We performed a comparison between McAfee ePolicy Orchestrator and Zscaler DLP based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."The analytic rule is the most valuable feature."
"It's pretty powerful and its performance is pretty good."
"The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"The pricing of the product is excellent."
"The graphical interface of the solution is its most valuable aspect."
"The best part is management in McAfee ePolicy Orchestrator."
"Their support is really good. I would rate it a nine out of ten. I have never any issues with their support. They always reply and follow our queries on time."
"The most valuable feature of the solution is the central management console, which is used for DLP, endpoint security, drive encryption, and application control."
"The DLP feature in McAfee ePolicy Orchestrator is good."
"McAfee ePolicy Orchestrator has a built-in advanced pattern, which is very useful because it can detect any pattern."
"It is a scalable solution...I rate its scalability a nine out of ten."
"From a single dashboard, I can take a look at several things including the endpoint protection, the file integrity section, the data activity monitor, and more."
"The most valuable aspect of Zscaler Cloud DLP is its automatic DLP feature."
"The customer service and support are very good."
"Its impressive scalability allows the combination of multiple dictionaries and using them as one engine, resulting in narrower data loss gaps."
"It is a very scalable solution. Scalability-wise, I rate the solution a ten out of ten."
"The policies are very easy to implement."
"It's one of the easier products on the market as far as set-ups and deployments. Even across their whole product suite, they've made it pretty simple."
"On DLP terms, Zscaler Cloud DLP ensures that data doesn't go outside of the organization. So on the network level, Zscaler does a pretty good job."
"Zscaler Cloud DLP provides you with basic DLP features that you get out of the box such as keywords, regular expressions, and data identifiers, for example, your social security numbers, and credit card numbers, with everything built into the product, so you can directly use those features within the policies. You don't need to create it from scratch, and to me, this is the biggest benefit of Zscaler Cloud DLP. You have a lot of templates to choose from in the solution, rather than having to create templates from scratch or reinvent templates."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"The troubleshooting has room for improvement."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"We do have in-built or out-of-the-box metrics that are shown on the dashboard, but it doesn't give the kind of metrics that we need from our environment whereby we need to check the meantime to detect and meantime to resolve an incident. I have to do it manually. I have to pull all the logs or all the alerts that are fed into Sentinel over a certain period. We do this on a monthly basis, so I go into Microsoft Sentinel and pull all the alerts or incidents we closed over a period of thirty days."
"They need to work with other security vendors. For example, we replaced our email gateway with Symantec, but we couldn't collect these logs with Azure Sentinel. Instead of collecting these logs with Azure Sentinel, we are collecting them on Qradar. We couldn't do it with Sentinel, which is a problem for us."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"Sometimes agents hang. We have to reinstall the agents."
"There is a problem when it comes to agent communication and duplicate records, where the rebooting of a machine leads to the installation of a new agent and you get a lot of duplicate records that ultimately affect your compliance monitoring."
"McAfee ePolicy Orchestrator could improve by supporting container microservices, such as Docker and Kubernetes."
"We need to consolidate multiple features into one console. It would be beneficial to have all the important features on a single platform."
"While there are bugs and a few functionality issues, it is just a matter of raising them with the support team. However, support is part of the problem as well. You want everything to be seamless in a perfect world, but the support is spread across different countries. They have Level 1, 2, and 3. Level 1 is most likely in a developing country. They don't provide the best service."
"Features such as full drive encryption are lacking in the cloud version."
"The Virtual Patching feature needs to be improved."
"The solution sometimes has some false positives on IP addresses, from the web control aspect of the product. This needs to be improved."
"The product must allow users to check logs for an entire year in the local console."
"There could be additional ways to define proximity. Additionally, they should provide some exclusion options for specific policies and an ability to control the DLP engine."
"There aren't really any missing features that I have witnessed."
"The tool must provide IP-blocking features."
"You won't find anything that can help you with the configuration part and other areas related to the product if you search for proper or exact details of Zscaler Cloud DLP online in very easy language."
"On the improvement side, when we bypass certain internet traffic types, it's currently recommended to have a one-click option, but audio and video aren't always supported. Thus, we need to bypass that kind of traffic. So, it is an area of improvement."
"They should work on a replica account. There could be alerts and replica files sent to the DLP team during data collection."
"Another area of improvement is implementation through non-client connectors. The solution can be implemented in two ways. One uses the back file; the other one uses client connectors. So the client connector is pretty fast, but when it comes to non-client connectors and procedures, it's kind of delayed and slow."
McAfee ePolicy Orchestrator is ranked 9th in Security Orchestration Automation and Response (SOAR) with 38 reviews while Zscaler DLP is ranked 4th in Data Loss Prevention (DLP) with 15 reviews. McAfee ePolicy Orchestrator is rated 8.0, while Zscaler DLP is rated 8.6. The top reviewer of McAfee ePolicy Orchestrator writes "Useful agent communication, reliable, but lacking support for microservices". On the other hand, the top reviewer of Zscaler DLP writes "Provides a range of security measures to protect network traffic". McAfee ePolicy Orchestrator is most compared with Splunk SOAR, Symantec Data Loss Prevention, Forcepoint Data Loss Prevention, Trend Micro Integrated Data Loss Prevention and Elastic Security, whereas Zscaler DLP is most compared with Microsoft Purview Data Loss Prevention, Forcepoint Data Loss Prevention, Symantec Data Loss Prevention, Varonis Platform and Cyberhaven.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
