McAfee ePolicy Orchestrator Room for Improvement

Lokesh Puthalapattu - PeerSpot reviewer
Senior Marketing Specialist II at Harman International

McAfee ePolicy Orchestrator could improve by supporting container microservices, such as Docker and Kubernetes.

View full review »
Ravikant Kaware - PeerSpot reviewer
Lead Engineer at a tech services company with 10,001+ employees

There are challenges regarding the compatibility and agent functionality of the product. The aforementioned area can be considered for improvement.

The setup and deployment phases need to be improved.

The issues with the integration capabilities of the product, specifically the ones that are deployed on an on-premises model, need to be improved.

View full review »
KM
Sr. System Engineer at Zensar Technologies

The areas of concern where improvements are needed are related to the product's assignment policy and tag assignment, where users can assign the policies with the help of tags and sort out the systems.

View full review »
Buyer's Guide
McAfee ePolicy Orchestrator
March 2024
Learn what your peers think about McAfee ePolicy Orchestrator. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
EJ
Cyber Security Coordinator at Gecelca SA E.S.P.

The way that ePolicy launches the updates is very slow. It would be great if that was faster. 

They need to enhance their vulnerability scanner so we can be more secure.

The most tedious part of the product is when you block USBs. To make an exception for a user means you have to deal with a very difficult user interface. It would be better if they fixed that so only the administrator could click it somewhere and give permission. Right now, the user has to send a keyword, then the administrator has to use that keyword to make the exception for the user. It's very complicated for the user to do. They don't know how to do that.

They could use some cell phone MDM to control the cell phones and the tablets and stuff. They don't have that. They need better integration with MDM devices. 

View full review »
Iramm Sheikh - PeerSpot reviewer
Lead Software Developer at Peristent Systems

The installation process is quite difficult and requires technical support.

View full review »
JohnBlack - PeerSpot reviewer
Founder and CEO at Offset3, LLC

In addition to tuning for false positives and improving the upgrade path, integration with newer cloud-based services could be enhanced. As more organizations move to hybrid or cloud environments, seamless integration will be critical.

View full review »
PK
Manager at Erisk solution

McAfee ePolicy Orchestrator should improve its integration with other tools.

View full review »
Kirolos Labeb - PeerSpot reviewer
CyberSecurity Operations at EliteVAD

There are some issues we are having with updating our Windows server. So we need to contact support or access our support portal.

So, they should modify the cybersecurity suites to allow the customer to work properly again.


View full review »
BernardLugalia - PeerSpot reviewer
Cyber Security Engineer at a tech services company with 11-50 employees

There's one room for improvement. We need to consolidate multiple features into one console. It would be beneficial to have all the important features on a single platform. Instead of using separate agents for tasks like antivirus and demos, it would be better to have a unified agent that can handle everything.

I would like a unified agent that can handle multiple tasks.

Another useful feature would be an email solution. It could be helpful. Also, having the capability to check for data vulnerabilities would be a great addition. In the future release, I would like to have a feature that checks for vulnerabilities

View full review »
BD
cybersecurity specialist at a mining and metals company with 10,001+ employees

In terms of what could be improved, I would say the impact of the agent on the endpoint's performance - the resources it takes. Additionally, the difficulties we experience with inheriting and breaking inheritance on the organization's structure breakdown for policy inheritance and then for rules inheritance. We are actually struggling with this.

As for what I would like to see in the next release, that is related to the disadvantages, the drawbacks as I would call it. Some tuning of the inheritances for policies and things, so that we can extend policies to a lower level in the organization or in the structure. Inherit and extend rather than break the inheritance and start again on a lower level, because then, when on a higher level, and something changes, it has to be replicated on a lower level, rather than being taken automatically into account which complicates the management. Additionally, some performance tuning on the endpoints to make sure the agent does not take too much resources or it could be further granularly customized. Something like it should not take more than X percent of memory or of CPU in office hours, business hours, and could take more outside of those hours. So some tweaks, improvements, and configuration options in these areas.

View full review »
SS
Instrument and Control Engineer at a energy/utilities company with 10,001+ employees

Sometimes agents hang. We have to reinstall the agents. On top of that, we have too many advisories for ePO. There are stability issues. 

View full review »
SO
Technical Support Engineer at Professional Technologies Kenya

There are some features available with the on-premise version that are unfortunately not available on cloud such as encryption. For now, there is only management for native encryption and not full drive encryption. I'd like to see more integration and a lighter antivirus; most of the complaints from customers relate to the search utilization.

There needs to be more integration. Customers want to see MVISION Cloud integrated with things like SIEM, whether it's Microsoft, Fortinet, or something else.

View full review »
VW
Owner at Network Technics & Systems Ltd

The rollout to cover the online resources, such as SharePoint, One Drive, and Office 365 doesn't seem to have a very clear path. There is a lot of different information all over the place and there's probably a need to have some technical ability to understand how to bring solutions to fruition.

There doesn't seem to be any documentation in place to guide you. Unless you are a technical person, it's very difficult to bring that solution to fruition.

The product is good but they just have to document how to use the different products and bring them into one platform, one solution. You shouldn't need to be a technical person to do that.

You can roll out to all of the endpoints easily, but now if I need to protect the online cloud resources like SharePoint sites or SharePoint libraries, that is where the biggest worry is because people feel things like the cloud contains threats. They're not concerned with how to do it or to make sure that they have visibility and protection. 

This is where it gets a little bit tricky, but even McAfee themselves are not giving a very clear road map or very clear documentation to know this is how to go about it, and this is how to achieve it. Again, we do not have to have a technical background to be able to synchronize.

I think that they should drop their high costs of training. Many people will train themselves and still sell the product. They implement their product and they will recommend it. If they make the training available then the uptake will be higher.

View full review »
OR
Senior Network Security Planning at Ooredoo Kuwait

The Virtual Patching feature needs to be improved.

We would also like to have something in the cloud.

View full review »
JD
Chief Information Security Officer at a venture capital & private equity firm with 201-500 employees

There should be more insights and completeness into the cyber kill chain, similar to CrowdStrike and SentinelOne. It just seems a little outdated in being 100% signature-based without all of the insights and protections that come with CrowdStrike and SentinelOne. Overall, they've got some catching up to do if they plan to compete in the comprehensive EDR space.

View full review »
JC
IT Security Consultant at ZOL Zimbabwe

This solution ships with SQL Express, and we have issues related to database corruption in the event of power loss. Especially on this side of the world, we have a lot of power outages and most companies do not have backup power solutions. In most cases, when the power goes out, the database tends to corrupt a lot. For example, clients will be having trouble logging on because the login credentials are corrupt. They have to do something to make the solution more resilient or recoverable from power failure events, which may include creating their own database.

View full review »
AM
Antivirus Support Team Lead at a insurance company with 1,001-5,000 employees
a. Reporting: The pre-canned ePO queries can be improved View full review »
EG
Information Security Officer at a financial services firm with 501-1,000 employees

I can't speak to what is missing from the latest version. We have an old version and in the coming weeks, we are going to upgrade to the latest version. We have to see on that one if there are any missing features. 

One thing that I don't like is that McAfee products change very often and upgrade very often. The annoying thing that I have noticed is that these new products do not work anymore on older Windows versions. Let's say a new version of antivirus does not install on Windows 8. You have to implement an older McAfee in an old version of Windows. 

View full review »
SB
Network Security Consultant at a tech services company with 10,001+ employees

The solution could improve the EDR component in many areas, such as the zero-day and persistent threats. The implementation is also complex for this feature.

There are different policies in the solution, such as EPO for EDR, and for Sandboxing, but when it comes to the EPO it is only for the policy orchestration and not for the analysis, incident management, or for the team who is working on the cyber security. They need to know how to use a different console, which is integrated nicely in their cloud platform called Envision but they have not done it in the EPO. 

I don't know what the McAfee strategy is, why they have not integrated the EDR analysis piece into the EPO. It is already available in the Envision, but not in the EPO. This is a difficulty. Whenever there needs to be any analysis, correlation, and in-depth EDR functionality it is not part of the EDR. There is a separate console for it. We need to depend on the inventory and the policy, and the EPO, but when it comes to analysis and in-depth alert details, then we need to dive into another console.

There are times when it is good to have one console to allow people to receive the trained analysis and historical data related to that particular incident.

View full review »
AS
Cyber Security Consultant at a computer software company with 51-200 employees

McAfee ePolicy Orchestrator requires a lot of manual work. For example, if you use Symantec DLP, only one policy is needed, and you can apply it to all of the channels that are an endpoint, like the web or email. With McAfee, you need to create separate rules for all of those channels. One policy for email, one policy for web, and so on. I would like to see McAfee reduce the amount of manual work required.

In the next release, I would like to see an integration with third-party solutions for classification. We find that implementation is limited for some products. I would like an open API that we can integrate with other classification tools. 

View full review »
VO
Information System Security Coordinator at a comms service provider with 501-1,000 employees

From my point of view, the solution is good. Even if there are problems we're able to find a resolution quite quickly. There were some issues in earlier versions but after the upgrade to the latest version, we haven't had any issues. 

I have noticed several times that some viruses were not detected by McAfee ENS and we had to escalate support and modify detection signatures. The detection aspect should be improved so that signatures are updated more quickly.

For additional features, there really isn't very much to suggest. The main issue would be to improve detection. 

View full review »
it_user831093 - PeerSpot reviewer
System Engineer at Inbox Business Technologies

There are some issues relating to the automation of reports. That's why I wanted the DLP reports. There are some problems in this area. Sometimes it does not work even though all the configuration words are right. There are also some problems with automatic updates.  

There have been some problems with monitoring the logs. It's not very user-friendly. 

View full review »
it_user147219 - PeerSpot reviewer
Senior Manager of System Security with 5,001-10,000 employees
Although it has the ability to auto create service tickets, it needs to expand to allow more products this ability. It also seriously needs a better way to direct connect to remote users not located within the network. View full review »
SA
Senior Manager at a tech services company with 1,001-5,000 employees

The solution needs to be more clear about the licensing. They should have a way for users to educate themselves on the costs so that companies can figure out how to reduce costs.

There needs to be support for Mac computers. Currently, McAfee does not work on iOS.

View full review »
JF
Security Analyst at a financial services firm with 201-500 employees

The solution sometimes has some false positives on connections from the web control aspect of the product. This needs to be improved.

When you have false positive on the firewall, it rarely blocks off some legitimate connections to our network. 

The reporting could be better. 

Search or filter on Knowledge base gives broad choices instead of almost specific to your search. 

agent communication between client and server but products are not deployed.

View full review »
it_user177054 - PeerSpot reviewer
President - Systems Engineer at a manufacturing company with 51-200 employees

I am not familiar with the newer versions, but the biggest issues we had with our version were false positives and performance degradation.

View full review »
it_user137403 - PeerSpot reviewer
Senior Manager of IT at a recruiting/HR firm with 51-200 employees

I would like to see the solution provide a function to roll back patch deployment and alert the administrator about which system is not supported per patch level. It should retain all previous patches in the system to support legacy systems, including the latest patch that was checked in the system.

View full review »
it_user280122 - PeerSpot reviewer
Security Professional with 501-1,000 employees

The fact that it uses MSSQL, and cannot be deployed on anything other than Windows, can be a problem. The system can get slow at times when you do big searches and reports.

View full review »
it_user1281699 - PeerSpot reviewer
Senior Consultant at a financial services firm with 10,001+ employees

There is a problem when it comes to agent communication and duplicate records, where the rebooting of a machine leads to the installation of a new agent and you get a lot of duplicate records that ultimately affect your compliance monitoring.

View full review »
SM
Cyber Security Consultant at a tech services company with 10,001+ employees

The product could have a single plug-in that would have multiple uses rather than a single plug-in which is used for a single purpose. Each aspect has a separate plug-in. They should concentrate on providing something for all of the options that are available.

View full review »
SS
Technical Engineer at a tech services company with 1,001-5,000 employees

McAfee ePolicy Orchestrator needs to upgrade the technology; it's like their area function is not quite as good as compared to other market vendors. So they have to work on it.

View full review »
SS
Technical Engineer at a tech services company with 1,001-5,000 employees

McAfee ePolicy Orchestrator needs to upgrade its technology since the solution's EDR function is not good compared to other vendors in the market.

View full review »
KR
Implementation Engineer at a tech vendor with 201-500 employees

As for improvements, I think that putting everything on a cloud and one console would be a great idea and would be useful for customers. 

View full review »
RK
Information Security Analyst at a tech services company

McAfee should improve in terms of customer support and assigning a knowledgeable TAM to customers.

Threat detection capabilities should be increased for both viruses and other threats.

View full review »
Buyer's Guide
McAfee ePolicy Orchestrator
March 2024
Learn what your peers think about McAfee ePolicy Orchestrator. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.