McAfee Complete Data Protection Reviews

Our company uses the solution to provide clients with network protection. We use EPO 5.10 and endpoint 10.7 for client applications. 

We first started downloading the solution for clients from the website. In 2014, we implemented the EPO and that gave us more benefits. 

The EPO displays all workstations that are attached to the network and provides regular updates from the website. The EPO's demonstration is a very good one and helps us stop people from using a USB drive to copy data that is valuable. With EPO, we have reduced our bandwidth usage so it can be put to something more useful than just downloading updates for the client application. 

We have an operational base with 70 computers. Other areas outside of the base like our Lagos office have 15 computers but ETO is not deployed there. We don't anticipate any sudden increase in usage. The aftermath of COVID has slowed things down but growth might occur later.

The new feature for online protection does a good job of identifying traits. 

The solution prevents users from downloading or copying data to a USB. 

Bandwidth usage is reduced. 

For any type of protection strategy, the natural use cases involve protecting sensitive data that shouldn't be public.

For instance, in financial organizations—or really any organization with sensitive data—there’s something to lose. This is the type of data that you don't want exposed to the public, something that should be classified as confidential or for internal use only.

Especially from the perspective of employee data, such as pay slips, this is critical. For example, if you and I work in the same organization, I should not be able to see your pay slip. Within the organization, there should be a classification level where data is categorized as internal, confidential, etc. My pay slip should only be viewable by me and the finance manager, not by any other employees or third parties.

You want to classify your data, which can be done with the electronic data classifier, or you could leverage a third-party classifier like Titus or Boldon James Classifier. Both integrate very well with McAfee ePO and Trellix Data Protection, whether on-premises or in the cloud. They also integrate with Kaspersky or even Microsoft ERP, allowing data classification. Additionally, the out-of-the-box classifier that comes with the product can be used.

By configuring policies, you can ensure that sensitive data is not shared with unauthorized individuals. For example, you can prevent sensitive data from being uploaded to the cloud, shared via email, sent to a printer, or copied to a USB stick. Protecting data, whether at rest, in motion, or in use, is essential.

For USB sticks, you could implement protection by encrypting them using McAfee Removable Media Protection. For data at rest, encryption can be achieved with McAfee Drive Encryption. On Mac OS systems, you might manage native encryption or leverage BitLocker for encryption, ensuring that your systems are encrypted and that encryption keys are properly managed.

These are basic use cases that any organization can leverage. It's not just for large organizations—any organization that is serious about securing its best interests should consider implementing data protection.

The DLP strategy is very, very key to the data protection strategy. You have your drive encryption and your File and Removable Media Protection, but without DLP, your data loss prevention strategy is far from complete.

DLP is actually massive because it covers everything from endpoints to the network and even to the cloud. It depends on how much visibility you're looking for. If your data is in the cloud, the huge question is: how much of that data do you have visibility of? If you have data on-prem, on mobile storage devices, or servers, do you have visibility into that data? Do you even know where your sensitive data is sitting? Can you do data discovery research?

Without DLP, you literally feel lost because you don't know where your data is. For example, I work with XYZ organization, and I have sensitive data on my system, but you don't know it's there. With a simple discovery scan, you can actually discover that there's a sensitive document sitting on my system. With a simple remediation, the user can request that all sensitive data be moved to a particular folder, probably on your file server. This way, you recover all sensitive data sitting on individuals' laptops or desktops and move it to central protection.

Once you've classified and done remediation on that data, you can say for sure that you don't have any sensitive data sitting on laptops or desktops within your organization, except in the file server that you control. You can also decide not to move those files but to restrict the user from sending the document to a competitor. Maybe you create a policy that ensures the document can only be sent to employees of the organization. You can also ensure that the user cannot send the document to OneDrive, Google Drive, or anywhere else.

Now, there's a limitation, and this is where cloud instances come into play. For example, if you're using Slack, you'd know that you have to consider API integration with Slack to extend that protection fully to the cloud. This is where the relationship with Trellix and Skyhigh comes in. What we're discussing today with the suite you're mentioning is just endpoint security; we're not looking at cloud security.

The solution provides protection against spam emails, phishing attacks, or external security threats.  

In our company, we have been using the solution for a long time. This solution helped our organization recognize numerous security attacks or spam emails received in our company's email IDs. The solution was able to catch the threats early on from the endpoint. 

We use the product for antivirus protection for all devices. We also use it for server protection for both Windows and Linux. We use endpoint encryption for laptops, too. Web protection is embedded in the browser.

I like all the features provided by the solution.

Actually, my customers use the solution for important documents. So, they usually use the DLP on-prem. They have an on-prem solution for DLP.

Actually, the feature I found valuable is almost everything in the solution except that it's not applicable to a Windows OS. Reporting and encryption are its most valuable features.

I have a project with McAfee and a customer to deploy and roll out the solution for ADR and other components from the McAfee ecosystem. The entire solution is for endpoint security with the new component, ADR, the adaptive threat protection, and the TIE server, which is responsible for the threat information exchange between the product of the ecosystem. There’s a sandbox connected to the endpoint protection, to the ePolicy Orchestrator, and also the network security platform to connect the sensor for EPS or EDS.

We have several components on top of the McAfee agent. Each component performs different activities. We have the base component that is the classic anti-malware, and then the endpoint security, which we call the endpoint security platform. We also have adaptive threat protection that can handle the reputation on file.

If the file is unknown and the GTI (global threat intelligence) of McAfee doesn't know the reputation of a file, this file can be sent to the sandbox. Then, the sandbox analyzes the file to discover if it's zero-day ransomware or something else. They can then decide if the file needs to be blocked or if some other action needs to be taken.

There’s the new component ADR on top of the solution from McAfee Complete Protection that can collect the index of items compromised inside the computer. All this information is sent to the cloud, to the console ADR in the cloud. We can analyze everything with the security operation center.

The adaptive threat protection and the new component of EDR are excellent.

It's a new technology. However, it’s already improving with new additions. It gives new releases more frequently than in the past with other McAfee products. It evolves quickly.

The console of the EDR is totally in the cloud.

We have all we need, and the customer is happy.

It's very configurable, McAfee. If we talk about McAfee, we have a lot of opportunities to configure the product, customize features, views, or reports, et cetera.

It helps prevent my machine from hacking and wireless attacks.

It's easy to use, and so far, it's been successful for me.  I receive updates quite frequently.

It's user-friendly and has been performing well for me for the past five years.

The advanced threat prevention capabilities are pretty good; my laptop is well-secured.

The most important feature of McAfee Complete Data Protection to my customers is the ePO or the management console. It's easy to use and it's scalable. You can also generate the reports you want on the console. It's a mature management console. The features that McAfee Complete Data Protection has, for example, anti-spam features and other features can also be found on other solutions, but the most unique feature you can find in the solution is the ePO itself, the management console.

Though there may be some ransomware detection modules now in McAfee Complete Data Protection, it's a field that McAfee should focus on, particularly having integration with some EDR or other add-ons. This is so McAfee Complete Data Protection would have more accuracy in detecting new ransomware in the market.

What I'd like to see in the next release of the solution is for its pricing to be more cost-effective because some competitors have cheaper pricing, so McAfee Complete Data Protection can't compete. Sometimes, some new vendors offer other solutions rather than McAfee Complete Data Protection, to win customers over, and this is a loss for McAfee.