McAfee ESM Review

We now have a better view of our security posture from an external and internal point of view. The reporting could use some improvement.

What is most valuable?

Dashboards, which can be customized to display alerts and queries, and rules, which trigger alerts, are the most valuable features for us.

How has it helped my organization?

We now have a better view of our security posture from an external and internal point of view. We are able to do forensic investigations and stop attacks before they occur.

What needs improvement?

The reporting could use some improvement. Also, while the dashboard can be customized to an extent, I'd like to have the ability to do even more customization.

For how long have I used the solution?

We've used it for two years.

What was my experience with deployment of the solution?

We've had no deployment issues.

What do I think about the stability of the solution?

There have been no issues with the stability.

What do I think about the scalability of the solution?

Scaling it has been fine. We've had no issues with an inability to scale.

How are customer service and technical support?

In our experience, technical support has been good.

Which solution did I use previously and why did I switch?

  • QRadar
  • RSA enVision

How was the initial setup?

Deployment of any of these products is easy. What becomes a daunting task is the creation of use cases and also ensuring that alerts are accurate.

What about the implementation team?

We used an in-house team with a vendor in-office assistant.

What was our ROI?

Executives don’t see ROI on this solution as the reports are not meant for C-levels.

What other advice do I have?

Make sure you know exactly why you are implementing it and what you are going to monitor. Also, ensure that you have all your use cases way before venturing into buying a solution of this nature.

Which version of this solution are you currently using?

9.5.1
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More McAfee ESM reviews from users
...who work at a Financial Services Firm
...at Large Enterprises
...who compared it with Splunk
Download Free Report
Find out what your peers are saying about McAfee, Splunk, IBM and others in Security Information and Event Management (SIEM). Updated: February 2021.
Download now
464,594 professionals have used our research since 2012.
Add a Comment
Guest
Author
Highlights
The most valuable feature is the capability to correlate different events from different platforms that we feed into it.
The most valuable feature is that if the scanning does find something, it quarantines it. Then you can decide what you are going to do with it.
It is easy to use.
We are now able to completely monitor our environment so we can review what is there, which is a big win for us.
This solution integrates easily and very well with other technologies.
The solution is 100% stable. We really have had a great time working with it. It hasn't let us down.
Compared to other solutions, the user interface is good.
See more »
Buyer's Guide
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about McAfee, Splunk, IBM, and more!
Download Now
Quick Links
Learn More: Questions: