We performed a comparison between McAfee ePolicy Orchestrator and Zscaler DLP based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"Mainly, this is a cloud-native product. So, there are zero concerns about managing the whole infrastructure on-premises."
"The data connectors that Microsoft Sentinel provides are easy to integrate when we work with a Microsoft agent."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"It is easy to implement (turn on) - does need a skilled analyst to develop queries and playbooks."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"What I like the most is the ability to manage centrally, to manage the various devices, the platform, and the endpoint, all from one console."
"The initial setup is very easy."
"The general endpoint protection is valuable, and it is easy to manage."
"I like the solution's feasibility. McAfee ePolicy Orchestrator is also better and easier to use than other ePOs."
"Application control and traffic encryption are the most valuable features."
"From a single dashboard, I can take a look at several things including the endpoint protection, the file integrity section, the data activity monitor, and more."
"Their support is really good. I would rate it a nine out of ten. I have never any issues with their support. They always reply and follow our queries on time."
"McAfee ePolicy Orchestrator's performance is good."
"Its impressive scalability allows the combination of multiple dictionaries and using them as one engine, resulting in narrower data loss gaps."
"The product’s most valuable features are data discovery, activity control, and zero trust exchange."
"The policies are very easy to implement."
"You can close your data protection gaps with Zscaler. You can quickly find all the classified, sensitive data across the cloud."
"It is a very scalable solution. Scalability-wise, I rate the solution a ten out of ten."
"As a cloud-based service, it is very easily implemented."
"The product’s most valuable features are inbound and outbound scanning and API control."
"The initial setup is easy."
"Add more out-of-the-box connectors with other SaaS platforms/applications."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"I would like to see more AI used in processes."
"We'd like to see more connectors."
"I would like Microsoft Sentinel to enhance its SOAR capabilities."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"The following would be a challenge for any product in the market, but we have some in-house apps in our environment... our apps were built with different parameters and the APIs for them are not present in Sentinel. We are working with Microsoft to build those custom APIs that we require. That is currently in progress."
"There needs to be support for Mac computers. Currently, McAfee does not work on iOS."
"As for improvements, I think that putting everything on a cloud and one console would be a great idea and would be useful for customers."
"McAfee ePolicy Orchestrator could improve by supporting container microservices, such as Docker and Kubernetes."
"There should be more insights and completeness into the cyber kill chain, similar to CrowdStrike and SentinelOne. It just seems a little outdated in being 100% signature-based without all of the insights and protections that come with CrowdStrike and SentinelOne. Overall, they've got some catching up to do if they plan to compete in the comprehensive EDR space."
"The Virtual Patching feature needs to be improved."
"The areas of concern where improvements are needed are related to the product's assignment policy and tag assignment, where users can assign the policies with the help of tags and sort out the systems."
"Sometimes agents hang. We have to reinstall the agents."
"Lacks a single plug-in for multiple uses."
"There could be a feature to view the VPN tunnel activities in terms of configuration."
"The only issue with Zscaler Cloud DLP is that it only gives you DLP protection from web traffic, which is flowing out, while a full-blown DLP solution such as Forcepoint or Symantec gives you DLP coverage for multiple channels. Zscaler Cloud DLP doesn't give you coverage for email, fax, and USB channels, and this is the only challenge or room for improvement in the solution. It's just an extension on top of what you're buying on the proxy, so it's just an added layer, and it doesn't cover DLP on a very broad level. I'm unsure if Zcaler is in the business of competing with a full-blown DLP solution, and if there's a plan to expand the features of Zscaler Cloud DLP beyond the web channel because you'll have to deploy a full-blown agent for it. I'm unsure if this is on the cards because the solution is just an added layer that you get with your proxy. I've asked the Zcaler team whether there's a plan to go full DLP in the future, but I didn't get a positive response. There isn't any feature I'd like added to Zscaler Cloud DLP currently, because anything you could think of that should be in cloud or SaaS solutions is already there, except for machine learning, as it's the only functionality that seems to be lacking in the solution. Machine learning is an additional policy available in other DLP solutions in the market, but my team didn't find it in Zscaler Cloud DLP."
"The product must allow users to check logs for an entire year in the local console."
"They should work on a replica account. There could be alerts and replica files sent to the DLP team during data collection."
"On the improvement side, when we bypass certain internet traffic types, it's currently recommended to have a one-click option, but audio and video aren't always supported. Thus, we need to bypass that kind of traffic. So, it is an area of improvement."
"The customers would benefit from more robust documentation and conversations around configurations, as it is slightly complex."
"Zscaler Cloud DLP needs to improve its compatibility with other security tools."
"There aren't really any missing features that I have witnessed."
McAfee ePolicy Orchestrator is ranked 9th in Security Orchestration Automation and Response (SOAR) with 39 reviews while Zscaler DLP is ranked 4th in Data Loss Prevention (DLP) with 15 reviews. McAfee ePolicy Orchestrator is rated 8.0, while Zscaler DLP is rated 8.6. The top reviewer of McAfee ePolicy Orchestrator writes "Useful agent communication, reliable, but lacking support for microservices". On the other hand, the top reviewer of Zscaler DLP writes "Provides a range of security measures to protect network traffic". McAfee ePolicy Orchestrator is most compared with Splunk SOAR, Symantec Data Loss Prevention, Elastic Security, Trend Micro Integrated Data Loss Prevention and Forcepoint Data Loss Prevention, whereas Zscaler DLP is most compared with Microsoft Purview Data Loss Prevention, Forcepoint Data Loss Prevention, Symantec Data Loss Prevention, Varonis Platform and Cyberhaven.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
