What is our primary use case?
We deploy McAfee products mostly as service delivery providers for our customers. About 60% to 70% of the time we use this solution as the complete, modular anti-virus component for data and endpoint protection. We use the advanced version for device control. Sometimes we integrate Endpoint Encryption for file and folder protection and maybe add in McAfee Application Control to block unwanted applications. We provide services for prevention as well as endpoint and firewall solutions. Depending on what the client wants, there are many of the McAfee modules in this line that we work with to provide an integrated solution.
Unfortunately, we are not using McAfee in our company because there are policies that come from our main offices in India rather than here in the UAE. That is the only reason we are using another solution. But for my own purposes, this is the solution I have chosen to use in my home.
Our customers are mainly medium-sized organizations although we have some enterprise clients. When I say enterprise, I mean companies that have more than 1000 machines. I have very big clients that have more than 2,000 end-users and they are using this product.
What is most valuable?
Often the customers have requirements where we need to provide them with endpoint DLP (Data Loss Prevention) solutions. McAfee's DLP is a very good product. It gives you accessibility to either allow or block many preferences on a machine and does a good job of protecting against any data loss. This is what I think is the most valuable feature in the solution.
What needs improvement?
The improvement that I think most needs to be addressed is a claim from many customers that I receive all the time. They say that the product consumes too much RAM and CPU. It makes clones in the machine and that eats up resources.
It makes the clone as long as it is running on the machine. The problem is big enough for users that I need to have another smart, reliable solution that can be deployed instead if the customer does not have the hardware to allow the product to consume the needed volume of RAM and CPU. If McAfee were able to do all it does without stealing so much of the resources on a machine, I would not have this problem of having to consider other deployments.
For how long have I used the solution?
We have been using the solution for between six or seven years. Earlier it was called VSP. At that time it was not complete all-in-one protection. It has been only for maybe two or three years they have changed the name to Complete Data Protection and made this well-integrated product.
What do I think about the stability of the solution?
From my point of view, the product is very stable and the support team is very responsive. If they release a new update and there was a bug or something, they release a patch or fix for it very quickly.
What do I think about the scalability of the solution?
The scalability of the solution is there. McAfee is one of the oldest security companies. They have been creating and releasing security solutions since 1987, so they know what they are doing and they do it well.
We deploy the solution to medium and enterprise clients so it can scale up and handle larger clients.
How are customer service and technical support?
Essentially, as a service delivery partner, we are also technical support to some level.
Which solution did I use previously and why did I switch?
Because we deploy for clients, we work with a variety of solutions in order to meet their needs. While I am working mostly with McAfee solutions, I'm also very familiar with the broader classification of security solutions. I have worked with various PAM (Privileged Access Management) solutions. I don't only work with McAfee portfolio or their security products but it is what I deploy most often. I am familiar with Symantec, LogRhythm SIEM solution, and Forcepoint. Also, I have worked with security solutions for USB, for the web, for email, and for secure file transfer solutions, so I am very familiar with a lot of security solutions and how they work.
The main difference between McAfee Complete Data Protection and other solutions is that McAfee has a strong point as a comprehensive security solution. With Endpoint Security, you don't have to have different management interfaces to manage your endpoint solutions. It all can be managed from one single server in one interface. This might be their main and most powerful advantage because users do not have to mix and matching various products to accomplish what a security suite can. They also do not have to deal with potential incompatibilities.
How was the initial setup?
The initial setup is something I have done often so it is very clear how to do it and it is easy for me.
On average it takes very little time to deploy. For the management console EPO (ePolicy Orchestrator) it is a maximum of maybe half an hour for it to be deployed. It depends on the server. Deploying the endpoint from the management console also does not take much time. If the network and the firewall ports are open, normally it takes only 5 to 10 minutes and you can deploy it in batches of 50 or 100 machines in each batch. So the total time depends on how many batches, but the installation on the machines can take as little as 5 to 10 minutes.
What about the implementation team?
We do all of our own implementations and the implementations for clients as well.
What other advice do I have?
The advice I have for people considering this type of security solution is not to listen to what all the companies advertise. You can see bad reviews, maybe good reviews as well, but you need to use that information from the reviews as a starting point for your own observations and not just believe what reviews say. I know some reviews on the internet are fair, but some reviews are not. Try to do a POC (Proof of concept) and conduct testing for yourself. Define your policies as per your requirements for your situation and your company and choose products that meet the needs of that model. If you want to install any solution with the default policies, it will probably not fit your requirements exactly. You will need to do enhancements and fine-tune the solution, so you will need a solution that can be tuned. Give the solutions a try. Do the POC for one or two months and then you can decide if it is a good solution for you.
On a scale from one to ten where one is the worst and ten is the best, I would rate this product as an eight of ten. To make it ten or even a nine, they need to resolve the issues with how the solution consumes PC resources.
Which deployment model are you using for this solution?