"The entirety of our network infrastructure is Cisco and the most valuable feature is the integration."
"Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP."
"Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."
"Among the most valuable features are the exclusions. And on the scalability side, we can integrate well with the SIEM orchestration engine and a number of applications that are proprietary or open source."
"It doesn't impact the devices. It is an agent-based solution, and we see no performance knock on cell phones. That was a big thing for us, especially in the mobile world. We don't see battery degradation like you do with other solutions which really drain the battery, as they're constantly doing things. That can shorten the useful life of a device."
"It is extensive in terms of providing visibility and insights into threats. It allows for research into a threat, and you can chart your progress on how you're resolving it."
"The ability to detonate a particular problem in a sandbox environment and understand what the effects are, is helpful. We're trying, for example, to determine, when people send information in, if an attachment is legitimate or not. You just have to open it. If you can do that in a secure sandbox environment, that's an invaluable feature. What you would do otherwise would be very risky and tedious."
"The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great."
"They offer the whole package. Remote monitoring and management (RMM) is included with it, which is pretty nice. They also have Windows patching and third-party patching. It was easy to use for protection. The containment engine was pretty nice for securing our environment."
"It's a very easy-to-use product."
"It really protects and does its job. It totally blocked every attack attempt, and no attack attempt was successful."
"The most valuable feature is the management of end-user machines."
"We have found the reports to be most valuable."
"The management console is pretty good. We have a dashboard that shows us what stuff to log, different malicious links that people are trying to access and also if somebody was trying to connect something to the computer, to a USB port or something like that, and if this person is on the under control management. It shows that he tried and he got blocked."
"Trend Micro Apex One most valuable features are centralized management, ease of use, and help user management. Additionally, it can detect vulnerabilities in the end-users system"
"We really like the ability to have different policies to keep servers and endpoints unique to their own policy."
"From a technology point of view, it is very simple to install, it's not heavy on the endpoint in terms of the amount of processing cycles. It is simple to deploy and the interfaces are easy. You don't need to be a scientist to operate it."
"No down time in terms of the backend having to be updated because it's on cloud."
"Offers great application control, vulnerability protection, and behavior monitoring."
"This is a very stable product and we plan to continue using it."
"The room for improvement would be on event notifications. I have mine tuned fairly well. I do feel that if you subscribe to all the event notification types out-of-the-box, or don't really go through and take the time to filter out events, the notifications can become overwhelming with information. Sometimes, when you're overwhelmed with information, you just say, "I'm not going to look at anything because I'm receiving so much." I recommend the vendor come up with a white paper on the best practices for event notifications."
"The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. Instead of paying a license for one computer, I have to license two computers until I manually go in, search for all the duplicate entries, and clean them out myself."
"The GUI needs improvement, it's not good."
"The one challenge that I see is the use of multiple endpoint protection platforms. For instance, we have AMP, but we also have Microsoft Windows Defender, System Center Endpoint Protection, and Microsoft Malware Protection Engine deployed. So, we have a bunch of different things that do the same thing. What winds up happening is, e.g., if I get an alert for a potential incident or malware and want to pull the file, I'll go to fetch the file to analyze it. But, one of these other programs has already gotten it, so the file has already been quarantined by another endpoint protection system. AMP doesn't realize that and the file fetch fails, then you're left wondering what's going on."
"We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way."
"We have had some problems with updates not playing nice with our environment. This is important, because if there is a new version, we need to test it thoroughly before it goes into production. We cannot just say, "There's a new version. It's not going to give us any problems." With the complexity of the solution using multiple engines for multiple tasks, it can sometimes cause performance issues on our endpoints. Therefore, we need to test it before we deploy. That takes one to three days before we can be certain that the new version plays nice with our environment."
"Maybe there is room for improvement in some of the automated remediation. We have other tools in place that AMP feeds into that allow for that to happen, so I look at it as one seamless solution. But if you're buying AMP all by itself, I don't know if it can remove malicious software after the fact or if it requires the other tools that we use to do some of that."
"I would like to see integration with Cisco Analytics."
"They need to enhance the performance of the agents. Currently, the performance is going low when the agent starts a full scan. The agent is consuming a lot of resources while scanning. When there are a lot of documents to check, it slows down the endpoint. This is the only thing that worries me about Comodo, but this issue is also there in other products. It is missing DLP, and I know that they are working on adding some data loss prevention capabilities. They have added some capabilities, but these capabilities are not yet mature. I hope they will enhance these capabilities because it is important to prevent the data from going out from inside. We are protected from the outside, but we also have to be protected from the inside out."
"Their support is not very good because they are very late to reply."
"They need to just modernize the infrastructure with something that is next-generation. We have recently moved to SentinelOne. It had been doing good for us for a while, but we needed something modern with new technology."
"The licensing fees are high. The company should work to try to lower them for the customer."
"It would be ideal if the solution could be simplified a bit."
"Occasionally, the system may be a bit slow."
"The solution could improve security. It is important to always keep the organization secure."
"In the next release, I would like to see IBS included in OfficeScan."
"The technical support could have better response time."
"In the future, the solution should include the XDR feature."
"The DLP model needs improvement."
"Trend Micro Apex One could improve by having better integration in the future."
Advanced Malware Protection (AMP) is subscription-based, managed through a web-based management console, and deployed on a variety of platforms that protects endpoints, network, email and web Traffic. AMP key features include the following: Global threat intelligence to proactively defend against known and emerging threats, Advanced sandboxing that performs automated static and dynamic analysis of files against more than 700 behavioral indicators, Point-in-time malware detection and blocking in real time and Continuous analysis and retrospective security regardless of the file's disposition and Continuous analysis and retrospective security.
Comodo Advanced Endpoint Protection (AEP) delivers patent-pending auto-containment, where unknown executables and other files that request runtime privileges are automatically run in a virtual contain that does not have access to the host system's resources or user data.
Trend Micro Apex One™ protection offers advanced automated threat detection and response against an ever-growing variety of threats, including fileless and ransomware. Our cross-generational blend of modern techniques provides highly tuned endpoint protection that maximizes performance and effectiveness.
Comodo Advanced Endpoint Protection is ranked 35th in Endpoint Protection for Business (EPP) with 4 reviews while Trend Micro Apex One is ranked 12th in Endpoint Protection for Business (EPP) with 50 reviews. Comodo Advanced Endpoint Protection is rated 7.2, while Trend Micro Apex One is rated 8.2. The top reviewer of Comodo Advanced Endpoint Protection writes "Flexible, easy-to-use, and scales well". On the other hand, the top reviewer of Trend Micro Apex One writes "Antivirus and Malware scanning with reporting that allows you to report back with information". Comodo Advanced Endpoint Protection is most compared with Symantec End-User Endpoint Security, Sophos Intercept X, CrowdStrike Falcon, SentinelOne and Cortex XDR by Palo Alto Networks, whereas Trend Micro Apex One is most compared with Trend Micro Deep Security, Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, CrowdStrike Falcon and Seqrite Endpoint Security. See our Comodo Advanced Endpoint Protection vs. Trend Micro Apex One report.
See our list of best Endpoint Protection for Business (EPP) vendors.
We monitor all Endpoint Protection for Business (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.