IT Central Station is now PeerSpot: Here's why

McAfee MVISION Endpoint Detection and Response OverviewUNIXBusinessApplication

McAfee MVISION Endpoint Detection and Response is #26 ranked solution in EDR tools. PeerSpot users give McAfee MVISION Endpoint Detection and Response an average rating of 6 out of 10. McAfee MVISION Endpoint Detection and Response is most commonly compared to CrowdStrike Falcon: McAfee MVISION Endpoint Detection and Response vs CrowdStrike Falcon. McAfee MVISION Endpoint Detection and Response is popular among the large enterprise segment, accounting for 66% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 27% of all views.
Buyer's Guide

Download the Endpoint Detection and Response (EDR) Buyer's Guide including reviews and more. Updated: June 2022

What is McAfee MVISION Endpoint Detection and Response?

McAfee MVISION Endpoint Detection and Response is a cloud-based solution that allows users to quickly investigate, discover, and answer threat attacks. MVISION EDR supplies uninterrupted data-gathering and intuitive analytics to ensure organizations discover dubious or anomalous behavior on their ecosystems. The solution utilizes robust data visualization and alert ranking so users can easily and immediately understand the risk and respond immediately. A managed investigative process systematically collects, translates, and interprets data from numerous sources and highlights issues as the discovery process continues. Utilizing a thorough comprehension of the risk and single-click response options, MVISION EDR allows users to immediately and assuredly respond to risks or threats. MVISION is user friendly and easy to understand; this reduces the time needed for users to identify the reasons for the risk or threat and minimize the incidents of risk to their networks.

McAfee MVISION EDR Features

  • Cloud-based analysis: MVISION EDR is able to detect risks that other layers of security may have missed. Robust intuitive search activity is always working to detect any anomalous or suspicious activity. The cloud-based deployment makes it super easy to update new processes and protocols.

  • Artificial intelligence discovery: MVISION MDR uses a guided discovery process constructed using McAfee® Foundstone® forensic investigators with artificial intelligence (AI). These processes augment the discovery process and examine numerous conclusions concurrently to improve quality and speed. The guided discovery is able to make adjustments and incorporate various data and protocols. MVISION EDR intuitively queries and resolves challenges to support or deny the conclusions.

  • Numerous Search Options: MVISION EDR offers many different valuable search options:

    • Historical search: Covers all monitored systems to the cloud and can search and find indicators of compromises (IoCs) and indicators of attack (IoAs).

    • Device search: Can be done online or offline regardless of device status, will search historically against any endpoint.

    • Real-time search: Easily and quickly determine device status. MVISION EDR can handle simple searches to more detailed comprehensive inquiries.

    • Immediate data search: With regard to investigations, MVISION EDR is able to deliver a snapshot of every device including a full view of all current processes, services, network connections, and more.

Reviews from Real Users

“The most valuable feature I found in McAfee MVISION Endpoint Detection and Response is the guided analytics or guided EDR investigation. With the guided investigation feature in McAfee MVISION Endpoint Detection and Response, DoD is easier, because the tool does the analysis itself, based on the artifact, then it maps back into the MITRE Framework and gives us all the answers.” - Salleh K., Solution architect at CSP

“This is more of a cloud-based clientless type solution, for file-based security. The solution is scalable and the product has a good strategy when everything is in place.” - A PeerSpot user who is a Sr. Sales Engineer at a tech services company.

McAfee MVISION Endpoint Detection and Response was previously known as McAfee MVISION EDR, MVISION EDR, MVISION Endpoint Detection and Response.

McAfee MVISION Endpoint Detection and Response Customers

Sutherland Global Services

McAfee MVISION Endpoint Detection and Response Video

McAfee MVISION Endpoint Detection and Response Pricing Advice

What users are saying about McAfee MVISION Endpoint Detection and Response pricing:
  • "Pricing for McAfee MVISION Endpoint Detection and Response is not that expensive, but it's not something that a startup could buy. Pricing for it is for midsized businesses. There's an additional payment if you want data retention for more than thirty days. They gave us data retention for thirty days. Then if you want longer data retention, they have the paid option for a three-month data retention period and for a one-year data retention period."
  • "The cost is okay, compared to other products."
  • McAfee MVISION Endpoint Detection and Response Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Solution architect at CSP
    Reseller
    Top 20
    Scalable and stable tool for threat hunting and threat response, with guided investigation and analysis features
    Pros and Cons
    • "The most valuable feature I found in McAfee MVISION Endpoint Detection and Response is the guided analytics or guided EDR investigation."
    • "An area for improvement in McAfee MVISION Endpoint Detection and Response is the historical search. For example: when you have information on the artifact and a precedent, you want to do a search, and that is a bit lacking in the tool."

    What is our primary use case?

    I'm a consultant. One of my clients was experiencing attacks on one of his endpoints, so we installed McAfee MVISION Endpoint Detection and Response, and we used it to check if the other endpoints were also being attacked. This is one of the uses cases of the solution: threat hunting. Another use case is that McAfee MVISION Endpoint Detection and Response consolidates all the information back to the MVISION Insights, so that's threat intelligence information, and we match whatever IOC we have, together with the current attack campaign data in the McAfee databases.

    What is most valuable?

    The most valuable feature I found in McAfee MVISION Endpoint Detection and Response is the guided analytics or guided EDR investigation. Normally, when you use an EDR solution, you need to have an analyst to understand all the artifacts, then you come up with the question and come up with the answers. With the guided investigation feature in McAfee MVISION Endpoint Detection and Response, DoD is easier, because the tool does the analysis itself, based on the artifact, then it maps back into the MITRE Framework and gives us all the answers.

    What needs improvement?

    An area for improvement in McAfee MVISION Endpoint Detection and Response is the historical search. For example: when you have information on the artifact and a precedent, you want to do a search, and that is a bit lacking in the tool. Another area for improvement is in the automation feature of McAfee MVISION Endpoint Detection and Response, because it still needs some work in terms of integration. What I'd like in the next release of McAfee MVISION Endpoint Detection and Response is the ability to use it with a newer security platform. This means that the information you get from network parameters such as IPS and firewalls can be pumped back to the tool, so we can match all the information to do better threat hunting. Threat hunting is only on the endpoints, so if McAfee MVISION Endpoint Detection and Response could cover everything, that would be good.

    For how long have I used the solution?

    We've been using McAfee MVISION Endpoint Detection and Response for a year, and we're using its latest version.
    Buyer's Guide
    Endpoint Detection and Response (EDR)
    June 2022
    Find out what your peers are saying about McAfee, CrowdStrike, Microsoft and others in Endpoint Detection and Response (EDR). Updated: June 2022.
    610,229 professionals have used our research since 2012.

    What do I think about the stability of the solution?

    The stability and performance of McAfee MVISION Endpoint Detection and Response are quite good, especially because it's still using the same agent. It doesn't require hardware, as long as there's good internet connectivity, for example: the bandwidth of the customer in the office is quite good, so the tool seems okay. I don't see anything lacking in terms of its performance. It's quite a good tool.

    What do I think about the scalability of the solution?

    Because McAfee MVISION Endpoint Detection and Response is deployed on cloud, scalability is not an issue. You have to look at scalability in terms of the endpoint agent. If the endpoint control panel is good enough or is large enough, scalability is good enough, so it won't be much of an issue.

    How are customer service and support?

    McAfee technical support has been not that great in the past two months, and it could be because they just merged with another company. Their level of support was high previously, but now it's not so good, and it's not on par with what I expect. On a scale of one to five, I would rate their support a three.

    How was the initial setup?

    We already have the baseline for the current endpoint, so deploying McAfee MVISION Endpoint Detection and Response was simpler.

    What about the implementation team?

    I was the one who did the deployment for a customer, and it was quite straightforward. Because we already have the baseline and we used the same engine and the same integration, deployment of McAfee MVISION Endpoint Detection and Response took less than two days.

    What's my experience with pricing, setup cost, and licensing?

    Pricing for McAfee MVISION Endpoint Detection and Response is not that expensive, but it's not something that a startup could buy. Pricing for it is for midsized businesses. There's an additional payment if you want data retention for more than thirty days. They gave us data retention for thirty days. Then if you want longer data retention, they have the paid option for a three-month data retention period and for a one-year data retention period.

    What other advice do I have?

    We don't use any backup protection, but previously, we used Commvault for backups. In terms of maintaining the tool, you don't have to do a lot of fine tuning, because the fine tuning will happen on the endpoint protection, in particular, the tool will do all the hunting. What we just need to do is to monitor the data location and the database. My rating for McAfee MVISION Endpoint Detection and Response is eight out of ten.

    Which deployment model are you using for this solution?

    Public Cloud
    Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
    Flag as inappropriate
    Chief Information Security Officer at Romsons
    Real User
    Top 5
    Resource-heavy, slow processing time, and bad technical support
    Pros and Cons
    • "This is a stable product."
    • "The main drawbacks are resources and processing time, as it consumes a lot of CPU and RAM."

    What is our primary use case?

    I have upgraded to EDR for endpoint protection.

    What is most valuable?

    Feature-wise, this product is similar to other EDRs.

    What needs improvement?

    The main drawbacks are resources and processing time, as it consumes a lot of CPU and RAM.

    The alert system should be improved.

    Technical support is in need of improvement.

    The dashboard should be improved because it needs a fresh look.

    Improvement in the centralized policy enforcement is needed.

    For how long have I used the solution?

    I have been using this product for three years.

    What do I think about the stability of the solution?

    This is a stable product.

    What do I think about the scalability of the solution?

    The scalability is okay, although not much more than that.

    How are customer service and technical support?

    This is the worst technical support. Without OEM support, you can't handle this product. OEM support is mandatory, yet sometimes, they are not capable of installing and implementing the product properly.

    Which solution did I use previously and why did I switch?

    I was using McAfee DLP for Endpoint protection, but it is not very strong. This is why I have upgraded to the EDR solution.

    How was the initial setup?

    We did not have any issues with configuration. However, in terms of implementation, we had a lot of issues. There is complexity in policy aggregation. When you upgrade the client, there is a challenge in policy enforcement.

    Initially, it will take about one month to deploy.

    What's my experience with pricing, setup cost, and licensing?

    The cost is okay, compared to other products.

    Which other solutions did I evaluate?

    We have been looking at replacing McAfee with Trend Micro, but to change our setup is a big task. It is very complex and we need a plan, so are just upgrading instead of changing at this time.

    What other advice do I have?

    My advice for anybody looking into implementing this product is to first look into who will be providing the support. If they do not have good capabilities and the support is not very strong, then do not choose this option.

    I would rate this solution a three out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Buyer's Guide
    Endpoint Detection and Response (EDR)
    June 2022
    Find out what your peers are saying about McAfee, CrowdStrike, Microsoft and others in Endpoint Detection and Response (EDR). Updated: June 2022.
    610,229 professionals have used our research since 2012.
    Sr. Sales Engineer at a tech services company with 11-50 employees
    MSP
    Top 5
    Scalable with a good strategy when everything is in place

    What is our primary use case?

    This is more of a cloud-based clientless type solution, for file-based security. 

    What is most valuable?

    The solution is scalable and the product has a good strategy when everything is in place. 

    What needs improvement?

    One of their issues is that they were very much based on agents, whereas most of the other solutions are clientless. There were a lot of legacy issues and they needed to evolve to more of the current operating systems of Microsoft for endpoint systems and PCs. If you're clientless, your cloud-based applications sit on top of the operating system and are not built into it.

    What do I think about the stability of the solution?

    It's reasonably stable. They made some changes to the architecture and that always creates issues. 

    What do I think about the scalability of the solution?

    The solution is scalable. 

    How are customer service and support?

    They had pretty good tech support. I think a lot of what happened to McAfee, from my perspective, was everything went offshore to India and for US customers, there is a language barrier that created problems.

    How was the initial setup?

    The initial setup was relatively complicated and used a lot of resources - CPU resources, memory, disk.

    What other advice do I have?

    There are a lot of companies in this space now and they are all pretty close to each other in terms of what they offer. I think those that are more user-friendly, and have the agentless client have the advantage over the legacy companies with older architecture. 

    They lost a lot of product managers and engineering managers in the breakup. That said, I think this is a good product with a good strategy, they just haven't quite reached maturity yet.  

    I rate this solution eight out of 10. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    Senior Security and Risk Management Analyst at National Commercial Bank Jamaica Limited (NCB)
    Real User
    Quarantines devices and blocks ransomware, but dashboard and reporting features are not user-friendly
    Pros and Cons
    • "The most valuable features of the solution are the ability to isolate or quarantine devices and block or detect Ransomware and other well-known tools that are used to exploit vulnerabilities on devices."
    • "The dashboard and reporting features are not so user-friendly or intuitive, so they need some work."

    What is our primary use case?

    We use this solution to protect our endpoints, meaning our workstation laptops.

    What is most valuable?

    The most valuable features of the solution are the ability to isolate or quarantine devices and block or detect Ransomware and other well-known tools that are used to exploit vulnerabilities on devices.

    What needs improvement?

    The dashboard and reporting features are not so user-friendly or intuitive, so they need some work.

    In terms of being able to detect new threats, it would be good if the solution was not so dependent on a signature base, but instead offered a more rapid release for being able to detect zero-days. 

    For how long have I used the solution?

    My company has been using McAfee MVISION Endpoint Detection and Response for about seven months. 

    What do I think about the stability of the solution?

    The solution is stable. 

    What do I think about the scalability of the solution?

    The solution is easily scalable. 

    How are customer service and support?

    Their technical support is better than some of the competitors in the space. To make a direct comparison, it's definitely better than Symantec Broadcom.

    How was the initial setup?

    The initial setup takes a bit of work, but it can be done. It's not easy. It's not hard. It's in between.

    What other advice do I have?

    I would rate this solution as a seven out of ten.

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    Buyer's Guide
    Download our free Endpoint Detection and Response (EDR) Report and find out what your peers are saying about McAfee, CrowdStrike, Microsoft, and more!
    Updated: June 2022
    Buyer's Guide
    Download our free Endpoint Detection and Response (EDR) Report and find out what your peers are saying about McAfee, CrowdStrike, Microsoft, and more!