McAfee ePolicy Orchestrator Reviews

It allows us to detect rogue devices, then to subsequently force policies on them to protect our system from them.

The only feature worth mentioning is the rogue devices detection. This helped the company manage new laptops joining the network.

I am not familiar with the newer versions, but the biggest issues we had with our version were false positives and performance degradation.

I used it for four years.

There were no issues with the deployment.

We had no issues with the stability.

We had no issues scaling it for our needs.

Customer Service:

In my experience, the level of customer service is very good.

Technical Support:

Technical service is very good.

I came into the company and started using McAfee ePolicy Orchestrator. The previous solution was F-Secure.

I have managed the setup to new servers (kind of a migration). I will admit that it was very straightforward. My policies were easily accessible and managed.

We implemented it with our in-house team.

The replacement for McAfee was due to pricing. It is common in the antivirus space to have price wars, though.

I am not familiar with the latest versions, but I am sure they have been improved. From a management point of view, ePO is one of the best solutions out there.

I like the following features:

• Centralized virus signatures and patch updates.
• Reports of signature update status.
• HIP management and automatic product deployment.
• Allows virus signatures and VirusScan Enterprise patch updates via McAfee agents installed on the user's PC.

Before this solution, I had to do the following:

• Set up daily virus signatures and product updates on each PC in the office. These are the configurable parameters in the McAfee VirusScan Enterprise application.
• Perform regular spot checks on some PCs to make sure the virus signatures are being updated. As the number of PCs increases, I needed to find a solution to handle this task.

With this solution, all I have to do is install the McAfee Agent on a PC. When the McAfee agent communicates with the ePO server, ePO checks if VirusScan Enterprise is installed on the PC.

If it is not installed, it will start the deployment, patch updates, and virus signature updates. The ePO server is configured to send me a report of virus signature versions and VirusScan Enterprise patch levels of all connected PCs by email on a daily basis. This saves me a lot of my time, as I don’t have to check this information on all PCs manually. I end up with a beautiful report to show my auditor about how the anti-virus software is implemented.

This solution reduced a lot of effort to check and confirm that all PCs are running the latest anti-virus signatures and patch levels. It also helps the IT admin to find the mapping between the logged-on user ID and the PC name which Windows AD doesn't provide.

I would like to see the solution provide a function to roll back patch deployment and alert the administrator about which system is not supported per patch level. It should retain all previous patches in the system to support legacy systems, including the latest patch that was checked in the system.

We have been using this solution for over six years.

The system is quite stable and works as expected.

There is no built-in or easy upgrade of the system. When I upgraded the system from a 32-bit version to a 64-bit version last year, I basically reinstalled the whole environment.

The initial setup is very straightforward. The IT administrator can install and setup basic functions of the system without a user manual.

However, for some complicated functions like drive encryption, it is better to read the user manual before deployment.

Make sure you understand the following:

• The license terms and how they are applied to the user or device.
• What products are covered.
• The dates of the license period.
• Whether or not the agreement will be automatically renewed with an increase in price.
• Whether the price is different when running on a server or on other special devices.
• The support SLA and if there are any additional charges if the problem is complicated. If you do this, you won’t be surprised when you call support.

I would suggest the following:

• Set up a test environment. Test all products you are going to deploy on all platforms you have before actual deployment.
• The testing environment should be retained since new patches may impact some legacy systems.
• Plan your implementation and application deployment. Write down all parameters you put into the system configuration. Link this with Windows AD for user authentication.
• Prepare your SMTP server for an email setup alert.
• If you are going to use it to manage McAfee VirusScan, make sure you set it with up-to-date virus signatures from McAfee, at least on a daily basis. This is not enabled by default.
• Consult your IT vendor for best practices.

• Centralized management
• The scalability
• The report engine

I made an MSS (Managed Security Service) solution based on the ePO and McAfee Endpoint products.

This was before all the vendors made it themselves, and when I researched the major vendors, this was the best product for the project.

The fact that it uses MSSQL, and cannot be deployed on anything other than Windows, can be a problem. The system can get slow at times when you do big searches and reports.

I've been using it since 2007.

We had some issues with deployments as this product was not made to be set up as an MSSP solution but we had a lot of help from McAfee, and fixed them all.

The problems with stability as never in the ePO but in the Operative system (Microsoft Windows) and the database server (Microsoft SQL).

The scalability is very good.

Customer Service:

We were a McAfee EMEA Premier Managed Service Provider at the time, so we had no problems getting the support we needed.

Technical Support:

10/10.

F-Secure, but their product did not scale, and there are so many more endpoint products, that the ePO can handle than F-Secures Central management system.

It was not the easiest projects I did, but with help from McAfee it was not that difficult.

We implemented it in-house.

We were a managed service provider, so the licensing was not what most customers have. We report in what we use, and pay after.

We looked at several options.

If you use any McAfee endpoint solutions in the enterprise you need to use the ePO, as there are no other options.

Easy interface, reliability, scalability, built-in reporting.

We integrate more and more client computers from different supported businesses across the globe into a single ePO environment managed by a single support team, thus reducing support staff and unifying security policies across organization providing the anti-malware protection to the endpoints (both to servers and to workstations).

a. Reporting: The pre-canned ePO queries can be improved

We use different versions of McAfee ePO for the last 10 years (v. 2.5 through v. 4.6).

No

No

No

Customer Service: GoodTechnical Support: Good. However there is no definite SLA when a complicate issue is escalated to McAfee Level 3 or to McAfee software developers.

We used to use Computers Associates AAO software till 2003. The McAfee manageability and price was much better.

Straightforward

We invited the vendor team. I’d rate their level of expertise 4 out of 5.

I like McAfee ePolicy Orchestrator software. It is great centralized security management software that allows management of various McAfee products on the client computers. McAfee ePO makes risk and compliance management in the organization simpler and more reliable.

Automatic workflow remediation

By setting up automatic workflows for specific tasks by the use of property tags there is less hands on intervention needed.

Although it has the ability to auto create service tickets, it needs to expand to allow more products this ability. It also seriously needs a better way to direct connect to remote users not located within the network.

12 years

Yes, someone who doesn’t understand their environment and the configuration needed cannot just turn everything on and let it go.

No

No, we were able to scale this from a single location within the US of 100 endpoints to 5,000+ globally within a week with only 10% of the systems having a problem that needed to be addressed because of a specialized configuration.

Customer Service: 8 out of 10Technical Support: 8 out of 10

Kaspersky, the management console is very cumbersome and difficult to manage and doesn’t allow for the fine grained control of ePO.

It’s straightforward until you get to some of the advanced components such as a DMZ and agent handler deployment.

In-house, I personally did the implementation, configuration and management.

Saves a company 20 man hours a week. The true dollar value ROI is going to be based on the cost of the product for a particular company, since that can vary depending on the negotiated contract terms.

This product will take 40 man hours for setup, configuration and deployment once the environment information is gathered.

Yes, Trend Micro

There is no other product out there with the control and overall security components that can do what ePO can.

The best part is management in McAfee ePolicy Orchestrator. It's very easy to manage agents.

McAfee ePolicy Orchestrator needs to upgrade the technology; it's like their area function is not quite as good as compared to other market vendors. So they have to work on it.

I am not using it, but I know the capabilities of McAfee ePolicy Orchestrator. I work for a security integration company that sells OEMs in terms of endpoint security, including McAfee and other solutions.

The stability of the solution is good. I would rate it a seven out of ten.

I would rate scalability an eight out of ten. McAfee ePolicy Orchestrator is a scalable solution.

I had some technical issues, which were not known by the vendor itself.

Neutral

The initial setup is neither easy nor difficult, and I would rate it a five out of ten.

Overall, I would rate McAfee ePolicy Orchestrator a six out of ten.

The solution's best part is that it is very easy to manage McAfee Agent.

McAfee ePolicy Orchestrator needs to upgrade its technology since the solution's EDR function is not good compared to other vendors in the market.

I use McAfee ePolicy Orchestrator, and my experience with it has been good. Though I am not using it full-fledged, I know the solution's capabilities. So, I work in a security integrator company that sells OEMs for endpoint security. So, we don't just sell McAfee, but also other solutions. My company has a partnership with McAfee.

The solution's stability is good, and so I rate its stability a seven out of ten.

The solution's scalability is good. So, I rate its scalability an eight out of ten.

Technical products are bound to get stuck due to the technical processes involved. Sometimes, certain new issues crop up in the solution, and even the vendor does not know about it. Owing to the aforementioned reasons, I rate the technical support a seven out of ten.

Neutral

I rate the solution's initial setup a five out of ten since it was neither easy nor difficult.

I rate the solution a six and a half out of ten.