As the meme says "All your Protection are belong to us"
August 25, 2017

As the meme says "All your Protection are belong to us"

Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with McAfee ePolicy Orchestrator

We use McAfee ePolicy Orchestrator to manage all our McAfee Antivirus and DLP endpoint sensors across our whole organization. McAfee has been used here to provide on-access scanning for malware, static scanning after business hours and is also being used to prevent users from accessing USB Devices and removable media. McAfee ePolicy Orchestrator has also been used to manage our Exchange MSME software policies and other configuration settings. We also use McAfee's SiteAdvisor to provide an extra layer of protection for the end users web browser. McAfee ePO provides one pane of glass to manage our corporations malware protection.
  • Static malware scans for known bad processes and files works well and can be schedules on endpoints easily
  • Preventing users from accessing USB drives and other peripherals is easily configured. We can also allow users to access to USB drives with user codes for the times they need it for business reasons.
  • ePO provides access into our MSME software so that we're not managing many different products from different locations.
  • In recent years the console has gotten much easier to navigate even though there is a ton of information to be accessed.
  • Within DLP the email alerting you cannot stipulate specific vendor id's or types of devices to alert on. It will just alert on everything no if it gets hit by any policy.
  • Because the scans are for static/known processes and files you will not be protected by unknown/0-day malware.
  • There have been many times that a DAT update will find and alert very old .js files and it never caught before and are many times flagged as Artemis generic. The FP rate could be improved upon.
  • Price, it's fairly expensive.
  • As with most things the price of products goes up and more-so if your business is growing.
  • We've been able to provide auditors with tangible evidence that our network is protected because of the reporting McAfee ePO provides. Auditors like McAfee because it's been around almost forever and is a mature product.
  • Being a mature product, though, it's very much set in the way it does things and as such there's not a whole lot of innovation.
We have not evaluated any other products in a very long time because moving to another AV product suite would be a very costly and long process. Another AV product would have to provide a very large cost reduction, performance improvements and unknown threat finding. We selected McAfee because it is literally the gold standard for AV.
If you're looking for a well established product that many other products integrate with, McAfee ePO is a good choice. It provides one pane of glass to your protection infrastructure; DLP, antivirus, email protection, etc. The product, however, will NOT handle unknown/0-day threats which can be an issue in many organizations where they may be hit with ransomware targeted directly at them.