"Among the most valuable features are the exclusions. And on the scalability side, we can integrate well with the SIEM orchestration engine and a number of applications that are proprietary or open source."
"Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP."
"The solution's integration capabilities are excellent. It's one of the best features."
"Integration is a key selling factor for Cisco security products. We have a Cisco Enterprise Agreement with access to Cisco Email Security, Cisco Firepower, Cisco Stealthwatch, Cisco Talos, Cisco Threat Grid, Cisco Umbrella, and also third-party solutions. This is key to our security and maximizing operations. Because we do have the Email Security appliance and it is integrated with Threat Response, we have everything tied together. Additionally, we are using the Cisco SecureX platform, as we were a beta test for that new solution. With SecureX, we are able to pull all those applications into one pane for visibility and maintenance. This greatly maximizes our security operations."
"The entirety of our network infrastructure is Cisco and the most valuable feature is the integration."
"The ability to detonate a particular problem in a sandbox environment and understand what the effects are, is helpful. We're trying, for example, to determine, when people send information in, if an attachment is legitimate or not. You just have to open it. If you can do that in a secure sandbox environment, that's an invaluable feature. What you would do otherwise would be very risky and tedious."
"The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."
"If somebody has been compromised, the question always is: How has it affected other devices in the network? Cisco AMP gives you a very neat view of that."
"One of the most valuable features of this product is that it's good for endpoint protection."
"Endpoint Security's most valuable feature is its heuristic analysis. This heuristic approach means that it learns from its past experiences. It is the most valuable feature they have. This contributes to dealing with ransomware, detection, and early mitigation actions."
"We have over 1,000 users using the solution in our organization and the solution has been able to handle it."
"The stability has been good."
"The product can scale if you need it to."
"Endpoint Security is efficient and easy to use. It doesn't slow the performance of your personal computer."
"I have found the security, device, web and application controls to be the most valuable features."
"The product is quite scalable."
"The solution scales well."
"The manageability of the product itself is its most valuable aspect. You have the underlying EPO, and on top of it, you can deploy the various components as you require. This is unlike other solutions like Symantec where you have to deploy everything or nothing. With this solution, you can choose to only deploy antivirus or only deploy a firewall, or only something else. I choose the components and that deployment is done through EPO. It makes manageability very flexible."
"A big advantage of McAfee Endpoint Security is the ability to manage very big environments. We are supporting environments with 200,000 to 300,000 endpoints. The ability to manage with one single console is very important for us. McAfee has phenomenally improved in terms of detection. It provides real-time detection and response with the error, Real Protect, and reputations. It is not only based on signatures but also on behavior analytics, artificial intelligence, or machine learning. We have environments that never had issues with ransomware in the last 20 years. McAfee has a very good performance in this field."
"The performance is good."
"The most valuable feature is ease of use."
"The solution provides dashboard control, so we can centrally monitor the entire status of our organization."
"Would benefit with the addition of DLP features."
"The solution is reliable."
"The connector updates are very easily done now, and that's improving. Previously, the connector had an issue, where almost every time it needed to be updated, it required a machine reboot. This was always a bit of an inconvenience and a bug. Because with a lot of software now, you don't need to do that and shouldn't need to be rebooting all the time."
"The room for improvement would be on event notifications. I have mine tuned fairly well. I do feel that if you subscribe to all the event notification types out-of-the-box, or don't really go through and take the time to filter out events, the notifications can become overwhelming with information. Sometimes, when you're overwhelmed with information, you just say, "I'm not going to look at anything because I'm receiving so much." I recommend the vendor come up with a white paper on the best practices for event notifications."
"...the greatest value of all, would be to make the security into a single pane of glass. Whilst these products are largely integrated from a Talos perspective, they're not integrated from a portal perspective. For example, we have to look at an Umbrella portal and a separate AMP portal. We also have to look at a separate portal for the firewalls. If I could wave a magic wand and have one thing, I would put all the Cisco products into one, simple management portal."
"The one challenge that I see is the use of multiple endpoint protection platforms. For instance, we have AMP, but we also have Microsoft Windows Defender, System Center Endpoint Protection, and Microsoft Malware Protection Engine deployed. So, we have a bunch of different things that do the same thing. What winds up happening is, e.g., if I get an alert for a potential incident or malware and want to pull the file, I'll go to fetch the file to analyze it. But, one of these other programs has already gotten it, so the file has already been quarantined by another endpoint protection system. AMP doesn't realize that and the file fetch fails, then you're left wondering what's going on."
"Maybe there is room for improvement in some of the automated remediation. We have other tools in place that AMP feeds into that allow for that to happen, so I look at it as one seamless solution. But if you're buying AMP all by itself, I don't know if it can remove malicious software after the fact or if it requires the other tools that we use to do some of that."
"The GUI needs improvement, it's not good."
"I would like to see integration with Cisco Analytics."
"We had a lot of noise at the beginning, and we had to turn it down based on exclusions, application whitelisting, and excluding unknown benign applications. Cisco should understand the need for continuous updates on the custom Cisco exclusions and the custom applications that come out-of-the-box with the AMP for Endpoints."
"They're restricted to endpoint protection for now, I'd like to see some additional products."
"The UI, user interface, could be improved."
"Currently, it doesn't have a cloud option. This is something that they should look into going forward."
"It would be ideal with the solution offered more documentation."
"When I do a malware scan on my computer it takes a long while. This process could improve in the future. Additionally, the security could improve."
"I would like to see the inclusion of support for device management and device control."
"We have zero-day detection of malware but it cannot detect other types of unknown intrusions."
"They should continue to put more security measures in place in order to make it more robust."
"We know that McAfee isn't the best antivirus and it can't protect us 100%, although we are okay with the level of protection that it gives us."
"We have had some of our clients not happy with McAfee Endpoint Security because it blocks some of the applications they are trying to use. They should make it easier to unblock applications."
"Users can just install software into their computers. We need some sort of application control system that, if there are any pieces of software that are not whitelisted, then the solution could flag it or maybe alert the administers. That would be very helpful."
"I would like this solution to do what Palo Alto traps does because I would only need to run this one product."
"It would be helpful if the controlling of connections coming to the PC could be done from McAfee's side so that we can block those connections."
"The local technical support could be better."
"There are more secure featured solutions from McAfee on the market but for smaller companies like ours, they are too expensive."
"An area in need of improvement involves the overview, which usually does not enable one to get the value in reports."
Advanced Malware Protection (AMP) is subscription-based, managed through a web-based management console, and deployed on a variety of platforms that protects endpoints, network, email and web Traffic. AMP key features include the following: Global threat intelligence to proactively defend against known and emerging threats, Advanced sandboxing that performs automated static and dynamic analysis of files against more than 700 behavioral indicators, Point-in-time malware detection and blocking in real time and Continuous analysis and retrospective security regardless of the file's disposition and Continuous analysis and retrospective security.
McAfee Complete Endpoint Protection allows you to protect all of your devices with intelligent, collaborative security, in one easy-to-manage, integrated solution. Our integrated endpoint security framework helps remove redundancies, enables fast, proven performance and offers an architecture to align both current and future security investments. With a flexible choice of cloud-based or a local management console, security administrators also get true centralized management that simplifies ongoing tasks, deployment and monitoring.
Kaspersky Endpoint Security for Business is ranked 13th in Endpoint Protection for Business (EPP) with 70 reviews while McAfee Endpoint Security is ranked 15th in Endpoint Protection for Business (EPP) with 39 reviews. Kaspersky Endpoint Security for Business is rated 8.0, while McAfee Endpoint Security is rated 8.0. The top reviewer of Kaspersky Endpoint Security for Business writes "A mature product offering good protection and very good features". On the other hand, the top reviewer of McAfee Endpoint Security writes "Protect your business against a wide variety of threats". Kaspersky Endpoint Security for Business is most compared with Microsoft Defender for Endpoint, Sophos Intercept X, Symantec End-User Endpoint Security, SentinelOne and Seqrite Endpoint Security, whereas McAfee Endpoint Security is most compared with McAfee MVISION Endpoint, Microsoft Defender for Endpoint, Symantec End-User Endpoint Security, CrowdStrike Falcon and Sophos Intercept X. See our Kaspersky Endpoint Security for Business vs. McAfee Endpoint Security report.
See our list of best Endpoint Protection for Business (EPP) vendors.
We monitor all Endpoint Protection for Business (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.