VMware Carbon Black Endpoint Reviews

We used it for EDR, as well as endpoint protection, the whitelisting feature.

The EDR and reports were helpful in improving our organization.

The EDR was amazing. It was very responsive. It did an excellent job of providing us the information we needed in a timely fashion, as long as the latest agent was up-to-date on the client.

The whitelisting system, and the concept of it, overall, is pretty decent. The problem with the whitelisting capability is that it's pretty archaic. Based on all the security roles and the release privilege, it could take time for an application to be whitelisted and approved for use.

The Mac support needs improvement, as it had next to none.

The biggest problem we had was the Mac support. It had very little, and my C-suite is almost exclusively Mac, as is my marketing and development department.

We had used the Carbon Black CB Defense for two years. We changed to another solution approximately nine months ago.

We were using the latest version at the time.

The stability of the on-premises servers had no issues but the resource allocation on the clients was a bit high, especially with having to run two agents. The detection agent, the Whitelist, and the control agent.

We didn't have any problems scaling this solution.

It did the job. It was great for Windows, but it had no Mac support and had nothing for Linux, which makes it hard.

We had 150 users in our organization. Their roles varied from CSF departments through to my C-suite.

Technical support seemed pretty good and I didn't have any problems with it. 

If we had a problem or a question, and they would get back to us in a reasonable amount of time. 

The only place that we ran into trouble was with Macs. That's my general theme here with Carbon Black, unfortunately.

I would rate them an eight or a nine. They were good for the most part.

Previously, we were on the Kaspersky Enterprise Solution for a couple of years. It was a signature-based system. Signature-based systems are getting easier to get around by the attackers these days, so we swapped over to something that is a little closer to attack vectors, which says, don't run anything that we don't approve.

The initial setup was moderate.

For others who are interested in using Carbon Black, I would recommend checking your use case. If your use case is Linux and Mac, then it will be problematic, based on my experience.

These days, with VMware taking them over, I'm willing to bet that that's going to change.

I see some redemption in their future, with VMware owning them. VMware is a very strong player in the workspace, and especially with their workspace tool that VMware's building to work with Windows, Mac, and Linux clients, in order to do VDI.

For the Windows endpoints, it was incredibly useful, nothing got through it, which is a bad thing in some cases because we hadn't tagged the certificate platform appropriately. So, it's a bit of an improvement needed there, but the biggest complaint is around the operating systems not being available.

I would rate Carbon Black CB Defense a seven out of ten.

We primarily use the solution as endpoint security.

The security, specifically the endpoint security that the solution provides, is its most valuable aspect.

The initial setup is pretty straightforward.

The solution needs better overall compatibility with other products.

I've been using the solution for less than a year. I've only really been using it for the last one or two quarters of this fiscal year. It hasn't been a very long time yet.

The solution is quite stable. We find it to be a reliable product. There aren't bugs or glitches. It doesn't crash or freeze.

The solution can scale if you need it to. That's not a problem at all.

We have more than 10,000 people using the solution currently.

When it comes to technical support, so far it's been good. We've been pretty satisfied with their level of support. They are responsive and knowledgeable and we know we can get help when we need it.

We were not using any other product before we started using this solution. That said, we registered for other products too and finally decided to go with Carbon Black after trying out other options.

The initial setup isn't really complex. It's pretty straightforward. Those implementing the solution shouldn't have a problem getting it up and running.

The deployment only really took a few months. It was an okay process.

You need very little maintenance on the product. We have about two people here who manage it without any issues.

We're just a customer. We don't have any business affiliation with Carbon Black.

We're currently using the latest version of the solution.

Overall, I would rate the solution seven out of ten.

We primarily use this product to provide threat intelligence to our SOC about our endpoints.

One of the most valuable features is that it will block vulnerable sites. If there was a connection between one of our devices to a known malware site, it will block it. Then also alerts our SOC.

This product should be cheaper.

I have been working with Carbon Black CB Defense for three years.

Stability-wise, it is good.

I am satisfied with the scalability. We use it across the company and all of the users have it on their laptops. It's a mixture of IT people, finance, doctors, lawyers, dentists, and other professional services. It's a wide range of people and there are about 180 in total.

The technical support is okay.

We also use Sophos Intercept X in our business.

CB Defense is pretty straightforward to set up.

The implementation was done by my own team.

This is a really expensive product and we pay licensing fees on a yearly basis. The subscription includes technical support.

I would rate this solution a nine out of ten.

The product is an endpoint security product. It's kind of like a replacement for a traditional antivirus.

One of the strong features of the product is its endpoint visibility. It gives you more visibility than a traditional antivirus would give you.

The visibility provided has been great.

The ease of deployment is definitely a great selling feature.

The stability is good and the product is pretty lightweight.

The solution scales well.

The reporting could be improved. Some of the built-in reporting isn't ideal. They have an API and everything you need that you can kind of hook into the product pretty easily, however, it'd be nice to have some built-in reports instead of having to seek them elsewhere.

The solution needs expanded endpoint query tools.

I've been using the solution for about a year.

The stability of the solution is good. There are no bugs or glitches. It doesn't crash or freeze. It seems to be a little bit lighter on resources than our previous antivirus.

The product can be scaled pretty high. We have about 3000 sensors deployed. However, it can go a lot higher than that. It depends on your internet connection for the reporting or the information, basically.

We have kind of a desktop security team that is about five individuals that administer the product part-time, and that can access the console. A couple of them are the ones that spend the most time in it.

We use the solution extensively and we may look at expanding the EDR  - stepping up to one of the other products and adding capabilities. Therefore, we're likely to increase usage in some form in the future.

Technical support needs some improvement. They don't seem to respond so well to technical help. The good thing is we don't need that much, however, they need to probably improve that a little bit for others who might require more assistance.

We had McAfee antivirus and it was difficult to tune the policy without compromising security, I would say. Its footprint was a little high. Its performance wasn't that great in terms of end-point performance.

The solution is easy to deploy. The implementation process is simple. It's not overly complex or difficult. 

While the rollout is pretty easy, you have to kind of tune it a little bit for applications as it discovers them.

To deploy a sensor, it takes just a couple of minutes or so. Then, to kind of tune the policy itself, you are probably looking at a couple of weeks.

Initially, we use the services provided by the vendor, like an on-ramp kind of service. They were great. The team was pretty helpful. 

We pay about $15 a node. It's just a standard licensing fee and that's it.

I'm just a customer and an end-user.

I've been using the latest version of the solution.

The sensors are on-premises, however, the console is in the cloud. It's a VMware product that runs on Amazon.

I'd advise those considering the solution to seek out some of the training to see if you can get it bundled in with the deployment. The more advanced training, to kind of how to tune the policy and stuff like that, would be helpful to have.

I'd rate the solution at an eight out of ten as there's still room for improvement in things like reporting. However, the impact on performance and the ability to have greater visibility were pluses in my book.

While there is an IR team that is responsible for managing EDR or deep analytics, our focus is on endpoint and antivirus protection. This is where we encounter signature updates. We look for false positives in their relation to file interpretation. Should anything occur, we can instantly respond. Instead of sending a sample and getting coverage, we can put a policy and place an immediate stop on the false positives.

While I consider the product to be top notch and am happy with it, its reporting aspects need to be addressed.

I would definitely recommend Carbon Black CB Defense to others who are contemplating using it, but its administration features need fine tuning. I believe this is already being addressed so that gaps can be filled as these relate to other leading technologies on the market.

The GUI and reporting should also be addressed.

We have been using Carbon Black CB Defense for the past seven to eight months.

I have not had occasion to make use of technical support, although I may have in the future, as I am the product person who is working with another experienced team and there is a process under way to migrate from McAfee to Carbon Black CB Defense. 

The initial setup was a bit difficult since we had to do it manually or through the use of a script.

The price for the solution is completely at government level, meaning one which is very high, although it is up to management to consider this criteria.

Our company has over a thousand people who utilize the product. Going forward, everything will be managed by Carbon Black CB Defense.

I would rate it an eight out of ten. 

The primary use case is for stopping spyware, malware, and viruses in their tracks. 

It's very good at doing that. It has intelligent learning behind it and we have been very successful in preventing attacks.

We had a six-figure revenue stream knowing that we would be cleaning up viruses, malware, and spyware on PCs, every year. That was a revenue stream that we could just budget we were going to get. When we implemented Carbon Black, that revenue stream went to zero. That means that it's doing its job. 

From a business perspective, we've been able to virtually eliminate cyber attacks from spyware, malware, and virus perspectives.

It has intelligent learning behind it and we have been very successful in preventing attacks.

I have been using Carbon Black CB Defense for approximately three years.

We are using the most recent version.

The stability is fantastic!

The scalability is pretty easy.

Their offer to add to a tenant or spin up a new tenant, given the client sizes is large enough, has been pretty easy management so far.

I'm a managed service provider, and within my organization we only have between 40 and 50 employees managing endpoints for several thousand. My perspective will be slightly different. So, even though we use it as a company, we use this for our clients as well.

100% of our staff is trained on the use of Carbon Black because from the technical perspective, we need to be able to handle that as technicians and engineers. 

As far as our clients, they don't know the difference. They don't see issues, they don't have attacks.

My interaction over the phone has been mostly on the business side of Carbon Black and they're fantastic over the phone. They're fantastic to deal with.

As far as the support side, I've never had to make a call to them. 

I'm sure our lead engineer has had to make some calls for various reasons.

The initial setup is straightforward. It's super easy.

Our staff deployed this solution. We did not use an integrator or reseller, it was in-house.

I am currently reviewing Cylance and products from other vendors as part of our processes. We want to see what price points and feature sets and things like that, to see what would be better.

We want to know how Carbon Black compares to others; we've seen a little bit of that. I've got some documentation to review that. At this point, we're test-bedding several other providers right now to see if there's anything that does equally or better and that comes at a better price point.

We have the cloud center, however, the application's installed on each endpoint individually.

Each client machine has it installed, locally, so it's off-premises for us. I'm assuming that they would be running on individual client PC. 

The software is run here, we manage it within the cloud atmosphere.

We were an authorized reseller or we were an authorized business associate of Carbon Black. Since that's moved under Dell, I don't think that's a thing anymore. I would state that as we are mainly a Dell shop, we're an all in Dell shop. And so that's just a business decision we've made. 

We were a Dell VMware Carbon Black client and we had a relationship with them that preexisted our Dell partnership. Before Dell acquired Carbon Black, we were a partner of Carbon Black's. We had acquired this technology and we were utilizing this technology for several years in advance of that acquisition.

I'd recommended Carbon Black CB Defense 100%.

I would rate this solution an eight out of ten.

We use this solution for endpoint security and protection.

The most valuable feature is that it detects and stops malicious executables.

Admins can use the portal to obtain a command shell on an endpoint to perform further investigation.

This solution works well but needs lots of tuning and optimization.

My clients are using this solution for security as their frontline defense. They are using a whitelist that has all known software allowed.

Once the solution is installed and configured correctly it does not require a lot of hands-on attention until you need upgrading.

There are many different controls that are needed to be put into place for upgrading that makes it difficult. Having to re-engineer your IT infrastructure to match their software, as opposed to having it integrate and work independently causes difficulties. When there is an update to any software everyone has to be involved.

I have been using this solution for approximately six years.

The solution has been working well, nothing stands out as an issue.

I have found this solution to be highly scalable. We have clients that are large-size companies using this solution.

The technical support was great when we used them.

I rate the technical support of Carbon Black CB Defense a nine out of ten.

The solutions provider has made great strides in the last four years making it easier to implement. However, the way their architecture is makes it difficult, the installation is quite a cumbersome process to integrate everything together.

My advice to those wanting to implement this solution is it not easy and it takes time and money.

I rate Carbon Black CB Defense a five out of ten.