Carbon Black Endpoint is an endpoint security and "next-gen antivirus (NGAV)" that uses machine learning and behavioral models to analyze endpoint data and uncover malicious activity to stop all types of attacks before they reach critical systems.
N/A
Microsoft System Center Endpoint Protection
Score 8.0 out of 10
N/A
Microsoft System Center Endpoint Protection is a malware, spyware, antivirus and endpoint protection application available formerly with System Center Configuration Manager (SCCM), which later became Microsoft Endpoint Manager. It is a legacy product, with older versions reaching end of support, and is not available as a standalone product.
N/A
Pricing
Carbon Black Endpoint
Microsoft System Center Endpoint Protection
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Carbon Black Endpoint
Microsoft System Center Endpoint Protection
Free Trial
No
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
Carbon Black Endpoint
Microsoft System Center Endpoint Protection
Considered Both Products
Carbon Black Endpoint
Verified User
Analyst
Chose Carbon Black Endpoint
We evaluated 3 other competitors and determined that Cb Defense was the best "bang for the buck" when it comes to Next-Generation Anti Virus. Their support (and sales) teams have been very helpful and offered a tremendous level of transparency. Our sales representative went …
Cb Defense has been working very well in our organization. It is giving us much better insight into the applications that people are running on their systems (without authorization). This software is also great because it provides visibility into systems that are remote (off the network but still have Internet access). The out of band feature is great to help ensure that the systems are protected even when a user is traveling.
If an organization is all Windows-based Active Directory systems, then System Center Endpoint Protection is worth deploying and using. If it's a hybrid of operating systems, then an alternative solution is best.
History of Process Execution, really anything that happens in the system is easily seen within the Dashboard. I can determine if a bad actor has infected the system, be it malware, backdoor, rootkit, Trojan, then from that point, I can put the system into Quarantine.
Being able to quarantine the system from the Dashboard. With these type of tools, pulling the power and running a hard drive image is not needed. Put the system in quarantine, start the analysis. A year ago, the network engineer might move the system into a VLAN that has no access to anything, except the system performing the remote analysis... Now I do not have to rely on anyone to move a system, power it down, pull the drive, or image the drive. I can just start the analysis right from my workstation.
The Live Response, again goes hand in hand with the quarantine feature.
By now, I am sure you see a process. Its simple, and easy and all done from a cloud-based console, called the dashboard. .. deploy the agent, create the policy, and active live response, set up email alerts, and monitor your endpoints... you are now ready to perform a triage in the event of an infection. We have step 1, step 2, step 3... but, just remember, things do happen, nothing is perfect, but this product has its advantages.
It is easy to use and configure. This is a benefit, not just for the IT/Admin team, but also for the end-user, as they can easily set how and when to run scans.
It is good a identifying threats and removing these threats. When looking for a product such as this, it is important to really look at these two areas to really see how the software will work in a real-world environment. SCEP is one such product that does really well at both of these things.
Policy management can be cumbersome. It is simple to set up a single policy but you have no way to apply the rules to multiple groups. If you need to set up the same rule to multiple policies, you need to type it over again.
Agent updates can be very slow to deploy. We use a mix of rolling out updates via the web console and our management appliance. It can take several weeks to update all agents.
We can be confused on why a rule will apply to a file. Sometimes something is blocked but we don't understand why.
The console of the product is very easy to use. It provides great detailed information about all aspects of things occurring on the endpoint. It was easy to deploy and set up. The centralized cloud-based interface has made it easy to add two domains and manage them under a single pane with multiple admins. The only reason I wouldn't give it a higher score is a little bit of lag between updated info from the clients and also the lack of accountability in the deployment process. You set the deployment up for multiple machines and can't easily see if it was successful and/or it takes a while to see if it succeeded or failed.
It is integrated with Windows and SCCM, making it easy to use, license, manage, and update. Additionally, it is straightforward to diagnose when virus and ransomware alerts are detected on endpoints. IT Service Desk management is also easy.
First, I need to disclose that our support is provided by SecureWorks. We purchased CB Defense from them, and they provide 24x7 monitoring and notification services for the solution and its deployment on our endpoints. To date, we are very pleased with this arrangement
Support is pretty good overall. Since it's a Microsoft product, there are a number of different options for either end-users or IT Admins to get help with this product. This includes phone support, email, web KB articles, community forums, etc. This support is also available 24/7, which can't be said the same for every AV product out there. Also, organizations can opt to buy into Enterprise support, which gives the added benefit of faster response times, training by the vendor, etc.
Cb is cloud-based and has a more advanced policy management. It also has better forensics information. Cost was similar, but Cb added cost savings in terms of IT management resources. We also have the ability to talk directly with engineers and have input on feature updates.
Microsoft System Center Endpoint Protection was the logical choice for our organization since we were utilizing so many other Microsoft solutions. We have since realized the need for more advanced threat protections and primarily use SCEP as an additional level of protection. Our primary protection is being provided by Carbon Black because of it's advanced heuristics and behavioral analysis capabilities
