Antivirus Support Team Lead at a insurance company with 1,001-5,000 employees
Centralized security management software that allows management of various McAfee products on the client computers.
What is most valuable?
Easy interface, reliability, scalability, built-in reporting.
How has it helped my organization?
We integrate more and more client computers from different supported businesses across the globe into a single ePO environment managed by a single support team, thus reducing support staff and unifying security policies across organization providing the anti-malware protection to the endpoints (both to servers and to workstations).
What needs improvement?
a. Reporting: The pre-canned ePO queries can be improved
For how long have I used the solution?
We use different versions of McAfee ePO for the last 10 years (v. 2.5 through v. 4.6).
Buyer's Guide
McAfee ePolicy Orchestrator
March 2025

Learn what your peers think about McAfee ePolicy Orchestrator. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,767 professionals have used our research since 2012.
What was my experience with deployment of the solution?
No
What do I think about the stability of the solution?
No
What do I think about the scalability of the solution?
No
How are customer service and support?
Customer Service: GoodTechnical Support: Good. However there is no definite SLA when a complicate issue is escalated to McAfee Level 3 or to McAfee software developers.
Which solution did I use previously and why did I switch?
We used to use Computers Associates AAO software till 2003. The McAfee manageability and price was much better.
How was the initial setup?
Straightforward
What about the implementation team?
We invited the vendor team. I’d rate their level of expertise 4 out of 5.
What other advice do I have?
I like McAfee ePolicy Orchestrator software. It is great centralized security management software that allows management of various McAfee products on the client computers. McAfee ePO makes risk and compliance management in the organization simpler and more reliable.
Disclosure: I am a real user, and this review is based on my own experience and opinions.

Senior Manager of System Security with 5,001-10,000 employees
Although it has the ability to auto create service tickets, it needs to expand to allow more products this ability.
What is most valuable?
Automatic workflow remediation
How has it helped my organization?
By setting up automatic workflows for specific tasks by the use of property tags there is less hands on intervention needed.
What needs improvement?
Although it has the ability to auto create service tickets, it needs to expand to allow more products this ability. It also seriously needs a better way to direct connect to remote users not located within the network.
For how long have I used the solution?
12 years
What was my experience with deployment of the solution?
Yes, someone who doesn’t understand their environment and the configuration needed cannot just turn everything on and let it go.
What do I think about the stability of the solution?
No
What do I think about the scalability of the solution?
No, we were able to scale this from a single location within the US of 100 endpoints to 5,000+ globally within a week with only 10% of the systems having a problem that needed to be addressed because of a specialized configuration.
How are customer service and technical support?
Customer Service: 8 out of 10Technical Support: 8 out of 10
Which solution did I use previously and why did I switch?
Kaspersky, the management console is very cumbersome and difficult to manage and doesn’t allow for the fine grained control of ePO.
How was the initial setup?
It’s straightforward until you get to some of the advanced components such as a DMZ and agent handler deployment.
What about the implementation team?
In-house, I personally did the implementation, configuration and management.
What was our ROI?
Saves a company 20 man hours a week. The true dollar value ROI is going to be based on the cost of the product for a particular company, since that can vary depending on the negotiated contract terms.
What's my experience with pricing, setup cost, and licensing?
This product will take 40 man hours for setup, configuration and deployment once the environment information is gathered.
Which other solutions did I evaluate?
Yes, Trend Micro
What other advice do I have?
There is no other product out there with the control and overall security components that can do what ePO can.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
McAfee ePolicy Orchestrator
March 2025

Learn what your peers think about McAfee ePolicy Orchestrator. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,767 professionals have used our research since 2012.
Network Security Consultant at a tech services company with 10,001+ employees
Scalable, good support, and simple endpoint installation
Pros and Cons
- "The most valuable features of McAfee ePolicy Orchestrator are the easy-to-use console, and lots of reports, such as customized reports and inventory reports. Additionally, overall the centralized management is very good where you can see the compliance levels and inventory."
- "The solution could improve the EDR component in many areas, such as the zero-day and persistent threats. The implementation is also complex for this feature."
What is our primary use case?
McAfee ePolicy Orchestrator is used to manage endpoints, networks, compliance, and data security.
What is most valuable?
The most valuable features of McAfee ePolicy Orchestrator are the easy-to-use console, and lots of reports, such as customized reports and inventory reports. Additionally, overall the centralized management is very good where you can see the compliance levels and inventory.
What needs improvement?
The solution could improve the EDR component in many areas, such as the zero-day and persistent threats. The implementation is also complex for this feature.
There are different policies in the solution, such as EPO for EDR, and for Sandboxing, but when it comes to the EPO it is only for the policy orchestration and not for the analysis, incident management, or for the team who is working on the cyber security. They need to know how to use a different console, which is integrated nicely in their cloud platform called Envision but they have not done it in the EPO.
I don't know what the McAfee strategy is, why they have not integrated the EDR analysis piece into the EPO. It is already available in the Envision, but not in the EPO. This is a difficulty. Whenever there needs to be any analysis, correlation, and in-depth EDR functionality it is not part of the EDR. There is a separate console for it. We need to depend on the inventory and the policy, and the EPO, but when it comes to analysis and in-depth alert details, then we need to dive into another console.
There are times when it is good to have one console to allow people to receive the trained analysis and historical data related to that particular incident.
For how long have I used the solution?
I have been using McAfee ePolicy Orchestrator for approximately 10 years.
What do I think about the stability of the solution?
A lot of the components of McAfee ePolicy Orchestrator, such as Sandboxing, DX, and ATP are not stable. However, the antivirus is stable.
What do I think about the scalability of the solution?
The scalability of the McAfee ePolicy Orchestrator is good.
We have more than 75,000 users using this solution. We are using a combination of McAfee and FireEye where the antivirus part is provided by McAfee and the EDR part is covered by FireEye. Our next target is to combine both of these elements, either FireEye or McAfee.
How are customer service and support?
The technical support of McAfee is great.
Which solution did I use previously and why did I switch?
I have used other solutions, such as FireEye and Cisco solutions.
How was the initial setup?
The deployment of the McAfee ePolicy Orchestrator is very easy on the endpoints. However, deploying the solution in a large enterprise is very difficult. In terms of all the components of McAfee, it is difficult. There are lots of false positives and manual effort required for deploying the advanced component section.
What about the implementation team?
McAfee ePolicy Orchestrator requires lots of maintenance and we have had many performance issues. We have done maintenance for our databases approximately three times and it is a difficult job. The maintenance is time-consuming and it's a very difficult job to do.
When the database that we are managing is almost 70 - 80,000 systems, it is quite difficult to have an EPO, wherein everything is central, such as policy, database, asset, and inventory. There is a lot of load on the central server. For a long time, McAfee has been using central management where there are no distributed components. Everything is getting loaded on EPO and it is creating lots of maintenance work.
What's my experience with pricing, setup cost, and licensing?
There is a license required to use this solution. If we use the additional components, such as DLP encryption, there is an additional cost. However, it is similar to a separate product altogether. If you want to use that or not, it is optional, but when you use it, it will cost you additional pricing.
Which other solutions did I evaluate?
My team worked on FireEye and Cisco solutions. When comparing McAfee ePolicy Orchestrator to both these solutions, there are pros and cons for each. Some features are positive and really good in McAfee in terms of the UI, and easy-to-use Console. However, when compared to advanced features, such as EDR, FireEye and Cisco are better compared to McAfee.
The antivirus measurement, compliance, and deploying the agents, are much easier in McAfee ePolicy Orchestrator compared to FireEye and Cisco.
What other advice do I have?
My advice to those wanting to implement McAfee ePolicy Orchestrator is to keep it distributed. Whatever components you can distribute in terms of connectors need to be put in different locations. It will be taken care of properly. Otherwise, there will be lots of noncompliance issues and lots of loads on the network because it is bandwidth-intensive.
If we have a larger user database for the organization, then keep it local. To allow a minimum load on the EPO. We should do the maintenance of the EPO quarterly in terms of the database maintenance or in terms of the laws, policies. It should be reviewed periodically with the help of your support to make sure that your policies will not go wrong or your database will not create any errors. If there are errors there will be a problem to recover the data. If we don't do the maintenance, then there are quite chances of crashing the database
I rate McAfee ePolicy Orchestrator an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
System Administrator at International Media Investments
Effective policy management, quick installation, and helpful support
Pros and Cons
- "The valuable feature of the McAfee ePolicy Orchestrator is the management of the policies."
- "McAfee ePolicy Orchestrator support has been helpful. However, sometimes when I raise the case they take a while to answer. For example, the last time I used them it took them two weeks to reply back by email. No one has contacted me back since. They should improve their service."
What is our primary use case?
We have deployed McAfee ePolicy Orchestrator in the cloud and on-premise.
We are using McAfee ePolicy Orchestrator mainly for device policy management. We have many different solutions that we manage with McAfee ePolicy Orchestrator.
What is most valuable?
The valuable feature of the McAfee ePolicy Orchestrator is the management of the policies.
For how long have I used the solution?
I have used McAfee ePolicy Orchestrator within the last 12 months.
What do I think about the stability of the solution?
I have found McAfee ePolicy Orchestrator to be stable.
What do I think about the scalability of the solution?
We have approximately 1,200 users using McAfee ePolicy Orchestrator in my organization. If we expand we will purchase more licenses.
How are customer service and support?
McAfee ePolicy Orchestrator support has been helpful. However, sometimes when I raise the case they take a while to answer. For example, the last time I used them it took them two weeks to reply back by email. No one has contacted me back since. They should improve their service.
Which solution did I use previously and why did I switch?
I have not used another solution in this category.
How was the initial setup?
The implementation of the McAfee ePolicy Orchestrator is simple, it took us approximately 45 minutes.
What about the implementation team?
We did the implementation of the McAfee ePolicy Orchestrator in-house.
What's my experience with pricing, setup cost, and licensing?
McAfee ePolicy Orchestrator is not an expensive solution.
What other advice do I have?
I would recommend this solution to others.
I rate McAfee ePolicy Orchestrator an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Technical Support Engineer at Professional Technologies Kenya
MVISION Insights enables customers to see what's out there and we're getting less false positives
Pros and Cons
- "We get fewer false positives than with other solutions."
- "Features such as full drive encryption are lacking in the cloud version."
What is our primary use case?
We're using this solution for its antivirus and device control. We are partners with McAfee and resellers, and I am an engineer.
What is most valuable?
The MVISION Insights is a good feature because it gives users the ability to see what's out there, which is what our customers are looking for. I know that they are adding ISO application control which is also a good feature.
What needs improvement?
There are some features available with the on-premise version that are unfortunately not available on cloud such as encryption. For now, there is only management for native encryption and not full drive encryption. I'd like to see more integration and a lighter antivirus; most of the complaints from customers relate to the search utilization.
There needs to be more integration. Customers want to see MVISION Cloud integrated with things like SIEM, whether it's Microsoft, Fortinet, or something else.
What do I think about the stability of the solution?
The solution is stable, quite a number of our customers are running it and there haven't really been any problems.
What do I think about the scalability of the solution?
The solution is scalable.
How are customer service and support?
The technical support is very good and they respond quite quickly.
How was the initial setup?
The initial setup is very easy and the system only requires one person that has reasonable knowledge to manage it.
What's my experience with pricing, setup cost, and licensing?
I think that licensing costs are reasonable and you get your money's worth.
Which other solutions did I evaluate?
Companies like Palo Alto and Check Point have amazing SOAR solutions; in the case of Check Point it's an EDR type solution. I think McAfee MVISION is much better now that we have things like Insights. McAfee's advantage is that there are fewer false positives compared to some of these other vendors, so I'd say they're doing well.
What other advice do I have?
There is a trade-off between the on-prem version and the cloud version. Some features that are available on-prem are not available on cloud but there are other features we can get on cloud that are not available on-prem. I believe this is a good solution and rate it nine out of 10.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Chief Information Security Officer at a venture capital & private equity firm with 201-500 employees
Attractively priced and easy to manage, but seems a little outdated in being 100% signature-based without all of the insights and protections
Pros and Cons
- "The general endpoint protection is valuable, and it is easy to manage."
- "There should be more insights and completeness into the cyber kill chain, similar to CrowdStrike and SentinelOne. It just seems a little outdated in being 100% signature-based without all of the insights and protections that come with CrowdStrike and SentinelOne. Overall, they've got some catching up to do if they plan to compete in the comprehensive EDR space."
What is our primary use case?
We're pretty much using it as a traditional AV.
How has it helped my organization?
It has brought what it is built for. It has brought traditional AV capabilities and signature-based scanning.
What is most valuable?
The general endpoint protection is valuable, and it is easy to manage.
What needs improvement?
There should be more insights and completeness into the cyber kill chain, similar to CrowdStrike and SentinelOne. It just seems a little outdated in being 100% signature-based without all of the insights and protections that come with CrowdStrike and SentinelOne. Overall, they've got some catching up to do if they plan to compete in the comprehensive EDR space.
For how long have I used the solution?
I have been using this solution for five years.
What do I think about the stability of the solution?
It is stable. There are no concerns there. It didn't consume a lot of resources and things like that. We didn't see issues from that perspective.
What do I think about the scalability of the solution?
It is fairly easy to add new devices. It is controlled within our environment.
All employees and all servers are using it. It is being used extensively, but we don't plan to increase its usage because we're looking to get a replacement for this solution.
How are customer service and technical support?
Their technical support is average.
Which solution did I use previously and why did I switch?
It wasn't McAfee ePO. It was the even lesser AV five years ago. It has been McAfee ever since from my AV protection standpoint.
How was the initial setup?
Its initial setup was straightforward. It took a couple of days. It has been pretty easy to add new machines ever since.
What about the implementation team?
It was an in-house job. In terms of maintenance, it requires minimal maintenance. We have our security services provider to take care of maintenance.
What's my experience with pricing, setup cost, and licensing?
It is attractively priced. It is a fraction of what we're going to pay for CrowdStrike or SentinelOne, but it only has a fraction of the capabilities as well.
What other advice do I have?
It is great if you're looking for a traditional signature-based AV product, but if you're looking for a more comprehensive EDR solution, then CrowdStrike and SentinelOne are clearly the top two within that space.
Overall, I would rate it a seven out of 10. If I'm rating it for a traditional AV product, I'd give it a nine or 10 because it totally solves that use case, but if I'm rating it against a comprehensive EDR solution, which includes traditional AV and next-gen behavioral capability, then it would be a five, but they're not necessarily apples to apples.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Security Consultant at ZOL Zimbabwe
Configure and deploy everything from a single web-based interface
Pros and Cons
- "I really like the auditing component because it really looks at exactly what has happened on the network."
- "They have to do something to make the solution more resilient or recoverable from power failure events, which may include creating their own database."
What is our primary use case?
I have been working with McAfee ePolicy Orchestrator since 2005.
We are a service provider and system integrator, and this is one of the solutions that we provide for our clients. Most of the deployments we have done are on-premises.
What is most valuable?
The most valuable feature of this solution is the ability to configure and deploy everything from a single, web-based interface.
What needs improvement?
This solution ships with SQL Express, and we have issues related to database corruption in the event of power loss. Especially on this side of the world, we have a lot of power outages and most companies do not have backup power solutions. In most cases, when the power goes out, the database tends to corrupt a lot. For example, clients will be having trouble logging on because the login credentials are corrupt. They have to do something to make the solution more resilient or recoverable from power failure events, which may include creating their own database.
What do I think about the stability of the solution?
This is a stable solution to use. The only problem that I've noticed relates to updates, and it has only started recently. After getting an update, there are issues with connecting. It all comes down to how often the machines update their Windows OS. McAfee tends to have a problem with connectivity and stuff like that.
What do I think about the scalability of the solution?
In terms of scalability, McAfee is the best there is from all of the products that I've used. Why I say that is because you can manage a lot of products if you install the endpoint security pack. The is one of the products that has impressed me over the years. There is a version of the solution that actually allows you to manage certain versions of Symantec products. So, this is a good product, and when it comes to scalability, I think it's one of those products that you won't go wrong with.
We do have some larger corporate clients, but there are not many of them. Most of the client base in Zimbabwe is small to medium-sized business. The majority have less than two-hundred and fifty PCs on-site, which I consider being small or medium size. We also do support for hospitals, schools, universities, and even government.
How are customer service and technical support?
McAfee technical support is ok, but we do not contact them very often. Every year, they impose certifications on us, so in most cases, we have certifications for the different products that we support. This means that we hardly require support because we are well equipped when it comes to doing our job. If we do get something that we don't quite understand, McAfee has got a knowledge base that we usually refer to. This is helpful when it comes to some of the problems that we face.
How was the initial setup?
Over the years, I've noticed that the initial setup is very easy. It may be because I've worked with it for a long time, but the initial setup is easy, and even when it comes to doing the configuring for the projects, it is not complex.
Most of the setups that I have done are on-premises, where I have to set up the physical machine, and I haven't had any problems. It usually takes less than thirty minutes for everything to be set up and the deployment complete.
What about the implementation team?
We implement this solution for our clients.
What other advice do I have?
This is a solution I recommend very much. For anybody who is implementing this solution, I suggest that they read through the product manuals and documentation. I have noticed that it is an advantage to read through the manuals because people who do not, tend to miss things, and then blame the product for not working. I would say that McAfee is a good product, and over the years I have found it to be very stable and very effective when it comes to managing other products. We have all that we wanted to do with McAfee.
In the time that I have been using this solution, I've noticed that when I perform a setup on different platforms or different networks, I've gotten to learn new things because each and every network is different. When it comes to troubleshooting network issues, I have learned a lot, especially things related to cybersecurity.
This is a very good product, but they have a database issue. Having a McAfee-only solution, rather than having to bring in a Microsoft product, or one from another vendor would make this solution perfect.
I would rate this solution an eight out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Lead Software Developer at Peristent Systems
Is user-friendly, stable, and scalable
Pros and Cons
- "I like the solution's feasibility. McAfee ePolicy Orchestrator is also better and easier to use than other ePOs."
- "The installation process is quite difficult and requires technical support."
What is our primary use case?
We use McAfee ePolicy Orchestrator to see attacks in real time. We also use it for storage as well.
What is most valuable?
I like the solution's feasibility. McAfee ePolicy Orchestrator is also better and easier to use than other ePOs.
What needs improvement?
The installation process is quite difficult and requires technical support.
For how long have I used the solution?
I've been using this solution for one month.
What do I think about the stability of the solution?
It is a stable solution.
What do I think about the scalability of the solution?
McAfee ePolicy Orchestrator is scalable, and we have 25 users in our organization. We are an enterprise level company.
How was the initial setup?
The implementation process is complex and requires four to six people, including a QA person.
It was a complex process because we needed access approvals to use SaaS, and the URLs would get decommissioned most of the time. We also faced problems with end-to-end encryption.
What about the implementation team?
I implemented it with the help of my senior architect.
What other advice do I have?
On a scale from one to ten, I would rate McAfee ePolicy Orchestrator at eight.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.

Buyer's Guide
Download our free McAfee ePolicy Orchestrator Report and get advice and tips from experienced pros
sharing their opinions.
Updated: March 2025
Product Categories
Security Orchestration Automation and Response (SOAR)Popular Comparisons
Microsoft Sentinel
Elastic Security
Palo Alto Networks Cortex XSOAR
Splunk SOAR
ServiceNow Security Operations
Buyer's Guide
Download our free McAfee ePolicy Orchestrator Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- How easy is it to integrate Microsoft Intune with McAfee ePolicy Orchestrator?
- Which is better - Mcafee's MVision ePO or ePolicy Orchestrator?
- What are the Top 5 cybersecurity trends in 2022?
- What is the difference between SIEM and SOAR platforms?
- What is an incident response playbook and how is it used in SOAR?
- What are the latest trends in Security Operations Center (SOC)?
- What tools and solutions do you use for automated incident response in an enterprise in 2022?
- How to evaluate SIEM detection rules?
- Why a Security Operations Center (SOC) is important?
- What types of Security Operations Center (SOC) deployment models do exist?