McAfee ePolicy Orchestrator improves our general endpoint security - wherever a user might be tricked into clicking on a link or downloading a file or bringing a file on an external medium or getting it from somewhere on the internet. After having detected that it could be malicious, it blocks it. That's the main reason we protect our endpoints.
cybersecurity specialist at a mining and metals company with 10,001+ employees
Improves endpoint security well but takes a lot of resources to do so.
Pros and Cons
- "The feature that I have found most valuable is its general purpose of protecting our endpoints from infections, malicious files, and all those kinds of things. The fact that there are organized policies and policy inheritance. The general management."
- "The impact of the agent on the endpoint's performance - the resources it takes. Additionally, the difficulties we experience with inheriting and breaking inheritance on the organization's structure breakdown for policy inheritance and then for rules inheritance. We are actually struggling with this."
How has it helped my organization?
What is most valuable?
McAfee ePolicy Orchestrator is our general endpoint protection platform. The agent is deployed to all of our endpoints and according to the endpoint's purpose, e.g. industrial or office-like, it is configured properly and is managed centrally. That's quite all there is to explain about that.
The feature that I have found most valuable is its general purpose of protecting our endpoints from infections, malicious files, and all those kinds of things. Also the fact that there are organized policies and policy inheritance. The general management, in fact, nothing particular.
What needs improvement?
In terms of what could be improved, I would say the impact of the agent on the endpoint's performance - the resources it takes. Additionally, the difficulties we experience with inheriting and breaking inheritance on the organization's structure breakdown for policy inheritance and then for rules inheritance. We are actually struggling with this.
As for what I would like to see in the next release, that is related to the disadvantages, the drawbacks as I would call it. Some tuning of the inheritances for policies and things, so that we can extend policies to a lower level in the organization or in the structure. Inherit and extend rather than break the inheritance and start again on a lower level, because then, when on a higher level, and something changes, it has to be replicated on a lower level, rather than being taken automatically into account which complicates the management. Additionally, some performance tuning on the endpoints to make sure the agent does not take too much resources or it could be further granularly customized. Something like it should not take more than X percent of memory or of CPU in office hours, business hours, and could take more outside of those hours. So some tweaks, improvements, and configuration options in these areas.
For how long have I used the solution?
I have been using McAfee ePolicy Orchestrator for four or five years. It's still our current platform.
Buyer's Guide
McAfee ePolicy Orchestrator
December 2024
Learn what your peers think about McAfee ePolicy Orchestrator. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
What do I think about the stability of the solution?
It is quite stable. We're not having any issues with that.
What do I think about the scalability of the solution?
It is scalable. That's not an issue.
All the endpoints are protected with the platform and the servers, as well. It is something like 8,000 endpoints and 500 servers, quite a lot. In our Belgium branch of the company we're actually talking about almost everyone, we're like 5,000 employees, so that's only for Belgium. But there are more endpoints than the number of employees, of course.
There are the general workstations. Some users have more than one endpoint assigned to them, or a business or team's endpoints that are used in common within the team. That explains the larger number of endpoints compared to the number of employees we have in Belgium. There are different levels of the management who use this.
We have one guy in our team, in our Belgium site, that is almost fully dedicated to managing the antivirus product on the endpoint level, the workstation level. And then another person who is partially occupied, one third or half of his time for the server component. But as I told you, the endpoint workstations are being managed on a higher corporate level. There is also at least one person who concentrates some of his time on the management level. So, in total, for Belgium, let's say, two FTs.
I don't think we have any plans to increase because in fact, all our endpoints are covered. It grows and shrinks with the number of endpoints we have. The percentage stays the same.
How are customer service and support?
That's a question I can't answer because I haven't had to deal with them, personally. In general, when we're having issues, we turn to the higher corporate level, the Europe level, to know what their approach to the problem we might experience is. I've not noticed us having to deal directly with McAfee's technical support.
How was the initial setup?
The initial setup was long before I arrived. Sorry, I couldn't tell you more.
The deployment is strongly dependent on our environment's size, the number of workstations to deploy on and to deploy new versions on. But in general to get to 90% coverage when we have to deploy a new version, it takes at least a month. That's mainly due to the number of endpoints and then to manage and to control them, to make sure they're communicating correctly, that they're powered on, and that they're on the network.
What other advice do I have?
McAfee ePolicy Orchestrator is a well-known product. It is a big one. It is quite easy to compare on those different criteria. It's not a new kid on the block, it's a known value, it's been there for a long time. In my point of view, it's worth comparing it to other products to see if it integrates with something you already have, because now there is a tendency to have more ecosystems of endpoint protection and server protection.
The Microsoft ecosystem, or parts of the Microsoft ecosystem, are already in place in the organization. There will be eventual integration with a corporate data center or pyramid in firewalling. Whether they are already in place or not, it is important to consider these elements and to make a decision after these considerations. Not that I would advise particularly for or against McAfee, but there are a lot of elements to take into account.
I think it serves its purpose, that's fair and square. But there are always things that could be optimized. Whether it's the performance impact on the endpoint, or the management, in general. No solution will ever fit 100% to an environment, whether it's your own or another, it will not always fit 100%. There will always be little drawbacks, little things that could be optimized. Then it's a question of how to handle it.
You have to live with some minor inconveniences. There are advantages, there are the things that are good. In general, it's a good product. I would not advise against it.
On a scale of one to ten, I would give McAfee ePolicy Orchestrator a seven because of the reasons I told you. It does the job. It's quite solid. It's stable, of course. It's not something new, something experimental, it's proven itself already. And yeah, why not higher? Because of the things I told you already.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Can manage a very complex environment requiring fine tuning with a lot of exceptions
Pros and Cons
- "If you set it up right, it can really manage a very complex environment which require fine tuning where there are a lot of exceptions. That's what it caters to. It can just do those specifics in those exceptional situations, which is good."
- "While there are bugs and a few functionality issues, it is just a matter of raising them with the support team. However, support is part of the problem as well. You want everything to be seamless in a perfect world, but the support is spread across different countries. They have Level 1, 2, and 3. Level 1 is most likely in a developing country. They don't provide the best service."
What is our primary use case?
It is an endpoint protection product. You use it to centrally manage security policies and push out configurations, then you manage the antivirus on endpoints.
We use the on-premise deployment model.
How has it helped my organization?
If you're talking about endpoint, you have virus detection, behavioral-based detection in advanced threat detection, and even have host-based firewall, etc. Each of these would be a separate product that would integrate into the endpoint solution. From a cost perspective that would scale pretty quickly, which is not cheap. Also, it creates management overhead. We have to administer and configure it separately with a separate lists of policies. This is where it gets a bit complex, but it gives us the power to do things very specific.
What is most valuable?
Once you understand how to use it, it becomes easy to use.
For how long have I used the solution?
I have used the product for four years.
What do I think about the stability of the solution?
The product is solid. It's a bit of a beast. We've used it in a very large environment where we manage around 150,000 endpoints, and it is able to cope with the load. It helps that our architecture around it is pretty solid. So, it works like a charm.
There have been some issues with bugs and things from a functionality perspective. However, there are issues with everything.
It will become stable. We have had very specific issues. I am not blaming the product, as it could be the way the product is configured. There have been bugs and utilization problems where it may not be compatible with a certain operating system. You might find that there are certain processes that are just chewing up a lot of memory. There are known issues and errors. Things that do exist. We have seen this things quite often. It's just a matter of McAfee releasing a hotfix or stable version, which then needs to be tested and deployed correctly. We've been seeing quite a few of these.
These are systems with developer workstations or developer system services and are highly resource heavy. So, the API always has an impact.
What do I think about the scalability of the solution?
It is scalable. We have 150,000 endpoints using an agent handler in between. The scalability does require us to do a lot of planning for things, like bandwidth. The problem is with the complexity. If one thing breaks, it can also impact a bunch of other things.
It serves a purpose. If you set it up right, it can really manage a very complex environment which require fine tuning where there are a lot of exceptions. That's what it caters to. It can just do those specifics in those exceptional situations, which is good.
How are customer service and technical support?
While there are bugs and a few functionality issues, it is just a matter of raising them with the support team. However, support is part of the problem as well. You want everything to be seamless in a perfect world, but the support is spread across different countries. They have Level 1, 2, and 3. Level 1 is most likely in a developing country. They don't provide the best service.
Struggles like this impact the experience. If you have an issue, you want to get expedited within a certain amount of time. Sometimes, it just takes longer to get things done.
How was the initial setup?
It's easy to deploy. This does depend on the complexity of your environment, and it depends on how you set it up. You can make it as granular as you want.
It is not something that's very easy to administer. You have to go for a course with training modules. Once you understand how to use it, it becomes easy. For a beginner, it's not that easy. It's a very complex system. If you know what you're doing, it becomes easy.
What's my experience with pricing, setup cost, and licensing?
You get what you pay for.
McAfee tries to package different things into different products, then sell them as different products with different licenses. They just split everything up into multiple things. That's just their sales pitch and how they do it.
What other advice do I have?
It does provide a lot of functionality.
ePO Cloud takes away a lot of the management administration overhead. Though, I haven't tried this feature.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Buyer's Guide
McAfee ePolicy Orchestrator
December 2024
Learn what your peers think about McAfee ePolicy Orchestrator. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
Provides our customers alerts to system-wide events from a single view
Pros and Cons
- "The policy auditing, policy management, and device auditing are all valuable features. Our customers appreciated the ability to get alerts to system-wide events from a single view."
- "The solution is difficult to tune to avoid false positives."
What is our primary use case?
I worked at McAfee, and we deployed the solution for our customers. The primary use case is policy management, as the solution supports robust policy management. The customer deployments were on-premises.
How has it helped my organization?
McAfee ePolicy Orchestrator significantly streamlines policy management and compliance auditing processes, making it easier to enforce security policies across all devices. This reduces the time and effort required for audits and improves our overall security posture.
What is most valuable?
The policy auditing, policy management, and device auditing are all valuable features. Our customers appreciated the ability to get alerts to system-wide events from a single view.
What needs improvement?
In addition to tuning for false positives and improving the upgrade path, integration with newer cloud-based services could be enhanced. As more organizations move to hybrid or cloud environments, seamless integration will be critical.
For how long have I used the solution?
Since 2020
What do I think about the stability of the solution?
The solution is highly stable.
What do I think about the scalability of the solution?
I think on-prem solutions are at their limits and the future is in the cloud. We are exploring hybrid options to leverage the cloud for its scalability and advanced features while maintaining critical functions on-premises for enhanced control.
How are customer service and support?
The technical support is good, but it isn't always specific. That's a problem in my industry; it's a highly restricted environment with classified systems.
Which solution did I use previously and why did I switch?
How was the initial setup?
The initial setup is straightforward, and the upgrades are complex.
What about the implementation team?
While initial setup is generally straightforward, we've found that engaging with a knowledgeable consultant can significantly enhance the implementation process, especially when customizing the solution to fit complex environments. McAfee's support has been reliable, though more specialized guidance for unique environments would be appreciated.
What was our ROI?
Determining the ROI for cybersecurity is difficult, but I think many organizations in the private and government sectors are waking up to the importance of investing in robust security. It's not just a required checkbox for compliance; cybersecurity awareness makes for better organizations making better decisions.
Which other solutions did I evaluate?
ePolicy Orchestrator provides a more comprehensive policy management capabilities than alternatives such as Symantec Endpoint Protection and Microsoft Defender for Endpoint. Recommend that potential users consider their cloud integration needs and evaluate the cloud offerings of these solutions as well.
What other advice do I have?
I would rate the solution an eight out of ten.
Many of our clients wanted to go to the cloud, as the cloud-based version of the solution offered the latest features, which the on-prem version did not. However, they weren't ready to move to the cloud, so there were some issues.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Manager at Erisk solution
A highly stable solution that can be used for protection from ransomware, malware, and malicious files
Pros and Cons
- "The most valuable feature of the solution is the central management console, which is used for DLP, endpoint security, drive encryption, and application control."
- "McAfee ePolicy Orchestrator should improve its integration with other tools."
What is our primary use case?
We use McAfee ePolicy Orchestrator for security and protection from ransomware, malware, and malicious files.
What is most valuable?
The most valuable feature of the solution is the central management console, which is used for DLP, endpoint security, drive encryption, and application control.
What needs improvement?
McAfee ePolicy Orchestrator should improve its integration with other tools.
For how long have I used the solution?
I have been using McAfee ePolicy Orchestrator for five years.
What do I think about the stability of the solution?
I rate McAfee ePolicy Orchestrator ten out of ten for stability.
What do I think about the scalability of the solution?
Around 600 users use the solution in our organization.
I rate McAfee ePolicy Orchestrator ten out of ten for scalability.
How was the initial setup?
The solution's initial setup is easy.
What about the implementation team?
For the solution's implementation, we have an on-premise server. We are using the APO application on that server, and we are managing all endpoints from the APO console. We have created multiple policies for USB blocking, ransomware protection, and URL blocking from the APO console. We have also created the schedule for weekly scanning.
McAfee ePolicy Orchestrator is expected to be deployed in two hours.
What's my experience with pricing, setup cost, and licensing?
On a scale from one to ten, where one is cheap, and ten is expensive, I rate the solution's pricing a three out of ten.
What other advice do I have?
Overall, I rate McAfee ePolicy Orchestrator ten out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Senior Network Security Planning at Ooredoo Kuwait
A good interface that provides centralized control over our endpoints
Pros and Cons
- "The most valuable features of this solution are the antivirus and the DLP."
- "The Virtual Patching feature needs to be improved."
What is our primary use case?
We have been using this solution for almost seven years.
The primary use case for this solution is to protect our endpoints. We are using an on-premises deployment model.
How has it helped my organization?
This is a centralized solution, and we have very good control over the endpoints when using this product.
What is most valuable?
The most valuable features of this solution are the antivirus and the DLP.
The interface, dashboard, and reporting are all very good.
What needs improvement?
The Virtual Patching feature needs to be improved.
We would also like to have something in the cloud.
What do I think about the stability of the solution?
The stability of this solution is fine.
What do I think about the scalability of the solution?
This solution is very much scalable.
We have more than fifteen-hundred users. It is our only protection that we have for our endpoints, and we plan to increase its usage as we grow.
How are customer service and technical support?
I would rate technical support an eight out of ten.
They do help to resolve issues quickly, but sometimes the responses come back late.
Which solution did I use previously and why did I switch?
We were using Symantec prior to this solution, but we switched because of the cost.
How was the initial setup?
The initial setup of this solution is straightforward.
Our deployment took place within one week.
What about the implementation team?
Our reseller assisted us with the deployment.
What's my experience with pricing, setup cost, and licensing?
This solution is priced in the mid-range.
Which other solutions did I evaluate?
We evaluated Trend Micro before choosing this solution, but we selected this one because of pricing and features.
What other advice do I have?
This is a solution that I recommend and would suggest for others to use.
The biggest thing that I have learned from using this solution is that it is very easy to use.
I would rate this solution an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
CyberSecurity Operations at EliteVAD
A highly scalable solution for encryption that provides its users with a highly responsive customer support team
Pros and Cons
- "It is a scalable solution...I rate its scalability a nine out of ten."
- "There are some issues we are having with updating our Windows server. So we need to contact support or access our support portal."
What is our primary use case?
We use it to encrypt the shared folder file our customers receive containing information about the many rules and teams. So we abide by them and allow each team to access just files on it.
What is most valuable?
I believe the encryption is interrupting the file, and they're guiding it to a specific growth.So, that's a variety.
What needs improvement?
There are some issues we are having with updating our Windows server. So we need to contact support or access our support portal.
So, they should modify the cybersecurity suites to allow the customer to work properly again.
For how long have I used the solution?
I have been using the solution for a year.
What do I think about the stability of the solution?
Most of the data is stable until we apply hundreds of updates, so when it comes to updating, it is not stable. We will have to modify the type of suits by our sale. For the console services, the ePO server is not the end user. We are doing it in one hour.
What do I think about the scalability of the solution?
It is a scalable solution. There are around 3,000 to 4,000 customers, and end users using the product. I rate its scalability a nine out of ten.
How are customer service and support?
They are good and give quick responses. I rate it ten out of ten.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is easy. It de[pends on the way you install it. The solution was deployed within a couple of hours. Four to five people are required for the maintenance.
What other advice do I have?
I recommend the solution to those planning to use it. I rate the overall solution ten out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Lead Software Developer at Peristent Systems
Is user-friendly, stable, and scalable
Pros and Cons
- "I like the solution's feasibility. McAfee ePolicy Orchestrator is also better and easier to use than other ePOs."
- "The installation process is quite difficult and requires technical support."
What is our primary use case?
We use McAfee ePolicy Orchestrator to see attacks in real time. We also use it for storage as well.
What is most valuable?
I like the solution's feasibility. McAfee ePolicy Orchestrator is also better and easier to use than other ePOs.
What needs improvement?
The installation process is quite difficult and requires technical support.
For how long have I used the solution?
I've been using this solution for one month.
What do I think about the stability of the solution?
It is a stable solution.
What do I think about the scalability of the solution?
McAfee ePolicy Orchestrator is scalable, and we have 25 users in our organization. We are an enterprise level company.
How was the initial setup?
The implementation process is complex and requires four to six people, including a QA person.
It was a complex process because we needed access approvals to use SaaS, and the URLs would get decommissioned most of the time. We also faced problems with end-to-end encryption.
What about the implementation team?
I implemented it with the help of my senior architect.
What other advice do I have?
On a scale from one to ten, I would rate McAfee ePolicy Orchestrator at eight.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Cyber Security Engineer at a tech services company with 11-50 employees
Easy to navigate and configure
Pros and Cons
- "Application control and traffic encryption are the most valuable features."
- "We need to consolidate multiple features into one console. It would be beneficial to have all the important features on a single platform."
What is our primary use case?
It works perfectly for reporting and creating policies. It's easier for the customers. Reporting is a significant functionality.
What is most valuable?
Application control and traffic encryption are the most valuable features. The encryption feature includes Drive Encryption and supports a lot of features like antivirus encryption. It consolidates my system.
What needs improvement?
There's one room for improvement. We need to consolidate multiple features into one console. It would be beneficial to have all the important features on a single platform. Instead of using separate agents for tasks like antivirus and demos, it would be better to have a unified agent that can handle everything.
I would like a unified agent that can handle multiple tasks.
Another useful feature would be an email solution. It could be helpful. Also, having the capability to check for data vulnerabilities would be a great addition. In the future release, I would like to have a feature that checks for vulnerabilities
For how long have I used the solution?
I have been working with this solution for 20 years. I am currently working with Version 5.10.
What do I think about the stability of the solution?
Stability is medium. I would rate it six because it can be resource-intensive and impact performance.
What do I think about the scalability of the solution?
Most of the features are scalable, especially when transitioning to newer versions.
I would give it a rating of ten for scalability. Approximately around 50 to 100 users are currently using McAfee ePolicy Orchestrator. Some clients are small businesses, while others are enterprise-level.
How are customer service and support?
The tool itself is great, but the technical support is not always perfect. There have been some support issues.
When there are issues, it often takes a considerable amount of time to resolve them, especially for domain-related problems. We are not given the right support.
How would you rate customer service and support?
Negative
How was the initial setup?
The initial setup is easy. I would rate it a ten out of ten. The deployment process depends on various factors, such as the network. Usually, it takes a few days.
What about the implementation team?
The deployment process involves licensing, installing APL, integrating with the directory, and then configuring policies based on best practices. We also customize some policies to fit the client's environment.
What's my experience with pricing, setup cost, and licensing?
The cost is high compared to other clients who prefer lower pricing.
In terms of pricing, I can give it an eight.
If you need any additional solutions, you would have to pay extra on a monthly basis.
What other advice do I have?
I would rate it as the best, around nine, because it's easy to navigate and configure.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Buyer's Guide
Download our free McAfee ePolicy Orchestrator Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Product Categories
Security Orchestration Automation and Response (SOAR)Popular Comparisons
Microsoft Sentinel
Elastic Security
Palo Alto Networks Cortex XSOAR
Splunk SOAR
Buyer's Guide
Download our free McAfee ePolicy Orchestrator Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- How easy is it to integrate Microsoft Intune with McAfee ePolicy Orchestrator?
- Which is better - Mcafee's MVision ePO or ePolicy Orchestrator?
- What are the Top 5 cybersecurity trends in 2022?
- What is the difference between SIEM and SOAR platforms?
- What is an incident response playbook and how is it used in SOAR?
- What are the latest trends in Security Operations Center (SOC)?
- What tools and solutions do you use for automated incident response in an enterprise in 2022?
- How to evaluate SIEM detection rules?
- Why a Security Operations Center (SOC) is important?
- What types of Security Operations Center (SOC) deployment models do exist?