Carbon Black CB Protection Review

Offers a sense of security that any malicious malware is going to be blocked


What is our primary use case?

My primary use case for this solution is to have an application wide listing solution. It's primarily to prevent unauthorized or unapproved applications from running on a user location.

How has it helped my organization?

If any malicious activity, like VAT viruses, anything RNE, ZOD malware, or something similar comes in we know that unless we approve it, it's going to be blocked. 

What is most valuable?

It won't let anything in that is not approved. We would need to manually approve it. It offers a sense of security where anything that comes in, regardless of what it is, unless you approve it manually, it's not going to run.

What needs improvement?

There are a lot of false positives where it comes to stuff like the operating system itself, like Microsoft. At first, there was no standard of false positive, that it blocks a lot of store apps and a lot of new processes. 

Another issue is that even sometimes if you approve, for example, Adobe as a publisher, you say any product or anything that's from Adobe has to run. It generally runs, but especially in a large environment and with a lot of users, sometimes, due to some certification validation issues or some other issue, it might stop the process from running. Genuine processes like Adobe and Chrome can get blocked, so that needs to be improved.

I would like for them to develop proper support for Mac OS because currently the Mac OS does not have all the features and it's a bit of a hassle. I'd like to see better support and better integration of the product with Mac OS.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Stability is good. 

What do I think about the scalability of the solution?

Scalability is good. We have 2,500 users. You need a few staff for maintenance. Once you've set it up and it's fairly stable you just need a couple of people to go through and look at issues and user complaints. We're using it pretty extensively compared to other solutions.

How is customer service and technical support?

Their technical support is very good. 

How was the initial setup?

Initially, if it's a new company, the initial setup is straightforward, but if you're running a lot of applications it requires a lot of profiling or fingerprinting.

What about the implementation team?

When I joined the company it was already integrated but from what I understand it took three to six months to implement. 

What was our ROI?

The entry security level that we have where we don't have to invest in other heavy products for endpoint is some ROI that we see from having this solution.

What's my experience with pricing, setup cost, and licensing?

Pricing could be a bit lower. The new players that we have in the market can do both antivirus, anti-malware, and also application wide listings within the app. Suppliers will have to be competitive moving forward.

What other advice do I have?

You need the technical skills, the know-how, and also you have to be on the product. You might lose a lot of time if genuine files are blocked. Look at the problem, look at the log, then actually try to solve it for users. 

I would rate this solution a seven and a half out of ten. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email