McAfee ePolicy Orchestrator vs Zscaler DLP comparison

"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."

"The solution offers a lot of data on events. It helps us create specific detection strategies."

"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."

"It's pretty powerful and its performance is pretty good."

"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."

"The machine learning and artificial intelligence on offer are great."

"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."

"The product can integrate with any device."

"The central manager policy means we have almost all client modules in one solution."

"I really like the auditing component because it really looks at exactly what has happened on the network."

"If you set it up right, it can really manage a very complex environment which require fine tuning where there are a lot of exceptions. That's what it caters to. It can just do those specifics in those exceptional situations, which is good."

"We implemented data transfer protection, which allows transfer in one direction only. Users can copy from the PC to the USB but not from the USB to the PC. That way, if someone is carrying a virus on a USB, it will not be transferred to the PC."

"It is a highly scalable solution. Scalability-wise, I rate the solution a ten out of ten."

"From a single dashboard, I can take a look at several things including the endpoint protection, the file integrity section, the data activity monitor, and more."

"Their support is really good. I would rate it a nine out of ten. I have never any issues with their support. They always reply and follow our queries on time."

"What I like the most is the ability to manage centrally, to manage the various devices, the platform, and the endpoint, all from one console."

"It is a very scalable solution. Scalability-wise, I rate the solution a ten out of ten."

"Its impressive scalability allows the combination of multiple dictionaries and using them as one engine, resulting in narrower data loss gaps."

"On DLP terms, Zscaler Cloud DLP ensures that data doesn't go outside of the organization. So on the network level, Zscaler does a pretty good job."

"Zscaler Cloud DLP provides you with basic DLP features that you get out of the box such as keywords, regular expressions, and data identifiers, for example, your social security numbers, and credit card numbers, with everything built into the product, so you can directly use those features within the policies. You don't need to create it from scratch, and to me, this is the biggest benefit of Zscaler Cloud DLP. You have a lot of templates to choose from in the solution, rather than having to create templates from scratch or reinvent templates."

"The UI is easy to use."

"You can close your data protection gaps with Zscaler. You can quickly find all the classified, sensitive data across the cloud."

"The policies are very easy to implement."

"The initial setup is easy."

"I think the number one area of improvement for Sentinel would be the cost."

"I would like to see more AI used in processes."

"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."

"Not all information shows up in Sentinel. Sometimes there are items provided in 365 and if you looked in Sentinel you would not see them and therefore think they do not exist. There can be discrepancies between Microsoft tools."

"The playbook is a bit difficult and could be improved."

"The solution could be more user-friendly; some query languages are required to operate it."

"They should just add more and more out-of-the-box connectors. It is quite a new product, and it has a lot of connectors, and even more would be good."

"If we want to use more features, we have to pay more. There are multiple solutions on the cloud itself, but the pricing model package isn't consistent, which is confusing to clients."

"The solution is difficult to tune to avoid false positives."

"It's a little bit complex to configure it, but when you start using it, it is much easier. There are many policies that you need to create, and in three or four places"

"We would like to see more integration with different platforms and extend this to other platforms. We are migrating to the cloud and want to extend it from our on-premises setup to the cloud."

"The solution could improve the EDR component in many areas, such as the zero-day and persistent threats. The implementation is also complex for this feature."

"The way that ePolicy launches the updates is very slow. It would be great if that was faster."

"McAfee ePolicy Orchestrator needs to upgrade the technology; it's like their area function is not quite as good as compared to other market vendors."

"There should be more insights and completeness into the cyber kill chain, similar to CrowdStrike and SentinelOne. It just seems a little outdated in being 100% signature-based without all of the insights and protections that come with CrowdStrike and SentinelOne. Overall, they've got some catching up to do if they plan to compete in the comprehensive EDR space."

"There are some issues relating to the automation of reports. That's why I wanted the DLP reports. There are some problems in this area. Sometimes it does not work even though all the configuration words are right. There are also some problems with automatic updates."

"Price-wise, it is a costly product and it should be reduced."

"The product must allow users to check logs for an entire year in the local console."

"There aren't really any missing features that I have witnessed."

"The customers would benefit from more robust documentation and conversations around configurations, as it is slightly complex."

"Another area of improvement is implementation through non-client connectors. The solution can be implemented in two ways. One uses the back file; the other one uses client connectors. So the client connector is pretty fast, but when it comes to non-client connectors and procedures, it's kind of delayed and slow."

"We have issues with the tool's maintenance and networking. It should be able to work in offline mode as well."

"You won't find anything that can help you with the configuration part and other areas related to the product if you search for proper or exact details of Zscaler Cloud DLP online in very easy language."

"The only issue with Zscaler Cloud DLP is that it only gives you DLP protection from web traffic, which is flowing out, while a full-blown DLP solution such as Forcepoint or Symantec gives you DLP coverage for multiple channels. Zscaler Cloud DLP doesn't give you coverage for email, fax, and USB channels, and this is the only challenge or room for improvement in the solution. It's just an extension on top of what you're buying on the proxy, so it's just an added layer, and it doesn't cover DLP on a very broad level. I'm unsure if Zcaler is in the business of competing with a full-blown DLP solution, and if there's a plan to expand the features of Zscaler Cloud DLP beyond the web channel because you'll have to deploy a full-blown agent for it. I'm unsure if this is on the cards because the solution is just an added layer that you get with your proxy. I've asked the Zcaler team whether there's a plan to go full DLP in the future, but I didn't get a positive response. There isn't any feature I'd like added to Zscaler Cloud DLP currently, because anything you could think of that should be in cloud or SaaS solutions is already there, except for machine learning, as it's the only functionality that seems to be lacking in the solution. Machine learning is an additional policy available in other DLP solutions in the market, but my team didn't find it in Zscaler Cloud DLP."

"Sentinel is a bit expensive. If you can figure a way of configuring it to meet your needs, then you can find a way around the cost."

"It's costly to maintain and renew."

"Microsoft is costlier. Some organizations may not be able to afford the cost of Sentinel orchestration and the Log Analytics workspace. The transaction hosting cost is also a little bit on the high side, compared to AWS and GCP."

"We are charged based on the amount of data used, which can become expensive."

"I don't know yet because they gave us a 30-day test window for free."

"The pricing is reasonable, and we think Sentinel is worth what we pay for it."

"We must have saved some money with this product. It is a cloud-native product, and the ingestion is per GB. Every GB costs a certain amount of money. That is how the license of Microsoft Sentinel works."

"I have had mixed feedback. At one point, I heard a client say that it sometimes seems more expensive. Most of the clients are on Office 365 or M365, and they are forced to take Azure SIEM because of the integration."

"There is a license required to use this solution. If we use the additional components, such as DLP encryption, there is an additional cost. However, it is similar to a separate product altogether. If you want to use that or not, it is optional, but when you use it, it will cost you additional pricing."

"$The price of McAfee ePolicy Orchestrator is expensive, it is approximately $6,000 to $9,000 per license annually."

"Compared to other Antivirus products, the cost of this solution is a bit high."

"McAfee tries to package different things into different products, then sell them as different products with different licenses. They just split everything up into multiple things. That's just their sales pitch and how they do it."

"It is attractively priced. It is a fraction of what we're going to pay for CrowdStrike or SentinelOne, but it only has a fraction of the capabilities as well."

"For large enterprise companies, the price should be alright, but for small businesses, the uptake might be slow because, for these clients, the price doesn't look very attractive."

"This solution is priced in the mid-range."

"McAfee ePolicy Orchestrator is a cheaply priced product, meaning it is not expensive since McAfee provides a free version of ePO, which includes phone support as well."

"Zscaler Cloud DLP is moderately priced. We pay around 2 million rupees per year."

"It is an auto-renewal subscription service."

"The product is a little more expensive than other tools."

"The licensing model for Zscaler Cloud DLP allows you to only buy what you need. You don't need to buy it as a whole, so it's good."

"It's expensive currently. But when purchasing for a large number of users, there's room to negotiate. It's really up to the procurement team."

"The product is a bit expensive."

"The product has reasonable pricing."

"Zscaler DLP solution is expensive, with a fixed pricing structure that is billed annually and monthly. There are no additional costs for licenses."