Trellix ESM Reviews

My primary use case for this solution is to secure the data on my laptop.

If I lost my computer somewhere then hopefully the software will protect my data from anyone.

The ability to secure my data is the most important feature.

It is easy to use. I just need to enter the username and the password and it protects my data.

I would like to see fingerprint recognition included in the next release of this solution.

I have not used technical support for the product.

My company did use another product previous to this one but I do not know why they switched.

The installation and setup of this solution is straightforward.

I handled the deployment myself.

This is a product that I would recommend to a colleague at another company.

I would rate this solution an eight out of ten.

Doing Incident analysis in my opinion with ESM is easier than other solutions. There are a lot of ways to build queries and a great filter engine; if you provide ESM with the Advanced Correlation Engine and Global Threat Intelligence you can raise your infrastructure to be a complete advanced SOC.

I work for a System Integrator.

I have almost no complaints with this solution because it's almost a complete solution, but I do hope to have more stability in the next upgrade and to have the interface re-engineered to be HTML5-based rather than Flash-based.

I'd also like some Splunk-like ELM (Log Manager) enterprise functions.

I've used it for three years, from versions 9.1 to 9.5

Yes, sometimes it seems that versions with major upgrades come with some bugs and regressions that affected deployment.

Yes, sometimes it seems that versions with major upgrades come with some bugs and regressions that affected stability.

It has scaled to our needs.

Customer service is very good and very professional.

Technical support is very good and very professional.

I also work with with RSA and McAfee SIEM solutions.

If you buy the all-in-one solution (Virtual or Hardware), the setup takes a couple of hours.

SIEM is not a Log Manager; ESM is meant for people who need advanced SOC functionality and not only to satisfy compliance rules.

We use this solution for correlation, alerting, and log management.

We are integrators.

I like the ease of deployment.

I would like to see good analytics in future releases.

McAfee has many issues with integration. I am looking for an end-to-end integration such as EDR, and Next-Generation SOC 2.0. 

I have been working with McAfee ESM for 20 years.

We are looking for horizontal and verticle expansion. McAfee has issues with scalability. Other ESM solutions, don't have the same issues.

We have not contacted technical support in quite some time. We had issues with the parsing.

The deployment is easy, but because it is a hybrid deployment which makes it complex. It is partly in the cloud and partly an on-premises deployment. The device will have to access the cloud and on-premises data.

We have an internal team to maintain this solution.

The pricing is fair.

I would recommend this solution to others who are interested in using it.

I would rate McAfee ESM a five out of ten.

• To gain transparency into potential vulnerabilities within the network. 
• To monitor problems, e.g., failure to update packages within the back-end security environment.

It is a good central viewpoint for issues. These can then be investigated in more detail on the subnet server(s)/endpoints.

Ability to create own views. Statistical (normalised) views help to highlight inconsistencies, which may need further investigation

• Product currently requires Flash. 
• Update to user interface from version 9 is cosmetic in some aspects, and after a few clicks you are back on the old interface.
• Some filters are still very low level "magic numbers", which do not make sense on the high level user interface. 
• We would welcome integrations with some of the new McAfee acquisitions, e.g., behavioral analytics.