McAfee ePolicy Orchestrator Reviews

Easy interface, reliability, scalability, built-in reporting.

We integrate more and more client computers from different supported businesses across the globe into a single ePO environment managed by a single support team, thus reducing support staff and unifying security policies across organization providing the anti-malware protection to the endpoints (both to servers and to workstations).

a. Reporting: The pre-canned ePO queries can be improved

We use different versions of McAfee ePO for the last 10 years (v. 2.5 through v. 4.6).

No

No

No

Customer Service: GoodTechnical Support: Good. However there is no definite SLA when a complicate issue is escalated to McAfee Level 3 or to McAfee software developers.

We used to use Computers Associates AAO software till 2003. The McAfee manageability and price was much better.

Straightforward

We invited the vendor team. I’d rate their level of expertise 4 out of 5.

I like McAfee ePolicy Orchestrator software. It is great centralized security management software that allows management of various McAfee products on the client computers. McAfee ePO makes risk and compliance management in the organization simpler and more reliable.

Automatic workflow remediation

By setting up automatic workflows for specific tasks by the use of property tags there is less hands on intervention needed.

Although it has the ability to auto create service tickets, it needs to expand to allow more products this ability. It also seriously needs a better way to direct connect to remote users not located within the network.

12 years

Yes, someone who doesn’t understand their environment and the configuration needed cannot just turn everything on and let it go.

No

No, we were able to scale this from a single location within the US of 100 endpoints to 5,000+ globally within a week with only 10% of the systems having a problem that needed to be addressed because of a specialized configuration.

Customer Service: 8 out of 10Technical Support: 8 out of 10

Kaspersky, the management console is very cumbersome and difficult to manage and doesn’t allow for the fine grained control of ePO.

It’s straightforward until you get to some of the advanced components such as a DMZ and agent handler deployment.

In-house, I personally did the implementation, configuration and management.

Saves a company 20 man hours a week. The true dollar value ROI is going to be based on the cost of the product for a particular company, since that can vary depending on the negotiated contract terms.

This product will take 40 man hours for setup, configuration and deployment once the environment information is gathered.

Yes, Trend Micro

There is no other product out there with the control and overall security components that can do what ePO can.

McAfee ePolicy Orchestrator is used to manage endpoints, networks, compliance, and data security.

The most valuable features of McAfee ePolicy Orchestrator are the easy-to-use console, and lots of reports, such as customized reports and inventory reports. Additionally, overall the centralized management is very good where you can see the compliance levels and inventory.

The solution could improve the EDR component in many areas, such as the zero-day and persistent threats. The implementation is also complex for this feature.

There are different policies in the solution, such as EPO for EDR, and for Sandboxing, but when it comes to the EPO it is only for the policy orchestration and not for the analysis, incident management, or for the team who is working on the cyber security. They need to know how to use a different console, which is integrated nicely in their cloud platform called Envision but they have not done it in the EPO. 

I don't know what the McAfee strategy is, why they have not integrated the EDR analysis piece into the EPO. It is already available in the Envision, but not in the EPO. This is a difficulty. Whenever there needs to be any analysis, correlation, and in-depth EDR functionality it is not part of the EDR. There is a separate console for it. We need to depend on the inventory and the policy, and the EPO, but when it comes to analysis and in-depth alert details, then we need to dive into another console.

There are times when it is good to have one console to allow people to receive the trained analysis and historical data related to that particular incident.

I have been using McAfee ePolicy Orchestrator for approximately 10 years.

A lot of the components of McAfee ePolicy Orchestrator, such as Sandboxing, DX, and  ATP are not stable. However, the antivirus is stable.

The scalability of the McAfee ePolicy Orchestrator is good.

We have more than 75,000 users using this solution. We are using a combination of McAfee and FireEye where the antivirus part is provided by McAfee and the EDR part is covered by FireEye. Our next target is to combine both of these elements, either FireEye or McAfee.

The technical support of McAfee is great.

I have used other solutions, such as FireEye and Cisco solutions.

The deployment of the McAfee ePolicy Orchestrator is very easy on the endpoints. However, deploying the solution in a large enterprise is very difficult. In terms of all the components of McAfee, it is difficult. There are lots of false positives and manual effort required for deploying the advanced component section.

McAfee ePolicy Orchestrator requires lots of maintenance and we have had many performance issues. We have done maintenance for our databases approximately three times and it is a difficult job. The maintenance is time-consuming and it's a very difficult job to do.

When the database that we are managing is almost 70 - 80,000 systems, it is quite difficult to have an EPO, wherein everything is central, such as policy, database, asset, and inventory. There is a lot of load on the central server. For a long time, McAfee has been using central management where there are no distributed components. Everything is getting loaded on EPO and it is creating lots of maintenance work.

There is a license required to use this solution. If we use the additional components, such as DLP encryption, there is an additional cost. However, it is similar to a separate product altogether. If you want to use that or not, it is optional, but when you use it, it will cost you additional pricing.

My team worked on FireEye and Cisco solutions. When comparing McAfee ePolicy Orchestrator to both these solutions, there are pros and cons for each. Some features are positive and really good in McAfee in terms of the UI, and easy-to-use Console. However, when compared to advanced features, such as EDR, FireEye and Cisco are better compared to McAfee.

The antivirus measurement, compliance, and deploying the agents, are much easier in McAfee ePolicy Orchestrator compared to FireEye and Cisco.

My advice to those wanting to implement McAfee ePolicy Orchestrator is to keep it distributed. Whatever components you can distribute in terms of connectors need to be put in different locations. It will be taken care of properly. Otherwise, there will be lots of noncompliance issues and lots of loads on the network because it is bandwidth-intensive.

If we have a larger user database for the organization, then keep it local. To allow a minimum load on the EPO. We should do the maintenance of the EPO quarterly in terms of the database maintenance or in terms of the laws, policies. It should be reviewed periodically with the help of your support to make sure that your policies will not go wrong or your database will not create any errors. If there are errors there will be a problem to recover the data. If we don't do the maintenance, then there are quite chances of crashing the database

I rate McAfee ePolicy Orchestrator an eight out of ten.

On-premises

We're using this solution for its antivirus and device control. We are partners with McAfee and resellers, and I am an engineer. 

The MVISION Insights is a good feature because it gives users the ability to see what's out there, which is what our customers are looking for. I know that they are adding ISO application control which is also a good feature.

There are some features available with the on-premise version that are unfortunately not available on cloud such as encryption. For now, there is only management for native encryption and not full drive encryption. I'd like to see more integration and a lighter antivirus; most of the complaints from customers relate to the search utilization.

There needs to be more integration. Customers want to see MVISION Cloud integrated with things like SIEM, whether it's Microsoft, Fortinet, or something else.

The solution is stable, quite a number of our customers are running it and there haven't really been any problems. 

The solution is scalable. 

The technical support is very good and they respond quite quickly. 

The initial setup is very easy and the system only requires one person that has reasonable knowledge to manage it. 

I think that licensing costs are reasonable and you get your money's worth.  

Companies like Palo Alto and Check Point have amazing SOAR solutions; in the case of Check Point it's an EDR type solution. I think McAfee MVISION is much better now that we have things like Insights. McAfee's advantage is that there are fewer false positives compared to some of these other vendors, so I'd say they're doing well.

There is a trade-off between the on-prem version and the cloud version. Some features that are available on-prem are not available on cloud but there are other features we can get on cloud that are not available on-prem. I believe this is a good solution and rate it nine out of 10. 

Public Cloud

We're pretty much using it as a traditional AV.

It has brought what it is built for. It has brought traditional AV capabilities and signature-based scanning.

The general endpoint protection is valuable, and it is easy to manage.

There should be more insights and completeness into the cyber kill chain, similar to CrowdStrike and SentinelOne. It just seems a little outdated in being 100% signature-based without all of the insights and protections that come with CrowdStrike and SentinelOne. Overall, they've got some catching up to do if they plan to compete in the comprehensive EDR space.

I have been using this solution for five years.

It is stable. There are no concerns there. It didn't consume a lot of resources and things like that. We didn't see issues from that perspective.

It is fairly easy to add new devices. It is controlled within our environment. 

All employees and all servers are using it. It is being used extensively, but we don't plan to increase its usage because we're looking to get a replacement for this solution.

Their technical support is average.

It wasn't McAfee ePO. It was the even lesser AV five years ago. It has been McAfee ever since from my AV protection standpoint.

Its initial setup was straightforward. It took a couple of days. It has been pretty easy to add new machines ever since.

It was an in-house job. In terms of maintenance, it requires minimal maintenance. We have our security services provider to take care of maintenance.

It is attractively priced. It is a fraction of what we're going to pay for CrowdStrike or SentinelOne, but it only has a fraction of the capabilities as well.

It is great if you're looking for a traditional signature-based AV product, but if you're looking for a more comprehensive EDR solution, then CrowdStrike and SentinelOne are clearly the top two within that space.

Overall, I would rate it a seven out of 10. If I'm rating it for a traditional AV product, I'd give it a nine or 10 because it totally solves that use case, but if I'm rating it against a comprehensive EDR solution, which includes traditional AV and next-gen behavioral capability, then it would be a five, but they're not necessarily apples to apples.

On-premises

I have been working with McAfee ePolicy Orchestrator since 2005.

We are a service provider and system integrator, and this is one of the solutions that we provide for our clients. Most of the deployments we have done are on-premises.

The most valuable feature of this solution is the ability to configure and deploy everything from a single, web-based interface.

This solution ships with SQL Express, and we have issues related to database corruption in the event of power loss. Especially on this side of the world, we have a lot of power outages and most companies do not have backup power solutions. In most cases, when the power goes out, the database tends to corrupt a lot. For example, clients will be having trouble logging on because the login credentials are corrupt. They have to do something to make the solution more resilient or recoverable from power failure events, which may include creating their own database.

This is a stable solution to use. The only problem that I've noticed relates to updates, and it has only started recently. After getting an update, there are issues with connecting. It all comes down to how often the machines update their Windows OS. McAfee tends to have a problem with connectivity and stuff like that.

In terms of scalability, McAfee is the best there is from all of the products that I've used. Why I say that is because you can manage a lot of products if you install the endpoint security pack. The is one of the products that has impressed me over the years. There is a version of the solution that actually allows you to manage certain versions of Symantec products. So, this is a good product, and when it comes to scalability, I think it's one of those products that you won't go wrong with.

We do have some larger corporate clients, but there are not many of them. Most of the client base in Zimbabwe is small to medium-sized business. The majority have less than two-hundred and fifty PCs on-site, which I consider being small or medium size. We also do support for hospitals, schools, universities, and even government.

McAfee technical support is ok, but we do not contact them very often. Every year, they impose certifications on us, so in most cases, we have certifications for the different products that we support. This means that we hardly require support because we are well equipped when it comes to doing our job. If we do get something that we don't quite understand, McAfee has got a knowledge base that we usually refer to. This is helpful when it comes to some of the problems that we face.

Over the years, I've noticed that the initial setup is very easy. It may be because I've worked with it for a long time, but the initial setup is easy, and even when it comes to doing the configuring for the projects, it is not complex.

Most of the setups that I have done are on-premises, where I have to set up the physical machine, and I haven't had any problems. It usually takes less than thirty minutes for everything to be set up and the deployment complete.

We implement this solution for our clients.

This is a solution I recommend very much. For anybody who is implementing this solution, I suggest that they read through the product manuals and documentation. I have noticed that it is an advantage to read through the manuals because people who do not, tend to miss things, and then blame the product for not working. I would say that McAfee is a good product, and over the years I have found it to be very stable and very effective when it comes to managing other products. We have all that we wanted to do with McAfee.

In the time that I have been using this solution, I've noticed that when I perform a setup on different platforms or different networks, I've gotten to learn new things because each and every network is different. When it comes to troubleshooting network issues, I have learned a lot, especially things related to cybersecurity.

This is a very good product, but they have a database issue. Having a McAfee-only solution, rather than having to bring in a Microsoft product, or one from another vendor would make this solution perfect.

I would rate this solution an eight out of ten.

We use McAfee ePolicy Orchestrator to see attacks in real time. We also use it for storage as well.

I like the solution's feasibility. McAfee ePolicy Orchestrator is also better and easier to use than other ePOs.

The installation process is quite difficult and requires technical support.

I've been using this solution for one month.

It is a stable solution.

McAfee ePolicy Orchestrator is scalable, and we have 25 users in our organization. We are an enterprise level company.

The implementation process is complex and requires four to six people, including a QA person.

It was a complex process because we needed access approvals to use SaaS, and the URLs would get decommissioned most of the time. We also faced problems with end-to-end encryption.

I implemented it with the help of my senior architect.

On a scale from one to ten, I would rate McAfee ePolicy Orchestrator at eight.

On-premises

I use McAfee as a solution to monitor our network log systems. I monitor logs and use it to be able to report incidents and get better internal vision. 

The DLP feature is great to have for our users.

There are some issues relating to the automation of reports. That's why I wanted the DLP reports. There are some problems in this area. Sometimes it does not work even though all the configuration words are right. There are also some problems with automatic updates.  

There have been some problems with monitoring the logs. It's not very user-friendly. 

One to three years.

Stability is fine. I haven't had many issues with it.

Scalability is fine. We have around 600 users. We required two or three staff for maintenance and monitoring. They're security analysts, and junior consultants.

Their support is really good. I would rate it a nine out of ten. I have never any issues with their support. They always reply and follow our queries on time.

The initial setup was not straightforward. It takes time to deploy and configure. 

I have not had too many problems with this solution. It works fine. I really like the DLP feature. There are no database issues. 

I would rate it a nine out of ten because it gives IT clarity, it doesn't have database issues, and it hasn't crashed or given us problems in the two years we've been using it. It's a great tool.