McAfee MVISION Endpoint Detection and Response OverviewUNIXBusinessApplication

McAfee MVISION Endpoint Detection and Response is the #23 ranked solution in EDR tools. PeerSpot users give McAfee MVISION Endpoint Detection and Response an average rating of 7.8 out of 10. McAfee MVISION Endpoint Detection and Response is most commonly compared to McAfee Active Response: McAfee MVISION Endpoint Detection and Response vs McAfee Active Response. McAfee MVISION Endpoint Detection and Response is popular among the large enterprise segment, accounting for 69% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 23% of all views.
Buyer's Guide

Download the EDR (Endpoint Detection and Response) Buyer's Guide including reviews and more. Updated: January 2023

What is McAfee MVISION Endpoint Detection and Response?

McAfee MVISION Endpoint Detection and Response is a cloud-based solution that allows users to quickly investigate, discover, and answer threat attacks. MVISION EDR supplies uninterrupted data-gathering and intuitive analytics to ensure organizations discover dubious or anomalous behavior on their ecosystems. The solution utilizes robust data visualization and alert ranking so users can easily and immediately understand the risk and respond immediately. A managed investigative process systematically collects, translates, and interprets data from numerous sources and highlights issues as the discovery process continues. Utilizing a thorough comprehension of the risk and single-click response options, MVISION EDR allows users to immediately and assuredly respond to risks or threats. MVISION is user friendly and easy to understand; this reduces the time needed for users to identify the reasons for the risk or threat and minimize the incidents of risk to their networks.

McAfee MVISION EDR Features

  • Cloud-based analysis: MVISION EDR is able to detect risks that other layers of security may have missed. Robust intuitive search activity is always working to detect any anomalous or suspicious activity. The cloud-based deployment makes it super easy to update new processes and protocols.

  • Artificial intelligence discovery: MVISION MDR uses a guided discovery process constructed using McAfee® Foundstone® forensic investigators with artificial intelligence (AI). These processes augment the discovery process and examine numerous conclusions concurrently to improve quality and speed. The guided discovery is able to make adjustments and incorporate various data and protocols. MVISION EDR intuitively queries and resolves challenges to support or deny the conclusions.

  • Numerous Search Options: MVISION EDR offers many different valuable search options:

    • Historical search: Covers all monitored systems to the cloud and can search and find indicators of compromises (IoCs) and indicators of attack (IoAs).

    • Device search: Can be done online or offline regardless of device status, will search historically against any endpoint.

    • Real-time search: Easily and quickly determine device status. MVISION EDR can handle simple searches to more detailed comprehensive inquiries.

    • Immediate data search: With regard to investigations, MVISION EDR is able to deliver a snapshot of every device including a full view of all current processes, services, network connections, and more.

Reviews from Real Users

“The most valuable feature I found in McAfee MVISION Endpoint Detection and Response is the guided analytics or guided EDR investigation. With the guided investigation feature in McAfee MVISION Endpoint Detection and Response, DoD is easier, because the tool does the analysis itself, based on the artifact, then it maps back into the MITRE Framework and gives us all the answers.” - Salleh K., Solution architect at CSP

“This is more of a cloud-based clientless type solution, for file-based security. The solution is scalable and the product has a good strategy when everything is in place.” - A PeerSpot user who is a Sr. Sales Engineer at a tech services company.

McAfee MVISION Endpoint Detection and Response was previously known as McAfee MVISION EDR, MVISION EDR, MVISION Endpoint Detection and Response.

McAfee MVISION Endpoint Detection and Response Customers

Sutherland Global Services

McAfee MVISION Endpoint Detection and Response Video

McAfee MVISION Endpoint Detection and Response Pricing Advice

What users are saying about McAfee MVISION Endpoint Detection and Response pricing:
  • "Pricing for McAfee MVISION Endpoint Detection and Response is not that expensive, but it's not something that a startup could buy. Pricing for it is for midsized businesses. There's an additional payment if you want data retention for more than thirty days. They gave us data retention for thirty days. Then if you want longer data retention, they have the paid option for a three-month data retention period and for a one-year data retention period."
  • "McAfee MVISION Endpoint Detection and Response is reasonable in terms of cost. It's a tool my company has been using for a few years now. It costs $25,000 to $30,000 for six hundred users."
  • McAfee MVISION Endpoint Detection and Response Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Solution architect at CSP
    Reseller
    Top 20
    Scalable and stable tool for threat hunting and threat response, with guided investigation and analysis features
    Pros and Cons
    • "The most valuable feature I found in McAfee MVISION Endpoint Detection and Response is the guided analytics or guided EDR investigation."
    • "An area for improvement in McAfee MVISION Endpoint Detection and Response is the historical search. For example: when you have information on the artifact and a precedent, you want to do a search, and that is a bit lacking in the tool."

    What is our primary use case?

    I'm a consultant. One of my clients was experiencing attacks on one of his endpoints, so we installed McAfee MVISION Endpoint Detection and Response, and we used it to check if the other endpoints were also being attacked. This is one of the uses cases of the solution: threat hunting.

    Another use case is that McAfee MVISION Endpoint Detection and Response consolidates all the information back to the MVISION Insights, so that's threat intelligence information, and we match whatever IOC we have, together with the current attack campaign data in the McAfee databases.

    What is most valuable?

    The most valuable feature I found in McAfee MVISION Endpoint Detection and Response is the guided analytics or guided EDR investigation. Normally, when you use an EDR solution, you need to have an analyst to understand all the artifacts, then you come up with the question and come up with the answers. With the guided investigation feature in McAfee MVISION Endpoint Detection and Response, DoD is easier, because the tool does the analysis itself, based on the artifact, then it maps back into the MITRE Framework and gives us all the answers.

    What needs improvement?

    An area for improvement in McAfee MVISION Endpoint Detection and Response is the historical search. For example: when you have information on the artifact and a precedent, you want to do a search, and that is a bit lacking in the tool.

    Another area for improvement is in the automation feature of McAfee MVISION Endpoint Detection and Response, because it still needs some work in terms of integration.

    What I'd like in the next release of McAfee MVISION Endpoint Detection and Response is the ability to use it with a newer security platform. This means that the information you get from network parameters such as IPS and firewalls can be pumped back to the tool, so we can match all the information to do better threat hunting. Threat hunting is only on the endpoints, so if McAfee MVISION Endpoint Detection and Response could cover everything, that would be good.

    For how long have I used the solution?

    We've been using McAfee MVISION Endpoint Detection and Response for a year, and we're using its latest version.

    Buyer's Guide
    EDR (Endpoint Detection and Response)
    January 2023
    Find out what your peers are saying about McAfee, CrowdStrike, Microsoft and others in EDR (Endpoint Detection and Response). Updated: January 2023.
    670,331 professionals have used our research since 2012.

    What do I think about the stability of the solution?

    The stability and performance of McAfee MVISION Endpoint Detection and Response are quite good, especially because it's still using the same agent. It doesn't require hardware, as long as there's good internet connectivity, for example: the bandwidth of the customer in the office is quite good, so the tool seems okay. I don't see anything lacking in terms of its performance. It's quite a good tool.

    What do I think about the scalability of the solution?

    Because McAfee MVISION Endpoint Detection and Response is deployed on cloud, scalability is not an issue. You have to look at scalability in terms of the endpoint agent. If the endpoint control panel is good enough or is large enough, scalability is good enough, so it won't be much of an issue.

    How are customer service and support?

    McAfee technical support has been not that great in the past two months, and it could be because they just merged with another company. Their level of support was high previously, but now it's not so good, and it's not on par with what I expect. On a scale of one to five, I would rate their support a three.

    How was the initial setup?

    We already have the baseline for the current endpoint, so deploying McAfee MVISION Endpoint Detection and Response was simpler.

    What about the implementation team?

    I was the one who did the deployment for a customer, and it was quite straightforward. Because we already have the baseline and we used the same engine and the same integration, deployment of McAfee MVISION Endpoint Detection and Response took less than two days.

    What's my experience with pricing, setup cost, and licensing?

    Pricing for McAfee MVISION Endpoint Detection and Response is not that expensive, but it's not something that a startup could buy. Pricing for it is for midsized businesses.

    There's an additional payment if you want data retention for more than thirty days. They gave us data retention for thirty days. Then if you want longer data retention, they have the paid option for a three-month data retention period and for a one-year data retention period.

    What other advice do I have?

    We don't use any backup protection, but previously, we used Commvault for backups.

    In terms of maintaining the tool, you don't have to do a lot of fine tuning, because the fine tuning will happen on the endpoint protection, in particular, the tool will do all the hunting. What we just need to do is to monitor the data location and the database.

    My rating for McAfee MVISION Endpoint Detection and Response is eight out of ten.

    Which deployment model are you using for this solution?

    Public Cloud
    Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
    Flag as inappropriate
    PeerSpot user
    IT Security Specialist at Commercial Bank of Ethiopia
    Real User
    Top 10
    Multifeatured, with web control, advanced threat protection, and threat prevention capabilities, but its alerting and reporting features need improvement
    Pros and Cons
    • "What we're using the most and what we found valuable in McAfee MVISION Endpoint Detection and Response are Web Control, Advanced Threat Protection, and Threat Prevention features."
    • "The alert feature of McAfee MVISION Endpoint Detection and Response needs improvement because for you to get the alerts, you have to log on to the portal. What my company needs is a tool that sends you alerts. For example, if it detects a threat on your machine, it should send you an alert. My company gets the alerts instead from the antivirus software rather than the EDR. If you want to see the alerts on McAfee MVISION Endpoint Detection and Response, you have to connect to the system manually. Another area for improvement in the tool is the reporting. My company needs weekly and monthly reports about the alerts, but you can't extract reports from McAfee MVISION Endpoint Detection and Response, so a decision was made to move to another EDR solution, particularly Microsoft Defender for Endpoint, next month. My company tested Microsoft Defender for Endpoint via a POC for one to three months. The resource usage of McAfee MVISION Endpoint Detection and Response is also an area for improvement because it consumes a lot of memory. For example, during the on-demand scan, you can't work because of the high CPU usage. You need to schedule the scans. McAfee MVISION Endpoint Detection and Response has a lot of modules, but my company doesn't use all modules."

    What is our primary use case?

    We use McAfee MVISION Endpoint Detection and Response for our endpoints, and we are currently trying out the solid core. The tool scans even memory sticks and shows you what's going on with your network.

    What is most valuable?

    What we're using the most and what we found valuable in McAfee MVISION Endpoint Detection and Response are Web Control, Advanced Threat Protection, and Threat Prevention features.

    What needs improvement?

    The alert feature of McAfee MVISION Endpoint Detection and Response needs improvement because for you to get the alerts, you have to log on to the portal. What my company needs is a tool that sends you alerts. For example, if it detects a threat on your machine, it should send you an alert. My company gets the alerts instead from the antivirus software rather than the EDR. If you want to see the alerts on McAfee MVISION Endpoint Detection and Response, you have to connect to the system manually.

    Another area for improvement in the tool is the reporting. My company needs weekly and monthly reports about the alerts, but you can't extract reports from McAfee MVISION Endpoint Detection and Response, so a decision was made to move to another EDR solution, particularly Microsoft Defender for Endpoint, next month. My company tested Microsoft Defender for Endpoint via a POC for one to three months.

    The resource usage of McAfee MVISION Endpoint Detection and Response is also an area for improvement because it consumes a lot of memory. For example, during the on-demand scan, you can't work because of the high CPU usage. You need to schedule the scans.

    McAfee MVISION Endpoint Detection and Response has a lot of modules, but my company doesn't use all modules.

    For how long have I used the solution?

    I've been using McAfee MVISION Endpoint Detection and Response since 2020.

    How are customer service and support?

    I've contacted the technical support for McAfee MVISION Endpoint Detection and Response many times. It takes time for the team to respond to the cases, but at the end of the day, you do get a response.

    How was the initial setup?

    The initial setup for McAfee MVISION Endpoint Detection and Response was easy. It wasn't complex. What took long in terms of setup was linking the tool to the on-premises ePO and configuring the DXL which was a challenge. McAfee was involved, but it still took time to configure.

    What was our ROI?

    I've seen ROI from McAfee MVISION Endpoint Detection and Response.

    What's my experience with pricing, setup cost, and licensing?

    McAfee MVISION Endpoint Detection and Response is reasonable in terms of cost. It's a tool my company has been using for a few years now. It costs $25,000 to $30,000 for six hundred users.

    Which other solutions did I evaluate?

    We evaluated CrowdStrike aside from McAfee MVISION Endpoint Detection and Response. Though it's a good product, we couldn't afford CrowdStrike.

    What other advice do I have?

    I'm a user of McAfee MVISION Endpoint Detection and Response. I work for a bank.

    McAfee MVISION Endpoint Detection and Response is deployed both on-premises and on the cloud in my company.

    My company has six hundred endpoints on McAfee MVISION Endpoint Detection and Response. The tool is installed on six hundred machines or devices. Two administrators take care of maintaining the tool.

    My advice to people who want to implement McAfee MVISION Endpoint Detection and Response is that it's a good product, but it has its limitations.

    My rating for McAfee MVISION Endpoint Detection and Response is seven out of ten.

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    EDR (Endpoint Detection and Response)
    January 2023
    Find out what your peers are saying about McAfee, CrowdStrike, Microsoft and others in EDR (Endpoint Detection and Response). Updated: January 2023.
    670,331 professionals have used our research since 2012.
    Moizuddin Sayed - PeerSpot reviewer
    Senior IT Systems Administrator at IndusInd Bank ltd
    Real User
    Top 20
    A multiple feature solution that is stable, scalable and straightforward to implement
    Pros and Cons
    • "It is a scalable solution and very easy to use."
    • "The endpoints and utilization are too high, which impacts the production activity."

    What is our primary use case?

    It has been helpful in terms of identifying unknown threats. The file is available on the endpoint, and the information is retrieved to identify any unknown or malicious file and then converted to a known file.

    What needs improvement?

    The endpoints and utilization are too high, which impacts the production activity. 

    There are no additional features I would add. The McAfee MVISION Endpoint Detection and Response already has multiple features required for an IT solution.

    For how long have I used the solution?

    We have been using this solution for two years, and it is deployed on-premises.

    What do I think about the stability of the solution?

    From a solution point of view, it is a stable solution.

    What do I think about the scalability of the solution?

    It is a scalable solution and very easy to use in terms of hardware or sizing.

    In terms of the number of users, because we are a banking environment, the IT department, bankers and people on the business side use this solution. Therefore, a minimum of five people is required to manage the environment. We currently use it to its full extent but plan to replace it.

    How are customer service and support?

    The technical support is very good, and we have never had problems with them.

    How would you rate customer service and support?

    Neutral

    Which solution did I use previously and why did I switch?

    We used a different solution for more than 15 years before we migrated to McAfee MVISION Endpoint Detection and Response.

    How was the initial setup?

    The initial setup was very straightforward. I rate the initial setup experience an eight out of ten. We used a third-party tool, and the deployment took a couple of months. 

    What was our ROI?

    Regarding ROI, I do not have precise numbers, but I rate it a four out of ten. 

    What's my experience with pricing, setup cost, and licensing?

    We have a perpetual license that is renewed annually. I do not know the specific price in terms of costs, but I rate the cost a six out of ten. We also get the whole package for this solution in a bundle.

    Which other solutions did I evaluate?

    Before we chose McAfee MVISION Endpoint Detection and Response, there were other options available like Carbon Black, Cisco and Trend Micro.

    What other advice do I have?

    If I were to advise on this solution, it would be that irrespective of the endpoint a company uses, it should have a good endpoint configuration. I would rate this solution a nine out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Sr. Sales Engineer at a tech services company with 11-50 employees
    MSP
    Top 5Leaderboard
    Scalable with a good strategy when everything is in place

    What is our primary use case?

    This is more of a cloud-based clientless type solution, for file-based security. 

    What is most valuable?

    The solution is scalable and the product has a good strategy when everything is in place. 

    What needs improvement?

    One of their issues is that they were very much based on agents, whereas most of the other solutions are clientless. There were a lot of legacy issues and they needed to evolve to more of the current operating systems of Microsoft for endpoint systems and PCs. If you're clientless, your cloud-based applications sit on top of the operating system and are not built into it.

    What do I think about the stability of the solution?

    It's reasonably stable. They made some changes to the architecture and that always creates issues. 

    What do I think about the scalability of the solution?

    The solution is scalable. 

    How are customer service and support?

    They had pretty good tech support. I think a lot of what happened to McAfee, from my perspective, was everything went offshore to India and for US customers, there is a language barrier that created problems.

    How was the initial setup?

    The initial setup was relatively complicated and used a lot of resources - CPU resources, memory, disk.

    What other advice do I have?

    There are a lot of companies in this space now and they are all pretty close to each other in terms of what they offer. I think those that are more user-friendly, and have the agentless client have the advantage over the legacy companies with older architecture. 

    They lost a lot of product managers and engineering managers in the breakup. That said, I think this is a good product with a good strategy, they just haven't quite reached maturity yet.  

    I rate this solution eight out of 10. 

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Senior Security and Risk Management Analyst at National Commercial Bank Jamaica Limited (NCB)
    Real User
    Quarantines devices and blocks ransomware, but dashboard and reporting features are not user-friendly
    Pros and Cons
    • "The most valuable features of the solution are the ability to isolate or quarantine devices and block or detect Ransomware and other well-known tools that are used to exploit vulnerabilities on devices."
    • "The dashboard and reporting features are not so user-friendly or intuitive, so they need some work."

    What is our primary use case?

    We use this solution to protect our endpoints, meaning our workstation laptops.

    What is most valuable?

    The most valuable features of the solution are the ability to isolate or quarantine devices and block or detect Ransomware and other well-known tools that are used to exploit vulnerabilities on devices.

    What needs improvement?

    The dashboard and reporting features are not so user-friendly or intuitive, so they need some work.

    In terms of being able to detect new threats, it would be good if the solution was not so dependent on a signature base, but instead offered a more rapid release for being able to detect zero-days. 

    For how long have I used the solution?

    My company has been using McAfee MVISION Endpoint Detection and Response for about seven months. 

    What do I think about the stability of the solution?

    The solution is stable. 

    What do I think about the scalability of the solution?

    The solution is easily scalable. 

    How are customer service and support?

    Their technical support is better than some of the competitors in the space. To make a direct comparison, it's definitely better than Symantec Broadcom.

    How was the initial setup?

    The initial setup takes a bit of work, but it can be done. It's not easy. It's not hard. It's in between.

    What other advice do I have?

    I would rate this solution as a seven out of ten.

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Download our free EDR (Endpoint Detection and Response) Report and find out what your peers are saying about McAfee, CrowdStrike, Microsoft, and more!
    Updated: January 2023
    Buyer's Guide
    Download our free EDR (Endpoint Detection and Response) Report and find out what your peers are saying about McAfee, CrowdStrike, Microsoft, and more!