A robust SIEM solution for medium/large companies
December 16, 2019

A robust SIEM solution for medium/large companies

Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User

Overall Satisfaction with McAfee Enterprise Security Manager

We deploy and sell the McAfee ESM (the SIEM solution) to our clients. We had it deployed in several kinds of companies, from small companies to large organizations. From private sector to public sector. McAfee is used to monitor the events (logs) of the clients and correlate them to generate alerts regarding security threats.
  • Good parsing capability
  • Enables integrations
  • The user interface is not the best, it is still based on Flash player (but they have plans to migrate to HTML5).
  • While the "user" interface is pretty straight forward, the management interface is fairly complicated.
  • ESM enables our clients to have visibility of their security incidents
  • ESM (and the ELM) provides support for compliance requirements (such as PCI)
McAfee is not the easiest tool to use. The user interface (specially the admin part) is fairly confusing.
At first, McAfee is very overwhelming and not so easy to understand. However, once you get used to the tool, you get used to the interface and you're able to do pretty much everything that any other SIEM does.
Dealing with the McAfee support is a lottery. Sometimes you reach them and it's a really experienced engineer, but sometimes it's a person with no clue on the tool. We had few cases where our internal engineers knew more about the tool than the McAfee support. However, sometimes we get hold of some really good engineers that know the tool from inside out.

Do you think Trellix Enterprise Security Manager delivers good value for the price?

Not sure

Are you happy with Trellix Enterprise Security Manager's feature set?


Did Trellix Enterprise Security Manager live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of Trellix Enterprise Security Manager go as expected?


Would you buy Trellix Enterprise Security Manager again?


McAfee is a good solution if you're in a medium/large company and if you're looking for a solution that can be customized and expanded. I also recommend if you have the most common log sources on your environment, since McAfee supports the major log sources (but lack a lot of small vendors).
In my opinion, I wouldn't recommend McAfee for small companies, since it's not that easy to manage and maintain.

Trellix Enterprise Security Manager Feature Ratings

Centralized event and log data collection
Event and log normalization/management
Deployment flexibility
Integration with Identity and Access Management Tools
Not Rated
Custom dashboards and workspaces