We have been using this solution for almost seven years.
The primary use case for this solution is to protect our endpoints. We are using an on-premises deployment model.
McAfee ePolicy Orchestrator is also known as McAfee ePO, ePolicy Orchestrator, Intel Security ePolicy Orchestrator.
Download the McAfee ePolicy Orchestrator Buyer's Guide including reviews and more. Updated: October 2021
We have been using this solution for almost seven years.
The primary use case for this solution is to protect our endpoints. We are using an on-premises deployment model.
This is a centralized solution, and we have very good control over the endpoints when using this product.
The most valuable features of this solution are the antivirus and the DLP.
The interface, dashboard, and reporting are all very good.
The Virtual Patching feature needs to be improved.
We would also like to have something in the cloud.
The stability of this solution is fine.
This solution is very much scalable.
We have more than fifteen-hundred users. It is our only protection that we have for our endpoints, and we plan to increase its usage as we grow.
I would rate technical support an eight out of ten.
They do help to resolve issues quickly, but sometimes the responses come back late.
We were using Symantec prior to this solution, but we switched because of the cost.
The initial setup of this solution is straightforward.
Our deployment took place within one week.
Our reseller assisted us with the deployment.
This solution is priced in the mid-range.
We evaluated Trend Micro before choosing this solution, but we selected this one because of pricing and features.
This is a solution that I recommend and would suggest for others to use.
The biggest thing that I have learned from using this solution is that it is very easy to use.
I would rate this solution an eight out of ten.
I have been working with McAfee ePolicy Orchestrator since 2005.
We are a service provider and system integrator, and this is one of the solutions that we provide for our clients. Most of the deployments we have done are on-premises.
The most valuable feature of this solution is the ability to configure and deploy everything from a single, web-based interface.
This solution ships with SQL Express, and we have issues related to database corruption in the event of power loss. Especially on this side of the world, we have a lot of power outages and most companies do not have backup power solutions. In most cases, when the power goes out, the database tends to corrupt a lot. For example, clients will be having trouble logging on because the login credentials are corrupt. They have to do something to make the solution more resilient or recoverable from power failure events, which may include creating their own database.
This is a stable solution to use. The only problem that I've noticed relates to updates, and it has only started recently. After getting an update, there are issues with connecting. It all comes down to how often the machines update their Windows OS. McAfee tends to have a problem with connectivity and stuff like that.
In terms of scalability, McAfee is the best there is from all of the products that I've used. Why I say that is because you can manage a lot of products if you install the endpoint security pack. The is one of the products that has impressed me over the years. There is a version of the solution that actually allows you to manage certain versions of Symantec products. So, this is a good product, and when it comes to scalability, I think it's one of those products that you won't go wrong with.
We do have some larger corporate clients, but there are not many of them. Most of the client base in Zimbabwe is small to medium-sized business. The majority have less than two-hundred and fifty PCs on-site, which I consider being small or medium size. We also do support for hospitals, schools, universities, and even government.
McAfee technical support is ok, but we do not contact them very often. Every year, they impose certifications on us, so in most cases, we have certifications for the different products that we support. This means that we hardly require support because we are well equipped when it comes to doing our job. If we do get something that we don't quite understand, McAfee has got a knowledge base that we usually refer to. This is helpful when it comes to some of the problems that we face.
Over the years, I've noticed that the initial setup is very easy. It may be because I've worked with it for a long time, but the initial setup is easy, and even when it comes to doing the configuring for the projects, it is not complex.
Most of the setups that I have done are on-premises, where I have to set up the physical machine, and I haven't had any problems. It usually takes less than thirty minutes for everything to be set up and the deployment complete.
We implement this solution for our clients.
This is a solution I recommend very much. For anybody who is implementing this solution, I suggest that they read through the product manuals and documentation. I have noticed that it is an advantage to read through the manuals because people who do not, tend to miss things, and then blame the product for not working. I would say that McAfee is a good product, and over the years I have found it to be very stable and very effective when it comes to managing other products. We have all that we wanted to do with McAfee.
In the time that I have been using this solution, I've noticed that when I perform a setup on different platforms or different networks, I've gotten to learn new things because each and every network is different. When it comes to troubleshooting network issues, I have learned a lot, especially things related to cybersecurity.
This is a very good product, but they have a database issue. Having a McAfee-only solution, rather than having to bring in a Microsoft product, or one from another vendor would make this solution perfect.
I would rate this solution an eight out of ten.
It is an endpoint protection product. You use it to centrally manage security policies and push out configurations, then you manage the antivirus on endpoints.
We use the on-premise deployment model.
If you're talking about endpoint, you have virus detection, behavioral-based detection in advanced threat detection, and even have host-based firewall, etc. Each of these would be a separate product that would integrate into the endpoint solution. From a cost perspective that would scale pretty quickly, which is not cheap. Also, it creates management overhead. We have to administer and configure it separately with a separate lists of policies. This is where it gets a bit complex, but it gives us the power to do things very specific.
Once you understand how to use it, it becomes easy to use.
The product is solid. It's a bit of a beast. We've used it in a very large environment where we manage around 150,000 endpoints, and it is able to cope with the load. It helps that our architecture around it is pretty solid. So, it works like a charm.
There have been some issues with bugs and things from a functionality perspective. However, there are issues with everything.
It will become stable. We have had very specific issues. I am not blaming the product, as it could be the way the product is configured. There have been bugs and utilization problems where it may not be compatible with a certain operating system. You might find that there are certain processes that are just chewing up a lot of memory. There are known issues and errors. Things that do exist. We have seen this things quite often. It's just a matter of McAfee releasing a hotfix or stable version, which then needs to be tested and deployed correctly. We've been seeing quite a few of these.
These are systems with developer workstations or developer system services and are highly resource heavy. So, the API always has an impact.
It is scalable. We have 150,000 endpoints using an agent handler in between. The scalability does require us to do a lot of planning for things, like bandwidth. The problem is with the complexity. If one thing breaks, it can also impact a bunch of other things.
It serves a purpose. If you set it up right, it can really manage a very complex environment which require fine tuning where there are a lot of exceptions. That's what it caters to. It can just do those specifics in those exceptional situations, which is good.
While there are bugs and a few functionality issues, it is just a matter of raising them with the support team. However, support is part of the problem as well. You want everything to be seamless in a perfect world, but the support is spread across different countries. They have Level 1, 2, and 3. Level 1 is most likely in a developing country. They don't provide the best service.
Struggles like this impact the experience. If you have an issue, you want to get expedited within a certain amount of time. Sometimes, it just takes longer to get things done.
It's easy to deploy. This does depend on the complexity of your environment, and it depends on how you set it up. You can make it as granular as you want.
It is not something that's very easy to administer. You have to go for a course with training modules. Once you understand how to use it, it becomes easy. For a beginner, it's not that easy. It's a very complex system. If you know what you're doing, it becomes easy.
You get what you pay for.
McAfee tries to package different things into different products, then sell them as different products with different licenses. They just split everything up into multiple things. That's just their sales pitch and how they do it.
It does provide a lot of functionality.
ePO Cloud takes away a lot of the management administration overhead. Though, I haven't tried this feature.
We use McAfee Antivirus in our organization, as it is one of the best antivirus solutions on the market.
We manage all of our endpoints centrally from the McAfee ePolicy Orchestrator console. We send signature updates and software updates to all of the agents that we are responsible for.
It is difficult to imagine the workstations without Antivirus protection. In this cyberworld, McAfee is the best software to protect our machines. Before we had antivirus protection installed, we saw daily infections in our organization. Now, McAfee is helping us to clean all of the viruses from the machines, protecting our desktops from the latest threats.
We use McAfee Threat Prevention and McAfee Adaptive Threat Prevention for protection against viruses. There is also exploit-prevention support. The McAfee Web Control module is one of the best solutions to protect users from online threats.
The features we use are:
McAfee should improve in terms of customer support and assigning a knowledgeable TAM to customers.
Threat detection capabilities should be increased for both viruses and other threats.
We did not use another solution prior to this, and we are happy with our choice.
Compared to other Antivirus products, the cost of this solution is a bit high.
In my opinion, this is the best product. Please go for it!
With this solution we use ENS with DLP. DLP works in controlling data protection when transferring data from PC to USB, USB to PC. We also use it for read-only access for hard disks. In DLP we have many options which we can work with.
Currently, we are using it for the clipboard, where we cannot capture screenshots from the PC screen, as well as for USB locking/data transfer, and the hard disk protection.
It has secured our environment. We have over 200 machines.
It is protecting us from USB-based hazards like viruses. Previously it was only for blocking USBs. They have added more features, like network protection.
Originally, we were only using it as a security platform to block USBs and as an antivirus product. But in the last six or seven months, we've been trying to enhance things and use more of the features in it. In that time we implemented data transfer protection, which allows transfer in one direction only. Users can copy from the PC to the USB but not from the USB to the PC. That way, if someone is carrying a virus on a USB, it will not be transferred to the PC.
We also implemented read-only access to the secondary drives, the D drive, C drive, and E drive.
It is stable.
I have opened a few cases with technical support and their support is good. It depends on what type of contract you have with them. If you have an Enterprise Support contract, or a Platinum Support contract, they do provide very fast support solutions. If you have basic support, it will take one or two days.
It's a little bit complex to configure it, but when you start using it, it is much easier. There are many policies that you need to create, and in three or four places. When you assign the policies then it starts working.
In terms of an implementation strategy, we need to get the requirements from the customer. It depends on their requirements. You have many options, many features. It depends on what you want to configure. If you're looking only for a particular part, only DLP for example, it depends what you need within that. But for DLP it will take about one day to finish.
Do a PoC with competitors' endpoint protection products. But compared to what McAfee has, I don't think other products have as many options, as many features. If you want to protect data, DLP is a good option.
In terms of scalability, they're introducing more and new more features in ENS, Endpoint Security. If a ransomware attack happens, you can roll the encryption to its previous position. This is what they are implementing, according to their articles.
For maintenance of ePO, one guy is enough. If the server is ready, if the database and the platforms are ready, one guy can oversee the product. But you still need someone who is strong in SQL and someone who can install operating systems.
I have not compared this product to any other product. If I had then I could rate it properly. But, overall, it's good, it's not a bad product. I would rate it at nine out of ten. The product has everything I need.
I use McAfee as a solution to monitor our network log systems. I monitor logs and use it to be able to report incidents and get better internal vision.
The DLP feature is great to have for our users.
There are some issues relating to the automation of reports. That's why I wanted the DLP reports. There are some problems in this area. Sometimes it does not work even though all the configuration words are right. There are also some problems with automatic updates.
There have been some problems with monitoring the logs. It's not very user-friendly.
Stability is fine. I haven't had many issues with it.
Scalability is fine. We have around 600 users. We required two or three staff for maintenance and monitoring. They're security analysts, and junior consultants.
Their support is really good. I would rate it a nine out of ten. I have never any issues with their support. They always reply and follow our queries on time.
The initial setup was not straightforward. It takes time to deploy and configure.
I have not had too many problems with this solution. It works fine. I really like the DLP feature. There are no database issues.
I would rate it a nine out of ten because it gives IT clarity, it doesn't have database issues, and it hasn't crashed or given us problems in the two years we've been using it. It's a great tool.
It allows us to detect rogue devices, then to subsequently force policies on them to protect our system from them.
The only feature worth mentioning is the rogue devices detection. This helped the company manage new laptops joining the network.
I am not familiar with the newer versions, but the biggest issues we had with our version were false positives and performance degradation.
I used it for four years.
There were no issues with the deployment.
We had no issues with the stability.
We had no issues scaling it for our needs.
In my experience, the level of customer service is very good.Technical Support:
Technical service is very good.
I came into the company and started using McAfee ePolicy Orchestrator. The previous solution was F-Secure.
I have managed the setup to new servers (kind of a migration). I will admit that it was very straightforward. My policies were easily accessible and managed.
We implemented it with our in-house team.
The replacement for McAfee was due to pricing. It is common in the antivirus space to have price wars, though.
I am not familiar with the latest versions, but I am sure they have been improved. From a management point of view, ePO is one of the best solutions out there.
I like the following features:
Before this solution, I had to do the following:
With this solution, all I have to do is install the McAfee Agent on a PC. When the McAfee agent communicates with the ePO server, ePO checks if VirusScan Enterprise is installed on the PC.
If it is not installed, it will start the deployment, patch updates, and virus signature updates. The ePO server is configured to send me a report of virus signature versions and VirusScan Enterprise patch levels of all connected PCs by email on a daily basis. This saves me a lot of my time, as I don’t have to check this information on all PCs manually. I end up with a beautiful report to show my auditor about how the anti-virus software is implemented.
This solution reduced a lot of effort to check and confirm that all PCs are running the latest anti-virus signatures and patch levels. It also helps the IT admin to find the mapping between the logged-on user ID and the PC name which Windows AD doesn't provide.
I would like to see the solution provide a function to roll back patch deployment and alert the administrator about which system is not supported per patch level. It should retain all previous patches in the system to support legacy systems, including the latest patch that was checked in the system.
We have been using this solution for over six years.
The system is quite stable and works as expected.
There is no built-in or easy upgrade of the system. When I upgraded the system from a 32-bit version to a 64-bit version last year, I basically reinstalled the whole environment.
The initial setup is very straightforward. The IT administrator can install and setup basic functions of the system without a user manual.
However, for some complicated functions like drive encryption, it is better to read the user manual before deployment.
Make sure you understand the following:
I would suggest the following:
I made an MSS (Managed Security Service) solution based on the ePO and McAfee Endpoint products.
This was before all the vendors made it themselves, and when I researched the major vendors, this was the best product for the project.
The fact that it uses MSSQL, and cannot be deployed on anything other than Windows, can be a problem. The system can get slow at times when you do big searches and reports.
I've been using it since 2007.
We had some issues with deployments as this product was not made to be set up as an MSSP solution but we had a lot of help from McAfee, and fixed them all.
The problems with stability as never in the ePO but in the Operative system (Microsoft Windows) and the database server (Microsoft SQL).
The scalability is very good.
We were a McAfee EMEA Premier Managed Service Provider at the time, so we had no problems getting the support we needed.Technical Support:
F-Secure, but their product did not scale, and there are so many more endpoint products, that the ePO can handle than F-Secures Central management system.
It was not the easiest projects I did, but with help from McAfee it was not that difficult.
We implemented it in-house.
We were a managed service provider, so the licensing was not what most customers have. We report in what we use, and pay after.
We looked at several options.
If you use any McAfee endpoint solutions in the enterprise you need to use the ePO, as there are no other options.
Cloud computing is one of the next significant stages in the Internet’s evolution, providing the means through which everything – from computing power to computing infrastructure, applications, business processes to personal collaboration – can be delivered to us as a service wherever and whenever we need.
Whether it’s Software as a Service (SaaS), Infrastructure as a Service (IaaS) or Platform as a Service (PaaS), cloud computing has been with us long before the media had a catchy name for it.
The landscape of a typical business no longer reflects ones that were operating several years ago. The advancements in communication, collaboration, information and/or currency exchange/processing and the speed in which they are done have truly created new opportunities to the modern enterprise. But these benefits have unearthed many questions and challenges-especially to the overall security of an enterprise whose reach is no longer just the extent of their firewall.
I have dedicated the more than 15 years of my career managing DOD business technology risk in large and small organizations. I’ve served in a variety of roles across heavily regulated industries, successfully leading all aspects of IT security programs, including policy and procedure management, oversight and control, strategy, architecture, development, and training.
During this period one of the greatest challenges have been end-to-end enterprise security, primarily protecting sensitive information from unauthorized manipulation and disclosure by B2B and B2E who pose a substantial threat due to their knowledge and authorized access to corporate internal systems and data.
Training and education is a critical step towards the reduction of insider threats, but alone it’s simply not enough.
Once I understood the nature of the security threat within my organization’s enterprise, I was ready to minimize its effects. The primary objectives during containment activities were to mitigate personal risk to employees and customers then mitigate risk to the organization.
Fortunately, many years ago my organization adopted a top-down Host Based Security System (HBSS). This security baseline is a flexible, commercial-off-the-shelf (COTS)-based application. It monitors, detects, and counters against known cyber-threats to my organization’s Enterprise. At the heart of HBSS is McAfee’s ePolicy Orchestrator (ePO).
McAfee ePolicy Orchestrator (ePO) is widely acknowledged as the most advanced and scalable security management software in the industry. It has enabled me to connect industry-leading security solutions to my organization’s enterprise infrastructure to increase visibility, gain efficiencies, and strengthen protection.
Whether it’s securing the mobile workforce, the virtualized data center, complex applications, or the distributed enterprise, security has never been more challenging or important. McAfee ePolicy Orchestrator (ePO) Networks has allowed me to balance security with access to network resources, information sharing and remote connectivity. Additionally its end-to-end security solutions has helped my team and I connect, protect and manage across the entire network infrastructure, from the endpoint device all the way to the data center, and allowed us to maintain total control.
Finally, enterprise security has been simplified by leveraging a holistic Information Assurance approach, McAfee ePO fills the gap that few enterprise and cloud assurance platform fills by bridging business and technology concerns that aligns IT-GRC and Enterprise GRC.