ServiceNow IT Service Management vs. Trellix Endpoint Security ENS

In our organization, we are using ServiceNow extensively. Change Management, Incident Management, Problem Management, Time tracking are few modules which we use extensively. This sort of model will work for any product or service based companies as the product is built on ITIL framework. So this product will be suited for small or large scale companies to better organize and add controls and track SLA's for technology or business process.

It provides great web security and will protect your devices against viruses and malware when paired with other security software and hardware. For instance, we have multiple layers of security set up so if McAfee misses something then one of our other barriers will catch the infection or intrusion before it reaches the network. I would not suggest using this product as a standalone agent because I do not think it will be as effective when working by itself. The dashboard also makes it convenient to manage devices, policies, and settings from wherever you are so it's an ideal solution for any IT department to use. I would just suggest using something else as a backup so your network isn't left vulnerable.

Incentivized

• When I have a number of requests to make, for example a request to add a dozen or so user accounts to more than one group account in Active Directory , I can put all the needed information into the initial form, add it to my "shopping cart" and all of that information remains on the screen for the next item for which I only need to edit a few items (like the AD group name in this example), and keep adding them to the shopping cart until I have them all. When I "Check Out" each of those items is generated as a separate task under the one request. It simplifies and expedites the creation and tracking of these kinds of requests.
• I can easily and quickly see what tickets are currently assigned to me in order to prioritize them and remain aware of my workload.
• Numerous fields for CIs can be used when trying to find the entry for a particular item. For example, IP Address, server name, raw text, classification, and so on.
• To help with making sense out of related tasks, when a task is assigned to me and I need to open another task for a different team to work in order to complete my task, I can open a sub-task from my ticket so that the relationship between the two can be pulled up later into reports. For example, I may have a task to build a new vm, and need to open tasks for networking, security accounts, software installation and so on. By opening sub-tasks from my assignment, the time spent by all parties concerned is tied together for more meaningful cost accounting.

Incentivized

• Provides high fidelity alerting.
• Allows CSOC analysts to perform forensic triage and alert investigations through containment from a single pane of glass.
• Provides alert telemetry across on-disk and in-memory attacks.
• Supports many additional 'bolt-on' modules to provide additional alert context or capabilities.

Incentivized

• It is hard to find areas for improvement, the tool is very powerful. That said, building the CMDB still involves some manual interaction which was not how it was presented in demos.
• The CMDB data is almost too deep and detailed. When you build the relationship map it can be so large that it is overwhelming. You can limit this, but the default maps are massive if you are discovering lots of device classes.
• The product is expensive. Since they are the leader in the industry and the product has tons of features, they definitely charge for it!

Incentivized

• The amount of false detections especially the negative ones needed to be reduced.
• It requires more optimization. It tends to make the PCs slower.
• It almost doesn't have the ability to heal. This is very important as we need our sensitive data to be recoverable.
• It doesn't have any free scanning functionality. Our users using personal machines cannot scan in case of an incident. This could be added like Malwarebytes.

Incentivized

To be completely honest setting up a new ticketing system can be a pain in the ass. Once you have it setup and customized the way you want it, you don't want to switch unless you're unhappy with the product. Unless future releases and updates really muck the system up, I wouldn't change.

The dashboard is so confusing, [there are] many clicks to open a task and search by a ticket. The Enterprise customisation [we did] has finished to kill the software and creates a really bad experience on a daily basis. [It is] So slow, and so many clicks to process a ticket. Works only on IE so, that [should] make you realize that [it] is a bad idea.

So below is my breakdown, Pro's: Centralized Management, Comprehensive Protection and customization. Con's: Initial cost

Incentivized

We have never had any issues with ServiceNow's availability that I am aware of in the two years I have been using it.

Incentivized

For a massive system, page loads are reasonably quick, including searches.

Incentivized

I would give it this rating because we have had no major issues with the support for ServiceNow after we implemented it at our organization. They seem to respond promptly and efficiently if we ever do need to open a support case with them about an issue we are having.

Incentivized

The support of product was very good when we initially implemented the solution. We were getting fats replies and could see the customer approach. After a while the level of support was not following the SLA's and the replies were getting very confusing and late.

Incentivized

To type in what should be a text box, you have to click an empty cell, a tiny text box pop up opens with a check box and an X. You the. Type in the text box and have to click the check mark. If you have a bunch of fields to fill out, doing this is very annoying. Absolutely know thought went in to this. I'm sure somebody in marketing thought it was a good idea. It wasn't.

Without exception, every client I have worked with has been very happy with their resulting product. While this is partly due to my work, I must point out that the platform is the winning decision, not the implementer.

Incentivized

We used to use Jira to handle service tickets but it's way too robust for something this straightforward. Due to the nature of Jira, you needed to already have a lot of documentation and knowledge about who should be assigned the ticket, so the lift of creating a ticket was time consuming.

Incentivized

Unlike Trellix Endpoint Security Symantec Endpoint provides less information about events on the user side. Trellix give an opportunity to see information about virus detection on a user machine as quick as it possible, so we were able to catch the signs of virus propagation early and prevent the spread of damage

Incentivized

ServiceNow works as an enterprise solution.

Incentivized

• Overall ServiceNow has a positive impact on getting the SLA of tickets down in supporting our customers.
• One negative impact has been the amount of time to get the product to produce an ROI, it's almost too big to fail and too big to replace. You almost become committed to the product. Good or bad.
• Another negative impact would be if you track metrics of employees and time tracking, there is a lot of scenarios where engineers will track time on tickets but not get credit for closing them as the assignee function of tickets can only be tied to one user and credits only the engineer who closes the ticket.
• Another positive impact would be the level of security for permissions and scaling the workloads is robust and you will get out of the system what your team is willing to put in.

Incentivized

• From an auditing standpoint, we can show that our workstations/servers are protected.
• Even though it cant identify more advanced/targeted malware, it is still good to identify the more obvious malware which occurs daily in my enterprise.
• Since it can be easily deployed, the products can easily get deployed on all systems in the environment for optimal anti-malware protection.

Incentivized