A robust SIEM solution for medium/large companies
Anonymous | TrustRadius Reviewer
December 16, 2019

A robust SIEM solution for medium/large companies

Score 7 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with McAfee Enterprise Security Manager

We deploy and sell the McAfee ESM (the SIEM solution) to our clients. We had it deployed in several kinds of companies, from small companies to large organizations. From private sector to public sector. McAfee is used to monitor the events (logs) of the clients and correlate them to generate alerts regarding security threats.
  • Good parsing capability
  • Enables integrations
  • The user interface is not the best, it is still based on Flash player (but they have plans to migrate to HTML5).
  • While the "user" interface is pretty straight forward, the management interface is fairly complicated.
  • ESM enables our clients to have visibility of their security incidents
  • ESM (and the ELM) provides support for compliance requirements (such as PCI)
McAfee is not the easiest tool to use. The user interface (specially the admin part) is fairly confusing.
At first, McAfee is very overwhelming and not so easy to understand. However, once you get used to the tool, you get used to the interface and you're able to do pretty much everything that any other SIEM does.
Dealing with the McAfee support is a lottery. Sometimes you reach them and it's a really experienced engineer, but sometimes it's a person with no clue on the tool. We had few cases where our internal engineers knew more about the tool than the McAfee support. However, sometimes we get hold of some really good engineers that know the tool from inside out.

Do you think McAfee Enterprise Security Manager delivers good value for the price?

Not sure

Are you happy with McAfee Enterprise Security Manager's feature set?

No

Did McAfee Enterprise Security Manager live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of McAfee Enterprise Security Manager go as expected?

Yes

Would you buy McAfee Enterprise Security Manager again?

No

McAfee is a good solution if you're in a medium/large company and if you're looking for a solution that can be customized and expanded. I also recommend if you have the most common log sources on your environment, since McAfee supports the major log sources (but lack a lot of small vendors).
In my opinion, I wouldn't recommend McAfee for small companies, since it's not that easy to manage and maintain.

McAfee Enterprise Security Manager Feature Ratings

Centralized event and log data collection
7
Correlation
5
Event and log normalization
8
Deployment flexibility
6
Integration with Identity and Access Management Tools
Not Rated
Custom dashboards and views
5