McAfee ePolicy Orchestrator Reviews

We're using this solution for its antivirus and device control. We are partners with McAfee and resellers, and I am an engineer. 

The MVISION Insights is a good feature because it gives users the ability to see what's out there, which is what our customers are looking for. I know that they are adding ISO application control which is also a good feature.

There are some features available with the on-premise version that are unfortunately not available on cloud such as encryption. For now, there is only management for native encryption and not full drive encryption. I'd like to see more integration and a lighter antivirus; most of the complaints from customers relate to the search utilization.

There needs to be more integration. Customers want to see MVISION Cloud integrated with things like SIEM, whether it's Microsoft, Fortinet, or something else.

The solution is stable, quite a number of our customers are running it and there haven't really been any problems. 

The solution is scalable. 

The technical support is very good and they respond quite quickly. 

The initial setup is very easy and the system only requires one person that has reasonable knowledge to manage it. 

I think that licensing costs are reasonable and you get your money's worth.  

Companies like Palo Alto and Check Point have amazing SOAR solutions; in the case of Check Point it's an EDR type solution. I think McAfee MVISION is much better now that we have things like Insights. McAfee's advantage is that there are fewer false positives compared to some of these other vendors, so I'd say they're doing well.

There is a trade-off between the on-prem version and the cloud version. Some features that are available on-prem are not available on cloud but there are other features we can get on cloud that are not available on-prem. I believe this is a good solution and rate it nine out of 10. 

We primarily use the solution as an antivirus, a client antivirus. We have a license for device control from where we can block USBs, DVDs, smartphones, etc from connecting to the computers.

Regarding malware, it's great at detecting viruses and malware. We haven't had the problem for the last ten years. It just works.

It's pretty simple in terms of managing things on ePO. You have to have some experience, however, it's pretty simple to understand.

The solution is easy to deploy. I have to do the upgrade now from an older version to the latest one, and I'm checking both upgrade and fresh install of the latest version, and it seems pretty easy.

The solution is quite stable. We haven't had any problem since it is installed.

The scalability is great.

I can't speak to what is missing from the latest version. We have an old version and in the coming weeks, we are going to upgrade to the latest version. We have to see on that one if there are any missing features. 

One thing that I don't like is that McAfee products change very often and upgrade very often. The annoying thing that I have noticed is that these new products do not work anymore on older Windows versions. Let's say a new version of antivirus does not install on Windows 8. You have to implement an older McAfee in an old version of Windows. 

I have been working at this company for about six years. The company has maybe used it for at least 10 years.

The stability has been great for a decade. It requires very little maintenance and runs without issue. There are no bugs or glitches. It doesn't crash or freeze. 

You can easily scale the solution up. It's not a problem.

We haven't required technical support in the last few years. Everything that has to be done, we have done it by ourselves. We didn't have any big issues to report that would have required support. Therefore, I can't comment on them from personal experience.

That said, we have had some online meetings with the McAfee staff to see the new products and new licenses that we want to buy from them. 

We might, in the future, implement Endpoint Detection and Response, however, for now, we haven't got that feature.

The deployment process is pretty easy. Soon, I'll have to go to the latest version, and we will have to do two sequential upgrades to go to another version and then to the latest version. I'm seeking to install it from the beginning to a new server and so far it looks to be pretty simple.

I can't speak to the cost of the solution. Another department handles that aspect.

We are customers and end-users.

I would rate the solution at an eight out of ten.

McAfee ePolicy Orchestrator improves our general endpoint security - wherever a user might be tricked into clicking on a link or downloading a file or bringing a file on an external medium or getting it from somewhere on the internet. After having detected that it could be malicious, it blocks it. That's the main reason we protect our endpoints.

McAfee ePolicy Orchestrator is our general endpoint protection platform. The agent is deployed to all of our endpoints and according to the endpoint's purpose, e.g. industrial or office-like, it is configured properly and is managed centrally. That's quite all there is to explain about that.

The feature that I have found most valuable is its general purpose of protecting our endpoints from infections, malicious files, and all those kinds of things. Also the fact that there are organized policies and policy inheritance. The general management, in fact, nothing particular.

In terms of what could be improved, I would say the impact of the agent on the endpoint's performance - the resources it takes. Additionally, the difficulties we experience with inheriting and breaking inheritance on the organization's structure breakdown for policy inheritance and then for rules inheritance. We are actually struggling with this.

As for what I would like to see in the next release, that is related to the disadvantages, the drawbacks as I would call it. Some tuning of the inheritances for policies and things, so that we can extend policies to a lower level in the organization or in the structure. Inherit and extend rather than break the inheritance and start again on a lower level, because then, when on a higher level, and something changes, it has to be replicated on a lower level, rather than being taken automatically into account which complicates the management. Additionally, some performance tuning on the endpoints to make sure the agent does not take too much resources or it could be further granularly customized. Something like it should not take more than X percent of memory or of CPU in office hours, business hours, and could take more outside of those hours. So some tweaks, improvements, and configuration options in these areas.

I have been using McAfee ePolicy Orchestrator for four or five years. It's still our current platform.

It is quite stable. We're not having any issues with that.

It is scalable. That's not an issue.

All the endpoints are protected with the platform and the servers, as well. It is something like 8,000 endpoints and 500 servers, quite a lot. In our Belgium branch of the company we're actually talking about almost everyone, we're like 5,000 employees, so that's only for Belgium. But there are more endpoints than the number of employees, of course.

There are the general workstations. Some users have more than one endpoint assigned to them, or a business or team's endpoints that are used in common within the team. That explains the larger number of endpoints compared to the number of employees we have in Belgium. There are different levels of the management who use this.

We have one guy in our team, in our Belgium site, that is almost fully dedicated to managing the antivirus product on the endpoint level, the workstation level. And then another person who is partially occupied, one third or half of his time for the server component. But as I told you, the endpoint workstations are being managed on a higher corporate level. There is also at least one person who concentrates some of his time on the management level. So, in total, for Belgium, let's say, two FTs.

I don't think we have any plans to increase because in fact, all our endpoints are covered. It grows and shrinks with the number of endpoints we have. The percentage stays the same.

That's a question I can't answer because I haven't had to deal with them, personally. In general, when we're having issues, we turn to the higher corporate level, the Europe level, to know what their approach to the problem we might experience is. I've not noticed us having to deal directly with McAfee's technical support.

The initial setup was long before I arrived. Sorry, I couldn't tell you more.

The deployment is strongly dependent on our environment's size, the number of workstations to deploy on and to deploy new versions on. But in general to get to 90% coverage when we have to deploy a new version, it takes at least a month. That's mainly due to the number of endpoints and then to manage and to control them, to make sure they're communicating correctly, that they're powered on, and that they're on the network.

McAfee ePolicy Orchestrator is a well-known product. It is a big one. It is quite easy to compare on those different criteria. It's not a new kid on the block, it's a known value, it's been there for a long time. In my point of view, it's worth comparing it to other products to see if it integrates with something you already have, because now there is a tendency to have more ecosystems of endpoint protection and server protection.

The Microsoft ecosystem, or parts of the Microsoft ecosystem, are already in place in the organization. There will be eventual integration with a corporate data center or pyramid in firewalling. Whether they are already in place or not, it is important to consider these elements and to make a decision after these considerations. Not that I would advise particularly for or against McAfee, but there are a lot of elements to take into account.

I think it serves its purpose, that's fair and square. But there are always things that could be optimized. Whether it's the performance impact on the endpoint, or the management, in general. No solution will ever fit 100% to an environment, whether it's your own or another, it will not always fit 100%. There will always be little drawbacks, little things that could be optimized. Then it's a question of how to handle it.

You have to live with some minor inconveniences. There are advantages, there are the things that are good. In general, it's a good product. I would not advise against it.

On a scale of one to ten, I would give McAfee ePolicy Orchestrator a seven because of the reasons I told you. It does the job. It's quite solid. It's stable, of course. It's not something new, something experimental, it's proven itself already. And yeah, why not higher? Because of the things I told you already.

McAfee ePolicy Orchestrator is used to manage endpoints, networks, compliance, and data security.

The most valuable features of McAfee ePolicy Orchestrator are the easy-to-use console, and lots of reports, such as customized reports and inventory reports. Additionally, overall the centralized management is very good where you can see the compliance levels and inventory.

The solution could improve the EDR component in many areas, such as the zero-day and persistent threats. The implementation is also complex for this feature.

There are different policies in the solution, such as EPO for EDR, and for Sandboxing, but when it comes to the EPO it is only for the policy orchestration and not for the analysis, incident management, or for the team who is working on the cyber security. They need to know how to use a different console, which is integrated nicely in their cloud platform called Envision but they have not done it in the EPO. 

I don't know what the McAfee strategy is, why they have not integrated the EDR analysis piece into the EPO. It is already available in the Envision, but not in the EPO. This is a difficulty. Whenever there needs to be any analysis, correlation, and in-depth EDR functionality it is not part of the EDR. There is a separate console for it. We need to depend on the inventory and the policy, and the EPO, but when it comes to analysis and in-depth alert details, then we need to dive into another console.

There are times when it is good to have one console to allow people to receive the trained analysis and historical data related to that particular incident.

I have been using McAfee ePolicy Orchestrator for approximately 10 years.

A lot of the components of McAfee ePolicy Orchestrator, such as Sandboxing, DX, and  ATP are not stable. However, the antivirus is stable.

The scalability of the McAfee ePolicy Orchestrator is good.

We have more than 75,000 users using this solution. We are using a combination of McAfee and FireEye where the antivirus part is provided by McAfee and the EDR part is covered by FireEye. Our next target is to combine both of these elements, either FireEye or McAfee.

The technical support of McAfee is great.

I have used other solutions, such as FireEye and Cisco solutions.

The deployment of the McAfee ePolicy Orchestrator is very easy on the endpoints. However, deploying the solution in a large enterprise is very difficult. In terms of all the components of McAfee, it is difficult. There are lots of false positives and manual effort required for deploying the advanced component section.

McAfee ePolicy Orchestrator requires lots of maintenance and we have had many performance issues. We have done maintenance for our databases approximately three times and it is a difficult job. The maintenance is time-consuming and it's a very difficult job to do.

When the database that we are managing is almost 70 - 80,000 systems, it is quite difficult to have an EPO, wherein everything is central, such as policy, database, asset, and inventory. There is a lot of load on the central server. For a long time, McAfee has been using central management where there are no distributed components. Everything is getting loaded on EPO and it is creating lots of maintenance work.

There is a license required to use this solution. If we use the additional components, such as DLP encryption, there is an additional cost. However, it is similar to a separate product altogether. If you want to use that or not, it is optional, but when you use it, it will cost you additional pricing.

My team worked on FireEye and Cisco solutions. When comparing McAfee ePolicy Orchestrator to both these solutions, there are pros and cons for each. Some features are positive and really good in McAfee in terms of the UI, and easy-to-use Console. However, when compared to advanced features, such as EDR, FireEye and Cisco are better compared to McAfee.

The antivirus measurement, compliance, and deploying the agents, are much easier in McAfee ePolicy Orchestrator compared to FireEye and Cisco.

My advice to those wanting to implement McAfee ePolicy Orchestrator is to keep it distributed. Whatever components you can distribute in terms of connectors need to be put in different locations. It will be taken care of properly. Otherwise, there will be lots of noncompliance issues and lots of loads on the network because it is bandwidth-intensive.

If we have a larger user database for the organization, then keep it local. To allow a minimum load on the EPO. We should do the maintenance of the EPO quarterly in terms of the database maintenance or in terms of the laws, policies. It should be reviewed periodically with the help of your support to make sure that your policies will not go wrong or your database will not create any errors. If there are errors there will be a problem to recover the data. If we don't do the maintenance, then there are quite chances of crashing the database

I rate McAfee ePolicy Orchestrator an eight out of ten.

We're pretty much using it as a traditional AV.

It has brought what it is built for. It has brought traditional AV capabilities and signature-based scanning.

The general endpoint protection is valuable, and it is easy to manage.

There should be more insights and completeness into the cyber kill chain, similar to CrowdStrike and SentinelOne. It just seems a little outdated in being 100% signature-based without all of the insights and protections that come with CrowdStrike and SentinelOne. Overall, they've got some catching up to do if they plan to compete in the comprehensive EDR space.

I have been using this solution for five years.

It is stable. There are no concerns there. It didn't consume a lot of resources and things like that. We didn't see issues from that perspective.

It is fairly easy to add new devices. It is controlled within our environment. 

All employees and all servers are using it. It is being used extensively, but we don't plan to increase its usage because we're looking to get a replacement for this solution.

Their technical support is average.

It wasn't McAfee ePO. It was the even lesser AV five years ago. It has been McAfee ever since from my AV protection standpoint.

Its initial setup was straightforward. It took a couple of days. It has been pretty easy to add new machines ever since.

It was an in-house job. In terms of maintenance, it requires minimal maintenance. We have our security services provider to take care of maintenance.

It is attractively priced. It is a fraction of what we're going to pay for CrowdStrike or SentinelOne, but it only has a fraction of the capabilities as well.

It is great if you're looking for a traditional signature-based AV product, but if you're looking for a more comprehensive EDR solution, then CrowdStrike and SentinelOne are clearly the top two within that space.

Overall, I would rate it a seven out of 10. If I'm rating it for a traditional AV product, I'd give it a nine or 10 because it totally solves that use case, but if I'm rating it against a comprehensive EDR solution, which includes traditional AV and next-gen behavioral capability, then it would be a five, but they're not necessarily apples to apples.

We primarily use the solution in order to distribute the security features to all the nodes.

The user interface is great.

Technical support is very helpful.

It's great how the solution distributes the policy. For example, application control, distribution management, et cetera. The functionality is fine. I don't have any issues. 

The integration capabilities are good.

The solution can scale well.

The pricing of the product is reasonable. 

Sometimes agents hang. We have to reinstall the agents. On top of that, we have too many advisories for ePO. There are stability issues. 

I have been using the solution for three to four years at this point. 

We've had issues with stability. I would like the product to be more stable. 

Occasionally, we get bugs and we have to deal with them, and it's not ideal.

The product can scale if a company needs it to.

I do plan to scale and would like to use it for more of the system nodes.

We have found the technical support to be very helpful. They are responsive and available when we need them to help us troubleshoot. We are satisfied with their level of service. We haven't had any issues with them.

We pay a licensing fee on a yearly basis. The pricing itself is fine. I don't consider it to be overly expensive. 

I'm just a customer and an end-user. I don't have a business relationship with McAfee.

I'd rate the solution at a seven out of ten.

We are a system integrator and McAffee MVISION ePO is one of the security products that we implement for our clients.

The primary use case of my customer is to protect the endpoints. It is important because of people who are working from home, and the diverse platforms that are apart from the workers who have a different environment.

They are also spread over different countries and many different towns. The cloud platform is the best to communicate the management of devices and security.

Also, besides, it offers protection compliance.

What I like the most is the ability to manage centrally, to manage the various devices, the platform, and the endpoint, all from one console.

The rollout to cover the online resources, such as SharePoint, One Drive, and Office 365 doesn't seem to have a very clear path. There is a lot of different information all over the place and there's probably a need to have some technical ability to understand how to bring solutions to fruition.

There doesn't seem to be any documentation in place to guide you. Unless you are a technical person, it's very difficult to bring that solution to fruition.

The product is good but they just have to document how to use the different products and bring them into one platform, one solution. You shouldn't need to be a technical person to do that.

You can roll out to all of the endpoints easily, but now if I need to protect the online cloud resources like SharePoint sites or SharePoint libraries, that is where the biggest worry is because people feel things like the cloud contains threats. They're not concerned with how to do it or to make sure that they have visibility and protection. 

This is where it gets a little bit tricky, but even McAfee themselves are not giving a very clear road map or very clear documentation to know this is how to go about it, and this is how to achieve it. Again, we do not have to have a technical background to be able to synchronize.

I think that they should drop their high costs of training. Many people will train themselves and still sell the product. They implement their product and they will recommend it. If they make the training available then the uptake will be higher.

We have been working with this solution for approximately one year.

I have not experienced any issues with stability.

I haven't been faced with any limitations regarding scalability.

McAfee's technical support is a bit of a letdown. Also, there's no good support within our region. The people who are within our region do nothing, they just sell you licenses. The moment that you have a problem, you are on your own. They keep bouncing you between this department or person, or you end up with somebody who has no idea, and then now there is so much up and down that we end up now doing things on our own.

You can send an email to support and you will get a response in a couple of days and maybe that response is to refer you to someone else.

Bringing the ePO and central management on board was very easy and very straightforward.

For large enterprise companies, the price should be alright, but for small businesses, the uptake might be slow because, for these clients, the price doesn't look very attractive.

So people will compare, they are going to acknowledge and pick up a CD or go with Kaspersky, or Bitdefender. They feel that it's easier than suffering to get the information, that's the problem. One of the advantages of working remotely is that you can pick up a Bitdefender DVD and pop it into all of the laptops and other devices.

I can recommend this solution, maybe because of my own background and my own portfolio, I have been working with it for a year and I know how to market it, I know what works and what doesn't work.

When It comes to the training, it's a letdown because online training is very expensive, and they want people to sell and use their product. They are making training modules, which are very expensive.

They also tell you that if you want to buy the product, you must be certified, but to be certified is very expensive at my own cost, then I can sell the product. There are many products like this being sold in our region. You sell the products for them but they charge you for training.

It's a good product, it's a good solution, it's straightforward, and it works very well. At the same time, we shouldn't have to pay to learn it, just to sell it. They should brunt the costs of the training for their resellers.

I would rate this solution a nine out of ten.

The use of the solution is the same as in any industry, like IT, manufacturing, or the banking sector. My company deals with customers who use McAfee ePolicy Orchestrator. In general, my company uses the product for various types of customers.

ENS is one of the features in the product that is useful as it basically services an antivirus solution. The DLP feature in McAfee ePolicy Orchestrator is good. McAfee Device Control and McAfee Total Protection for Data Loss Prevention (DLP) help users set the category filter, or we can set the classification based on which users can restrict the traffic that goes outside the organization.

There are challenges regarding the compatibility and agent functionality of the product. The aforementioned area can be considered for improvement.

The setup and deployment phases need to be improved.

The issues with the integration capabilities of the product, specifically the ones that are deployed on an on-premises model, need to be improved.

I have been using McAfee ePolicy Orchestrator for five years. My company has a partnership with CrowdStrike and McAfee.

Stability-wise, I rate the solution a five out of ten. I had some issues with bugs and some breakdowns in the solution.

It is a scalable solution. Scalability-wise, I rate the solution a six out of ten.

Though the scalability of the product is good, if McAfee sorts out the connectivity issues related to the agents, then it can be made a better product. The product has been in the market for a long time. The tool has been in the market during a time when no other OEM products were even introduced. The tool should improve some of its services.

The product's initial setup phase was difficult since only a professional can do it. A fresher or a new person cannot take care of the installation of the tool. A fresher or a new person cannot take care of the installation of the tool. Agent installation is easy, but the other features related to the antivirus and DLP functionalities can be implemented only with the help of a professional or skilled person since they can be deployed only from the server console. The person should be aware of the server console functionality.

I faced many challenges when deploying the product, especially some connectivity and compatibility issues.

Though the tool is good for centralizing security management, there are a lot of issues in the product, which stem from compatibility issues with different operating systems. McAfee uses multiple engines to run on the endpoint system, which causes the engines and definitions to have many issues. Ultimately, everything in the tool is based on definitions, and it needs to be updated regularly.

There are certain limitations with the integration capabilities of the product because the tool doesn't support API integration, specifically for the on-premises products. The product offers some cloud solutions that can be integrated with APIs.

I rate the overall tool a six out of ten.

We use it to encrypt the shared folder file our customers receive containing information about the many rules and teams. So we abide by them and allow each team to access just files on it.

I believe the encryption is interrupting the file, and they're guiding it to a specific growth.So, that's a variety.

There are some issues we are having with updating our Windows server. So we need to contact support or access our support portal.

So, they should modify the cybersecurity suites to allow the customer to work properly again.

I have been using the solution for a year. 

Most of the data is stable until we apply hundreds of updates, so when it comes to updating, it is not stable. We will have to modify the type of suits by our sale. For the console services, the ePO server is not the end user. We are doing it in one hour.

It is a scalable solution. There are around 3,000 to 4,000 customers, and end users using the product. I rate its scalability a nine out of ten.

They are good and give quick responses. I rate it ten out of ten.

Positive

The initial setup is easy. It de[pends on the way you install it. The solution was deployed within a couple of hours. Four to five people are required for the maintenance.

I recommend the solution to those planning to use it. I rate the overall solution ten out of ten.

It works perfectly for reporting and creating policies. It's easier for the customers. Reporting is a significant functionality.

Application control and traffic encryption are the most valuable features. The encryption feature includes Drive Encryption and supports a lot of features like antivirus encryption. It consolidates my system.

There's one room for improvement. We need to consolidate multiple features into one console. It would be beneficial to have all the important features on a single platform. Instead of using separate agents for tasks like antivirus and demos, it would be better to have a unified agent that can handle everything.

I would like a unified agent that can handle multiple tasks.

Another useful feature would be an email solution. It could be helpful. Also, having the capability to check for data vulnerabilities would be a great addition. In the future release, I would like to have a feature that checks for vulnerabilities

I have been working with this solution for 20 years. I am currently working with Version 5.10.

Stability is medium. I would rate it six because it can be resource-intensive and impact performance.

Most of the features are scalable, especially when transitioning to newer versions.

I would give it a rating of ten for scalability. Approximately around 50 to 100 users are currently using McAfee ePolicy Orchestrator. Some clients are small businesses, while others are enterprise-level.

The tool itself is great, but the technical support is not always perfect. There have been some support issues.

When there are issues, it often takes a considerable amount of time to resolve them, especially for domain-related problems. We are not given the right support.

Negative

The initial setup is easy. I would rate it a ten out of ten. The deployment process depends on various factors, such as the network. Usually, it takes a few days.

The deployment process involves licensing, installing APL, integrating with the directory, and then configuring policies based on best practices. We also customize some policies to fit the client's environment.

The cost is high compared to other clients who prefer lower pricing.
In terms of pricing, I can give it an eight.

If you need any additional solutions, you would have to pay extra on a monthly basis.

I would rate it as the best, around nine, because it's easy to navigate and configure.