Trellix Endpoint Security ENS vs. Trellix Helix

It provides great web security and will protect your devices against viruses and malware when paired with other security software and hardware. For instance, we have multiple layers of security set up so if McAfee misses something then one of our other barriers will catch the infection or intrusion before it reaches the network. I would not suggest using this product as a standalone agent because I do not think it will be as effective when working by itself. The dashboard also makes it convenient to manage devices, policies, and settings from wherever you are so it's an ideal solution for any IT department to use. I would just suggest using something else as a backup so your network isn't left vulnerable.

Incentivized

Great for organizations that are considering improving their operational security by utilizing their threats intelligence capabilities. It offers a great collection and analysis of security events and provides solutions to solve them. When considering a solution that is secure and can provide very extensive visualization of your environment for threats.

• Provides high fidelity alerting.
• Allows CSOC analysts to perform forensic triage and alert investigations through containment from a single pane of glass.
• Provides alert telemetry across on-disk and in-memory attacks.
• Supports many additional 'bolt-on' modules to provide additional alert context or capabilities.

Incentivized

• Single location for all security event management
• Detect advanced threats
• Provide audit artifacts to ensure compliance

Incentivized

• The amount of false detections especially the negative ones needed to be reduced.
• It requires more optimization. It tends to make the PCs slower.
• It almost doesn't have the ability to heal. This is very important as we need our sensitive data to be recoverable.
• It doesn't have any free scanning functionality. Our users using personal machines cannot scan in case of an incident. This could be added like Malwarebytes.

Incentivized

• Additional integration points (API cloud integrations).

Incentivized

So below is my breakdown, Pro's: Centralized Management, Comprehensive Protection and customization. Con's: Initial cost

Incentivized

The support of product was very good when we initially implemented the solution. We were getting fats replies and could see the customer approach. After a while the level of support was not following the SLA's and the replies were getting very confusing and late.

Incentivized

We've been fairly happy with FireEye Helix support overall. Most issues are resolved the same day the case is opened.

Incentivized

Unlike Trellix Endpoint Security Symantec Endpoint provides less information about events on the user side. Trellix give an opportunity to see information about virus detection on a user machine as quick as it possible, so we were able to catch the signs of virus propagation early and prevent the spread of damage

Incentivized

It offers extensive visibility thus easy detection of threats and easy mitigation practices. Utilization of its threats intelligence capabilities thus early detection of incidents and maximization of security investments. Offers great integration of cloud resources with existing security tools thus ensuring seamless performance and all-time security for the organizational resources.

• From an auditing standpoint, we can show that our workstations/servers are protected.
• Even though it cant identify more advanced/targeted malware, it is still good to identify the more obvious malware which occurs daily in my enterprise.
• Since it can be easily deployed, the products can easily get deployed on all systems in the environment for optimal anti-malware protection.

Incentivized

• Optimization of your security investments.
• Operations are seamless and better with easy integrations that enhance performance.
• Efficiency in running of incidences with enhanced case management for all its alerts.