McAfee Complete Data Protection Reviews

We primarily use this solution for folder and disk encryption. One encrypted folder in Drive D: for each PC user and disk encryption for all notebook PCs, especially for sensitive or confidential data.

The McAfee Policy Orchestrator did a fair job in overall control and management of encryption. A centralized repository of various functions is provided in an excellent user interface and menu system.

The most valuable features are effective folder and disk encryption, and the practical server console-started agent/encryption module deployment to endpoints are highly commendable.

The server software console is exquisitely designed and organized for handy access and manipulation by the administrator.

Encryption user assignment and key generation can be performed fast enough.

Well expectedly, the upgrade process from Orchestrator v5.32 to 5.91 will be a bit painful for a lengthy and hardly completed client saturation (i.e. ensuing endpoint upgrade, if not done after server & SHA cert update committed, the client(s) will completely fail to work again) for our 1300+ endpoints. These included PCs and offline notebooks, which cannot be easily kept online over an extended period of time waiting for saturation in an undetermined upgrade order. I would like to have an easier and less-hassle upgrade process in future releases of the software, and extra license renewal price discounts too.

Procurement/license renewal options should also be devised by McAfee for continually incremental buying by an organization over its lifetime of usage.

Additionally, export and re-import of encryption keys in a batch could also be available as an extra orchestrator module for seamless transfer in case of server migration/re-installation.

Noticeably, the disk encryption process is far swifter on PCs/notebooks equipped with SSD drives but a speed improvement should better be available in future releases for mechanical disk drives for still being existent in the years to come.

I have been using McAfee Complete Data Protection for three years.

Apart from the disk encryption process that has a couple of times failed to transfer the initial encryption login password to the client PCs, in which token recovery was required, we have come across very few issues.

Good variety of modules and easy incorporation.

We have raised support cases to McAfee and they responded in a professional and helpful manner and completed with successful resolutions.

Our previous experience with Symantec encryption has left a lot of room for improvements such as deployment/redeployment ease and Active Directory integration. We, therefore, chose McAfee for its feature-richness and a reasonable price with good market acceptance and knowledge availability.

The initial setup can be done in two days or so, highly recommended with the assistance by experienced solution contractors.

We hired a contractor I.T. company to have initially installed everything and configured the total solution to work successfully. The organization-wide deployment from scratch at the beginning is simple, fast and problem-free, enough though we preferred using remote execution of DOS scripts to copy and run the installer at client endpoints.

In a word, it was a good and satisfactory start.

This solution is reasonably priced.

So far, we are satisfied with the overall results and the product welcomed by end-users with few complaints.

We have many clients in India using Complete Data Protection and host data protection. Complete Data Protection covers the network servers and endpoints. Okay. So with any species attachment scan with complete data production. Complete Data Protection was necessary to meet advanced customer requirements. We have around 2,250 users covered by Complete Data Protection.

Complete Data Protection lets us define roles in our data products. It helps us identify something suspicious on the client's device. 

Some clients still receive spam and malware in their attachments, so the data protection isn't working correctly. We have configured it and enabled the features in the client's system, but some policies have failed to work once or twice. 

I have been using McAfee for five years.

Data Protection is easy to set up. We have templates for data protection roles in each country. Once we configure the DLP roles, we deploy the agent, and the agent communicates with the EPU and the client's device. 

We have to configure the solution with the data protection role and customize it based on the customer's requirements. Finally, we test it to see if everything is working normally. Configuration takes about 30 minutes. 

I rate McAfee Complete Data Protection 10 out of 10. 

I am actually very familiar with the on-premises solution. I am just starting to try out the cloud version. I have not really had the opportunity to exercise the capabilities fully because I need to buy the license to do that. I work with Cyber Security Africa Distribution, but even being that type of organization we still have to purchase our license to try the full solution. I have seen it work with the MVISION Cloud, but I have not tried out the data protection path. But I have reviewed all the features.  

I am not really an end-user so my answer is addressed talking more from the integration side. I do a lot of integration, and from this point of view, using McAfee as a data protection solution and for data classification is most valuable. I think McAfee actually fits very well with providing literally all the use cases for you. If end-users cannot classify data and solve the problem of data classification, then they can not successfully move forward and get on to data discovery using something like the McAfee Discover running it from the endpoint or running it from the network and doing network DLP (Data Loss Prevention/Data Loss Protection). We are sometimes having to look at it more from a perspective of the cost rather than actually solving the problem. It will work out so long as it helps end-users to classify their data. Some clients have some budget restrictions.  

So, for some use cases, I think it will be good for a certain type of user. It would be best for those who need data enforcement from both endpoints and from the network. I think it is perfect for shadow IT as well. With the proper policies in place, it could prevent you from sending corporate data to both cloud storage or to flash drives. If you look at it as a device control feature, it limits what you can send to removable storage devices. Configured a different way, you can send your other unclassified data to cloud storage and the like.  

Looking at it from a general use case as a security consultant, what most organizations try to prevent is data extrication. If you can prevent people from moving corporate data to their private clouds or to their own personal storage devices, you would have saved yourself a lot of stress. If the employee exits their security system carelessly, someone can actually extricate data during that process breach.  

Another use case is preventing loss of confidentiality. If you are trying to ensure the confidentiality of your data, using McAfee DLP you can prevent certain classification levels of data from being sent to printers or sent through emails.  

There is file and folder encryption and there is also complete McAfee Drive Encryption. The beauty of McAfee is that they are not looking at encryption from one single standpoint. It is a broader solution.  

If I have FileVault on my Mac Pro, I can protect my Mac. McAfee has encryption that helps you manage encryption natively. If you have BitLocker and you prefer to use it on your products, you can and you can still have a central management console for both your endpoint and your other encryption with McAfee. I think that is actually a perfect example of how you can use MNE (Management of Native Encryption) to manage your native encryption along with other products.  

I think in looking at this as to how it can be improved, the drive encryption side is not as straightforward as it could be. It is a little bit heavy on the configuration part. There are a lot of options to look at. Maybe it is just that the training needs to fine-tuned a little bit or maybe the UI needs to be a little more interactive. There are so many options that you have in the product that you may not know exactly what something does if you enable an option. There is a gray area, for example, as to whether or not it is best practice is to have a pre-boot authentication or not. The usual argument is that if you do not turn on pre-boot authentication, your encryption can actually be bypassed.  

There is a question and it is not an argument that you can easily answer because the product is not doing enough to help you out. They need a publication that actually sets that record straight, or probably they could have something like a best practice configuration guide so users can take advantage of that for determining exactly what options are best for them.  

People do not always know what are the best practices for their environment. They try out a lot of stuff, and then if it does not work with their system, they just come to the conclusion that the solution does not work. They blame the product rather than the configuration which they do not have set correctly. So with a best practice configuration guide or something similar, it would help people take proper advantage of the solution and help them to better see the total benefits of what the solution has to offer.  

So their configuration is complex, but this can have advantages as well if they provided the user with the information they need.  

I think I have been using McAfee Endpoint Solution or McAfee Data Protection solutions for about five to six years now. I have been following the company's journey with product development since version 9.2 or 9.3.  

McAfee Complete Data Protection is quite stable. I think the only module that a lot of people seem to have had some issues with is the file and folder encryption. I am not talking about this from my point of view as I never experienced the issue personally. At one point, I used to manage a team of seven people and all my engineers always had issues with file and folder encryption.  

In reality, I think file and folder encryption is actually more complicated than server encryption. Well, for me I think it is. Looking at encryption from two points, drive encryption does disk encryption. It does not encrypt to the file level. File and folder encryption actually encrypts to the individual file and folder level. I think the real option is — and I am not sure if McAfee is trying to achieve this drive management with file encryption or not — but I think for me if FRP (File and Removable Media Protection) worked more like a drive management system, then it would be perfect. The idea would be for it to store files and folders more like drive management than just using encryption. Right now, the way it works is more like just locking the file or the folder. If it worked more like drive management, I think there would be more value to it than there is to it today.  

To be honest, I have actually never really needed to call support overall. The product has been working all these years and I do not have any major problems with the functionality.  

Data protection solutions are quite expensive, which is expected. I have had customers complain about the licensing costs of various solutions.  

Where I actually have issues with cost would be in the cloud. If you look at the MVISION portfolio, you see that the device control is not the same as on-premises. I am not sure which parts of the MVISION products actually have device controls with the encryption.  

The problem is that after seeing that single product within MVISION, in order to access it from the cloud, you still have to buy the full version of it. As we are on-prem and just beginning testing on the cloud, I am not exactly sure of the capabilities.  

I think that part of the pricing is confusing to a lot of end-users. When they purchase the license from us they see that they have device control. But when I get to the cloud, there is no device control. As resellers, that puts us in a bad place, because we have to explain it to the customer. They have to purchase something additional for device protection that they thought they already had.  

I think there was no communication about that change in the licensing when it was changed over to the cloud. So we had to take the initiative in doing other things when coaching our customers.  

There is always back and forth when doing consultations with the customers before we finally come to a configuration that is the right one for the client. I look at information online and then see they have device control on the cloud but then there is a question as to why the client is using device control in certain circumstances. There is a question as to why they are putting certain data on the cloud even. Some do not understand best practices and that putting data on the cloud is not the solution they want anyway.   

On a scale from one to ten where one is the worst and ten is the best, I would rate this McAfee Complete Data Protection product as an eight or even a nine-out-of-ten. Just for the encryption part, I think I will say nine. The solution is actually quite stable and otherwise, it is quite good. I would definitely recommend this product to other users. The core of McAfee has been my end solution for all types of situations for me for a long time. If I have not switched yet to work with any other solution, obviously, I think it is a good one and I definitely recommend McAfee.  

On the DLP side, I am not sure if there is much they can change in that system, because I think one part compliments the other. But on the DLP you do not have the same type of endpoints control you have in the cloud. So I think on the DLP side, they must provide better controls so the solutions are more similar in that way from both ends. If there is a way to balance from what you have on-premises and what you have in cloud, then it becomes a better product from the user perspective.  

For data encryption, I think they need to work on the interface and the configuration and make it easier. If it could work more like a comprehensive management system, it will make more sense. It will make more sense and it will actually create more market value for end-users than just doing file and folder encryption.  

The possibilities for integration with McAfee CDP are important. You can integrate with that solution. Not all people in all environments want to run McAfee for Endpoints. Some people also want to have that kind of synergy McAfee has in DLP and encryption. So if you are trying to encrypt the network for a sensitive environment and you have a checkpoint policy to use McAfee on your endpoint and on your DLP, configure it to mask or to encrypt a file. There has to be that type of relationship between DLP and encryption for it to work properly and accomplish these ultimate goals.  

Some organizations use other solutions for the DLP and they also have that in the architecture. I have not yet seen that scenario, but I can imagine that there can be environments that start with McAfee endpoints and they have access to encryption and they want to extend that integration. It might be possible to do but it seems to me that it is not actually a very common way of doing things.  

The McAfee Threat Protection and McAfee Web Protection are valuable aspects of the solution. They're better than other features that come with the endpoints.

The solution needs to reduce the number of false positives. There are too many of them.

In future releases, McAfee Endpoint Protection needs to also include a module for mobile devices. If they do this, they should ensure the feature caters to both Android and iOS.

The solution is stable. The only problem that I had noticed was when Windows updated to Windows 10. However, McAfee was quick to release a patch that fixed the issue. The patch ensured McAfee remained stable, especially in a corporate environment.

I'd rate technical support seven out of ten. 

Every year we have to go through product certifications, so we hardly come across situations that require us to contact McAfee, because we've been trained to do the support ourselves. 

The support for McAfee is okay, but we do support for our clients in-house. If we come across a problem, we always look to their knowledge base first. McAfee has a big, vast knowledge base where you get answers without having to go through technical support most of the time.

I've been using the solution since 2005. We're partners with McAfee.

I would rate the solution nine out of ten.

For them to get 10, I think they also need to make sure they are still compatible with earlier versions of Windows. In this part of the world, in Africa, you find that there are companies that are still using the earlier editions of Windows, like Windows XP. They need to make sure they incorporate those operating systems even if they've reached the end of life for Windows, like Windows XP. Right now, the new version doesn't support XP.

It can be used for all mobile works laptops, which are more susceptible to data loss. Or it can be used for file servers where you put your file servers on the cloud, and so the data addresses and transit are encrypted.

They offer very good accepted standards. The solution is compliant and offers good support. They offer pretty good security due to their standards compliance. 

It is part of the DLP and works well for that use case.

They could be better in terms of Complete Data Protection. There are a lot of components that get involved there. 

I would like to see a bit more stability.

The initial setup process could be simpler. 

I've used the solution for the last four years or so.

I haven't used it much, and therefore cannot speak to the overall stability, although I would like it to be more stable in general. We've faced problems on and off.

Having not used it very much, I have never tried to scale the product.

It is a complicated initial implementation process. The implementation is not straightforward. My File and Folder protection take at least two days to three days to fix and deploy. To get all the end-users on, it might take three or so days. 

You do need to purchase a license in order to use the solution. 

It is a pretty good product. Overall, I would rate it a seven out of ten.

This solution helps us to protect and secure our data.

The most valuable feature of this solution is Data Loss Prevention. There is progression. It's quite amazing!

In the configuration, you can restrict a user from accessing a removable drive. They can bring in malware from external sources into the network without it coming from the internet. It could come from a memory stick. With the Data Loss Prevention, we can check for this and we can stop them from being able to use a flash drive or pin drive on their computer.

You can stop them from having access to a CD so that the company information cannot be lost to malware. They can't access anything, because as soon as they insert a memory stick it tells them to stop.

The company is also trying to prevent any data, or files from being copied. With this feature, you can configure it to not allow any copying.

If anyone inserts a memory stick, we get a report alerting us on the server of where the threat is coming from or who is trying to bypass or change the rule.

Another valuable feature is the McAfee ePO, which is the centralized monitoring tool. You can have your computers on the network and this feature will tell you who is behind in terms of updates from the server. You can also view the modules that have been installed on a particular workstation.

When it comes to the integration, the information or instruction that comes with the package is not good. When you are getting started it's not easy to integrate it, there are many things involved. If you are a beginner you can easily become confused, but if you have experience then it can be easy.

In the next release, I would like to see some additional product features added to the interface.

There should be more public awareness or comparisons in the market. People are still questioning why I chose McAfee.

I want simplicity. A new user opening the dashboard will be confused. It needs to be more user-friendly.

This solution is stable.

We rarely have issues with the server not being able to connect to the lastest engines. 

We have more than seventy computers on the network.

McAfee has very good support.

We can submit a report online to open a case and they will contact you immediately to confirm. If you don't respond right away they will follow up with you via email every day until you respond.

They don't just leave you to resolve the issue alone, they support you to the very end.

The support methods are secure before they assist you by logging in remotely they will verify with a code through your mobile device.

There are two parts to the setup, installation and the configuration.

It is easy to install if you have the prerequisite software. If you run into issues you are provided with codes that you can enter online and get help with the particular issue.

As you get familiar with it, it gets easier.

I would rate this solution an eight out of ten.

We primarily use the solution for endpoint protection, data loss prevention and application whitelisting.

The antivirus is the solution's most valuable feature.

The interface is very good. You can create and manage your own dashboard.

The reporting is very good.

The refresh feature needs improvement. You need to refresh it manually yt going to the address bar, clicking on it and pressing enter, or pressing F5. There should be a button you can click on to refresh or have it so every five seconds it's refreshing.

QTs should be drag and drop.

The solution should allow for a bit more customization.

The reporting is good, but could use improvement. Right now you can export it as a PDF or CSV but these options will not make your design available. They should be more visual.

The solution is stable.

The solution is scalable. We have about 1,000 users on the solution currently.

Technical support is good. We've been largely satisfied with them so far.

We previously used ArcSite. It was the choice of the company to switch solutions.

The initial setup was straightforward. Deployment takes about half an hour.

We handled the implementation ourselves.

We did evaluate Trend Micro before choosing McAfee.

We use the on-premises deployment model.

I'd recommend the solution. It's modern, simple, scalable and reliable.

I'd rate the solution eight out of ten.

We primarily use the solution to protect sensitive data and general protection.

The protection on offer is very good at protecting the organization. We can protect our assets and our IP.

The data protection has been very good. Customers like the product based on the amount of protection they are getting.

We can scale the solution.

It's a stable product.

The UI could be improved a bit.

Other than that, the solution has been very good.

I've used the solution for about a year. 

It's been stable and reliable so far. There aren't bugs or glitches. It doesn't crash or freeze. 

The solution is scalable. 

We've never escalated any issues to technical support. I can't speak to how helpful or responsive they would be. 

The solution has a moderately difficult setup. It's not easy or difficult. It's intermediate. We can deploy the product in 15 to 25 minutes on average.

At this time, I haven't noticed any necessary maintenance.  

I'm not sure of the exact pricing of the product.

We are using the latest version of the solution. 

I'd likely recommend the solution to others. It's a good place to start in terms of developing a security strategy.

I'd rate the solution seven out of ten.