McAfee ePolicy Orchestrator Reviews

It works perfectly for reporting and creating policies. It's easier for the customers. Reporting is a significant functionality.

Application control and traffic encryption are the most valuable features. The encryption feature includes Drive Encryption and supports a lot of features like antivirus encryption. It consolidates my system.

There's one room for improvement. We need to consolidate multiple features into one console. It would be beneficial to have all the important features on a single platform. Instead of using separate agents for tasks like antivirus and demos, it would be better to have a unified agent that can handle everything.

I would like a unified agent that can handle multiple tasks.

Another useful feature would be an email solution. It could be helpful. Also, having the capability to check for data vulnerabilities would be a great addition. In the future release, I would like to have a feature that checks for vulnerabilities

I have been working with this solution for 20 years. I am currently working with Version 5.10.

Stability is medium. I would rate it six because it can be resource-intensive and impact performance.

Most of the features are scalable, especially when transitioning to newer versions.

I would give it a rating of ten for scalability. Approximately around 50 to 100 users are currently using McAfee ePolicy Orchestrator. Some clients are small businesses, while others are enterprise-level.

The tool itself is great, but the technical support is not always perfect. There have been some support issues.

When there are issues, it often takes a considerable amount of time to resolve them, especially for domain-related problems. We are not given the right support.

Negative

The initial setup is easy. I would rate it a ten out of ten. The deployment process depends on various factors, such as the network. Usually, it takes a few days.

The deployment process involves licensing, installing APL, integrating with the directory, and then configuring policies based on best practices. We also customize some policies to fit the client's environment.

The cost is high compared to other clients who prefer lower pricing.
In terms of pricing, I can give it an eight.

If you need any additional solutions, you would have to pay extra on a monthly basis.

I would rate it as the best, around nine, because it's easy to navigate and configure.

On-premises

Easy interface, reliability, scalability, built-in reporting.

We integrate more and more client computers from different supported businesses across the globe into a single ePO environment managed by a single support team, thus reducing support staff and unifying security policies across organization providing the anti-malware protection to the endpoints (both to servers and to workstations).

a. Reporting: The pre-canned ePO queries can be improved

We use different versions of McAfee ePO for the last 10 years (v. 2.5 through v. 4.6).

No

No

No

Customer Service: GoodTechnical Support: Good. However there is no definite SLA when a complicate issue is escalated to McAfee Level 3 or to McAfee software developers.

We used to use Computers Associates AAO software till 2003. The McAfee manageability and price was much better.

Straightforward

We invited the vendor team. I’d rate their level of expertise 4 out of 5.

I like McAfee ePolicy Orchestrator software. It is great centralized security management software that allows management of various McAfee products on the client computers. McAfee ePO makes risk and compliance management in the organization simpler and more reliable.

Automatic workflow remediation

By setting up automatic workflows for specific tasks by the use of property tags there is less hands on intervention needed.

Although it has the ability to auto create service tickets, it needs to expand to allow more products this ability. It also seriously needs a better way to direct connect to remote users not located within the network.

12 years

Yes, someone who doesn’t understand their environment and the configuration needed cannot just turn everything on and let it go.

No

No, we were able to scale this from a single location within the US of 100 endpoints to 5,000+ globally within a week with only 10% of the systems having a problem that needed to be addressed because of a specialized configuration.

Customer Service: 8 out of 10Technical Support: 8 out of 10

Kaspersky, the management console is very cumbersome and difficult to manage and doesn’t allow for the fine grained control of ePO.

It’s straightforward until you get to some of the advanced components such as a DMZ and agent handler deployment.

In-house, I personally did the implementation, configuration and management.

Saves a company 20 man hours a week. The true dollar value ROI is going to be based on the cost of the product for a particular company, since that can vary depending on the negotiated contract terms.

This product will take 40 man hours for setup, configuration and deployment once the environment information is gathered.

Yes, Trend Micro

There is no other product out there with the control and overall security components that can do what ePO can.

McAfee ePolicy Orchestrator is used to manage endpoints, networks, compliance, and data security.

The most valuable features of McAfee ePolicy Orchestrator are the easy-to-use console, and lots of reports, such as customized reports and inventory reports. Additionally, overall the centralized management is very good where you can see the compliance levels and inventory.

The solution could improve the EDR component in many areas, such as the zero-day and persistent threats. The implementation is also complex for this feature.

There are different policies in the solution, such as EPO for EDR, and for Sandboxing, but when it comes to the EPO it is only for the policy orchestration and not for the analysis, incident management, or for the team who is working on the cyber security. They need to know how to use a different console, which is integrated nicely in their cloud platform called Envision but they have not done it in the EPO. 

I don't know what the McAfee strategy is, why they have not integrated the EDR analysis piece into the EPO. It is already available in the Envision, but not in the EPO. This is a difficulty. Whenever there needs to be any analysis, correlation, and in-depth EDR functionality it is not part of the EDR. There is a separate console for it. We need to depend on the inventory and the policy, and the EPO, but when it comes to analysis and in-depth alert details, then we need to dive into another console.

There are times when it is good to have one console to allow people to receive the trained analysis and historical data related to that particular incident.

I have been using McAfee ePolicy Orchestrator for approximately 10 years.

A lot of the components of McAfee ePolicy Orchestrator, such as Sandboxing, DX, and  ATP are not stable. However, the antivirus is stable.

The scalability of the McAfee ePolicy Orchestrator is good.

We have more than 75,000 users using this solution. We are using a combination of McAfee and FireEye where the antivirus part is provided by McAfee and the EDR part is covered by FireEye. Our next target is to combine both of these elements, either FireEye or McAfee.

The technical support of McAfee is great.

I have used other solutions, such as FireEye and Cisco solutions.

The deployment of the McAfee ePolicy Orchestrator is very easy on the endpoints. However, deploying the solution in a large enterprise is very difficult. In terms of all the components of McAfee, it is difficult. There are lots of false positives and manual effort required for deploying the advanced component section.

McAfee ePolicy Orchestrator requires lots of maintenance and we have had many performance issues. We have done maintenance for our databases approximately three times and it is a difficult job. The maintenance is time-consuming and it's a very difficult job to do.

When the database that we are managing is almost 70 - 80,000 systems, it is quite difficult to have an EPO, wherein everything is central, such as policy, database, asset, and inventory. There is a lot of load on the central server. For a long time, McAfee has been using central management where there are no distributed components. Everything is getting loaded on EPO and it is creating lots of maintenance work.

There is a license required to use this solution. If we use the additional components, such as DLP encryption, there is an additional cost. However, it is similar to a separate product altogether. If you want to use that or not, it is optional, but when you use it, it will cost you additional pricing.

My team worked on FireEye and Cisco solutions. When comparing McAfee ePolicy Orchestrator to both these solutions, there are pros and cons for each. Some features are positive and really good in McAfee in terms of the UI, and easy-to-use Console. However, when compared to advanced features, such as EDR, FireEye and Cisco are better compared to McAfee.

The antivirus measurement, compliance, and deploying the agents, are much easier in McAfee ePolicy Orchestrator compared to FireEye and Cisco.

My advice to those wanting to implement McAfee ePolicy Orchestrator is to keep it distributed. Whatever components you can distribute in terms of connectors need to be put in different locations. It will be taken care of properly. Otherwise, there will be lots of noncompliance issues and lots of loads on the network because it is bandwidth-intensive.

If we have a larger user database for the organization, then keep it local. To allow a minimum load on the EPO. We should do the maintenance of the EPO quarterly in terms of the database maintenance or in terms of the laws, policies. It should be reviewed periodically with the help of your support to make sure that your policies will not go wrong or your database will not create any errors. If there are errors there will be a problem to recover the data. If we don't do the maintenance, then there are quite chances of crashing the database

I rate McAfee ePolicy Orchestrator an eight out of ten.

On-premises

We have deployed McAfee ePolicy Orchestrator in the cloud and on-premise.

We are using McAfee ePolicy Orchestrator mainly for device policy management. We have many different solutions that we manage with McAfee ePolicy Orchestrator.

The valuable feature of the McAfee ePolicy Orchestrator is the management of the policies.

I have used McAfee ePolicy Orchestrator within the last 12 months.

I have found McAfee ePolicy Orchestrator to be stable.

We have approximately 1,200 users using McAfee ePolicy Orchestrator in my organization. If we expand we will purchase more licenses.

McAfee ePolicy Orchestrator support has been helpful. However, sometimes when  I raise the case they take a while to answer. For example, the last time I used them it took them two weeks to reply back by email. No one has contacted me back since. They should improve their service.

I have not used another solution in this category.

The implementation of the McAfee ePolicy Orchestrator is simple, it took us approximately 45 minutes.

We did the implementation of the McAfee ePolicy Orchestrator in-house.

McAfee ePolicy Orchestrator is not an expensive solution.

I would recommend this solution to others.

I rate McAfee ePolicy Orchestrator an eight out of ten.

We primarily use the solution as an antivirus, a client antivirus. We have a license for device control from where we can block USBs, DVDs, smartphones, etc from connecting to the computers.

Regarding malware, it's great at detecting viruses and malware. We haven't had the problem for the last ten years. It just works.

It's pretty simple in terms of managing things on ePO. You have to have some experience, however, it's pretty simple to understand.

The solution is easy to deploy. I have to do the upgrade now from an older version to the latest one, and I'm checking both upgrade and fresh install of the latest version, and it seems pretty easy.

The solution is quite stable. We haven't had any problem since it is installed.

The scalability is great.

I can't speak to what is missing from the latest version. We have an old version and in the coming weeks, we are going to upgrade to the latest version. We have to see on that one if there are any missing features. 

One thing that I don't like is that McAfee products change very often and upgrade very often. The annoying thing that I have noticed is that these new products do not work anymore on older Windows versions. Let's say a new version of antivirus does not install on Windows 8. You have to implement an older McAfee in an old version of Windows. 

I have been working at this company for about six years. The company has maybe used it for at least 10 years.

The stability has been great for a decade. It requires very little maintenance and runs without issue. There are no bugs or glitches. It doesn't crash or freeze. 

You can easily scale the solution up. It's not a problem.

We haven't required technical support in the last few years. Everything that has to be done, we have done it by ourselves. We didn't have any big issues to report that would have required support. Therefore, I can't comment on them from personal experience.

That said, we have had some online meetings with the McAfee staff to see the new products and new licenses that we want to buy from them. 

We might, in the future, implement Endpoint Detection and Response, however, for now, we haven't got that feature.

The deployment process is pretty easy. Soon, I'll have to go to the latest version, and we will have to do two sequential upgrades to go to another version and then to the latest version. I'm seeking to install it from the beginning to a new server and so far it looks to be pretty simple.

I can't speak to the cost of the solution. Another department handles that aspect.

We are customers and end-users.

I would rate the solution at an eight out of ten.

On-premises

We're using this solution for its antivirus and device control. We are partners with McAfee and resellers, and I am an engineer. 

The MVISION Insights is a good feature because it gives users the ability to see what's out there, which is what our customers are looking for. I know that they are adding ISO application control which is also a good feature.

There are some features available with the on-premise version that are unfortunately not available on cloud such as encryption. For now, there is only management for native encryption and not full drive encryption. I'd like to see more integration and a lighter antivirus; most of the complaints from customers relate to the search utilization.

There needs to be more integration. Customers want to see MVISION Cloud integrated with things like SIEM, whether it's Microsoft, Fortinet, or something else.

The solution is stable, quite a number of our customers are running it and there haven't really been any problems. 

The solution is scalable. 

The technical support is very good and they respond quite quickly. 

The initial setup is very easy and the system only requires one person that has reasonable knowledge to manage it. 

I think that licensing costs are reasonable and you get your money's worth.  

Companies like Palo Alto and Check Point have amazing SOAR solutions; in the case of Check Point it's an EDR type solution. I think McAfee MVISION is much better now that we have things like Insights. McAfee's advantage is that there are fewer false positives compared to some of these other vendors, so I'd say they're doing well.

There is a trade-off between the on-prem version and the cloud version. Some features that are available on-prem are not available on cloud but there are other features we can get on cloud that are not available on-prem. I believe this is a good solution and rate it nine out of 10. 

Public Cloud

We're pretty much using it as a traditional AV.

It has brought what it is built for. It has brought traditional AV capabilities and signature-based scanning.

The general endpoint protection is valuable, and it is easy to manage.

There should be more insights and completeness into the cyber kill chain, similar to CrowdStrike and SentinelOne. It just seems a little outdated in being 100% signature-based without all of the insights and protections that come with CrowdStrike and SentinelOne. Overall, they've got some catching up to do if they plan to compete in the comprehensive EDR space.

I have been using this solution for five years.

It is stable. There are no concerns there. It didn't consume a lot of resources and things like that. We didn't see issues from that perspective.

It is fairly easy to add new devices. It is controlled within our environment. 

All employees and all servers are using it. It is being used extensively, but we don't plan to increase its usage because we're looking to get a replacement for this solution.

Their technical support is average.

It wasn't McAfee ePO. It was the even lesser AV five years ago. It has been McAfee ever since from my AV protection standpoint.

Its initial setup was straightforward. It took a couple of days. It has been pretty easy to add new machines ever since.

It was an in-house job. In terms of maintenance, it requires minimal maintenance. We have our security services provider to take care of maintenance.

It is attractively priced. It is a fraction of what we're going to pay for CrowdStrike or SentinelOne, but it only has a fraction of the capabilities as well.

It is great if you're looking for a traditional signature-based AV product, but if you're looking for a more comprehensive EDR solution, then CrowdStrike and SentinelOne are clearly the top two within that space.

Overall, I would rate it a seven out of 10. If I'm rating it for a traditional AV product, I'd give it a nine or 10 because it totally solves that use case, but if I'm rating it against a comprehensive EDR solution, which includes traditional AV and next-gen behavioral capability, then it would be a five, but they're not necessarily apples to apples.

On-premises