We performed a comparison between Trellix Endpoint Security and Forescout Platform based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Trellix Endpoint Security users like the ePolicy Orchestrator, the solution’s robust central management console. Forescout Platform stands out for its agentless visibility and advanced features like device fingerprinting. Trellix could improve by reducing resource usage, enhancing stability, and making the solution more user-friendly. Users say Forescout could be better at resolving connectivity and license issues. Users want better device compatibility and troubleshooting tools.
Service and Support: Some users say Trellix support is helpful and responsive, while others believe there is room for improvement in communication and resolution times. Some users reported positive experiences with Forescout support, but others requested better responsiveness and training.
Ease of Deployment: Setting up Trellix Endpoint Security is simple if the user has some expertise. Some users found Forescout’s setup to be simple and adaptable, while others perceived it as more complex and time-intensive.
Pricing: Trellix Endpoint Security’s pricing is considered flexible, competitive, and about average compared to other solutions. The total cost of Forescout Platform can be high depending on the level of customization and integration required.
ROI: Users reported saving time by implementing Trellix Endpoint Security. Forescout Platform yields a solid ROI by improving network access control and overall security.
Comparison Results: Our users prefer Trellix Endpoint Security over Forescout Platform based on user feedback. Users like Trellix's comprehensive management abilities and single-pane-of-glass administration. It is praised for its reliability and low false positive rate. Forescout Platform receives mixed reviews for its complex setup process and customer service. It is also considered expensive.
"The most valuable aspect is undoubtedly the exploration capability"
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"The ability to isolate and address viruses is the most valuable feature of Microsoft Defender XDR."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"The solution is well integrated with applications. It is easy to maintain and administer."
"The best parts of Forescout Platform are its orchestration features, discovery capabilities, classification buckets, and flexibility in creating policies."
"Forescout Platform has made it possible to block people working near our construction sites who should not have access to our network."
"The visibility is the main benefit. We now know how many devices are connected, what the use for each device is and what kind of devices we have in our environment."
"We use the Forescout Platform for device visibility and control in our network. It's very helpful for tracking malicious or unusual activity. We use it to track which ports are open, which machines are running specific services, and to identify vulnerabilities. For example, there was a vulnerability related to SMB, and we could use the product to determine which machines inside our organization were allowing SMB traffic."
"Forescout Platform is stable, it is great."
"You can quickly filter your view of devices and zero in on the ones you want using a variety of tools, such as what subnet it is on or what it has been classified as."
"The 802.1X compliance authentication feature of this solution is very good."
"This solution can be used to organize guest portals, integrate switches, and create policies. Some of its standard use cases also include completing key process upgrades and anti-virus of Windows OS."
"The most valuable features are the adaptive tech on McAfee."
"It provides a robust defense against cybersecurity threats while offering user-friendly features like notifications and approval prompts."
"Tech support is responsive. They're good, the very best."
"The solution includes a good combination of features for both signature and signature-less."
"The initial setup is straightforward, not complex."
"The loss prevention feature would be the most valuable."
"It can be deployed quickly, and it's scalable. Those are the two advantages of it."
"Trellix Endpoint Security offers robust access protection, addressing major concerns in prevention. It provides both application control and user access control within its access protection features."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"Just like in any solution, the price can always be cheaper."
"They should improve features related to IT security. ForeScout should analyze behavior to see if the behavior is malicious behavior and block this device. They should develop the ability to analyze the behavior of the device in my environment."
"The system controls could be better."
"Logging would be one area for improvement. When we're troubleshooting, there are not a lot of clear things on Google that we can look up for ourselves. When we have an issue with it, we have to call the company to get the vendors involved. The logging of Forescout is horrible compared to other things that we've used."
"Definitely, having more third-party integration would be an improvement."
"The product may not yield any return on investment since it is only used to make your environment more reliable and secure."
"The fact that Forescout Platform doesn't have a presence in the South African region is a weakness because of which you can't ask for help from them if you have any problems."
"As a product, there is nothing to complain about. However, they should improve their overall support. You need that level of knowledge, that level of information is clearly not available. First and foremost, that information is not accessible. The second point to mention is that once you purchase the later support and services. That is, they will continue to charge you for every service."
"More detailed analysis during the authentication process, especially for troubleshooting access issues. We have found that troubleshooting RADIUS controls is quite arduous, as it is today. A trace function could easily resolve this by providing a means by which access issues from a certificate to passwords or accounts could easily be identified and remediated."
"If there's a possibility for remote assistance or investigation support in the future, it would be beneficial. Currently, we use another remote software for such purposes. If this feature could be included in the next version, that would be an improvement. The feature is called Remote Administration. I'm somewhat satisfied, but there's an issue I recently encountered. When attempting to scan a suspected host machine, Symantec Endpoint Security did not provide any alerts. However, when we installed Malwarebytes and ran a scan, it detected a threat that wasn't identified by Symantec. We raised this concern with the team for resolution, and the investigation is still ongoing."
"It didn't work well for some of the use cases. We have different use cases for each entity. Their support is also not good and needs improvement."
"McAfee GW Security and McAfee Child Safety need some improvement as they are relatively new."
"The management console is a little bit difficult to understand for admins. You need a lot of time in order to become familiar with that. It is a little bit complicated and not too easy to understand. Its price can also be improved. Its price is higher than its competitors. McAfee also needs to have better cloud integration and more data centers in the EU. The cloud center should be in Europe or in Germany. In Germany, it is really important to have access to your data within the same country. Customer data needs to be placed and processed in the same country."
"The resolution time should be faster."
"The solution's documentation is not streamlined and is in bits and pieces, which should be in a single format."
"There are more secure featured solutions from McAfee on the market but for smaller companies like ours, they are too expensive."
"Users can just install software into their computers. We need some sort of application control system that, if there are any pieces of software that are not whitelisted, then the solution could flag it or maybe alert the administers. That would be very helpful."
Forescout Platform is ranked 14th in Extended Detection and Response (XDR) with 71 reviews while Trellix Endpoint Security is ranked 10th in Extended Detection and Response (XDR) with 96 reviews. Forescout Platform is rated 8.4, while Trellix Endpoint Security is rated 8.0. The top reviewer of Forescout Platform writes "We can go granular on each endpoint, quarantine non-compliant machines, and target vulnerabilities through scripting". On the other hand, the top reviewer of Trellix Endpoint Security writes "Good user behavioral analysis and helpful patching but needs better support services". Forescout Platform is most compared with Cisco ISE (Identity Services Engine), Aruba ClearPass, Fortinet FortiNAC, Nozomi Networks and Qualys VMDR, whereas Trellix Endpoint Security is most compared with Microsoft Defender for Endpoint, Trellix Endpoint Security (ENS), CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our Forescout Platform vs. Trellix Endpoint Security report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.