Dashboards, which can be customized to display alerts and queries, and rules, which trigger alerts, are the most valuable features for us.
McAfee ESM Review
We now have a better view of our security posture from an external and internal point of view. The reporting could use some improvement.
What is most valuable?
How has it helped my organization?
We now have a better view of our security posture from an external and internal point of view. We are able to do forensic investigations and stop attacks before they occur.
What needs improvement?
The reporting could use some improvement. Also, while the dashboard can be customized to an extent, I'd like to have the ability to do even more customization.
For how long have I used the solution?
We've used it for two years.
What was my experience with deployment of the solution?
We've had no deployment issues.
What do I think about the stability of the solution?
There have been no issues with the stability.
What do I think about the scalability of the solution?
Scaling it has been fine. We've had no issues with an inability to scale.
How are customer service and technical support?
In our experience, technical support has been good.
Which solution did I use previously and why did I switch?
- QRadar
- RSA enVision
How was the initial setup?
Deployment of any of these products is easy. What becomes a daunting task is the creation of use cases and also ensuring that alerts are accurate.
What about the implementation team?
We used an in-house team with a vendor in-office assistant.
What was our ROI?
Executives don’t see ROI on this solution as the reports are not meant for C-levels.
What other advice do I have?
Make sure you know exactly why you are implementing it and what you are going to monitor. Also, ensure that you have all your use cases way before venturing into buying a solution of this nature.
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: May 31 2016
Author
it_user182445
ICT Security Officer at a healthcare company with 1,001-5,000 employees
Vendor
BUYER'S GUIDE
Download our free Security Information and Event Management (SIEM) Report and find out what your peers are saying about McAfee, Splunk, IBM, and more!
