5 out of 5.0, Reviewed Nov 29, 2016
Was easy to deploy and implement. Cloud solution was done by Vendor and deployment was done in house and was straight forward. In the first month of having Carbon Black on our endpoints, we were able to detect and block bit coin mining software that wasn't even detected my our AV software. Using a score from Virus Total threat feed, Carbon Black alerted us of the malware. Carbon Black showed us in detail how the exe was spawned, which processes were involved and that it was communicating to an external IP address. Through the carbon black console, we were able to connect to the machine and delete the exe. Then we set the file (hash) to be banned, this way any endpoints in the future would not be able to run this process, keeping our Enterprise free of these resource stealing bit mining. This is just one real world example of how Carbon Black has paid for itself in our environment.
Test agent on all versions of OS's
detail and granularity you get on the endpoint.
If we could do it all over again, we wouldn't change a thing.
4 out of 5.0, Reviewed Nov 29, 2016
There were some bumps during the implementation of the product. The vendor is quite commited to customer success and provided the needed assistance. The user community associated with the product is very informative as well as collaborative.
If implementing the product, utilize the supplied documentation as well as engage the vendor often. They are very knowledgeable and can assist in making the implementation smoother.
The product allows a much greater visibility into our environment which provides opportunity for a more secure environment.
The product could be more intuitive within the GUI. The dashboards can be a bit lacking in specifics.
It would have been helpful to have a specific person identified for issues. There were multiple persons involved that somewhat hindered communications.
Ensure that the vendor recommendations were followed a bit better. This allows for optimal performance,
4 out of 5.0, Reviewed Nov 25, 2016
The product had a couple growing pains due to the amount of data we were collecting and moving to a SaaS instead of on premise had issues because we do not have access to the underlining system so we rely on the CB cloud team to tweak things for us. Although the deployment has had issues the software deployed has been great and gives us unprecedented visibility into what is occurring on our endpoints.
Utilise the built in intelligence feeds and join the cb community for sharing of watchlists
Slow support and processing of events can be slow.
We likely would not have used the cloud solution because we are to reliant on the cb cloud team and it can be frustrating get things fixed due to long wait period between tickets. Since we do not have admin access to the server we are at their whim.
5 out of 5.0, Reviewed Nov 22, 2016
Working with Carbon Black's professional services has been excellent. They are very knowledgeable and really go out of their way to fully explain the system and create a successful deployment. The system has been very good on Windows endpoints, and the performance has been about what we expected and even a little better. The integration touchpoints between Cb and our other security and IT products has been good, with additional opportunity to do more. On the other side, there is still much to be desired in the MacOSX support side of things. Partially due to Apple's style of doing things, and also immaturity in the MacOSX agent, it has been difficult to properly set up rules for approving and handling the installation of new software and updating existing applications on Apple endpoints. Additionally, the release of a compatible agent can trail MacOSX operating system releases by many weeks and even a couple months in some cases. Having a robust and comprehensive software deployment system for your endpoints should be a pre-requisite, as it will make your life much easier for both deployment and support.
Form your testing group from members of every aspect of the business.
The flexibility and rule engines, allowing us to create a lot of self-service automation
Supported and developed approved software installers for more common applications, such as those commonly used by enterprises like web conferencing support tools, productivity tools, UCC apps, etc.
First, I would have liked to accelerate the software deployment system implementation. Having only a partial system in place has made it extremely difficult to be successful. Not having centralized software distribution really hindered our ability to deploy approved software to the endpoints. I would use Carbon Black Response everywhere, but I would seriously consider using something other that Cb Protect on the developer workstations running MacOSX.
5 out of 5.0, Reviewed Nov 21, 2016
We have been very pleased with our implementation of CB Protection. From onsite training and assistance during go-live to continued product enhancements, we have felt supported and listened to by CB. The user exchange meetings are the most informative I have attended. The online user enchange is a great knowledge base as well.
Do it! AV just doesn't cut it anymore. You need CB Protection if you want to keep out malicious software.
CB Protection has saved us many hours of re-imaging PCs due to malware. It has kept our systems safe, and I don't need to worry as much as I used to about security.
The console is a little busy, but I understand a redesign is coming in the next version.
The vendor is versy responsive to customer feedback, and frequently updates the product whena new OS or OS updates is released.
I'm not sure we would have done anything differently. We had great support during our implementation, they assisted in install, configuration, agent deployment and onsite training for our admins.
5 out of 5.0, Reviewed Nov 17, 2016
We have implemented the carbon black endpoint protection production on both end user workstations and production servers since 2011. Throughout this time the product has provided a layer of projection that was abscent prior to it's integration. We see the results of this protection daily from blocked malware executions and an overally more stable enviroment. CBEP is a proven application whitelisting solution that has helped us covers gaps traditional AV solutions are unable to provide.
CBEP can be a very itimidating implemenation when moving devices into a high enforcement policy. We have successfully implmented it in a high volume production enviroments for several years. It requires work but the solution provides ways for impact to be avoided which will result in a more secure enviroment overall.
The added layer of security it provides and compliments to our other security solutions.
I think the most difficult peice of the product is gaining support for executive management and the end user base to adequately implement the solution.
Support model has improved dramatically over the years, however there are always room for improvement in that area.
Ideally we would align the policies we have implemented with the tool in a more standard way across multiple platforms.
5 out of 5.0, Reviewed Nov 15, 2016
Support has been top notch! Customer engagement is encouraged. Their User Exchange adds incredible value to the implementation.
Do not underestimate the value of the User Exchange! Many members of the UE are the very people you call in (and pay BIG money) to help once you have been breached. Use the opportunity of implementing the product to gain visibility (and PLEASE document) all the applications you will uncover. If possible use a bubble roll out wherein you create pristine machines for each function and take them through the approval process.
The ability to block files unless specifically approved.
The only complaint I have is one that I have submitted for product enhancement through the User Exchange. On some screens when I have a lot of data to scroll through I would like the top line (Column Headings) to freeze.
Honestly, not one thing!
Set up a steering committee to oversee the platform management. Define and document the organizations policy as it relates to the product features and how to prioritize user wants within the boundaries of the organizations need for security.
1 of 1 peer(s) found this review helpful.
4 out of 5.0, Reviewed Nov 10, 2016
Growing company beginning to embrace standardization. As there is quite a big dev shop that tends to not follow a specific set of rules or guidelines for development, they have experienced the largest performance impact of their end user machines. However, as internal processes mature and coordination is sought out-these performance problems are beginning to decrease. Overall, the product does perform as advertised, enables a small security team to handle many security incidents across a multi-site environment.
Communicate and over-communicate the purpose and value that this product is achieving in your organization prior to deployment. During deployment, ensure that leadership is fully aware and on-board that this provides technical implementation of policy that may have never been forced or technologically possible to enforce and as such, may create some level of discord without a top-down approach.
The autonomous capabilities to categorize, identify, prevent and isolate the nasties on a minute by minute basis across the environment. Extremely powerful and can be maintained optimally by a 1 person team with the vendor support.
Product/service requires advanced configurations initially, and some training. Also, Mac performance tends to be on the slower side of becoming resolved, but still above symantec performance metrics.
When difficult issues or support related incidents occur, offer to screenshare and work through configs. Empower the support desk to provide this and it will make for an improved customer experience.
The few pieces where the organization as a whole wasn't ready to adopt: 1. Organizational file whitelisting (imposing policy, where policy has never gone before). 2. Risk management. What this means and defining organizational appetite to technological risk 3. Development management and standardization. While looser controls must be applied than many other use cases, there still needs to be an adoption of standardized, scalable and repeatable processes. 4. Organizational maturity. 5. Ownership. Ensure that a team or an individual has the responsibility and ownership to define and manage what security posture an organization should take-and empower that individual to do so.
4 out of 5.0, Reviewed Nov 9, 2016
The CB staff were all very professional. Our Project Coordinator and trainers were top notch. The engineer who worked with us was very skilled at helping us bridge the gap internally between IT and IS, where there were discrepancies between what each dept. desired. As well, he was knowledgeable about the CB product and about business needs and how to prevent unwanted interruptions.
Know your environment and everything that's currently running. Knowing that out of the gate would be helpful. And, dedicate time and resources to the implementation, because without the initial investment, the product won't function to do what it's supposed to.
The protection it provides.
4 out of 5.0, Reviewed Nov 9, 2016
CarbonBlack has provided a reliable and effective end point security product. All of the individuals I have worked with in that organization have placed a strong emphasis on providing whatever support we need. This product has proved to provide very strong security without having to use strange "nextgen" voodoo.
You need executive and management support. This product will change the way employees use their computer. While this is a desireable change that will lead to better security it is a disruption to the norm. Point out to leadership that the tool provides easy workflow for defining sources of trusted change and handling one off approvals. Certainlly head count questions will come into the picture while discussing a product like this. Yes, the initial workload is heavy to deploy. However, as your environment becomes more secure and the deployment matures you will find that there is less reactive work taking place and more proactive work.
It does what it does extremely well and integrates with key advanced network threat detection vendors (FireEye, PaloAlto and Virus Total).
The QA around releases could be better. While they are better than many other vendors I have worked with, I think they could improve in this area. The impact to the endpoints is potentially very severe.