Loading product reviews...

security-information-event-management intel-security-mcafee All Markets > Security Information and Event Management

Intel Security (McAfee)

3.4 out of 5.0 (28 ratings)

Reviews Distribution

5 Stars
4 Stars
3 Stars
2 Stars
1 Star
We don't have any qualitative reviews for this vendor yet


View other vendors in this market
We have aggregated ratings data on Intel Security (McAfee) but all of our reviewers have opted out of sharing their qualitative review feedback. In certain cases we allow reviewers to withhold their qualitative review feedback from public view, in order to protect their confidentiality.
  • 4 out of 5.0, Reviewed

    Product(s): McAfee Enterprise Security Manager

    Implementation was easy and the search engine is great!

    Overall Comment

    The product is highly easy to manage and have a lot of platforms to connect by default.

    What do you like most about the product or service?

    McAfee SIEM is the simplest

    What do you dislike most about the product?

    All alerts must be asigned to groups which is very limitation.

    Service & support - overall comment

    We made some contact with the support and we got the right answers easily.

    Integration & Deployment - Overall comment

    The deployment process is long like other SIEM products and the integration to other vendor and systems is good by default.


  • 4 out of 5.0, Reviewed

    Product(s): McAfee Enterprise Security Manager

    Product works great however documentation was lacking.

    Overall Comment

    The product works as expected and has greatly reduced the amount of time I spend pulling logs for our PCI audit. Documentation deploying the collection agent to sites that could not be polled via WMI was nonexistent. It took support several months of trial and error to get us workable documentation to deploy this agent in bulk. I was told ePO customers do not have this challenge.

    What one piece of advice would you give other prospective customers?

    Ensure you have a good plan for collecting logs from systems that cannot be deployed via WMI.

    What do you like most about the product or service?

    The API has proved very handy in solving automation challenges.

    What do you dislike most about the product?

    Lack of documentation.

    What one thing do you wish the vendor did differently?

    Data sources need to be added to the SIEM as there is no auto discovery feature. Such a feature could reduce the workload required to manage the SIEM.

    If you could start over, what would your organization do differently?

    Evaluate managed solutions deeper.

    Service & support - overall comment

    Support is good once you get them on the phone but response times are not great.

    Integration & Deployment - Overall comment

    Some of the documentation was lacking. The flexibility of the API in combination with the ability to write custom parsers has made the product very flexible.


  • 4 out of 5.0, Reviewed

    Product(s): McAfee Enterprise Security Manager

    Complex to implement, but worth it in the end.

    Overall Comment

    Complex to implement, but worth the work in the end.

    What one piece of advice would you give other prospective customers?

    Make sure you fully understand what you are getting into and choose a capable partner.

    What do you like most about the product or service?

    Ability to provide robust data and understanding of what is happening on the network.

    What one thing do you wish the vendor did differently?

    Worked with you to develop use cases.

    If you could start over, what would your organization do differently?

    Put more time into use cases upfront.

    Service & support - overall comment

    Purchased Platinum support. Found it to be worth the investment.


  • 3 out of 5.0, Reviewed

    Product(s): McAfee Enterprise Security Manager

    need better reporting capability.

    Overall Comment

    the SIEM is good and usable.

    What one piece of advice would you give other prospective customers?

    ensure to provice indepth training to your users.

    What do you like most about the product or service?

    NA

    What do you dislike most about the product?

    need to be able to export to excel.

    What one thing do you wish the vendor did differently?

    NA

    If you could start over, what would your organization do differently?

    utilize the risk rating from out of the box.

    Product capabilities - overall comment

    satisfied.

    Service & support - overall comment

    satisfied.

    Integration & Deployment - Overall comment

    Satisfied.


  • 2 out of 5.0, Reviewed

    Product(s): McAfee Enterprise Security Manager

    Look Elsewhere for your SIEM - Mcafee ESM is not it.

    Overall Comment

    Customer support is very poor. Typically cases stay open for months at a time. Frequently the vendor closes the ticket without notifying the customer and without a resolution. Support also has a tendency to deny there is a bug or problem and pushes the customer to open a product enhancement request (PER). Those PERs hardly ever turn into actual features. Once Mcafee acquired NitroSecurity the product became even more unstable and had frequent patch updates. The patches tended to be buggy and then required hotfixes within a couple weeks. They were always pushing to upgrade and the upgrades tended to introduce more problems than they were supposed to solve.

    What one piece of advice would you give other prospective customers?

    Do not buy Mcafee ESM as your SIEM.

    What do you like most about the product or service?

    I don't. We have purchased Splunk and I would like us to migrate everything off of Mcafee ESM SIEM to Splunk so we could decommission it.

    What do you dislike most about the product?

    Support or lack thereof.

    What one thing do you wish the vendor did differently?

    One thing? End-of-Life this product.


  • 2 out of 5.0, Reviewed

    Product(s): McAfee Enterprise Security Manager

    Scalability Concerns with McAfee SIEM (ESM)

    Overall Comment

    Our expectation to scale this solution to be a large scale log consolidation platform was ill-advised. The solution seems to have some value as a SIEM, but was almost unuseable with the sheer volume we threw at it. The vendor was very diffciult to work with in terms of scaling the solution. Much of this was purely technitacal limitation of the underlying architecture. Go into this solution understanding what its scalability limits will be and ensure that your expectations are in-line with this. If you are looking for a "big data" analystics solution for security/log events - proceed with caution.

    What one piece of advice would you give other prospective customers?

    Be VERY clear in the deliverables/milestones for project implementation with the vendor. Quantify performance requirements so that you can actually use the analytics real-time, rather than taking a nap while reports generate.

    What do you like most about the product or service?

    Reputation and accessibility of the vendor.

    What do you dislike most about the product?

    Scalability and performance at scale.

    What one thing do you wish the vendor did differently?

    Push back on the use-case if it doesn't fit the technology. Don't say "yes" we can do that if the user experience will be poor.

    If you could start over, what would your organization do differently?

    We would likely NOT try to address enterprise log management and SIEM funtionality in the same solution. Not all logging requirements are inherently intersting from a security perspective.

    Integration & Deployment - Overall comment

    Undergoing constant modifications and tuning in an effort to fix the solution.


  • 3 out of 5.0, Reviewed

    Product(s): McAfee Enterprise Security Manager

    Good overall product.

    Overall Comment

    The product works as advertised.

    What one piece of advice would you give other prospective customers?

    Plan, plan, plan.

    What do you like most about the product or service?

    Ease of use.

    What one thing do you wish the vendor did differently?

    Better communication.

    If you could start over, what would your organization do differently?

    plan the implemention better

    Integration & Deployment - Overall comment

    The product is in process of evaluation.


  • 4 out of 5.0, Reviewed

    Product(s): McAfee Enterprise Security Manager

    McAfee security solutions and professional services work well in my agency

    Overall Comment

    I am 100% more pleased with my department's IT security than before I engaged McAfee fully

    What one piece of advice would you give other prospective customers?

    Fully understand what is needed, what can be achieved and your vendor

    What do you like most about the product or service?

    Added confidence in our department's overall IT security

    What do you dislike most about the product?

    It is complex and requires professional services training for each major feature

    What one thing do you wish the vendor did differently?

    Pleased at this point

    If you could start over, what would your organization do differently?

    Implement full security suite options years earlier

    Product capabilities - overall comment

    Still haven't implemented all features but we will

    Service & support - overall comment

    Service and support are very good

    Integration & Deployment - Overall comment

    Professional services group was excellent to work with


  • 2 out of 5.0, Reviewed

    Product(s): McAfee Enterprise Security Manager

    Overall the McAfee SIEM product provides necessary functionality, however lags behind competitors in several key areas.

    Overall Comment

    Overall poor performance and poor indexing configurability.

    What one piece of advice would you give other prospective customers?

    Consider scalability significantly beyond initial planning stages. Plan for enterprise-wide adoption and potential adoption across additional platforms outside of initial scoping.

    What do you like most about the product or service?

    Visualization capability

    What do you dislike most about the product?

    Indexing configurability, UI

    Product capabilities - overall comment

    Indexing and UI signifcantly lag other similar products

    Service & support - overall comment

    Very little interaction with support. Handled largely through other teams.


  • 5 out of 5.0, Reviewed

    Product(s): McAfee Enterprise Security Manager

    Solid SIEM with Intel Security

    Overall Comment

    Excellent support, excellent responsiveness.

    What one piece of advice would you give other prospective customers?

    Test drive the user interfaces. Some are horrible!

    What do you like most about the product or service?

    Ease of use. Immediately saw value.

    What do you dislike most about the product?

    Nothing.

    What one thing do you wish the vendor did differently?

    Nothing.

    If you could start over, what would your organization do differently?

    Nothing


Show More Reviews

Ratings Overview

1 2 3 4 5
Section
1

Evaluation & Contracting

Overall rating of product evaluation and contract negotiation

(25)
3.6

Ability to understand your organization's needs

(24)
3.8

Timely and complete response to product questions

(24)
3.6

Pricing and contract flexibility (pricing and terms)

(24)
3.6
1 2 3 4 5
Section
1

Integration & Deployment

Overall rating of integration and deployment

(27)
3.5

How long did your deployment take?

3 - 6 months (<6)

12 months or more

9 - 12 months (<12)

6 - 9 months (<9)

0 - 3 months (<3)


Availability of quality 3rd-party resources (integrators, service providers, etc.)

(18)
3.3

Ease of integration using standard APIs and tools

(20)
3.3

Quality and availability of end-user training

(24)
3.4

Ease of deployment

(24)
3.3
1 2 3 4 5
Section
1

Service & Support

Overall rating of service and support

(24)
3.6

Did you purchase a support package from vendor?

Yes

No


Timeliness of vendor's response

(22)
3.5

Quality of technical support

(23)
3.7

Quality of peer user community

(18)
3.3
1 2 3 4 5
Section
1

Product Capabilities

Overall rating of product capabilities

(27)
3.7

Real-Time Monitoring

(24)
3.7

Threat Intelligence

(22)
3.6

Behavior Profiling

(20)
3.1

Data and User Monitoring

(22)
3.7

Application Monitoring

(21)
3.6

Analytics

(21)
3.4

Log Management and Reporting

(23)
3.7

Deployment/Support Simplicity

(22)
3.2
1 2 3 4 5
Section
1

Additional Context

What was the nature of your involvement?

Executive Sponsor

Functional Assessment

Technical Assessment

Rollout and Install

Vendor/Product Selection

Development/Integration

Vendor Management

Application Lead

Maintenance and Support

User Training


Why did you purchase a Security Information Event Management solution?

Enable/improve security event alerting, investigation

Meet regulatory or commercial compliance requirements

Enable/improve log collection, reporting and retention capabilities

Enable/improve security incident workflow and reporting

Enable/improve tracking access to and activities related to databases, applications

Enable/improve behavioral analysis of users and other entities

Meet customer or business partner expectations about your security monitoring program

Reduce costs for threat management operations

Enable/improve security incident workflow and reporting

Reduce costs for meeting compliance mandates


What other vendors were considered? Multiple responses allowed.

Splunk

SolarWinds

IBM

Hewlett Packard Enterprise

LogRhythm

RSA, The Security Division of EMC

Intel Security (McAfee)

Trustwave

AlienVault

NetIQ

ManageEngine

Elasticsearch

LogStorm Security (dba BlackStratus)

Other...


What were the key factors that drove your decision for selecting the vendor?

Strong technical/product support

Overall cost

Pre-existing relationships

Product functionality and performance

Financial/organizational viability

Product roadmap and future vision

Availability of managed services

Strong consulting partnership

Strong customer focus

Strong user community

Other...


In which region(s) did your deployment take place? Multiple responses allowed.

North America

APAC

EMEA

Latin America

Europe, Middle East and Africa

North Amerca