What is our primary use case?
We use McAfee MOVE AntiVirus for a number of things - the normal endpoint firewall, DLP, solidcore, and more. We have a solution that is at the server. Then we have super agents at the branches, because we are a bank. We use McAfee Data Exchange Layer. We use also use McAfee Endpoint Security. We have all the models that come under McAfee Endpoint Security.
What is most valuable?
The features that I have found most valuable are its ability to detect and delete known malware and the DLP in particular - that's to protect data loss to USB devices.
What needs improvement?
We are currently doing a project where we need assistance on the File Integrity Monitoring feature for McAfee as well as the ability to do classification of data. That feature is there for data protection. We need help to implement it properly.
They could improve the monitoring and classification of the data features.
Additionally, I want to experience the EDR of McAfee. Basically, EDR is the most potent threat now, that's the major concern for a lot of people. This is what is called the file-less attacks. Processes that run in memory, traditional antivirus software are not able to detect that. So the EDR feature has been made to provide the defense mechanism for the endpoint. Those processes can be stopped from running in memory once they are seen as malicious. That's what I understand EDR does. So I want to experience the EDR feature for McAfee to see how that compares with what we are currently using.
For how long have I used the solution?
We have been using McAfee for more than 10 years.
We have a local vendor that supports us.
What do I think about the stability of the solution?
The product is stable. It has worked for us over the years.
What do I think about the scalability of the solution?
As I mentioned, we have this architecture of super agents across network branches. That's what we have done to ensure that, with respect to boundary constraints, only super agents pick up updates from the head office and distribute to the branches.
As a matter of fact, we've only done the deployment to a Microsoft environment. None for Linux or Unix. We haven't done any McAfee for Linux or Unix.
We can still improve on scalability. In fact, some of these things, also depend on other factors and not necessarily on the product. It's very important to put this thing in perspective. The operating environment challenges can also affect how scalable things can be. It's not necessary on the product.
I don't blame the scalability on the product, I am also looking at the operating environment.
I would rate the scalability a six or seven.
How are customer service and technical support?
We are quite satisfied with customer support. We had a challenge about two years ago when we were not getting enough support. But the partner has been able to resolve that now.
Which solution did I use previously and why did I switch?
We do have other anti-malware tools. That's because of the decision we made some time ago for file-less attack scenarios. Because we didn't have McAfee's EDR feature at the time we had to go for another product, specifically for EDR. We are thinking of evaluating EDR for McAfee sometime in the future to see whether we can consolidate our endpoint protection with only McAfee. So there's room for McAfee to evaluate EDR. That's the only feature that we don't have.
In the past we tried ESET. I will say that McAfee happens to be a better product for us. Based on experience, if I'm comparing McAfee to ESET, I prefer McAfee.
How was the initial setup?
McAfee is not that easy, you need to be trained. But because we have an agreement with the vendor that supports us, they provide technical support and assistance to us anytime we need help for any kind of deployment. That's the arrangement that we have.
Deployment took about a month or so.
What about the implementation team?
Going forward, we are trying to convince the vendor to give our in-house staff training to build some level of competence, which hasn't happened yet. That will be one of our medium-term or short-term goals.
We had different experiences. We have other challenges that affect our ability to deploy, which are internal challenges. Typically, deploying the solution should not be that difficult. It's all about getting the right resources to get a deployment done. It's not much of a big deal. It's all about our own internal challenges that we have to overcome.
What other advice do I have?
McAfee is known to be one of the best anti-malware products out there. We are aware of what's happening in the industry.
The only advice I would give is to ensure there's a proper business arrangement in terms of the support. If there is no support from the vendor deploying the solution, then they must enforce training and knowledge transfer during the project implementation period so that there can be in-house support. Otherwise, they should have a kind of agreement that can confirm that the vendors can support them after deploying the solution.
On a scale of one to ten, I would rate McAfee MOVE AntiVirus an eight.
Which deployment model are you using for this solution?