Reviews (1-12 of 12)
- It integrates well with Splunk
- You get email alerts
- It can easily manage users and groups through System Tree
- Deployment is easy
- DLP for USB devices
- You can update from a single console
- Not easy to master every component
- Won't catch 0 Day threats
- High CPU utilization
- Console can be very busy looking for a new user
The goal was to have a robust AV solution that will provide well know protection against malware [and] viruses.
We needed a Centralized Solution, capable to deploy the agents across network and create alerts on Handled/Unhandled events.
- Protect endpoints from malware, viruses.
- Robust agent deployment capabilities.
- Management dashboards.
- Very complex configuration, can be difficult to implement.
- Database usage.
- Hardware resources usage.
It comes with the basic protection, called Endpoint Security (which can be another thing to review).
If you want to go more granular, like Firewall, Web-Control, it has to be decided before buying the license.
But all those products [are] worth the investment.
Lacking on some compatibility, ex. WEBControl can be disabled from the Browsers (except IE), still place for improvement.
Hardware resources can use all endpoint resources if not configured properly.
- Centralized security management
- Dashboarding and single point to fetch reports
- Supporting third-party with API integration
- Need in-depth on KBs because there is dependency on support for even petty issues
- Scanning of systems at times increases CPU utilization
- GUI can be made little more easy and smooth
- Real-time protection with daily DATA updates.
- Visibility to which machine had a potential occurrence.
- Ability to create your own personalized protection rules.
- Due to Microsoft Windows Updates, support and KB articles are a must.
- Deployment tasks might need a lot of configurations before.
- ePO upgrade requires a lot of preparation steps.
- Applies the policy settings for the selected group
- Keeps the hosts updated well, in general
- Allows update of available software from within the management console
- Assigns and runs ongoing tasks with little need for intervention
- Provides quick high-level view of systems
- In general, the upgrades are not easy and often fraught with errors and difficulties.
- When there is an issue, it usually requires McAfee support to get involved.
- Keeping track of what software updates need to be installed is often confusing.
- Threat detection and protection
- Very good reporting and auditing
- Good policy configuration and customization
- Easy to detect rogue devices
- Training is needed to fully understand and utilize all the features of the product.
- Use documentation can be more detailed
- No other problems
- Managing machines on the domain
- Making sure all machines have up to date antivirus
- Allowing us to block computers from the domain that are a potential threat
- More advanced search options
- Ability to automatically remove computers if they aren't active for a certain time
- Ability to customize home screen per user
- A unified dashboard view provides security intelligence across different endpoints.
- Allowed us to access our third party IT infrastructure from a single security management console.
- Where workflows were cumbersome and messy this allowed them to be more streamlined.
- Setup was more time consuming than expected.
- Consolidated with McAfee products better than other vendor products.
- Support for lesser-known vendors was not available.
- We can deploy easily to wide range of machines across the organization using ePolicy Orchestrator.
- Easily manageable and better UI which helps users understand what is the machine, what kind of OS it has, what are the detections it found in that machine, and what are the things that are blocked.
- McAfee helps us in detecting threats across the machines with rogue sensors which will be used in detection of unmanaged systems in the organization.
- It has a slow mechanism when adding custom threat feeds. For example, if McAfee didn't have a signature or detection about a new virus and we try to add it to our console it is like a really big process in adding that to our available signatures.
- Whenever a scan is performed, the system CPU utilization goes up 100 percent.
- Installation fails due to difference in timestamp when we try to shuffle between packages.
- Static malware scans for known bad processes and files works well and can be schedules on endpoints easily
- Preventing users from accessing USB drives and other peripherals is easily configured. We can also allow users to access to USB drives with user codes for the times they need it for business reasons.
- ePO provides access into our MSME software so that we're not managing many different products from different locations.
- In recent years the console has gotten much easier to navigate even though there is a ton of information to be accessed.
- Within DLP the email alerting you cannot stipulate specific vendor id's or types of devices to alert on. It will just alert on everything no if it gets hit by any policy.
- Because the scans are for static/known processes and files you will not be protected by unknown/0-day malware.
- There have been many times that a DAT update will find and alert very old .js files and it never caught before and are many times flagged as Artemis generic. The FP rate could be improved upon.
- Price, it's fairly expensive.
- Systems Manager. We are able to view all the systems in our environment in one dashboard. This gives us the chance to see when PCs last communicated with our McAfee ePolicy Orchestrator (ePO) server and if they are up to date on their virus definitions.
- Ease of pushing out anti-virus to our endpoints.
- Agentless Virtual Machine anti-virus. No need to have anti-virus on the VM it goes on the ESXi host which scans the datastores.
- Clunky interface.
- Lots of information but not presented neatly.
- More configuration needed to stop some of the bigger exploits.
It's great for managing a large company with a lot of endpoints. It's a great way to feel confident that your environment is secure. It gives a great perspective of what is happening in your environment and helps to pinpoint any suspicious activity that is going on.
It's not very appropriate for smaller organizations. Unless there is a dedicated person working through it all day it could become overwhelming for a small team.
McAfee ePolicy Orchestrator Scorecard Summary
What is McAfee ePolicy Orchestrator?
McAfee ePolicy Orchestrator Technical Details