Custom dashboards and workspaces (16)
Centralized event and log data collection (9)
Event and log normalization/management (16)
Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of McAfee Enterprise Security Manager, and make your voice heard!
Entry-level set up fee?
- No setup fee
- Free Trial
- Free/Freemium Version
- Premium Consulting / Integration Services
Would you like us to let the vendor know that you want pricing?
- Runs on Startup
- Identifies Threats
- Customer Outreach
- IT Support
- Overall Aesthetic
- Allows data analysis for patterns that may indicate a threat
- Real-time activity visibility
- Gives technology support intelligence by creating prioritized alerts that reveal potential threats before they happen
- Problem reporting is integrated and simplifies analysis and compliance operations
- Reports can be difficult to analyze
- There is little training for technology teams to master the key features of the tools
- Our team may have problems locating errors in our country's bases
- Reports can be difficult to customize and adapt
- Good parsing capability
- Enables integrations
- The user interface is not the best, it is still based on Flash player (but they have plans to migrate to HTML5).
- While the "user" interface is pretty straight forward, the management interface is fairly complicated.
In my opinion, I wouldn't recommend McAfee for small companies, since it's not that easy to manage and maintain.
- Updated and current incident libraries.
- It monitors the entire enterprise network proactively.
- Its monitoring activities do not impact the network.
- Widen more its integration capabilities, such as integration to some cloud platforms.
- Integration with other software
- Log sources integration
- Very user friendly interface
- Real-time monitoring
- Pre-defined reports
- The system requirements are quite demanding
- No other tool issue or operational issue was identified
- Identify brute force attaks
- Anomalous traffic detection
- Faster ingestion and query performance
- Can collect large volumes of events
- Operating in all bowsers
- Documentation detailation
- Simplify the process of creation core relation rules
- McAfee Enterprise Security Manager has a large library of pre-made correlations that reduces the amount of work needed to make it functional.
- This is a core McAfee product that is still getting support.
- It has a substantial amount of compatibility and integration with other products.
- The migration off of Flash has been painful. The new interface is very difficult to work with. Even support tends to fall back to the Flash version.
- The GUI is not intuitive under any version. Finding settings takes a significant amount of learning.
- While the product is supported, the transitions from various directions have left the future of the product in question. It used to be the interface for IDS, but the new IDS is stand alone.
- The way McAfee has dropped products with no warning in the past makes us skeptical of trusting any stated roadmap.
- Advanced Threat intelligence gives us the ability to prioritise alerts quickly and efficiently.
- SIEM log collection allows us to integrate our other Intel products to a centralised point.
- Physical appliances is one of the areas we have moved away from, so the ability for ESM to be available as a VDI was key.
- If there is a requirement to integrate into other vendor products i.e. (log sharing) then this was very cumbersome.
- Integration of vulnerability scanning that is available in other vendor products would be a good addition.
- When integrating all of Intel's products a third party consultancy is usually required, where other vendor products can be configured without this additional cost.
McAfee Enterprise Security Manager is well placed when the environment has other Intel products. We operate McAfee Move and the two products work extremely well together. The anti-virus product can be very cumbersome if used with another SIEM solution when log collecting.
We have other areas where intel solutions are not in use and in these circumstances we used another well-known SIEM solution that had an easier implementation phase than Intel's and where remote access was challenging.
- It is a great central management tool with great reports and dashboards.
- It can easily show devices out of compliance.
- ESM is easy to manage and maintain.
- Some tools it manages lack features.
- ESM can have some issues with upgrading.
- MFA support is needed.