One of the most valuable things for us about this product is that we needed some solution that can be used in desktop virtualization. We are not using the antivirus program in common ways. We use antivirus in desktop virtualization.
The most important solution for us is protecting the virtual machines that we host on our servers. We need security protection for our clients and server solutions, security protection for virtual desktop solutions and security for the cloud-based system solutions. We work in all of these fields. One thing that would help us is if the McAfee agent that we install on virtual machines became lighter.
It is a bit heavy for installation on virtual machines and it uses too much in the way of resources. Kaspersky Security Solution is a lighter solution than McAfee. McAfee is a little heavy for many installations and does not work for all clients and situations.
It would also be good if the McAfee solution contained specialized features just for the virtual desktop. Some brands of security solutions already have this type of feature which makes it easier to use them for desktop virtualization. I can not find that currently in the McAfee product. We have been using this product for about 10 years for some internal solutions and for our clients.
Of course, a product like this has to be designed to be stable. The whole point of McAfee is to be a stable, dependable solution for total security. The number of clients we have using McAfee Total Protection for data within our company and within our client deployments is hard to say in total.
We have lots of clients in various territories. We work in five countries in the Middle East. So I don't know the exact number of users, but I know there are more than 1, SMBs, or small to medium businesses, that we have deployed for.
So I have experience with a lot of these kinds of products and know which to recommend for particular purposes in deployments. We use McAfee because it fits certain client needs but we still sometimes use other solutions for other clients.
Everyone is not the same. We also have our own security solutions and we do not use only third-party applications in our company. We have an ISMS information security management system that we customize for what we need it to do. For the Data Security product, McAfee is easy to install and it is easy to use.
This is not the setup and usability that are part of the problem when it comes to this product. I did consider other options from the other vendors I've worked with before.
I had kind of a friendly connection with the BitDefender company, for example. But when it comes down to making a choice for clients I have to tell them that the application is the heaviest security program. It uses the most resources of any of the products I know well, so it was not really a good solution for us to recommend. Their solution uses more resources than even McAfee. Advice that I would give to others looking into implementing this solution is the same as when our customers ask us for any kind of security solution.
We almost always recommended that they go with McAfee. McAfee is a great choice for most cases. On a scale from one to ten where one is the worst and ten is the best, I would rate McAfee Total Protection for Data as a nine out of ten. It is very good except for the resource drain. We are a consulting house for various clients. We provide consultancy to our clients in terms of which product they should use based on their requirements and environment. Our clients use this solution for DLP.
They are using it for the basis of endpoint protection, prevention of malware infection, detection, and management of the endpoint. The client has not fully utilized the DLP because they have not done the data classification well enough to actually get the full value of the DLP solution. If a DLP is implemented correctly, the value is that you can address the human error issues. If you do not have a team that is supporting your DLP implementation, there may be a challenge, which is a concern.
Our client is not very happy with the lack of support, the skills, and the effectiveness of the tool. It is a scalable solution. We have two customers who are using it and one who will be moving onto another solution. They are considering Cynet or CrowStrike.
I was the chief information security officer at one of the largest banks in Africa. My experience with McAfee from a vendor perspective is if you have the right skills, it can be deployed quite easily. The only challenge is it uses a lot of hardware. The time it takes for deployment depends on the variety of clients. Some clients have 1, users, so it's quite easy.
The actual deployment before rollout to all of your users is not long. It takes approximately two weeks. The number of people required to maintain this solution depends on the scale of the project, the customer itself, and the number of users. We are vendor agnostic. We advise our clients, and then we get professional people like McAfee Professional Service to install it.
We wouldn't get involved in it. Our client wants to find an alternative to McAfee Endpoint Security. What we do is advise clients. For example, we are doing a lot of work for Coca-Cola and we advise them on how to configure.
It doesn't matter whether you're using Defender, or whether you are using MCAS as a cloud solution, we help you configure according to the standard that is applicable, whether it's a legislative standard or an internal policy.
We ensure that the necessary implementation and configuration settings are aligned. Then we give it back to the technical integrators to implement according to the standard that we have set. That is the level of involvement we have. We don't do the implementation, but we advise on how the implementation should be done in line with the internal policy or the legislation. I would not recommend this solution to others. I think there are better products available at the moment. It's also a single-agent platform.
That's one really unique aspect of Data Loss Prevention. The configuration of McAfee is also pretty straightforward. On the data loss prevention side, it's pretty straightforward. It's capable of doing the basic tasks such as basic data loss prevention capabilities that any DLP can do. With respect to its capability of being able to block, being able to provide responses and justification, and the management of the DLP in itself, it is pretty straightforward.
Symantec also has that, however, the help desk feature from McAfee is more user-friendly but also it's more strict and more secure, as compared to the one in Symantec. In my experience, it's not really user-friendly for me, in terms of how I navigate with the ePolicy Orchestrator. They need to upgrade their management console. You can't navigate McAfee without going through all of the administration and product guides.
You have to read everything first before you navigate it. That's how it was for me, at least, in my experience.
However, in my colleague's case, that didn't happen and I don't know why I can't just navigate the McAfee management console without reading first the administrator or product guide.
What's really tedious about reading those things is that the documents are separate. The product guide and the administrator guide for the DLP solution are quite different from the administrator guide and product guide of the ePolicy Orchestrator. They need to improve more with partial matching and exact data matching.
The partial matching and the exact data matching are features of Symantec. There, it's pretty sophisticated. If McAfee wants to catch up with that, they have to upgrade their partial matching capabilities.
We also had a client who wanted to have at least three, two to three, set of conditions on a single policy or on a single rule, to have that kind of combination. For example, a combination of a serial number from a device, from a removable device, plus a user and a computer or the hosting or the workstation. That's three combinations.
User, computer, and removable device. What they wanted is to have the three pieces of that combination in a single rule, however, we were not able to do that as McAfee conditional statements are only limited to two. That's something that they need also to improve. They need to make it more flexible. McAfee offers very good technical support and we have been very happy with its capabilities.
We find support to be helpful and responsive. I also work with Symantec. It's a bit more expensive, and I find McAfee offers a few better, more advanced features. This is one of the least expensive solutions on the market right now. It's even less expensive than Symantec. I'd rate the solution at a seven out of ten. For the most part, I have been pleased with its capabilities, however, there are some improvements that could be made. We use the solution in the banking sector. Banks would like to prevent any customer information or confidential documents from leaking outside their environment.
We use the solution on the email channels basically. We also use it sometimes on USBs, and other tools also. Overall, it's an easy to use product. It has a great end-user experience. The solution is quite powerful. While it is largely stable, I have experienced issues with browsers, especially when we export and import the DLP policy. After importing the DLP policy, we weren't able to get a classification and definitions of the data loss prevention from Microsoft Edge or other browsers.
They hung when we tried to access the classifications and definition page. We have about 2, users in one environment. In another environment, we may have as many as 3, users.
The solution scales pretty well. While we typically implement this solution for our customers, I would say that we would like to increase usage. When we've had issues in the past, and, although they ended up solving our problem, we found the response time was pretty slow.
There was a bit of a delay. They could have been faster to respond. Other than that, we're pretty satisfied with their level of service.
Generally, the solution is pretty straightforward to setup. It's not complex. That said, there is a common issue with an installation video. There's a command you should execute, however, there is a conflict of KBs. We had to do a bit of research and we were able to troubleshoot it ourselves in the end. I handled the implementation myself. I didn't need the assistance of any integrators or consultants. I also didn't need the help of technical support.
Although I don't have too much information on the exact costs of the solution, it's my understanding that the pricing is pretty good. I would recommend this solution to other companies. It's stable and strong in data loss prevention. It works quite well. Overall, on a scale from one to ten, I'd rate the solution at a nine.
If it offered more responsive support and better usability, It would get higher marks from me. The most valuable feature is the ability to control access to USB drives and other external devices. There needs to be support for blocking the sending of files by email because even if you block or remove an external disk, the files are not protected. As long as the files can still be sent via email, it is useless to protect them from being copied to an external drive.
Scalability is not really applicable because it is only dealing with an endpoint device. There is no impact on scalability. The initial setup is complex. The configuration requires that many points have to be considered before it can be done properly.
Sign In. Post Review. Filter by:. Filter Reviews. Analyst Firm. Cloud Provider. Comms Service Provider. Computer Retailer. Construction Company. Consumer Goods Company. Engineering Company. Financial Services Firm. Healthcare Company. Hospitality Company. Import And Exporter. Insurance Company. International Affairs Institute. Educational Organization. Legal Firm. Local Government. Logistics Company. Manufacturing Company. Maritime Company. Marketing Services Firm.
Media Company. Mining And Metals Company. Non Tech Company. Museum Or Institution. Music Company. Non Profit. Outsourcing Company. Paper And Forest Products. Performing Arts. Photography Company. Political Organization. Printing Company. Program Development Consultancy. Religious Institution. Security Firm. Computer Software Company. Sports Company. Tech Company. Tech Consulting Company. Tech Services Company.
Tech Vendor. Think Tank. Translation And Localization Position. Transportation Company. Wireless Company. Writing And Editing Position. Company Size. Self Employed. Job Level. C Level. Senior Manager. Forcepoint Data Loss Prevention. Sophos SafeGuard. McAfee Complete Data Protection. Symantec Data Loss Prevention. Showing reviews based on the current filters. Reset all filters. Real User.
Good whitelisting and stable on supported OS but doesn't protect against memory attacks. Pros and Cons. What is our primary use case? The whitelisting works well. The solution needs an easier integration in heterogeneous and dynamic environments. The product needs to offer more protection for memory-based attacks. We only really used the solution for three weeks as part of a test.
Overall, I would say it has a moderate level of difficulty as far as ease of deployment. We were a service provider and reseller. It will offer analysis that will inform you of security weaknesses and feed into the automated setup processes of the DLP.
The set-up processes involve examining user accounts , creating security policies, and the discovery and classification of data. Once all of these steps have been undertaken, the system can start to monitor data access and movements according to the specifications of the security policies.
It then examines each instance and field of data to assess its sensitivity. However, it requires a degree of manual involvement, which businesses with a lot of data to sift through might find burdensome. However, it is possible to associate an automated third-party classification system of your choice to take care of that problem. The central dashboard controls all of the activities of the endpoint agents to interpret the security policies.
In addition, you should set up before triggering the data discovery search. These policies can be organized to meet the requirements of data security standards. The Inventory step can search through files, databases, and cloud platforms. It can also scan through images of documents, pictures, screenshots, and forms, using OCR. The Categorization service can identify related fields.
These might not constitute PII in isolation but will represent a breach if released together. The Discover service conducts fingerprinting to identify these high-priority field combinations. Fingerprinting moves into the Remediation step, which produces a definitive landscape to which the security policies should be applied.
This system monitors all data movement utilities that are launched from endpoints, including email and messaging systems. The module also extends to the monitoring of data accessing applications that are resident on cloud servers.
DLP Prevent offers a range of remediation actions , including encryption, redirection, blocking, and quarantining. In addition, security policies can apply different actions to different sensitivity levels and user types. Other McAfee DLP Prevent package facilities include performance and event analysis that can also examine logs of data breaches that occurred before the McAfee system was installed.
Information gleaned from these studies can help you adjust your security policies, prove conformance with data security standards, or assess SLA goal achievement. Linking the cloud service and the endpoint system together in the ePO-provided dashboard of the DLP system provides a unified view of all data locations used by the enterprise.
Additionally, you can link a third-party user and entity behavior analytics UEBA system to identify account takeover and insider threats. The behavior of this service is controlled by the security policies that you specify in the dashboard. In addition, this monitor contributes to the data pool used by the performance analysis service in the DLP. This acts like a SIEM. Therefore, you will need to know about some alternative data loss prevention systems. We reviewed the market for data loss prevention systems and analyzed the options based on the following criteria:.
ManageEngine DataSecurity Plus comprises four modules that each focus on a different aspect of sensitive data management. For example, the Data Loss Prevention module offers a data discovery and classification service and a security policy creation tool. It is possible to tailor this tool to the requirements of data privacy standards. This system includes an auditor for Active Directory that will reorganize user accounts to improve security and monitoring opportunities.
The combination of tight access control, data classification, and security policies form the operational workflows of this system. The package implements file integrity monitoring and controls activities USB ports , emails, and file transfer systems. Endpoint Protector has endpoint agents for Windows, macOS, and Linux, coordinated from a cloud-based server. In addition, the controller includes a dashboard where you set up your security policies for supervision through the DLP service.
The endpoint agents offer all data protection functionality, so they continue to operate effectively even when the device is disconnected from the network. The cloud service gathers event data from endpoint agents and searches for combined threats. This is a lot like a SIEM configuration. When beginning operations, you have to enroll devices in the program.
However, those devices do not all need to be on the same network, and it is also possible to include cloud resources in the monitoring service. On starting service, the server will scan and assess your access rights management system, producing suggestions of changes that can be made to tighten security. After installing endpoint agents, the server sends out instructions to starts a sensitive data discovery sweep. The types of data that the endpoint agents look for are modified according to the security policies that you create.
The discovery scan identifies all data and then classifies those instances to work out sensitive data that needs to be protected. The discoverer will then grade the sensitivity of each piece of data and apply the level of protection that is specified in the security policies. Steps that can be taken to enforce security include the encryption of files to regulate access.
The DLP also controls data movement onto printers and removable storage and through emails and file transfers. The endpoint agents implement user and entity behavior analytics UEBA. With this intelligence, the DLP can establish a baseline of regular activity. Deviations from this standard raise an alert. There is also a mobile operating system version, and the service can include the supervision of all platforms plus cloud resources in a unified security monitoring system.
In addition, this data protection system includes controls over data exfiltration channels and performs UEBA to identify threats. There are several deployment options for the server of Endpoint Protector.
0コメント