We performed a comparison between McAfee ePolicy Orchestrator and Zscaler DLP based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"The main benefit is the ease of integration."
"The best feature is that onboarding to the SIM solution is quite easy. If you are using cloud-based solutions, it's just a few clicks to migrate it."
"The central management console is the solution's most valuable aspect."
"McAfee ePolicy Orchestrator has a built-in advanced pattern, which is very useful because it can detect any pattern."
"The best part is management in McAfee ePolicy Orchestrator."
"It is a highly scalable solution. Scalability-wise, I rate the solution a ten out of ten."
"Their support is really good. I would rate it a nine out of ten. I have never any issues with their support. They always reply and follow our queries on time."
"The graphical interface of the solution is its most valuable aspect."
"I really like the auditing component because it really looks at exactly what has happened on the network."
"It is a scalable solution...I rate its scalability a nine out of ten."
"On DLP terms, Zscaler Cloud DLP ensures that data doesn't go outside of the organization. So on the network level, Zscaler does a pretty good job."
"You can close your data protection gaps with Zscaler. You can quickly find all the classified, sensitive data across the cloud."
"It's one of the easier products on the market as far as set-ups and deployments. Even across their whole product suite, they've made it pretty simple."
"The most valuable aspect of Zscaler Cloud DLP is its automatic DLP feature."
"The product’s most valuable features are data discovery, activity control, and zero trust exchange."
"It is a very scalable solution. Scalability-wise, I rate the solution a ten out of ten."
"The policies are very easy to implement."
"The product’s most valuable features are inbound and outbound scanning and API control."
"The solution should allow for a streamlined CI/CD procedure."
"We'd like also a better ticketing system, which is older."
"Sentinel can be used in two ways. With other tools like QRadar, I don't need to run queries. Using Sentinel requires users to learn KQL to run technical queries and check things. If they don't know KQL, they can't fully utilize the solution."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"Sometimes, it is hard for us to estimate the costs of Microsoft Sentinel."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"McAfee ePolicy Orchestrator could improve by supporting container microservices, such as Docker and Kubernetes."
"The solution sometimes has some false positives on IP addresses, from the web control aspect of the product. This needs to be improved."
"McAfee ePolicy Orchestrator needs to upgrade the technology; it's like their area function is not quite as good as compared to other market vendors."
"It's a little bit complex to configure it, but when you start using it, it is much easier. There are many policies that you need to create, and in three or four places"
"The installation process is quite difficult and requires technical support."
"The solution is difficult to tune to avoid false positives."
"The detection aspect should be improved so that signatures are updated more quickly."
"We need to consolidate multiple features into one console. It would be beneficial to have all the important features on a single platform."
"There aren't really any missing features that I have witnessed."
"The only issue with Zscaler Cloud DLP is that it only gives you DLP protection from web traffic, which is flowing out, while a full-blown DLP solution such as Forcepoint or Symantec gives you DLP coverage for multiple channels. Zscaler Cloud DLP doesn't give you coverage for email, fax, and USB channels, and this is the only challenge or room for improvement in the solution. It's just an extension on top of what you're buying on the proxy, so it's just an added layer, and it doesn't cover DLP on a very broad level. I'm unsure if Zcaler is in the business of competing with a full-blown DLP solution, and if there's a plan to expand the features of Zscaler Cloud DLP beyond the web channel because you'll have to deploy a full-blown agent for it. I'm unsure if this is on the cards because the solution is just an added layer that you get with your proxy. I've asked the Zcaler team whether there's a plan to go full DLP in the future, but I didn't get a positive response. There isn't any feature I'd like added to Zscaler Cloud DLP currently, because anything you could think of that should be in cloud or SaaS solutions is already there, except for machine learning, as it's the only functionality that seems to be lacking in the solution. Machine learning is an additional policy available in other DLP solutions in the market, but my team didn't find it in Zscaler Cloud DLP."
"Price-wise, it is a costly product and it should be reduced."
"There could be a feature to view the VPN tunnel activities in terms of configuration."
"The tool must provide IP-blocking features."
"The customers would benefit from more robust documentation and conversations around configurations, as it is slightly complex."
"They should work on a replica account. There could be alerts and replica files sent to the DLP team during data collection."
"Another area of improvement is implementation through non-client connectors. The solution can be implemented in two ways. One uses the back file; the other one uses client connectors. So the client connector is pretty fast, but when it comes to non-client connectors and procedures, it's kind of delayed and slow."
McAfee ePolicy Orchestrator is ranked 9th in Security Orchestration Automation and Response (SOAR) with 38 reviews while Zscaler DLP is ranked 4th in Data Loss Prevention (DLP) with 15 reviews. McAfee ePolicy Orchestrator is rated 8.0, while Zscaler DLP is rated 8.6. The top reviewer of McAfee ePolicy Orchestrator writes "Useful agent communication, reliable, but lacking support for microservices". On the other hand, the top reviewer of Zscaler DLP writes "Provides a range of security measures to protect network traffic". McAfee ePolicy Orchestrator is most compared with Splunk SOAR, Symantec Data Loss Prevention, Forcepoint Data Loss Prevention, Elastic Security and Trend Micro Integrated Data Loss Prevention, whereas Zscaler DLP is most compared with Microsoft Purview Data Loss Prevention, Forcepoint Data Loss Prevention, Symantec Data Loss Prevention, CoSoSys Endpoint Protector and Cyberhaven.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
