. It tends to make the PCs slower.
It almost doesn't have the ability to heal. This is very important as we need our sensitive data to be recoverable.
It doesn't have any free scanning functionality. Our users using personal machines cannot scan in case of an incident. This could be added like Malwarebytes.
There was a time and a place in which Microsoft System Center Endpoint Protection was an excellent choice to provide threat protections. However, now that threats have been evolving, so too does the need for more advanced protections. In its current offering, it just no longer meets the needs of our organization in terms of providing protections against threats.
The support of product was very good when we initially implemented the solution. We were getting fats replies and could see the customer approach. After a while the level of support was not following the SLA's and the replies were getting very confusing and late.
How SCEP stacks up against some of the other AV solutions/products is that it does a pretty good job overall (not the best in the industry) at detecting/removing malware, which is the main focus for a product like this. It is also easy to use on the end-user side, which can't be said for some other AV products on the market. I was not involved with the selection/purchase of the product in the organization, but I'm almost certain the organization selected this based on the tight integration with Microsoft System Center Manager, which is used in the organization. Also, given the fact that SCEP is tightly integrated and works well in organizations that utilize Microsoft products, it was probably another factor in selecting this. Lastly, the cost of licenses was probably lower (because of System Center already being in place) than other AV products.
Unlike Trellix Endpoint Security Symantec Endpoint provides less information about events on the user side. Trellix give an opportunity to see information about virus detection on a user machine as quick as it possible, so we were able to catch the signs of virus propagation early and prevent the spread of damage
There was little/no cost associated with this software since we are utilizing SCCM and are paying license costs for that anyways.
The level or protection is excellent for the cost of the software.
There was at least one instance in which Microsoft System Center Endpoint Protection identified a crypto-malware, but not before it had already started to encrypt many of our files. So it did detect the threat, but since it was a little delayed we still were infected.
From an auditing standpoint, we can show that our workstations/servers are protected.
Even though it cant identify more advanced/targeted malware, it is still good to identify the more obvious malware which occurs daily in my enterprise.
Since it can be easily deployed, the products can easily get deployed on all systems in the environment for optimal anti-malware protection.
