Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.
$2.50
per user/per month
Trellix ePolicy Orchestrator
Score 7.1 out of 10
N/A
Trellix ePolicy Orchestrator (formerly McAfee ePolicy Orchestrator) software centralizes and streamlines management of endpoint, network, data security, and compliance solutions.
It excels in detecting unusual behavior on endpoints, offering valuable insights into potential attack paths, and it operates with remarkable speed and responsiveness.
If you are using Microsoft Services or newer, cloud ones, it can be worth [it] to try their services but it may be very expensive because of the licensing thing and here Microsoft is very tricky and very difficult to decide the right one. Malwarebytes is good product and adds …
I would say, where it's well suited as certainly any device where you know that either you're potentially running a Kickstarter device as your own personal unit, but maybe you want to try to connect it to some resource like, "Hey, you know what? This is a small community device. Maybe I'll try connecting my email on the go." You're protected from that perspective with the vendor, even if it's something that might be a bit suspicious from a hardware perspective. There's also the case where any device that you know are running Defender for endpoint that you're good to go. You don't really have to worry about all the other solutions out there because Defender has recovered.
[McAfee ePolicy Orchestrator] seems to be better suited to large enterprise applications... I don't feel it really suits the or self-managed SMB market. The general joe is not going to understand how to wield this product to it's full potential. For those of us managing large networks, this is a very ideal product for managing multiple sites and users.
It integrates perfectly with Azure Sentinel. I mean, that's great. We can have a single pane of class with other platforms, like Defender for Cloud, Defender for endpoints, and Defender for servers, which is awesome as well. The ease of deployment is because Microsoft made sure around a year ago that every single workstation with Microsoft Windows came with Defender for Endpoints embedded.
Static malware scans for known bad processes and files works well and can be schedules on endpoints easily
Preventing users from accessing USB drives and other peripherals is easily configured. We can also allow users to access to USB drives with user codes for the times they need it for business reasons.
ePO provides access into our MSME software so that we're not managing many different products from different locations.
In recent years the console has gotten much easier to navigate even though there is a ton of information to be accessed.
While it's a very good product for auditing, it has a very hard time to distinguish what is malicious and is an attack, what is not. Very rarely we get indication of a real malicious attack. We got lots of hours for off the shelf malware that it cleans up automatically. So basically we never get to look at it, which is a positive thing, but threats are detected by the third party endpoint, so it will not be enough by itself.
It has a slow mechanism when adding custom threat feeds. For example, if McAfee didn't have a signature or detection about a new virus and we try to add it to our console it is like a really big process in adding that to our available signatures.
Whenever a scan is performed, the system CPU utilization goes up 100 percent.
Installation fails due to difference in timestamp when we try to shuffle between packages.
The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session
McAfee support is definitely GREAT! It is one of the best technical support on a business level. GOLD support is recommended to business. Their website is easy and quick to create a ticket. Their technical team usually responds right away with an email or call. Via call and web they provide a full and complete support until the issue is resolved. The best, most of the time they explain in detail what is the issue, the reason and how to resolve it.
Tenable Security Center was a fantastic exposure detection tool but there was always a lag and servers would hang alot when being scanned causing resource traffic. Microsoft Defender for Endpoint on the other hand does not use up most resources soo there is usually noo lag during scanning and it also provide more detailed insights on the network. Also Microsoft Defender for Endpoint integration power has helped us up our security game by delivering a smooth secure network.
I have used Symantec Endpoint Encryption before. Symantec and EPO are both good in their own ways. EPO allows integration of other McAfee products. I have been using ePolicy Orchestrator for years. I have a lot of experience with the product. That is why I like it.
Positive : Microsoft Defender for Endpoint offers sophisticated threat detection and response capabilities, putting it into use helps increase security. Reduced security incidents, data breaches, and related expenses may arise from this.
Positive : A more secure environment means less time and effort spent by IT and security teams on remediation and incident response.
False Positives: Like any security solution, false positives can occur, leading to unnecessary investigations and potential disruptions to business operations. This may require additional resources to manage.
