McAfee ePolicy Orchestrator Reviews

I have been working with McAfee ePolicy Orchestrator since 2005.

We are a service provider and system integrator, and this is one of the solutions that we provide for our clients. Most of the deployments we have done are on-premises.

The most valuable feature of this solution is the ability to configure and deploy everything from a single, web-based interface.

This solution ships with SQL Express, and we have issues related to database corruption in the event of power loss. Especially on this side of the world, we have a lot of power outages and most companies do not have backup power solutions. In most cases, when the power goes out, the database tends to corrupt a lot. For example, clients will be having trouble logging on because the login credentials are corrupt. They have to do something to make the solution more resilient or recoverable from power failure events, which may include creating their own database.

This is a stable solution to use. The only problem that I've noticed relates to updates, and it has only started recently. After getting an update, there are issues with connecting. It all comes down to how often the machines update their Windows OS. McAfee tends to have a problem with connectivity and stuff like that.

In terms of scalability, McAfee is the best there is from all of the products that I've used. Why I say that is because you can manage a lot of products if you install the endpoint security pack. The is one of the products that has impressed me over the years. There is a version of the solution that actually allows you to manage certain versions of Symantec products. So, this is a good product, and when it comes to scalability, I think it's one of those products that you won't go wrong with.

We do have some larger corporate clients, but there are not many of them. Most of the client base in Zimbabwe is small to medium-sized business. The majority have less than two-hundred and fifty PCs on-site, which I consider being small or medium size. We also do support for hospitals, schools, universities, and even government.

McAfee technical support is ok, but we do not contact them very often. Every year, they impose certifications on us, so in most cases, we have certifications for the different products that we support. This means that we hardly require support because we are well equipped when it comes to doing our job. If we do get something that we don't quite understand, McAfee has got a knowledge base that we usually refer to. This is helpful when it comes to some of the problems that we face.

Over the years, I've noticed that the initial setup is very easy. It may be because I've worked with it for a long time, but the initial setup is easy, and even when it comes to doing the configuring for the projects, it is not complex.

Most of the setups that I have done are on-premises, where I have to set up the physical machine, and I haven't had any problems. It usually takes less than thirty minutes for everything to be set up and the deployment complete.

We implement this solution for our clients.

This is a solution I recommend very much. For anybody who is implementing this solution, I suggest that they read through the product manuals and documentation. I have noticed that it is an advantage to read through the manuals because people who do not, tend to miss things, and then blame the product for not working. I would say that McAfee is a good product, and over the years I have found it to be very stable and very effective when it comes to managing other products. We have all that we wanted to do with McAfee.

In the time that I have been using this solution, I've noticed that when I perform a setup on different platforms or different networks, I've gotten to learn new things because each and every network is different. When it comes to troubleshooting network issues, I have learned a lot, especially things related to cybersecurity.

This is a very good product, but they have a database issue. Having a McAfee-only solution, rather than having to bring in a Microsoft product, or one from another vendor would make this solution perfect.

I would rate this solution an eight out of ten.

Easy interface, reliability, scalability, built-in reporting.

We integrate more and more client computers from different supported businesses across the globe into a single ePO environment managed by a single support team, thus reducing support staff and unifying security policies across organization providing the anti-malware protection to the endpoints (both to servers and to workstations).

a. Reporting: The pre-canned ePO queries can be improved

We use different versions of McAfee ePO for the last 10 years (v. 2.5 through v. 4.6).

No

No

No

Customer Service: GoodTechnical Support: Good. However there is no definite SLA when a complicate issue is escalated to McAfee Level 3 or to McAfee software developers.

We used to use Computers Associates AAO software till 2003. The McAfee manageability and price was much better.

Straightforward

We invited the vendor team. I’d rate their level of expertise 4 out of 5.

I like McAfee ePolicy Orchestrator software. It is great centralized security management software that allows management of various McAfee products on the client computers. McAfee ePO makes risk and compliance management in the organization simpler and more reliable.

We primarily use the solution as an antivirus, a client antivirus. We have a license for device control from where we can block USBs, DVDs, smartphones, etc from connecting to the computers.

Regarding malware, it's great at detecting viruses and malware. We haven't had the problem for the last ten years. It just works.

It's pretty simple in terms of managing things on ePO. You have to have some experience, however, it's pretty simple to understand.

The solution is easy to deploy. I have to do the upgrade now from an older version to the latest one, and I'm checking both upgrade and fresh install of the latest version, and it seems pretty easy.

The solution is quite stable. We haven't had any problem since it is installed.

The scalability is great.

I can't speak to what is missing from the latest version. We have an old version and in the coming weeks, we are going to upgrade to the latest version. We have to see on that one if there are any missing features. 

One thing that I don't like is that McAfee products change very often and upgrade very often. The annoying thing that I have noticed is that these new products do not work anymore on older Windows versions. Let's say a new version of antivirus does not install on Windows 8. You have to implement an older McAfee in an old version of Windows. 

I have been working at this company for about six years. The company has maybe used it for at least 10 years.

The stability has been great for a decade. It requires very little maintenance and runs without issue. There are no bugs or glitches. It doesn't crash or freeze. 

You can easily scale the solution up. It's not a problem.

We haven't required technical support in the last few years. Everything that has to be done, we have done it by ourselves. We didn't have any big issues to report that would have required support. Therefore, I can't comment on them from personal experience.

That said, we have had some online meetings with the McAfee staff to see the new products and new licenses that we want to buy from them. 

We might, in the future, implement Endpoint Detection and Response, however, for now, we haven't got that feature.

The deployment process is pretty easy. Soon, I'll have to go to the latest version, and we will have to do two sequential upgrades to go to another version and then to the latest version. I'm seeking to install it from the beginning to a new server and so far it looks to be pretty simple.

I can't speak to the cost of the solution. Another department handles that aspect.

We are customers and end-users.

I would rate the solution at an eight out of ten.

On-premises

McAfee ePolicy Orchestrator is used to manage endpoints, networks, compliance, and data security.

The most valuable features of McAfee ePolicy Orchestrator are the easy-to-use console, and lots of reports, such as customized reports and inventory reports. Additionally, overall the centralized management is very good where you can see the compliance levels and inventory.

The solution could improve the EDR component in many areas, such as the zero-day and persistent threats. The implementation is also complex for this feature.

There are different policies in the solution, such as EPO for EDR, and for Sandboxing, but when it comes to the EPO it is only for the policy orchestration and not for the analysis, incident management, or for the team who is working on the cyber security. They need to know how to use a different console, which is integrated nicely in their cloud platform called Envision but they have not done it in the EPO. 

I don't know what the McAfee strategy is, why they have not integrated the EDR analysis piece into the EPO. It is already available in the Envision, but not in the EPO. This is a difficulty. Whenever there needs to be any analysis, correlation, and in-depth EDR functionality it is not part of the EDR. There is a separate console for it. We need to depend on the inventory and the policy, and the EPO, but when it comes to analysis and in-depth alert details, then we need to dive into another console.

There are times when it is good to have one console to allow people to receive the trained analysis and historical data related to that particular incident.

I have been using McAfee ePolicy Orchestrator for approximately 10 years.

A lot of the components of McAfee ePolicy Orchestrator, such as Sandboxing, DX, and  ATP are not stable. However, the antivirus is stable.

The scalability of the McAfee ePolicy Orchestrator is good.

We have more than 75,000 users using this solution. We are using a combination of McAfee and FireEye where the antivirus part is provided by McAfee and the EDR part is covered by FireEye. Our next target is to combine both of these elements, either FireEye or McAfee.

The technical support of McAfee is great.

I have used other solutions, such as FireEye and Cisco solutions.

The deployment of the McAfee ePolicy Orchestrator is very easy on the endpoints. However, deploying the solution in a large enterprise is very difficult. In terms of all the components of McAfee, it is difficult. There are lots of false positives and manual effort required for deploying the advanced component section.

McAfee ePolicy Orchestrator requires lots of maintenance and we have had many performance issues. We have done maintenance for our databases approximately three times and it is a difficult job. The maintenance is time-consuming and it's a very difficult job to do.

When the database that we are managing is almost 70 - 80,000 systems, it is quite difficult to have an EPO, wherein everything is central, such as policy, database, asset, and inventory. There is a lot of load on the central server. For a long time, McAfee has been using central management where there are no distributed components. Everything is getting loaded on EPO and it is creating lots of maintenance work.

There is a license required to use this solution. If we use the additional components, such as DLP encryption, there is an additional cost. However, it is similar to a separate product altogether. If you want to use that or not, it is optional, but when you use it, it will cost you additional pricing.

My team worked on FireEye and Cisco solutions. When comparing McAfee ePolicy Orchestrator to both these solutions, there are pros and cons for each. Some features are positive and really good in McAfee in terms of the UI, and easy-to-use Console. However, when compared to advanced features, such as EDR, FireEye and Cisco are better compared to McAfee.

The antivirus measurement, compliance, and deploying the agents, are much easier in McAfee ePolicy Orchestrator compared to FireEye and Cisco.

My advice to those wanting to implement McAfee ePolicy Orchestrator is to keep it distributed. Whatever components you can distribute in terms of connectors need to be put in different locations. It will be taken care of properly. Otherwise, there will be lots of noncompliance issues and lots of loads on the network because it is bandwidth-intensive.

If we have a larger user database for the organization, then keep it local. To allow a minimum load on the EPO. We should do the maintenance of the EPO quarterly in terms of the database maintenance or in terms of the laws, policies. It should be reviewed periodically with the help of your support to make sure that your policies will not go wrong or your database will not create any errors. If there are errors there will be a problem to recover the data. If we don't do the maintenance, then there are quite chances of crashing the database

I rate McAfee ePolicy Orchestrator an eight out of ten.

On-premises

We're using this solution for its antivirus and device control. We are partners with McAfee and resellers, and I am an engineer. 

The MVISION Insights is a good feature because it gives users the ability to see what's out there, which is what our customers are looking for. I know that they are adding ISO application control which is also a good feature.

There are some features available with the on-premise version that are unfortunately not available on cloud such as encryption. For now, there is only management for native encryption and not full drive encryption. I'd like to see more integration and a lighter antivirus; most of the complaints from customers relate to the search utilization.

There needs to be more integration. Customers want to see MVISION Cloud integrated with things like SIEM, whether it's Microsoft, Fortinet, or something else.

The solution is stable, quite a number of our customers are running it and there haven't really been any problems. 

The solution is scalable. 

The technical support is very good and they respond quite quickly. 

The initial setup is very easy and the system only requires one person that has reasonable knowledge to manage it. 

I think that licensing costs are reasonable and you get your money's worth.  

Companies like Palo Alto and Check Point have amazing SOAR solutions; in the case of Check Point it's an EDR type solution. I think McAfee MVISION is much better now that we have things like Insights. McAfee's advantage is that there are fewer false positives compared to some of these other vendors, so I'd say they're doing well.

There is a trade-off between the on-prem version and the cloud version. Some features that are available on-prem are not available on cloud but there are other features we can get on cloud that are not available on-prem. I believe this is a good solution and rate it nine out of 10. 

Public Cloud

I use the solution for two things - as an antivirus for a spider scan enterprise and endpoint protection, and also to make application whitelisting, or application blocking, where we only allow certain applications to run on the server, in case the server has been compromised. That could mean our ePO scripts or anything might be compromised and it can't run. We install a plug-in so it won't run any executables which are not whitelisted. We're a cyber security company and a customer of McAfee. 

The security is a key feature and the console is very user friendly. I like that there are multiple options for reporting. It's a helpful tool. 

The product could have a single plug-in that would have multiple uses rather than a single plug-in which is used for a single purpose. Each aspect has a separate plug-in. They should concentrate on providing something for all of the options that are available.

I've been using this solution for about three years. 

The stability of the product is pretty good. Our entire company uses it and it's deployed throughout. We have five people maintaining it. It runs in the backend and there are around 1,500 to 2,000 people who benefit from it. 

The technical support is pretty poor. 

The initial setup is quite straightforward. You just need to set up an SEO database in the backend and couple the SEO database in the ePO management console. It's quite simple. 

All the endpoint security solutions operate in a similar manner. If you take it as a baseline and if you want to get acquainted with a security solution then I think this is definitely a good tool. Of course, the costing and other factors need to be taken into consideration. 

I would rate this solution a seven out of 10. 

Hybrid Cloud

I am an information system security coordinator and our company is a customer of McAfee. We use the product internally. Our primary use case is for protecting workstations, and servers. We use the antivirus with several modules that have a threat intelligence exchange, DLP and threat protection. It is a firewall hosting through the prevention system, web control and adaptive threat protection. The solution is for workstations and Windows servers. Approximately 1,300 administrators use the product and we have two people responsible for backup.

It's a mandatory system for the protection of endpoints. Without it, the system could be compromised. 

The central manager policy is valuable. It means we have almost all client modules in one solution, which is great. Having firewall web control adapted for protection, and a very easy management console to monitor an infection is important. 

From my point of view, the solution is good. Even if there are problems we're able to find a resolution quite quickly. There were some issues in earlier versions but after the upgrade to the latest version, we haven't had any issues. 

I have noticed several times that some viruses were not detected by McAfee ENS and we had to escalate support and modify detection signatures. The detection aspect should be improved so that signatures are updated more quickly.

For additional features, there really isn't very much to suggest. The main issue would be to improve detection. 

I've been using the product for more than 10 years. 

Stability is good, we haven't had any down time or issues. 

The product is very scalable, it's very easy to add users.

I'm happy with the technical support. 

We've been using McAfee for as long as I've been in the company.

I don't recall how much time it took for the initial deployment but it was a very easy setup, and updates, new versions, etc. are also easy to setup. Deployment is quite a quick process, maximum one hour for a console but now we just do the regular upgrades to the latest version which is a simple process. 

In addition to standard licensing fees, there is an additional cost for every module. 

My advice would be to read the documentation and carry out implementation. It is not complicated, just a matter of deciding which vendor to use.

Because we have a corporate contract, the price is reasonable. We're happy with everything - the dashboard, user interface - it's all good. 

I would rate this product a nine out of 10. 

On-premises

I use McAfee as a solution to monitor our network log systems. I monitor logs and use it to be able to report incidents and get better internal vision. 

The DLP feature is great to have for our users.

There are some issues relating to the automation of reports. That's why I wanted the DLP reports. There are some problems in this area. Sometimes it does not work even though all the configuration words are right. There are also some problems with automatic updates.  

There have been some problems with monitoring the logs. It's not very user-friendly. 

One to three years.

Stability is fine. I haven't had many issues with it.

Scalability is fine. We have around 600 users. We required two or three staff for maintenance and monitoring. They're security analysts, and junior consultants.

Their support is really good. I would rate it a nine out of ten. I have never any issues with their support. They always reply and follow our queries on time.

The initial setup was not straightforward. It takes time to deploy and configure. 

I have not had too many problems with this solution. It works fine. I really like the DLP feature. There are no database issues. 

I would rate it a nine out of ten because it gives IT clarity, it doesn't have database issues, and it hasn't crashed or given us problems in the two years we've been using it. It's a great tool.