Carbon Black Endpoint is an endpoint security and "next-gen antivirus (NGAV)" that uses machine learning and behavioral models to analyze endpoint data and uncover malicious activity to stop all types of attacks before they reach critical systems.
N/A
Trend Vision One Endpoint Security
Score 7.7 out of 10
N/A
The Trend Vision One Endpoint Security platform provides antivirus and malware detection, and endpoint visibility. The product suite can be extended with associated applications that cover mobile endpoint protection, endpoint encryption, as well as network and server vulnerability protection.
Cb Defense works great to protect systems from known and unknown malware. It is simple to deploy and manage. You might run into some issues if you run a lot of unsigned applications or scripts in your IT environment. If that is the case, you can whitelist certain paths for your scripts to run. You can whitelist the individual applications and certs if you have them.
I think Trend is well suited for businesses that need an all-in-one malware/antivirus/EDR solution. It works well and runs smoothly in the background not hindering the users. Our only issue with it is the use of it and secure browsers for state testing. The EDR wants to automatically blocked the use of secure browsers setup by the state.
It uses a thin, low-performance consuming, client.
It constantly monitors endpoint activity and processes, efficiently, and effectively blocking harmful apps.
It not only identifies and blocks apps known to be harmful, but prevents unknown, suspicious processes/apps from executing unless allowed in a defined policy.
End point implementation: the roll-out of Trend Micro was extremely easy!
Server/Device policies: creating both endpoint and server device policies is something we were looking for in a system, since we have a variety of both endpoints with users, as well as several unattended servers needing specific limitations.
License Management: removing Trend Micro from machines before destruction or retirement is done in a pinch. There's no struggling to free up an unused license
We have only needed support on a couple occasions (which is a positive), but they weren't able to really resolve either issue.
This brings me to my second con, which is that we have only used three sensor packages (the installed client) and have had issues crop up with two out of three.
Only thing I would have to say that's negative is the reporting aspect. Basic reporting is good but still lacks some details. This is a problem with many of the software vendors I have encountered in the past as well. Reporting is still much better than most.
It is very easy to stick with a vendor year after year, and it is also easy to see the faults in a product and want to change. This is the first time I have renewed with an antiviurs provider as others have been less than ideal and caused issues where there were none before, so while it isn't perfect, it is the best of the bunch currently and I am hopeful that it will continue to improve in future versions.
The dashboard is user-friendly and allows for an IT admin to quickly deploy the software. The users do not even notice the program running in the background. From the dashboard the IT department can monitor all the workstations for issues and maintain good health of the network.
Overall the support that we have received from Carbon Black has been a very positive experience. This was especially true when we were in the evaluation (POC) period and needed them to meet with us on a frequent basis. Additionally when we have had technical questions regarding deployment via SCCM, we were able to find the answers we needed by contacting their Support team.
It has been difficult at sometimes, the support people at one point told me that they couldn't tell me information about OfficeScan because it was knowledge that was passed down from engineer to engineer. The issue was that if you used the msi for the install any further installs would require the msi to have the same exact name or else the install fails and corrupts the install. This information is not listed anywhere on trends website. Support kept trying to get me to use the exe for installs instead, but we use SCCM and msi's work better. We had to write a script to come up with a solution so that we could uninstall the software and install the new software. Trend did provide the technical expertise to help with the script and had us work with one of the developers in order to resolve that issue. So they did fix their screw up but it took a while and several complaints.
We evaluated 3 other competitors and determined that Cb Defense was the best "bang for the buck" when it comes to Next-Generation Anti Virus. Their support (and sales) teams have been very helpful and offered a tremendous level of transparency. Our sales representative went above and beyond to work with us on making sure that the pricing fit in our budget. One of the other competitors that we reached out to never even contacted us back so they were immediately eliminated as a possible AV solution.
When comparing trend micro apex one to Symantec Endpoint Protection there is a definite and stark difference. Symantec cannot find or stop viruses but it has an easy to use agent upgrade management system. On the other hand Trend micro seems to find and stop numerous viruses including things that are not viruses. And the upgrading used to be an issue but it is supposed to be better now, in apex one
It actually stooped a memory scraper from stealing credit card data from our POS system. The casino was bought from awhile back, so coming into this place 4 years ago, we had a flat network. Not good with POS System. Well, a memory scraper was released (employee downloaded a game) and Cb Defense just killed it... This was before a live response, so we pulled the system from the network.
I can't really say anything negative, at least from an ROI point of view.
Since the product is a full suite of protection rolled into a single product, we've seen ROI through cost reduction and simplified management. And while we haven't measured performance, one would logically assume that systems will perform better with a single product installed vs several.
While we haven't measured performance, one would logically assume that systems will perform better with a single product installed vs several.
