Microsoft System Center Endpoint Protection is a malware, spyware, antivirus and endpoint protection application available formerly with System Center Configuration Manager (SCCM), which later became Microsoft Endpoint Manager. It is a legacy product, with older versions reaching end of support, and is not available as a standalone product.
N/A
Trend Vision One Endpoint Security
Score 7.7 out of 10
N/A
The Trend Vision One Endpoint Security platform provides antivirus and malware detection, and endpoint visibility. The product suite can be extended with associated applications that cover mobile endpoint protection, endpoint encryption, as well as network and server vulnerability protection.
It is well suited in environments that want a simple AV product/solution that, for the most part, can be easily deployed to client endpoints. It is also good for environments that want something that is easy to use by end-users, and also doesn't use a whole lot of system resources. It is less suited for environments that want an AV solution that is more robust feature-wise, or has more configurable options for the end-users. It is also less suited for those organizations that want an AV product to have the highest detection rate in the industry.
I think Trend is well suited for businesses that need an all-in-one malware/antivirus/EDR solution. It works well and runs smoothly in the background not hindering the users. Our only issue with it is the use of it and secure browsers for state testing. The EDR wants to automatically blocked the use of secure browsers setup by the state.
End point implementation: the roll-out of Trend Micro was extremely easy!
Server/Device policies: creating both endpoint and server device policies is something we were looking for in a system, since we have a variety of both endpoints with users, as well as several unattended servers needing specific limitations.
License Management: removing Trend Micro from machines before destruction or retirement is done in a pinch. There's no struggling to free up an unused license
The product could improve in the area of having better mechanisms in place with how the SCEP client is deployed/installed from the server on the management side. We have run into this firsthand with the client not installing on an endpoint, and then having to take the time to investigate why it was not installing.
A second improvement that can be made is to keep trying to improve the products detection rate for finding malware/viruses. The case can be made that there are some products out there that do a better job at this and have a higher detection rate.
Only thing I would have to say that's negative is the reporting aspect. Basic reporting is good but still lacks some details. This is a problem with many of the software vendors I have encountered in the past as well. Reporting is still much better than most.
It is very easy to stick with a vendor year after year, and it is also easy to see the faults in a product and want to change. This is the first time I have renewed with an antiviurs provider as others have been less than ideal and caused issues where there were none before, so while it isn't perfect, it is the best of the bunch currently and I am hopeful that it will continue to improve in future versions.
It is integrated with Windows and SCCM, making it easy to use, license, manage, and update. Additionally, it is straightforward to diagnose when virus and ransomware alerts are detected on endpoints. IT Service Desk management is also easy.
The dashboard is user-friendly and allows for an IT admin to quickly deploy the software. The users do not even notice the program running in the background. From the dashboard the IT department can monitor all the workstations for issues and maintain good health of the network.
There was a time and a place in which Microsoft System Center Endpoint Protection was an excellent choice to provide threat protections. However, now that threats have been evolving, so too does the need for more advanced protections. In its current offering, it just no longer meets the needs of our organization in terms of providing protections against threats.
It has been difficult at sometimes, the support people at one point told me that they couldn't tell me information about OfficeScan because it was knowledge that was passed down from engineer to engineer. The issue was that if you used the msi for the install any further installs would require the msi to have the same exact name or else the install fails and corrupts the install. This information is not listed anywhere on trends website. Support kept trying to get me to use the exe for installs instead, but we use SCCM and msi's work better. We had to write a script to come up with a solution so that we could uninstall the software and install the new software. Trend did provide the technical expertise to help with the script and had us work with one of the developers in order to resolve that issue. So they did fix their screw up but it took a while and several complaints.
Fewer licensing requirements, one less vendor to buy from, one less app to package, deploy, and update on systems. It is an integrated license to Windows that comes baked in when you have AD-connected systems and need to allow that system on the network. It's a natural tool that enables and uses with little complication after setup.
When comparing trend micro apex one to Symantec Endpoint Protection there is a definite and stark difference. Symantec cannot find or stop viruses but it has an easy to use agent upgrade management system. On the other hand Trend micro seems to find and stop numerous viruses including things that are not viruses. And the upgrading used to be an issue but it is supposed to be better now, in apex one
There was little/no cost associated with this software since we are utilizing SCCM and are paying license costs for that anyways.
The level or protection is excellent for the cost of the software.
There was at least one instance in which Microsoft System Center Endpoint Protection identified a crypto-malware, but not before it had already started to encrypt many of our files. So it did detect the threat, but since it was a little delayed we still were infected.
Since the product is a full suite of protection rolled into a single product, we've seen ROI through cost reduction and simplified management. And while we haven't measured performance, one would logically assume that systems will perform better with a single product installed vs several.
While we haven't measured performance, one would logically assume that systems will perform better with a single product installed vs several.
