McAfee MVISION is security for integrated VMware and OpenSite cloud solutions.
McAfee MVISION is security for integrated VMware and OpenSite cloud solutions.
McAfee is fine as an endpoint. We are offering the product to clients for data protection. It is not about this being a reactive solution like a firewall. There should be a shield of gateways, wherever possible, whenever this security solution can be implemented.
The biggest problem we had with this product was when the DDoS (Distributed Denial of Service) did not respond well to a threat. We experienced one virus attack that the product did not catch. I do not know the exact CDC (Communication Device Class) details. That time, we did an analysis, but the systems crashed. We could not even access the infected file servers.
Because we could not access the servers in that attack, we could not even remove all the threats. Eventually, what we had to do is find out which servers got infected and then we had to roll back those servers to a previous backup. It left us in a little bit of a vulnerable situation. It ended up not being what we hoped for in an endpoint solution.
Because McAfee was infected, other endpoint protections were also affected that made the situation more difficult to resolve.
Improvements that I would like to see in MVISION would be to provide some additional features for the cloud to make their product a one-stop solution. For example, every organization is going into hybrid-cloud. That may allow part of a solution on-site. That can be part of multi-tier platforms and would be more flexible.
What they can do is offer more in order to be a leader in innovation for different architectures rather than for enterprise only. For example, the endpoint security product uses every desktop like service. They have the features for the hardware detection and the platform access, then on the application layers. These three layers are a part of the firewall. So these are the firewall and then there are other things they could be offering as a single source to create a more secure environment as a proactive solution.
This is something that definitely could be improved, especially with intrusion detection and intervention. It is very important to do more to cover the security of these more invasive practices. So, they could improve things with a web application firewall, and improve intrusion detection and prevention. Those should be the key areas which they are focusing on right now to improve the utility of the product moving forward.
If you have a look into the Gartner report, there are many companies that are making advances in this category of product and it means competition for McAfee.
I have been using this type of product from McAfee since about six years ago off and on.
I think it is a stable product. It needs to be more robust in identifying threats.
It is a scalable, of course, as it is designed for enterprise use. It is scalable unless you do not configure it correctly and try to work with it without knowing how to do it.
We have been in touch with the McAfee technical support. They also struggled with a problem we had with an infected server. I was involved in the contact with McAfee at the time when trying to resolve the issue. Ultimately, they did not have any solution for the problem and we ended up rolling back the server. In all that is a bit of a problem with the product and the technical support. Neither were optimal.
The installation and implementation are the easiest parts of using the product. The real difference comes in how you want to optimize the performance. That is the key. Otherwise, implementation is not challenging.
By optimizing the performance, I mean that you should not change the function of the basic purpose of a security product. If it is a firewall implemented on the network, that product should be providing the service without excessive expense or resources in performance. We are looking at the cloud solutions in the same sense. There can be performance concerns for products on the cloud. It is a known factor.
Then the second point is all about the features and configuration. The question is about configuration management using tools on the cloud platforms. You may be using multiple clouds. You have to be sure you can configure it so the product remains secure across platforms. Security solutions should also focus on providing that rather than forcing users on to different products and having to manage multiple solutions.
The deployment for McAfee MVISION Endpoint, after everything has been considered and all of the points have been taken into account, takes some time. Say we have got around 3,000 to 10,000 servers. The type of configurations can be critical. If the client provides a rule-based requirement, we have to go with their requirements. Depending on what needs to be configured, this can take more or less time. Each of the servers will take a certain amount of time to do the implementation. So the time estimate for the implementation has to include the customer requirements. Analysis has to be completed for each unique need.
The maintenance is looked after by the client. It should not take more than five to six team members, even if we have a client with 3,000 servers. That is the number of people that we would expect once the product is properly organized and implemented.
That should not be considered just an eight-hour per day effort. It needs to be serviced around the clock because the servers do not sleep. Deployment of people to maintenance teams is important.
With the installation complete, the configuration done, and the maintenance team in place, using the product is all about monitoring it. A lot of intrusion detection is getting automated now, but not everything will be. Someone has to take some time doing analytics with the logs.
We try to configure the solution to sort out many things. We have to work with what the client is expecting and configure for that level of load and to get proper alerts. The configuration will probably be ongoing as a part of maintenance and review.
MVISION is intended as an enterprise product and it is priced like one. That is what I can say about the pricing. Enterprise organizations will be able to make the expenditure and it will not be practical for most smaller organizations. This solution is within the price range of competitors at the enterprise level.
We definitely evaluated other products and continue to. We have to put our case forward for justifying our products and solutions within our company and with our clients. It has been an experience with the POC. Whatever the product and features, the cost-benefit analysis has to be taken in terms of leaky security. That may not matter for certain situations and products, but from our testing and experience, it will definitely matter for this product right now.
Our company has to make a decision about whether they have to switch to a different product internally. If we try to become a partner with a certain company and begin to resell that to other clients, we can get a better price in a negotiation. This may affect the product we end up using.
We definitely need to explore a lot. In this case, it will take a lot of time to consider the benefits of various products and cost-benefits.
My advice to people considering this solution is that they should take a look at it. As of now, that is all I can say. I was not focused on working with all of the products within this category and, after a long time, I am working with them again. Just these last three or four months, I am back into evaluating the security solution sets more rigorously.
I am not biased at this point and have to leave the possibilities wide open in order to make a good recommendation.
On a scale from one to ten where one is the worst and ten is the best, I would rate McAfee MVISION Endpoint as a five to six in a range of ten. The rating is not about the product being perfect, I am not rating it too high because the things that are missing are things that really should be a part of a superior endpoint solution already. They have so much to work on as of now with this product that it seems to be lagging behind. With their experience in the business, they should know these things are important. If you look into the other competing products of whatever brand, the competition has already released identity and access management. The new organizations in the category are coming into this field with all the latest innovations. As more of them do, they will create a challenge in the marketplace. McAfee is lagging a little behind and not moving quickly to keep up.