Cyber Security and Compliance Consultant at Caretower
Reseller
The product has limited capability to integrate with other tools, though it is stable and provides competitive pricing
Pros and Cons
  • "The tool is pretty stable."
  • "Carbon Black has limited capability to integrate with Rapid7."

What is our primary use case?

Our customers use the product for extended visibility and integrations with various solutions they have. They use it for consolidation and advancing their current measures. They also look to reduce costs. If a customer is a VMware client, they may go for Carbon Black to keep it all under one hat.

What is most valuable?

The tool is pretty stable.

What needs improvement?

The product must improve its integration. One of my clients wants to move away from Carbon Black because it doesn't integrate well with their SIEM service. They use Rapid7. Carbon Black has limited capability to integrate with Rapid7. It is something the solution must work on.

For how long have I used the solution?

I have been selling the solution for 20 years.

Buyer's Guide
VMware Carbon Black Endpoint
February 2024
Learn what your peers think about VMware Carbon Black Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: February 2024.
763,955 professionals have used our research since 2012.

What do I think about the stability of the solution?

I rate the stability a nine out of ten.

What do I think about the scalability of the solution?

I rate the tool’s scalability a three out of ten. My clients have more than 500 users.

How was the initial setup?

The initial setup was pretty easy. Overall, I rate the product a ten out of ten. Our customers have the solution deployed on-premise and on the cloud.

What's my experience with pricing, setup cost, and licensing?

Carbon Black provides competitive pricing. I rate the pricing a five out of ten.

What other advice do I have?

Our clients know what they want. Most customers are educated about the products they need. When they request a demo, I organize it with the vendor. I would never recommend the solution. It does the job, but I do not make any money. Overall, I rate the product a five out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Flag as inappropriate
PeerSpot user
KarthikR1 - PeerSpot reviewer
Consultant at NCR Corporation
Real User
Top 5
The solution has an easy setup but needs to mature on cloud environment security
Pros and Cons
  • "I rate Carbon Black CB Defense an eight out of ten for the ease of its initial setup."
  • "The solution has to mature on container security and a lot of cloud environment security."

What is most valuable?

I rate Carbon Black CB Defense an eight out of ten for the ease of its initial setup.

What needs improvement?

The maturity of the Kubernetes security is absent in Carbon Black CB Defense. The solution has to mature on container security and a lot of cloud environment security. Security is available only for Windows, while security for Linux and Mac is not very strong.

The deadlock issue causes me to put more effort into installing an upgrade.

The numerous issues with the environment of the product solution should be addressed. Work orders are taking more than two months to get resolved. There's been one issue open for two months, and the solution they gave is being implemented step by step. Still, it is not meeting the requirements and breaking the system. Hence, our business is completely disturbed.

For how long have I used the solution?

I have been using this solution for more than one year. I'm using Carbon Black CB Defense Version 3.9.

What do I think about the stability of the solution?

There are a lot of issues with the solution's stability. I rate Carbon Black CB Defense a four out of ten for stability.

What do I think about the scalability of the solution?

I rate Carbon Black CB Defense a six out of ten for scalability. Recently, an event was not loading because of some issue with the AWS site.

Our organization is completely deployed with Carbon Black CB Defense. Some machines are sometimes not supported by Carbon Black CB Defense. In such cases, we use some other tool.

What about the implementation team?

The solution’s deployment took seven to eight months.

Carbon Black CB Defense's deployment on Windows is pretty okay, but its Linux deployment is not so great because there is a minimum requirement for the kernel header. Without the mandatory header, it will go to the bypass mode and not communicate.

Which other solutions did I evaluate?

We did evaluate CrowdStrike Falcon and Microsoft Sentinel. These two products are fantastic. A lot of acceptable and unacceptable risks are covered in CrowdStrike Falcon. With these two solutions, the business line continues without disruption, and there's less downtime.

Carbon Black CB Defense is not compatible with many machines. Many of the machines require a minimum prerequisite. However, CrowdStrike Falcon supports even legacy machines. Around 95% of the machines in our organization are covered by Carbon Black CB Defense. However, CrowdStrike Falcon could have covered around 98.9% of machines.

The reporting system is much better in CrowdStrike Falcon, and if you want to pull data, you can customize it as per your requirements. With Carbon Black CB Defense, whatever they offer, we have to get the data. Otherwise, we have to use the API. Even if you use the API, you can only find specific information.

What other advice do I have?

The engineering team needs to understand in detail the behavior of the environment, and they have to give us the solution according to that. A lot of issues are currently going on with the solution. Multiple issues and uncontrollable things are causing us to work till midnight. A lot of issues are coming in, and teams are putting a lot of effort into addressing them. However, we are still not able to meet the customer's expectations.

Like most companies, we don't use SCCM for security reasons. Most companies use different patch tools, but we cannot use these things for pushing the sensor. The solution should make something so that we can centrally push the sensor and install it on all machines. Such a feature will reduce a lot of human efforts.

The solution is deployed both on Public Cloud and On-premises. I would recommend Carbon Black CB Defense to other users.

Overall, I rate Carbon Black CB Defense a seven out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
PeerSpot user
Buyer's Guide
VMware Carbon Black Endpoint
February 2024
Learn what your peers think about VMware Carbon Black Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: February 2024.
763,955 professionals have used our research since 2012.
Group CIO at a construction company with 10,001+ employees
Real User
Top 5Leaderboard
Beautiful analytics and useful offline scanning features
Pros and Cons
  • "I found the offline scanning to be particularly useful."
  • "There is room for improvement in the support and service team."

What is our primary use case?

It has various use cases like firewalls and antivirus. It's been working great for us so far.

What is most valuable?

I found the offline scanning to be particularly useful. Compared to CrowdStrike, it had better IT capabilities and beautiful analytics. Overall, it was cost-effective too.

What needs improvement?

There is room for improvement in the support and service team. The response time could be faster. That's why I switched because the support was not as expected from a company like Carbon Black.

For how long have I used the solution?

I have been working with this solution for three years. I am using the latest version. 

What do I think about the stability of the solution?

I would rate it a nine out of ten. It was very stable.

What do I think about the scalability of the solution?

The scalability of the solution is good and affordable. I would rate the scalability a nine out of ten. There are over 300 users in our company using the solution. 

How are customer service and support?

The customer service and support team took too long to respond to our queries, and the local reseller did his best, but it still wasn't fast enough or knowledgeable enough. It was just too slow in addressing our concerns. Unfortunately, the support service was not up to par.

How was the initial setup?

The setup was nice, but the technical aspects of the product can be challenging. It's not easy and requires someone who really knows what they're doing. Two to three people are required for the maintenance of the solution. 

What about the implementation team?

Generally, the deployment process takes one to two weeks but also depends on the user's training. It's a cloud-based solution, so once you identify the IP address and add it to the user name, it will be available in the software market. This is how most cloud-based solutions work, and it's not complicated.

Once the product is stable, it works well. That's why I renewed it for three years. However, we had a big incident where we did not receive the expected support.

What was our ROI?

We have seen ROI. 

What's my experience with pricing, setup cost, and licensing?

We use a yearly subscription model. It is not cheap, but it is cheaper than CrowdStrike.

What other advice do I have?

I would recommend having a strict SLA with the vendor for support. It's better to buy extra support for the unit.  Overall, I would rate the solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
RizwanAlam - PeerSpot reviewer
AVP - Information Security Governence & Risk Management at Allied Bank Limited
Real User
Top 20
An easy-to-use solution that has a live response which is really tailored to our needs, but needs a lot of time to record all of the behaviors
Pros and Cons
  • "The best feature of this solution is that we have a live response, which is really tailored to our needs."
  • "The solution would be more effective if there was a way to block automatically based on behavior."

What is our primary use case?

We have a dedicated team using this solution. They create incidents, escalate the incidents, and then respond to the events detected by the EDR.

What is most valuable?

The best feature of this solution is that we have a live response, which is really tailored to our needs. 

What needs improvement?

There is no option for the solution to block automatically based on behavior. First, the solution needs a lot of time to record all the behaviors. Then, we manually have to create a behavior analysis rule to detect any malicious activity. The solution would be improved and be more effective if there was a way for this process to be done automatically.

For how long have I used the solution?

We have been using this solution for six to seven months. 

What do I think about the stability of the solution?

The solution is not always ideal, but it is pretty stable. We did face a few issues, in the response feature for example, but they were resolved.

What do I think about the scalability of the solution?

At this point we have not encountered any issues with scalability, but time will tell how much scaling is feasible for us.

How are customer service and support?

The customer support is average. At times I feel like they should have responded to us immediately because we had some issues that needed an immediate reply, but their response was a bit slow. However, overall, they're good and the support is acceptable.

How would you rate customer service and support?

Neutral

How was the initial setup?

It was not easy and we faced challenges, but it was okay. We're also dealing with an issue involving multiple unsupported OS's because we have so many Linux products in our infrastructure. I would rate the initial setup as a three out of five, with one being difficult and five being easy.

What other advice do I have?

This is a good solution, but there are a lot of improvements needed. I am overseeing the project part of the solution, not the deep technical side. As far as my knowledge is concerned, it's an easy-to-use solution and it has many good features, but it also has many features that require improvement. I would rate the solution as a six out of ten. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Nikunj Kamboj - PeerSpot reviewer
Cybersecurity Analyst at OnX Canada
MSP
Integrates well with our existing SIEM tool and helps in identifying suspicious activities
Pros and Cons
  • "VMware Carbon Black Endpoint is a highly stable solution."
  • "Performing a malware scan usually takes a lot of time, more than 24 hours."

What is our primary use case?

VMware Carbon Black Endpoint is a log system for one of the clients, and that's the main source where we get logs for their endpoints.

What is most valuable?

VMware Carbon Black Endpoint is a highly stable solution.

What needs improvement?

Performing a malware scan usually takes a lot of time, more than 24 hours.

For how long have I used the solution?

I have been using VMware Carbon Black Endpoint for two months.

What do I think about the stability of the solution?

I haven’t faced any issues with the solution’s stability.

I rate the solution ten out of ten for stability.

What do I think about the scalability of the solution?

Around 500 users are using VMware Carbon Black Endpoint in our organization.

I rate the solution ten out of ten for scalability.

What other advice do I have?

The solution's integration with our existing security infrastructure is good. Whenever we have any alert in VMware Carbon Black Endpoint, we can easily that alert in our SIEM tool and check logs from the SIEM tool itself. VMware Carbon Black Endpoint is just a secondary security tool for us, and we are just monitoring the alerts from it.

The solution's behavioral analytics feature helps in identifying suspicious activities pretty well. Whenever we have even a small thing, we get an alert. The solution is deployed on the cloud in our organization.

Performance-wise, the solution is doing great in terms of connecting to the host directly. Performing a malware scan usually takes a lot of time, more than 24 hours. A malware scan is something that we do only on Carbon Black for the old endpoint devices and servers. It used to take sometimes three days to perform. I would recommend the solution to other users.

Overall, I rate the solution an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
PeerSpot user
Abbasi Poonawala - PeerSpot reviewer
Chief Enterprise Architect at a financial services firm with 10,001+ employees
Real User
Top 5Leaderboard
Monitoring Carbon Black Agents with Forescout Extended Module for CB.
Pros and Cons
  • "Technical support is excellent."
  • "In the next release, it would help if we can get better control over containers."

What is our primary use case?

We use Carbon Black agents that are monitored by the Forescout Extended Module for CB. It will check that CB Agents are deployed and are in running state to secure containers across vmware environment.

The dashboard shows the security analyst who looks at the reports of the threats around policies monitoring Carbon Black agents. The discovery happens in Carbon Black, and as part of the discovery, it will monitor multiple Carbon Black agents. Deployment is on hybrid cloud VM cloud on AWS.

What is most valuable?

Technical support is excellent. It's also stable, scalable, and easy to implement.

What needs improvement?

In the next release, it would help if we can get better control over containers. This will help secure the containers in multiple environments. For example, we need to secure the Kubernetes containers. Apart from admin user login to see containers processes running, developers & operate team users also should be seeing the container's processes running.

For how long have I used the solution?

I have been using Carbon Black CB Defense for the past year.

What do I think about the stability of the solution?

Carbon Black CB Defense is a stable product.

What do I think about the scalability of the solution?

Carbon Black CB Defense is a scalable product.

How are customer service and technical support?

We have extended support from the IT technical team and the engineering team from VMware. Their support is excellent. I don't see any issue with technical support.

How was the initial setup?

The initial setup and installation are straightforward. Typically it takes just two days to set up Carbon Black agents for the post cloud. A team of about 15 technical people deployed this solution.

What about the implementation team?

There is a very big team from VMware, including VMware support, who implemented this solution. 

What's my experience with pricing, setup cost, and licensing?

The licensing costs depend on how many policies you have on the extended module for CB. We pay between $5,000 to $7,000 for a license for the Carbon Black monitoring agents.

What other advice do I have?

On a scale from one to ten, I would give Carbon Black CB Defense a seven.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Director, Information Technology at C.E. Niehoff & Co.
Real User
Top 20
Has an ongoing monitoring feature that emails updates when endpoint threats are detected
Pros and Cons
  • "The feature I found most valuable in Carbon Black CB Defense is the ongoing monitoring feature that works by emailing updates about any detections found."
  • "What was rolled out to my company are mixed versions of Carbon Black CB Defense, so what I'd like to see in the next release is more synchronization, where it can detect the endpoint that's running an old version and suggest updates."

What is our primary use case?

Carbon Black CB Defense is a sensor for ongoing monitoring. It was deployed and is being used in conjunction with a cloud product called Red Canary.

What is most valuable?

The feature I found most valuable in Carbon Black CB Defense is the ongoing monitoring, though I'm not sure if it's because of the solution, or if it's because of Red Canary. The ongoing monitoring feature works by emailing updates about any detections found.

What needs improvement?

Currently, it's hard to comment on areas for improvement, because I haven't used Carbon Black CB Defense long enough.

What was rolled out to my company are mixed versions of Carbon Black CB Defense, so what I'd like to see in the next release is more synchronization, where it can detect the endpoint that's running an old version and suggest updates. That's the only thing I can think of right now.

For how long have I used the solution?

I've been using Carbon Black CB Defense since October of last year.

What do I think about the stability of the solution?

I haven't had any major degradation in the performance of Carbon Black CB Defense, so I find it stable. It's holding up very well.

What do I think about the scalability of the solution?

I have no comment on the scalability of Carbon Black CB Defense at this point.

How are customer service and support?

I haven't even had to reach out to the technical support team of Carbon Black CB Defense at this point, so no comment.

Which solution did I use previously and why did I switch?

I did not use a different solution. This was the first time I used this type of solution.

How was the initial setup?

In terms of initial setup, rolling out Carbon Black CB Defense was pretty straightforward. It wasn't that big of a deal.

What about the implementation team?

The deployment of Carbon Black CB Defense was done in-house, and took two weeks total, because it was a hybrid deployment, which means that it was done on a one-on-one basis.

What was our ROI?

In terms of ROI from Carbon Black CB Defense, it's a little early to see it.

What's my experience with pricing, setup cost, and licensing?

In terms of licensing costs, Carbon Black CB Defense was all associated with CROW and the services my company is using with them, so it came all-inclusive.

Which other solutions did I evaluate?

My company didn't evaluate other options, because Carbon Black CB Defense was suggested by CROW. My company just went with what they suggested.

What other advice do I have?

I have experience with Carbon Black CB Defense. My company has already adopted a solution that uses Carbon Black CB Defense, particularly with a company called CROW.

Carbon Black CB Defense was deployed hybrid in terms of what my company does. The cloud provider used was CROW.

My company has 200 users of Carbon Black CB Defense. It's being used in the whole environment. Three people from IT are in charge of the maintenance and full deployment of the solution.

In terms of increasing usage, the solution is being used in the entire environment, and usage will be increased if there's growth in personnel.

At this junction, I'm rating Carbon Black CB Defense an eight.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Security Consultant at a manufacturing company with 10,001+ employees
Real User
It has a higher detection ratio because it's cloud-based and it also does a lookup to virus total.
Pros and Cons
  • "Carbon Black Defense has a higher detection ratio because it's cloud-based and it also does a lookup to virus total."
  • "It gives you all of the information in a short and sweet fashion."
  • "Adding an application and a device control feature would be a great help for this solution."
  • "Report generation can be improved."
  • "But here, we hardly can take any kind of a report out of Carbon Black, so I think that should be something that should be more user-friendly."

What is our primary use case?

It was basically for an EDR solution. We were apparently in the migration phase, to be frank. We were using McAfee VSE, and we wanted a media solution which would give us more insight in terms of the events that are happening with respect to Malware threats. So that's the reason why we went for the Carbon Black Defense.

How has it helped my organization?

It has improved the number of alerts or the number of threat events that we are able to recognize in our environment. And it also highlights the usage of potentially unwanted programs. So these are the ways in which that highlighted the possible vectors through which we can have an incident happening in our environment. That is one thing that we have seen. 

In addition, the detection ratio compared to that of a typical anti-virus and the EDR solution or the next gen AV as they call it, is on the ratio of one to ten when you compare it with a Symantec Endpoint Protection, McAfee AVR, or VirusScan Enterprise versus Carbon Black Defense.

What is most valuable?

Carbon Black Defense has a higher detection ratio because it's cloud-based and it also does a lookup to virus total, so it is out of like 65 vendors that are normally listed in virus total, if there are any kind of hits out of those, in that case, it is getting recognized as a known Malware or a suspected Malware. Under these categorizations, we are able to see a spike in the detection ratio. It is enlightening us with respect to what are the programs that are generally used in our environment and how they are compliant with our environment.

What needs improvement?

It is still evolving, as we see. We started using the version 3.0. We've been migrating and upgrading as well, laterally, until version 3.2. So, we have been seeing a lot of improvements in general in terms of bug fixes and in terms of what are the things that we had encountered.

I think they can probably bring in because there is a little bit of a gap between the native Antivirus solutions like Symantec or McAfee. So, you really can't say whether an end user will not be able to judge whether it's a Malware-free software that they are downloading or not. In those cases, if you have an application and a device control feature, I think it would be of great help.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

We had some issues with the stability. In regards to the driver file, and the CTI files, there were some issues.  In addition, there were a couple of issues with servers and the workstations. It was an intermittent issue, and not widespread. But it was basically because the current organization I'm working with, we created a lot of in-house applications. They don't go very much hand-in-hand with Carbon Black enabled. They have certain behaviors, like they inject code into themselves, which is a design that they have. Even the Microsoft authorized or licensed tools exhibit such kind of a behavior. And these behaviors are being identified as a malicious behavior. 

I think it would be better if they can have an application database, where if these kind of applications are performing this, you can bypass, or you can overlook them. Something like that would be helpful. Otherwise, we will have to manually bypass them or allow them logs, as per the policy configuration for these applications. It takes a little bit of an extra time in terms of developing a new tool in the in-house application, as concerned.

What do I think about the scalability of the solution?

I would say, not really. But we have a, how to say, our hands are tied down in terms of generating reports to understand or analyze the trend or anything of that sort. Because when you look at the EPO, you will be able to do certain trend analysis on the basis of the data that is already available in the database. But ,we can hardly take any kind of a report out of Carbon Black, so I think that should be something that should be more user-friendly. They are asking us to use API's, and not everybody is well-versed with API's or scripting.

They also do have a limitation on that, in terms of pulling out the raw data of events. The event generation is like a 1:10 ratio like I said. That detection is also on the same base. So if you have to pull out a report for an end-point count of, say, 35,000 to 40,000 endpoints, the events will be on the higher side. So, the limitation is set to 5,000, which is not realistic.

How are customer service and technical support?

Tech support with Carbon Black is a current point of contact in the tech support. So whatever it is we interact with a single point of contact. And more of a liaison where he can bring in people from the developer side, or the account manager, or the technical manager, or whatever it is. We can get them into loop. That's the kind of the support level that we have subscribed. We don't reach out to the normal tech support by call-dialing into a number. They are responsive. We have really not tried off-business hours out of US time zones. I think that causes a little bit of a challenge because we are not able to catch hold of the right person at the right time in case of any kind of outages or something like that.

The service response is pretty much satisfactory. But if you look into a 24-7 support, then you might have to wait in the morning. I'm located in India, so if we have to look into reaching out to a person in the US during the Indian business hours, in that case, it's night. So, we will not be able to reach our support person. So we might have to rely on calling someone during that time. But we normally don't do that. Until now, we have not got any kind of an issue where we really have to contact tech support during the off-business hours. Because we do have our US counterpart, so we work on that particular region timings so that we can involve Carbon Black support to get the maximum out of them.

Which solution did I use previously and why did I switch?

We did a comparison of products and analyzed how many of them are getting detected on a weekly basis. We also did a trend chart for a monthly threat review. Which basically was with McAfee VSE and Carbon Black. And we thought, that is the reason why  it was like one is to ten over a week or a monthly trend.

How was the initial setup?

I was part of the initial set up. We were doing a comparison with FireEye HX and other tools, as far as CrowdStrike ,Avira and Carbon Black. We chose Carbon Black, and I was part of the initial setup. And since we don't have an in-house setup, we have a cloud-based console, we don't have a dedicated server set up. It's much easier to implement with a cloud-base. So the resource requirement is much lesser in terms of the hardware is concerned.

I think it took somewhere around four to six weeks of time. We had the implementation done and then we were into the testing phase by doing UT testing and stuff like that, internally with a closed group. And then we moved on to selected groups and users who might be important in terms of revenue generation, and stuff internally, so we did that. And then we moved on to the global deployment. I think, over a period of time, I would say the initial implementation was done with a maximum of four to six weeks. And then, I think within six months of time, we actually had the complete deployment done.

It was pretty straightforward. The console was easy to understand because we have had complex consoles with EPO. This was a pretty straightforward console. And the user guide basically gave us the information about what we can do and what is available. Though it can still be more extravagant in terms of describing itself. But, it just gives you the right information in a short and sweet fashion.

What was our ROI?

They're still evolving. I think they should reach there in a couple of years, I would say. I'm not really sure what is their roadmap, so that is one thing that I can say. But that should be something that would come up as an add-on or something like that which can be purchased or which can be given as a free component as well. I'm really not sure, but I think they might think in these lines, to bring about a better security control with the Carbon Black AV, to be specific.

I think the only advice that I would like to give is you need to really test it on different platforms. That's the only advice I can give you, because if you have a versatile environment, such as ours, while we do create a lot of in-house applications, we need to have an extensive testing done so that we don't end up creating a roadblock for other teams who are into software development and software testing. And those kind of lines. That might create a lot of issues with Carbon Black. If you test it prior, then probably you would have a better idea as to what you're getting into. And implementing it would be even more easier in that case. I think we did the right thing in terms of that because we know our environment better. If you know your environment better, you would do the right thing.

What's my experience with pricing, setup cost, and licensing?

I just told you the price point that's one of the factors, basically because that is what the higher management gave us as an input. But, we didn't play a major role in terms of deciding. That was done by another person from the organization. So, that was just a communication that we received. So, that's how much I know about it.

Which other solutions did I evaluate?

We also had a review of FireEye HX as well, but we chose this in terms of the utility and also in terms of the cost involved. So that is the reason why we chose CB Defense. And, so, that's the reason why we are currently using CB Defense. We wanted to have an insight about Malware, the vectors for which they come into and what kind of a behavior they exhibit. So these are the things that we are basically looking to the Carbon Black Defense.

I think they can probably bring in because there is a little bit of a gap between the native Antivirus solutions like Symantec or McAfee. McAfee does have a separate product, the application control. And Symantec Endpoint has the application and device control as a built-in component in 11, 12, and I think in 14 it has the same. But the EDR solutions currently don't have that kind of a feature. So, if they can incorporate that, it would be a better security control and an antivirus, basically, because you do have instances where Malwares are getting into the network through an RFD or through a particular free software that users might download from the internet.

What other advice do I have?

In terms of the fixes from what the behavior was with the environment, it has been evolving. And the only thing that could be improved is enabling Carbon Black to be a part of the image so that when we are doing a image refresh, Carbon Black would be present by default. But in the current conditions, by definition, it needs to have an internet connection for you to install Carbon Black. Because it connects to the cloud as a first step after you start the installation. So, since we cannot have that kind of a set up for an image, we are not able to put it into an image, basically. So if there comes any kind of a version where it can be done, probably it might be more helpful in terms of a mass deployment.

They might have to create a little bit of better knowledge base articles which will give us an insight as to how this is working and what logs we can look into for analysis. The gap can be made much shorter in that aspect. The report generation and trend analysis or data analysis can be improved.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free VMware Carbon Black Endpoint Report and get advice and tips from experienced pros sharing their opinions.
Updated: February 2024
Buyer's Guide
Download our free VMware Carbon Black Endpoint Report and get advice and tips from experienced pros sharing their opinions.