McAfee Advanced Threat Defense Review

Can rapidly disseminate attack information to all clients


What is our primary use case?

Primary use case: malware blockage. If you remember WannaCry, this system stopped it dead in its tracks with zero system failures. If you recall WannaCry hit on the weekend. I updated the rules from home on my ePO server and more than 200 machines were on during the weekend. When I checked the logs on Monday morning, at least 50,000 hits were registered in the logs with zero system failures. Its greatest strength is the DXL client which can rapidly disseminate attack information to all clients via the McAfee Agent instead of going through the ePO server.

How has it helped my organization?

Even though I did not have the ATD device, it still is a pretty solid defense. As of 2020, they have integrated the DXL client into the ePO Agent, hence it has simplified the number of products to be installed on the system. It is not a lightweight system, but it is ironclad.

What is most valuable?

The entire system is valuable by having multiple components superbly united to function as a malware defender. If a system admin can put in the patience to read and constantly update the ePO system in terms of rules, enforcing them at regular intervals, you can safely go to sleep every night.

What needs improvement?

Make the ATD appliance a part of the whole product offering and take the whole thing onto the cloud. While it is there already, it is not to the same level as the on-premise version.

McAfee sells the ATD APPLIANCE AS A SEPARATE PRODUCT above the rest of the threat defence mechanism stated above. Im not sure of exact cloud readiness status of the ATD device ( making the device available on the cloud as part of the licensed products ). Request to check with McAfee account manager in your country/region

For how long have I used the solution?

I used it in my earlier organisation and deployed the full system, except for the ATD appliance. This was last April and the system has seen some more feature upgrades and enhancements. 

What do I think about the stability of the solution?

Quite impressive 

What do I think about the scalability of the solution?

Very scalable for the versions available

How are customer service and technical support?

Top notch . Im in Inda and we have the tech support centre running out of Bangalore 

Which solution did I use previously and why did I switch?

No

How was the initial setup?

Excellent support from McAfee 

What about the implementation team?

In house - I did I myself

What was our ROI?

100% worth the money thrown at it

What's my experience with pricing, setup cost, and licensing?

Costing is competitive now that Symantec has almost stepped out of this arena the completion has changed with other players coming up. 

Which other solutions did I evaluate?

No

What other advice do I have?

no

Which deployment model are you using for this solution?

On-premises
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More McAfee Advanced Threat Defense reviews from users
Add a Comment
Guest