The primary use case of this solution is for intrusion prevention.
We are service providers.
Download the Trellix Endpoint Security Buyer's Guide including reviews and more. Updated: July 2022
Trellix Endpoint Security provides aggressive robust protection for every endpoint in an enterprise organization. Trellix uses dynamic threat intelligence and mounts a superb defense across the complete threat lifecycle. This solution will keep your organization more secure and resistant to any possible threat of risks. Trellix offers an amalgamated suite of next-generation endpoint security tools. These tools give users the benefit of machine learning, intuitive intelligence, and greater assistance to ensure their networks are being protected non-stop against threats - potential or realized - and can stop attacks before they happen. Trellix uses MDR (managed detection and response) and XDR (extended detection and response) to give users a comprehensive endpoint security solution.
Trellix Endpoint Security Benefits
Trellix Endpoint Security Top Features
Reviews from Real Users
“It has a great console. We can manage everything from the central console and it is very easy. Every year we are getting the benefits of legacy also. It's easy to set up.” - S Fazlul H., IT Lead Engineer, Information Technology at Banglalink
“There is a new feature where you can set thresholds for all the CPU consumption allowing for no consumption on the servers when the scans happen. It is a separate plugin or addon, and if we have it on all the virtual machines it automatically checks the resources, and based on that, it will schedule the scans. That is something that I have not seen in other antivirus solutions, such as Symantec.” - Sabari K. Senior Engineer at a comms service provider
Trellix Endpoint Security was previously known as McAfee Endpoint Security, McAfee Complete Endpoint Protection, McAfee Endpoint Protection, Total Protection for Endpoint, Intel Security Total Protection for Endpoint, MCAFEE Complete Endpoint Protection.
inHouseIT, Seagate Technology
The primary use case of this solution is for intrusion prevention.
We are service providers.
The most valuable features are the prevention layer that detects the signature value and prevents threats in the network.
The reporting could be improved, by providing more reporting features.
The resolution time should be faster.
I have been working with McAfee Endpoint for more than ten years.
We have experienced a few issues.
I have contacted technical support and they are good.
The initial setup was straightforward.
It takes two days to deploy.
We did not use a vendor or an integrator, we have our own team.
I have experience with multiple vendors and this is a product I recommend.
I would rate this solution an eight out of ten.
The solution has three primary uses for us.
Our environment is Windows-based. We don't have Mac and very little space for Linux systems. We use the solution on all of our Windows devices as a basic antivirus protection. That's our first use case.
The second use case for the solution is to be able to have USB restrictions on my endpoints.
And the third would be the protection of machines when, especially now in this COVID-19 climate, users connect from home. There are a lot of network-based attacks. When users are connecting from other networks, they're protected from dangers with this solution
The manageability of the product itself is its most valuable aspect. You have the underlying EPO, and on top of it, you can deploy the various components as you require. This is unlike other solutions like Symantec where you have to deploy everything or nothing. With this solution, you can choose to only deploy antivirus or only deploy a firewall, or only something else. I choose the components and that deployment is done through EPO. It makes manageability very flexible.
There are two main areas that require improvement. One is the size of the packages. Although I'll admit manageability is good, if I want to deploy, let's say just the antivirus or just the firewall, each of those package sizes are quite large. They are sometimes as big as 200MB or 250MB. When I have operations in remote areas where connectivity is always poor, it's difficult. To deploy such a package in a remote location over the internet or something like that is always challenging.
The second improvement I would like to see would be to make the speed of the updates much faster. I've seen other vendors that have already released an update for new ransomware and yet McAfee has not. They seem to generally delay releasing an update to protect against something, which can be dangerous as it gives malicious content time to spread.
I've been using the product for almost two years at this point.
I would say on a scale of one to 10, the scalability would rate at an eight. It's not perfect and there's room for improvement. However, it's generally been stable for us.
We've seen some versions of McAfee not functioning correctly. Then, suddenly, we had to put in a patch. Occasionally, the notes are not there and when we raise a ticket with the support they came back and say, "Oh no, no, this version has a bug, you guys will need to move to a new version."
The scalability of the solution is good. We've actually scaled up, so we can speak from experience. We initially rolled out to a smaller set of users and then eventually to our entire base. We've scaled up to about 15,000 users at this point. There were no issues in doing so. It's quite straightforward to expand outwards as needed.
Technical support I would say is average. A lot of times we've gotten standard responses from support. They don't really offer a solution. The responses that we have gotten from support is something that we have already tried or they'll simply tell us to move to the next version. That requires us to deploy to 15,000 users. They don't go out of their way to be helpful.
We've always used McAfee. There never has been another solution that the organization has tried out.
I personally have worked with a few other solutions. I'm not talking about next-generation products, like a CrowdStrike or a Carpenter due to the fact that they are a different league altogether. However, I would say I've had extensive experience with Symantec also.
In terms of Symantec versus McAfee, the two big differences are that on McAfee I am able to scale quite well and now, especially with users who are connecting from home, I can see users' statuses over the internet. That way, we can check the health of the machine and update machines remotely. That isn't the case of Symantec. Unless the user connects to back to the office VPN we will not be able to do as much.
However, where McAfee falters is the size of the modules, which are quite large.
The initial setup was simple and the deployment itself was straightforward. The was no complexity in terms of the architecture or the initial deployment of the solution.
I came into the organization when McAfee was already deployed. However, I've set up some other packages. For example, although McAfee was already deployed, the USB blocking features module, took about two months I would say to deploy across the network.
We have a team of approximately four people the deploy patches and updates and generally maintain the solution.
We deployed the solution ourselves and continue to deploy any ancillary modules on our own as well. We don't need the outside assistance of consultants or integrators. We have a team that manages these items in house.
I would advise, if somebody's looking at buying a brand new solution fresh or have a solution coming up for renewal, to look at the next generation antivirus products. The next-generation products are far more sophisticated. They might be a little higher in price, but in terms of manageability, updates, and the packet size, they are far superior.
McAfee has released something called Envision. It's a next-generation antivirus. In this other solution, they have incorporated a lot of next-generation technologies. It's a different license and a higher-priced license altogether.
Overall, I would rate this solution seven out of ten.
This is part of our network security solution. We have it running on different servers and workstations that are on different platforms.
McAfee EndPoint Security has a lot of good features that work well if they are implemented properly.
This solution is difficult to implement. There are lots of features but it has to be implemented the right way.
I would like this solution to do what Palo Alto traps does because I would only need to run this one product.
I have been using McAfee Endpoint Security for perhaps the last ten years.
It is stable, once it is configured and set up properly.
The technical support is good but the local people are bad.
On the workstation, the initial setup is easy.
For the server, it takes a long time for your people to implement it.
I would rate this solution an eight out of ten.
The solution is broken down into different components from the portals. Web filtering, which is an added feature has been great for us. Other than that, we also make use of other products under McAfee, so it was DLP, HIPS, as well. Rogue Detection is more for detecting and managing systems on our network. That worked very well for us. From an interface point of view, it's really simple and straightforward.
On the next release, they should build an easier way to see a repair option within the McAfee icon on your system tray. If there was an issue, you should be able to contact the user or just right-click on "repair". That would be a very good feature to add. That could be a place of improvement, just adding that button, or customizing it.
We have good compliance. Compliance is using it at the moment, so we work 90% plus. It works well. It's being used on a daily basis and runs very well.
The solution is simple to scale. In South Africa, we have about 12 to 18,000 deployed and over 18,000 Endpoint users. We have two servers as well.
Installation was a bit complicated right in the beginning. We obviously had to use a different extension and some of the policy had to be modified, changed or migrated across, but there were no other issues.
I've been using the Complete Endpoint Protection for maybe a year and a half, but the other half of the McAfee Suite, the McAfee Virus Enterprise, I've used since 2012 and then it migrated to McAfee Endpoint.
From a customer point of view what they need to look out for is just mainly some of the products that they use to make sure the exclusions are correct. The processes that they need to exclude, as well, are done correctly. It is mainly on the exclusions to ensure they don't have any impact.
I would rate this solution eight out of 10.
In terms of features, its internet exchange is also perfect. I mostly like the powerful management tools. It's got a lot of detail, so it's powerful.
They don't have any gateway solution. In the past, they did. I think they need a gateway solution to control internet traffic. In the next solution, it will improve the total security, on the network security side if they add this.
In Turkey, according to regulations, the main platform must stay on on-prem, not on the cloud. Most of the customers are still using the mail gateway solution but McAfee stopped developing mail gateway security. For us, it's one of the missing pieces on McAfee in Turkey. They're right, they saw that mail business is going to cloud but in closed countries, we need a gateway solution. McAfee is missing this.
In the next release, they should add something that converts the endpoint business switch for the endpoints. They can integrate side endpoints and try to add them to an existing endpoint, or maybe they can match all these add-ons on a single agent.
All McAfee products are stable at the endpoint. That only changed when Microsoft announced a new update, and we can foresee compatibility problems. Normally if McAfee gives 1-gigabyte throughput in production, you will see the performance and stability. McAfee's products generally are stable, when I see the from the production angle. Approximately all of the products are stable.
It's very easy to scale. You can deploy a conservative amount easily. If there are other branches, McAfee is the best solution for that kind of implementation. Scalability is very high. With the cloud solutions available after McAfee acquired Skyhigh, they can also offer a solution on the cloud side. On-prem and also cloud allows McAfee to be a full solution for the customers.
Generally, in Turkey, support is very good. Soon they will open a call center in Turkey with a Turkish speaker with technical knowledge. Generally, when I was on the technical side, when I called the support team, in an hour or two maximum someone would connect to the system and start to investigate. In the end, most of my problems have been solved via the technical team.
The initial setup is complex. It is a very complex product. You must have experience with it. If not, installation can be disastrous. You must have experience with it because it's not easy. But if you install it perfectly everything can then be done automatically and it's more powerful.
Everything has been simplified. On the endpoint side, there is also a lot of improvement.
When Intel acquired McAfee they worked on the protocol so that all vendors can work on the same platform. It's a very big improvement in McAfee. All McAfee products talk to each other. Other vendor's products can join this platform as well so it makes it more powerful on the enterprise side for McAfee.
With a knowledgeable technician that has a lot of experience with the product, you won't have problems. If you work with a less experienced person, implementing the solution can become a problem.
I would rate this solution a nine out of 10.
Firstly, the Real-Time Protect and the dynamic application containment, are two great features out there. The endpoint features are also good. The new version is quite good as compared to the older version and interface. It's a replica of the VAC. It's good.
The solution could use better updates and fewer bugs.
It's quite stable. There are no performance issues or there is no concern that we have received so far. That's good.
It's easy to scale, but it depends upon your skillset as well. So if you have a good skill set, you can manage each and everything very easily.
For technical support, it depends upon which region you're connecting with. Most of the time, if you're in the Middle East and if you try to get the support it's really bad support. When you are in Asian countries, you get good support because of the experience in the region. For the US and UK, they have good support centers. So there is no issue with that.
The initial setup is straightforward, not complex.
We implemented the solution on our own.
For performance, they have introduced a new feature. McAfee decides what they want to scan and it reduces the performance of the system. So generally what happens is when McAfee scans a file, it stores the files in the cache. Next time, if there are any changes in the file, then only it will scan the file. Otherwise, it will not scan it. That's how they have increased in the performance inside.
I would rate this product eight out of 10.
In new units, the initial agenda, they are changing a lot of things and there are lots of bugs we normally we didn't use to see. Again, we had to rely on some updates, and the way that it appears, the mechanism, they have changed it. So lots of things involved like bugs and issues related to the different parts of the product are challenging. Otherwise, it's good.
I find the endpoint management feature the most valuable. I like the exploit blocking, the anti-exploit.
The solution is getting better. The new central console is better than the earlier one. Earlier it was too complex to find out which option was there. So, if there was a search menu for certain things and if I wanted to enable or disable something, I couldn't. Now there's a search menu that I can type into and I can navigate through the menu to where I want to go.
There are still too many options but it is better now.
Sometimes, while installing the ePO we get many errors and I don't know why they happen. So I just want them to work on that part. So that during the implementation there will be fewer errors.
I'm not sure if McAfee supports patching. They could add vulnerability scanning as a feature. I know the setting is already there, but if they could add a feature of vulnerability scanning and patching that would be great.
Technical support is very good. I'll say in the Middle East, I don't know about other divisions, but in the Middle East, it's good. If I have a ticket they follow up and give a call. I don't know where support is set up for the Middle East, if it's in the area, but those guys are very nice.
I would like to recommend the solution. It's better, and pricing wise, it's worth it. It's really worth it as compared to other advanced malware security solutions in the market. They are costly, like anything. And the technical support good, even though the solution is new. The solution is not yet mature. Pricing is fairly affordable for all enterprises, big or small.
I would rate this solution an 8.5 out of 10. Because sometimes it makes machines really slow. There are a lot of features. I enabled all the layers but it sometimes makes systems slow. The solution keeps on adding engines and engines. If they can add everything in one engine instead of having multiple engines, then I would really say the system would work faster. I'd say it's not that bad, but it's not that good. The speed is still better than other versions in the past that came out.
Controlling and Monitoring Change
Change control processes are often reactive and require manual responses, an ineffective approach to combating today’s threats and handling the growing number of devices in the IT infrastructure. The Security Connected approach from McAfee ensures that every desktop, server, application, network device, and database is in the scope of a change control solution, giving you critical visibility into who is using your systems and what activities are taking place.
Enabling Consumerization of the Workforce
A flood of iPhones, iPads, Android devices, and employee-owned laptops is hitting the workplace, bringing better productivity but also new security risks. Learn how businesses can effectively and securely enable the use of consumer-owned devices in the enterprise by protecting how data is being manipulated and controlling network access across mobile devices, laptops, desktops, and virtual desktops.
Managing Security and Risk
Limit your exposure to security risks that reveal customer data and internal assets. This solution guide addresses the importance of implementing a strategic security and risk management program focused on prevention and protection — helping you reduce incidents and risks throughout your entire IT infrastructure.
Obtaining Benefit from PCI
McAfee helps enterprises take a formal, strategic approach to meeting PCI DSS requirements — an implementation that can yield other cost saving and operational benefits to the business. McAfee compliance solutions automatically assess compliance status, proactively respond to any issues or potential violations, and continuously monitor controls across the enterprise.
Protecting Information
Your company’s sensitive information, including intellectual property, financial records, and personal information about employees and customers, is an attractive target for cybercriminals. The Security Connected approach from McAfee helps you secure sensitive information on databases, file servers, smartphones, email servers, and USB drives — while keeping it accessible to multiple users and groups.
Protecting Information from Insider Threats
Don’t overlook the threats to your data and network from company insiders. To address these risks, McAfee provides a new level of visibility into your organization with security controls that work together across endpoints, networks, and data to improve incident detection, protection, and response capabilities.
The following are the main features of the McAfee Suite:
Business Support some times lazy but once they on board they will get the job done.
With McAfee ePO software, you can scale your network vertically or horizontally.
Make sure the McAfee ePO infrastructure is scaled to handle major peaks in outbreak situations.
Technical support is getting better now, but previously, the support was not optimum or not available. when we opened a case, the engineer took too much time to listen to us and then they collect all the information. But then he never came back to us. Sometimes, five days, three days, sometimes even two months would pass and nothing would happen. But now I can see that the tremendous change. From the moment you open a case, in the next hour, you will get a response from the technical support, so now I'm feeling that the support is getting better.
Installing McAfee products is very easy. Not only at the endpoint. Any McAfee product, because of the Product and Installation guide available with good detailing,and the availability in the community & knowledge base articles. Most of the blogs you find even outside of the McAfee community, which help me in the deployment of McAfee products. So installation never seems to be hard for me.
Experts
20 Months or less depending on each organization
There are many other endpoint security solutions that are available today, but McAfee Suite has several distinct advantages when you make a procurement decision. For example:
McAfee Complete Endpoint Protection is mature, tested, and usual: this is our policy. We don't go for the latest releases. We go for the release which is before the last.
We have approximately 800 people using McAfee Complete Endpoint Protection. These are mainly end-users.
The feature I like the most in McAfee Endpoint Protection is when I get reports of unmanaged devices. These are kind of issues that alert me to address a problem.
I need to find out how we can eliminate these devices which are connected to our network and not managed by McAfee.
In my experience, the main part of McAfee Complete Endpoint Protection that needs to be improved or simplified to make the platform better is the scanning features.
Sometimes when it runs in the background of the endpoint, the devices get slowed down for some software applications.
The reporting should be used to enhance our analysis. There are some dashboards for user management. There is still improvement required with them.
McAfee Complete Endpoint Protection is stable. We don't have any bugs being reported.
For the scalability of McAfee Complete Endpoint Protection, it is easy to add more processes or add more users to the platform.
The solution's technical support is satisfactory, but there are some hiccups. Sometimes it is required to escalate to the second level. That was only one incident.
So far, we are getting the expected customer support that we needed from McAfee.
McAfee Complete Endpoint Protection is the only endpoint solution we've used.
We have not seen a return on investment. We don't do this kind of exercise to see a return on investment. Since it is working and there are not any security issues, we are safe.
This is what we consider our return on investment for McAfee Complete Endpoint Protection.
We recommend McAfee Complete Endpoint Protection. We watch threat reports for McAfee and search Gartner's Reports to see whether they are doing well or not.
On a scale from one to ten, I would rate the platform an eight. We were expecting more. They need to enhance the dashboard and scanning features.
I am using McAfee Complete Endpoint Protection to control bandwidth. Any network administrator can do that easily. Control is the best part of Mcafee.
I need to be able to allow the amount of data used on an authorized user account., i.e. the amount of web data someone uses before a limit. I use other tools for that now.
The most valuable features are the adaptive tech on McAfee.
In our experience, McAfee Endpoint Protection could improve the word control feature. It is absent from the application. I couldn't do that.
Everything has been fine with the product. It could use better visuals. The tutorial is very limited. They need better training materials and visuals in reports.
McAfee Complete Endpoint Protection is very stable.
I don't know how much it can grow. Already you have the basic products that you need for the platform. We have about say 500 endusers and admins altogether. There are around ten admins for the solution.
I had an issue. I had a bridge about a year and a half ago. I had to contact McAfee online and they helped me patch it. They signed the consolation code for us.
I had a very good experience with McAfee customer support. I'm very satisfied.
When I came in, there was a previous manager. He set it up. I had nothing to do with it.
I would recommend McAfee Complete Endpoint Protection. It's an all in one endpoint. You can scale it. You can buy McAfee web control. You can buy other products.
You can increase as many products as you like as you go on. Most organizations don't have it and it makes controlling easier.
On a scale of one to ten, I would rate McAfee Complete Endpoint Protection a solid seven because a ten is perfect. I believe there are opportunities for improvement.
Our primary use case is to provide our customers with an endpoint security solution.
Its pricing needs to be improved.
The stability of this solution is good.
They are releasing new versions every month.
This solution is pretty scalable.
We have more than fifty users for this solution, and we plan to increase its usage.
Our experience is from the technical support in India, and it is good.
We did not use another solution prior to this one.
The initial setup for this solution is very easy. Anyone can learn the interface.
The deployment takes approximately half an hour, depending on the speed of the server, and depending on the nodes. I can manage one thousand nodes in one week.
The maintenance of this solution requires two or three people.
We used a partner to assist us with the implementation. It was our reseller, and they are good.
I think McAfee is the best solution. Anyone can use it, the protection is good, and they have all of the features. There is user protection at a nice speed.
There have been some improvements in the latest version. For example, when you log in to the older version it is very slow sometimes. With the newest version, it is like they removed some things.
I would rate this solution an eight out of ten.
Our primary use case of this solution is for it to attack malware.
The loss prevention feature would be the most valuable. This is a good feature but don't use it because of the complexity.
We have a lot of problems with the user experience and it's difficult to implement. MacAfee's better than the ancient anti-virus solutions but it's a little slow to resolve. Many files with malware were destroyed through the network, and MacAfee doesn't detect anything.
They should improve the time of response, the time of the detection of malware, and the installation of the service.
The features we would want a good endpoint solution to contain are:
Stability is good, but not the best.
The technical features and price are important for us when choosing a solution.
The initial setup was complex.
I would rate this solution a seven over ten. It's not a ten because of the time it takes to detect an issue, technical support and because I have no control with the partner. I know that the office that manages the contract has had some problems because of the reports.
My primary use case of this solution is for the endpoint protection.
It has improved my organization because it helps with visibility, in terms of security. We can see the actual attack and can contain it. The antivirus can detect that.
The endpoint has room for improvement because it's restrictive, it's very sensitive. Sometimes it can delete something that you need and so sometimes you have to disable the antivirus.
It's quite scalable. We have around 30 users.
I would rate their technical support an eight out of ten. It's not a ten because I would like to see them resolve a case within the day. Sometimes it takes them a long time.
The initial setup was not complex. The deployment took only a few minutes. We only needed one employee for the deployment. If need be, we'll require two employees for maintenance but one is usually enough.
We used a reseller for the implementation.
It's fairly priced compared to other products on the market.
The reporting capabilities are a valuable feature. This enables more visibility on our network.
The DAC (Dynamic Application Containment) component of this product needs improvement.
It is a stable solution.
It is easy to manage, and there is an awareness of being able to scale out.
I have not used tech support for this solution.
The initial setup was very straightforward.
This product is costly.
For me, the most important criteria in choosing a solution is the performance. I must seriously consider whether the solution is able to adapt to the environment.
We primarily use this solution for antivirus and malware protection.
You can integrate this endpoint protection with a specific business process that you may want to link to the process of the antivirus. It has the capability to custom define user-defined fields.
One of the drawbacks to the solution is that it is not 100% secure. Sometimes it fails. Another thing we have noticed is that it is not easy to get all of the navigation information from a user. There is definitely room for improvement.
The stability is 80-90%. It is fine.
It has all of the architecture of the solution, for distribution points that will allow you to manage the network traffic. It allows you to find different routes based on actual distributed servers or endpoints.
We have a very skilled tech support technologist who helps us with our inquiries.
It was not really complex, but, there are many ways to customize this solution. This customization takes some time.
We receive good protection with this solution. We use this for internet protection on the end-point.
The product helps us by contacting us if there are any virus attacks on our system.
I think the prime feature is the protection from malware.
It is a very stable solution.
The scalability of this product is very good.
Tech support is not as helpful as they were in the past.
The setup was straightforward, and not complex.
When selecting a vendor, we want to make sure there is a good presence in our region, and competent partners that can give support of the solution.
The pricing is comparable to other solutions. We have no issues with the pricing of this solution.
It is all about the technical experience. Since we use this in our environment, we advise people to use this product.
Our primary use case is for endpoint protection.
It has been protecting us for many years. And, we hope it will continue to do so for many years to come.
I think they have fantastic product but still kind of in the very early stages at the moment. Because they're just changing from the modular version, where they have a antivirus version and they have a spyware module. They have a different module, although it's managed by a single management console to now single-module called endpoint protection. But still, behind the scenes it seems to be a different product, different traits, with different capabilities and speed. Although they have increased the complexity, it has affected the scanning speed.
They're good. We certainly haven't hit the maximum. We are less than 200 employees at our site, but I believe they can scale up to about 1,000+ or even bigger. So, for us, I don't have an issue.
Initial setup was a bit complex because we had not used this product before. So, we had a learning curve of how to understand, manage, how to deploy the product and how to keep updating. Once we understood it, the product was easy to use for our needs.
It is really important for us to consider:
Product Maturity
Cost
The most valuable features for us are:
We are able to use it as our primary encryption tool so we do not have to spend resources on another product for this purpose. It is really the most useful feature as we do not have to worry about our data being compromised, which is our biggest concern.
We experienced some bad behavior when we first installed the product. The system also starts slowly in some instances. If for some reason this solution crashes, we could lose all our data.
Sometimes, we had the slowness issues upon starting up.
It was unstable when we initially installed it.
It has seemed to scale just fine for our needs.
Be aware of the time it takes to deploy it as we experienced some slow startups.
I would have said the VirusScan, but with the advent of ransomware, the VirusScan hasn’t been that impressive.
Initially, the DLP was very valuable for disabling access to USB drives -- but the need to get a code before granting exceptions made the management cumbersome.
The VirusScan needs to improve in order to detect ransomware and other advanced threats.
I've used the solution for three years.
No.
No.
Quite unsatisfactory. Sometimes cases will last for weeks without significant progress.
Started with McAfee, actually, but now we have switched to another solution.
Initial setup was straightforward as only one server was needed.
Pricing is fair.
I would advise to compare it with other players and ensure it can deliver, especially on the detection of ransomware and advanced threats.
With the increase in malware attacks, having a product like this which protects against zero-day attacks is invaluable.
Signatures to protect against new attacks.
I've used this solution for three months.
No.
No.
Five out of 10.
No.
No.
It's an essential.
We are sure that our endpoints are safe. They are protected by Mcafee.
As IT, we can monitor centrally how much the endpoints are safe and what threats are occurred.
We’re facing remote installation issues sometimes: Installation may have been broken by something and installation is corrupted. It’s so hard to uninstall or repair the installation in that case.
Two years.
None.
None.
Good.
Technical Support:Good.
No.
Complex. I remember there were so many steps to do.
Trend Micro and ESET.
This is not a set-it-forget-it product. I can say that at least one IT employee has to be responsible to this product.
One valuable feature is Threat Prevention with the on-demand scan. After the policy configuration is made, all our end users were happy that the computer didn’t feel slow when scanning files as the scanner just runs when the users are idle.
McAfee Endpoint Security 10.5 has improved our security and made our customers more effective. As it uses less CPU, no one needs to wait for their computer to finish any scans.
I think it would be nice if Dynamic Application Control would come together with McAfee Endpoint Security. The Dynamic Application Control works well against ransomware as well as other viruses.
We have been using the solution for about one year.
We had no issues with our customers. The 10.5 version was nice, with no stability issues or any other critical issues noticed.
We have not encountered any scalability issues.
The level of technical support at McAfee is 10/10. The support is just great. Often they solve all the problems or give you advice on how you can improve the policy to work even better.
I don’t think I’ve ever spoken to any support which makes a customer happier than McAfee support. It just feels like they care about the customer.
We used VirusScan Enterprise (McAfee). It worked fine, but in the end, the CPU usage was too high when doing On-Demand scans.
I would not say that it was complex, but of course you should do some testing with the policies to reach the best performance and the best protection for your client. We used an ePO server to manage the policy, as well as the deployment, without any problems.
I would advise them to speak to our resellers at Advania, as I’m a technical consultant and not a reseller.
We did not evaluate other options. McAfee is a clear choice to make, when running an ePO server as well as other endpoint products from McAfee. They really integrate well with each other and that is a strong force within the fight against malware and ransomware attacks.
Test the product well and make your own policy changes to improve the product even more. Often McAfee can get you some test periods to try the product. Also, have a look at the Dynamic Application Control. It’s worth the value in the end.
My experience with McAfee is very good. They give excellent support, they are proactive to solve issues, and willing to integrate their products. Their ability to execute is very high.
Their malware detection rate is excellent for all type of devices and the anti-theft products are good and easy to use.
All the devices are controlled from one place. This gives great, easy management of security for different device vendors with a unique interface and, best of all, with a unique method.
Valuable features for us include the quality of their anti-malware detection: one interface for all devices. McAfee GW Security is also good.
In general, all the branches were very happy with them for three reasons:
The product is evolving to give a global security solution, engaging all devices and products together under one interface. McAfee GW Security will be a game changer here.
McAfee GW Security and McAfee Child Safety need some improvement as they are relatively new.
We have been using the solution for five years. I have broad experience with McAfee’s complete endpoint protection, McAfee Child Safety, and their new McAfee GW Security protection that incorporates protection directly in the Home/SOHO Internet GateWay.
I worked as the product manager with these products at my former company's Global Security Vertical, giving service to all of our company's branches around the world.
We have experienced very high stability.
We have not encountered any issues with scalability.
The technical support is excellent.
We previously used Norton, Kaspersky, and Panda. From my point of view, the basic functionality is similar, but McAfee has a more innovative roadmap.
The initial setup was very easy.
The initial price is very good as they give good initial discounts, but it seems a little expensive once you renew the license. The price isn't very different comparing it with other Anti virus providers but it's worth it. With respect to freemium solutions, premium gives support and I personally prefer to pay for a service as no one gives anything for free.
We evaluated Norton, Kaspersky, Panda, and many others.
Even though it is a little expensive, the price is worth it. They come up with a complete home security eco-system that will unify the security under one easy interface.
Going to their new product, McAfee GW Security, security in the Internet GateWay, McAfee is clearly on the right track.
I was responsible for the introduction of this new type of products in my former company. I evaluated many brands (about ten), new startups, and traditional big security vendors. In my opinion, they have the clearest view of what has to be done now, (in the GW and in the Cloud), and what will be done in the future.
Some startups have good innovative products, but for sure lack the ability to execute that big vendors have. Big vendors have better malware detection rates, faster response to issues, etc.
Considering the exponential growth of Home IoT (most don’t have security), McAfee GW Security is, and will be, essential to stop hacking.
As of July 2016 we updated our version of Endpoint encryption from V5.03 to V7.03 with an updated deployment console it is much more convenient to navigate and to recover the user \ machine password process is so less cumbersome ..
thumbs up to this version ...
All the care facilities are mandated by the State to protect patient information. McAfee Complete Endpoint Protection has helped us to enforce that mandate, protecting both staff and patient information data. That's why the most value that it provides to us is simply and obviously the fact that it does a very good job of overall endpoint encryption.
The virus scanning in Enterprise V8 needs improvement. Also, the spyware protection needs to be be more expansive.
We've used it for six years.
The deployment from the ePolicy Orchestator console to either re-imaged or rebuilt laptops was sporadic and not reliable enough to be standalone.
We have had no issues with the stability.
We have had no issues scaling it for our needs.
very good ....
Technical Support:Technical support is excellent. We've worked with them a lot over the years, some days for hours at a time.
SafeBoot encryption was purchased by McAfee shortly after we deployed it to our fleet of laptops. We simply inherited it by use of encryption.
The initial setup was straightforward, as we tried to automate the deployment of AV. However, it got more cumbersome after that, requiring a lot more of our time and resources.
It was implemented by our in-house team and then deployed using the McAfee ePolicy server that's designated for McAfee deployments only.
This was all managed by our IT director.
Overall, the product is good. You need to get advice on the overall deployment to your infrastructure from McAfee before any roll-out.
While SAE & DLP have helped us to control the sites our user visits and the removable media they uses on their PC, at the same time, MSME has helped us to prevent the threat getting in our network via SPAM emails. The MEP suite has significantly helped us to mitigate the risk of getting malicious content in our network from various mediums.
They need to improve the anti-virus engine which, although fast and efficient, sometimes uses too much hardware resources. The scanning engine should be designed in a way that it doesn’t slow down the PC while it's running scheduled scans.
I've been using it for eight years.
We've had no issues with the deployment.
We've had no issues with the stability.
We've had no issues scaling it for our needs.
Customer service is excellent.
Technical Support:In my experience with them, technical support is excellent.
Yes we were using different solution previously. The reason we chose McAfee is because it provides us with different security solutions under one umbrella. It give us a centralized view of the health of the PCs in our organization/Network.It also offeres ease of manageability of the different product through singe user interface. Moreover, McAfee, as a part of Intel Security, can work more smartly with CPUs in comparison to other products. Also, McAfee has excellent research and support teams around the globe.
It was a bit complex in starting as you need to pick and choose the options that fit to your organizational need. IT security engineer need to learn and develop the skill to manage the product. Once it is all set, it's easy to manage.
We implemented it with the help of the vendor in the beginning. Later, we developed our own in-house talent to support and manage the product.
The ROI is good.
Pricing/licensing is competitive in comparison to other solution in the market.
I would advise that if you are looking for internet usage control, removable device control, and host intrusion protection, email protection or any one of these with anti-virus, go for it and you will not be disappointed.
The easy accessibility of managing all the agents through a central server and the customizability of the management interface are the most valuable features for us from our experience with it so far.
With this product, we can easily implement encryption for all our users in the company and deploy modules as and when needed through a central interface. This has made our job much easier.
We’ve had issues when upgrading to updated versions of the product two times already. A single sign-on functionality would be good to have in the future.
We’ve been using this for about three years now.
When we upgraded the agent deployed on our users' computers, it locked out the people who were still on the old agent, which was not supposed to happen.
We’ve also had an issue previously with one of the modules of Mcafee Endpoint encryption, DLP. This particular module, when we upgraded to the latest version ,took up all the resources on the computer, making it unusable. We had to remove this module from all the affected computers.
We have had no issues with the stability.
We have had no issues scaling it.
They didn't know why the upgrade issue was happening.
The setup is easy and straightforward. Install the agent, put the computer in the correct deployment group, and that's it.
We implemented this through our in-house team and used the vendor for support in any technical issues we might encounter.
Pilot testing is a must when upgrading any of the new modules or the McAfee agent.
From an IT management point-of-view, the most valuable features are the force of the ePO console and its simplicity. For security, the most valuable feature is that it offers clear security dashboards and reporting.
Our endpoints are secure and updated daily. Viruses and malware are detected and quarantined automatically. Users are informed when a detection has been made with alerts. We have confidence in the product to keep our business users secure.
We are functioning in a delegated organizational structure with 20 sites. Every site has been delegated certain security rights to manage their local clients. ePO supports delegation of administration.
The client-side interface is out of date, and has not been updated over the last few years. Additionally, the interfaces of different modules do not integrate common settings. This should be reworked in the next-gen version of the product (EndPoint Security 10.)
Larger updates like service packs are sent to all clients at once and can potentially cause network saturation. The product does not have built-in bandwidth control for avoiding this.
We've been using it for 10 years, and it includes several modules for endpoint security. All modules are managed by a central server called ePolicy Orchestrator (ePO), which gives complete control over policies, tasks, events etc. The mainstream product for virus scanning is McAfee VirusScan Enterprise. Other modules are Host Intrusion Prevention (firewall) and Advanced Threat Protection (rootkits, advanced malware protection etc.).
We've had no deployment issues.
The product is very stable. One ePO Server can manage thousands of clients. Most updates and Service Packs are tested thoroughly before RTW. Hotfixes for known issues are posted regularly. There is also a notification service that keeps you updated with news about the product(s) you manage. This enables you to immediately react if needed.
We have been able to scale it for our needs.
8/10
Technical Support:8/10
I have not used anything previously.
You install the ePO Server, link to AD, and deploy the agent. Then all you need to do is to configure the policies and deploy module, then it's ready. There is, however, a learning curve to properly configure policies and client tasks in the most efficient way.
We are using local distribution channels of Intel Security.
When you have a small security team, a solid security product that is easily manageable will automatically return its investment. EndPoint Protection does the work for us.
When it concerns security, no compromise should be made on product quality. Quality may have its price and is always negotiable.
There were no other issues evaluated.
Deploy the product with a phased and progressive strategy and optimize it during deployment. Often policies need to be adapted in order to lower impact on performance for some applications.
The central management feature of the ePolicy Orchestrator was extremely valuable to me. My organization had a very small security team, so the ability to manage our protection tools from one program made the job much more efficient. Additionally, central management made it much easier to create executive reports for management review.
My organization did not have a well-maintained host-based security program before McAfee Endpoint Protection. This product made it possible to protect critical data, investigate threat events, and prevent future events from occurring on every endpoint on our network.
One thing I could have used was a more detailed description of the HIPS signatures. When selecting a HIPS configuration, I would have liked to see exactly what access will change on the system. My organization did not have much room for testing, and many issues did not come up until days or weeks after changes were made.
We have had no issues with the deployment.
We have had no issues with the stability.
We have had no issues scaling it for our needs.
The system my current organization uses does not allow for administrative changes from the endpoint itself, like McAfee Endpoint Protection does. This feature is very useful when testing firewall rules and HIPS configurations for specific programs and sites that only certain network segments may need to access.
The centralized management of the solution is valuable since we are a diverse organization.
It would be nice to have the ability to change Safeboot passwords from within the OS as there is a delay in the boot process and password changes can take time.
We've been using it for over five years. The component versions we are using are
McAfee VirusScan Enterprise + AntiSpyware Enterprise 8.8.0.1445
McAfee Agent 4.8.0.1938
Saferboot Device Encryption 5.2.11
McAfee SiteAdvisor Enterprise 3.5.0.1364
We have had no issues with the deployment.
There have been no issues with the stability.
We have had no issues scaling it.
I've not had to contact customer support.
Technical Support:I've not had to contact tech support.
We had something in place previously, and this just seemed to be a better fit. Also, the management of the device worked best for our organization.
The initial setup was straightforward.
We implemented it in-house. I would suggest building a small lab to get familiar with the process before working on a live environment.
Take your time and plan it out before attempting to deploy in a production environment.
There is not one feature in particular that is more valuable than another for us. It is generally a valuable tool that helps us with our security.
We can easily renew our subscription and update the product. When we update it, it automatically removes viruses from most of the infected systems.
They could improve it by providing better manageability for administrators. I need to spend too much time on this right now.
We've been using it for three years.
We have had an issue updating it. I have applied update ePO 5.3.1, but it shows the update version is ePO 5.3.0.
There have been no stability issues.
We have had no issues scaling it.
Customer service responds well.
Technical Support:Technical service is also responsive.
I used a different product in a previous position.
The initial setup was straightforward.
We implemented it via a vendor team.
The pricing needs to be lowered as we find it to be high. We're just a small-to-medium sized company.
You should use a licensed version of an anti-virus, preferably McAfee.
The most valuable feature that I've found most useful is the availability of seamless AES 256 full-disk encryption.
I don't need to worry about the content of a laptop if it's lost or stolen. It provides better security of laptops when doing foreign travel.
I think encryption needs to move to an all hardware-based solution. Software encryption is less efficient than hardware-based. Intel purchased McAfee a few years ago, so this company is set up from the chipset point-of-view.
We've used it for six years.
Initially, we ran into issues running full-disk encryption and certain versions of disk defragmentation software. However, this has now been resolved.
There have been no issues with the stability.
We have had no issues scaling it for our needs.
9/10. I've found technical support to be very good and responsive.
We selected this endpoint protection solution due to its multi-platform support, not just Windows (e.g BitLocker). Other reasons were that it has enterprise key storage and recovery, which is very important to us.
It's fairly easy to get going. It's been around for a while now, and there are lots of use cases. You just just need to follow the best practice installation documentation.
We implemented it with the help of a McAfee vendor team.
Everything has a cost. During the initial product evaluation, price was considered but it was not a show stopper.
The central management console, ePO, is very useful. It incorporates file/folder encryption as well as encrypted thumb drive registration and policy management.
McAfee Endpoint Protection is a a good product that's easy to administer. It provides endpoint protection for desktops, laptops, and servers, and the protection includes anti-virus, anti-malware, anti-spam, DLP, and encryption.
We're less affected by viruses and threats on end-user device, able to manage all endpoints from a centralized server across locations. We're also able to encrypt sensitive laptops with ease. Very good reporting and compliance to endpoints.
It needs much better control on zero-day viruses and easier submission of threats to McAfee. They also need to improve the DLP rules since loads of false positives and patch releases are not quick enough when a new OS hits the market. Because of this, there are incompatibility issues which cause slowness on end-user devices.
I've used it for five years.
Deployment of agents and products to end-user machines is straightforward and easy. The basic McAfee ePO deployment is not easy and you need good knowledge in SQL and servers.
Patch release is not fast when there is a new OS on the market, so compatibility issues will come and can cause slowness on end-user devices. For example, I had a tough time when Windows 10 was released and the devices were not protected for a month, which is not advisable.
The upgrade of the new ePO from older versions always have issues and need support from McAfee engineers all the time. In a span of three years, we had upgraded three times and all three times were difficult. But the engineers were good enough and at the end of the day, they fixed it.
We had no issues with the stability.
We had no issues with the scalability.
Excellent 8.5/10
Technical Support:9/10 - Very fast support and engineers have good knowledge of the products. They show patience in understanding the issues before taking any action/recommendations, which I personally appreciate. They also have an escalation matrix that provides for faster response time depending on issue severity.
I have used Symantec, not happy with their support and was facing lots of performance issues.
The initial setup is complex as loads of communication (ports between server, clients and locations) has to be done, making setup difficult. You need a good engineer who has knowledge of SQL, database, servers, and firewalls.
Our environment was a mix. I prefer to do it with a vendor and Intel Support.
The pricing was good and licensing is on a per-user basis, so it's flexible. All the products will work, but only AV signatures will stop downloading.
We evaluated Kaspersky and Trend Micro.
Always test on all environments and different OS's before deploying into production, especially VSE, DLP, and encryption.
The fact that the three components have been provided under one platform helps to simply perform product management.
Also, the virus definition file size is 40% smaller, which reduces the amount of bandwidth required to update all the endpoints.
There are three valuable components to Endpoint Security 10.1: First, there's threat prevention, which is for anti-virus and anti-malware detection. Second, there's firewall, which replaces the Windows firewall when activated. Third, there's web control which is used for endpoint web filtering.
The threat prevention feature is the most valuable because it provides protection against malware.
I would like the product deployment to be made simpler. The current deployment requires creating tasks to install each component.
The product is quite stable. We haven't had any issues with instability.
The scalability is great. We've been able to scale it for our needs.
Intel Security technical support is very efficient, although the wait times on the customer support line can be quite long.
I previously used Kaspersky. However, the management console does not match up to the functionality of the ePolicy orchestrator management console provided by Intel Security.
The setup was very straightforward. The EPO server deployed the McAfee agent and then we were able to deploy Endpoint Security.
Implementation was done through the vendor. My advice is to ensure all the requirements that are provided prior to implementation to avoid any delays.
The return on investment has been very encouraging. Ask the vendor to give you as much information as possible on all the suites so you can get a package that suites your environment.
Endpoint Protection 10.1 is a very complete endpoint protection solution that gives complete protection for endpoints. It is easy to deploy and can be a very useful endpoint protection suite for small, medium, and large-scale environments.
It's provided us with a reduction of the attack surfaces used by malware. As an organization, we've decreased our threat visibility.
We have reports by users of machines being slow when the on-demand scan starts.
Recently, some cases of ransomware have been reported on managed systems without VSE detecting them.
I've used it for six years.
VSE 8.8 is managed by ePO for easy deployment.
Beta versions are released for extensive testing on the various platforms before RTW (Release to World) versions.
We have had no issues scaling it for our needs.
McAfee technical support is available 24/7 to assist with any calls logged.
I have worked with Symantec before. I chose McAfee because of the security-connected framework for synchronized security, which works well to mitigate risks and to enable a proactive approach to threat responses.
The initial setup of VSE is via the ePO. When checked in to the ePO, VSE can be deployed to the whole environment via the ePO silently without any user intervention.
The initial implementation was done by an in-house team comprised of highly-skilled McAfee experts since we are an Infosec company specializing in various vendor products. An in-house team can set it up, provided they are awarded adequate training.
With the rise of malware and, recently, ransomware cases, using VSE assures you a positive Return-on-Investment. The benefits surely outweigh the risks of a compromised environment.
Using McAfee provides you a single, integrated platform that helps you have an end-to-end visibility of the whole environment.
I personally really like what the folks at Intel did when creating the Endpoint Protection Suites. Running the EASI.exe installer from the .zip file simplifies the build process for newer administrators and engineers by installing a base-system tree, basic policies, and streamlining the installation process.
What most don't seem to grasp is that Endpoint Protection is a Suite Install Package. There are 6 different versions of Endpoint Protection, each coming with different applications installed. Primarily, I usually install the Endpoint Protection Advanced Suite (EPA) & Complete Endpoint Protection Suite (CEE). I recommend installing SQL either on the same box as ePO if you're managing under 5000 endpoints, or on a separate SQL server if higher, overusing the SQL Express that comes with the Installer. The primary reason is that if you use SQL Express, you do not have access to SQL Management Studio. Having access to the data tables and being able to clean up the space on the SQL server over time will be a must. The Complete Endpoint Suite has certainly simplified the build procedure.
I have been installing ePO and the separate modules for years. I am a bit biased on Intel Security products as it is how I make my living as a Subject Matter Expert .
There are a few things I wish the folks at Intel would fix.
The primary for me is with the ePO Query creation. Queries in ePO are powerful tools as they can be used to create dashboards, server tasks, and be exported or rolled up to Senior Management. In older versions of ePO (4.0 & 4.5) the Queries, gave a wide range of data. With ePO 4.6, 5.0, 5.1 & 5.3 the data could be pulled from various installed products to get the data that you were looking for, with the current versions of ePO you can only pull the fields listed in the "Result Type/Feature Group" and it is very limited.
A good example...If i wanted to try and create one report that shows all Common Configuration Enumeration (CCE) data (this data comes from Policy Auditor) while also showing what software is installed from each system (this data comes from Application Control) and adding in fields such as IPv4, FQDN, OS version, Domain...Simplified, if I could pull Hardware Asset, Software Asset, CCE Data, and Policy Auditor Scoring all on one report, it would make my life so much easier.
Alas, this cannot be done with the current Query Building setup. The fields that are available are limited to each application installed and are only for that application.
The most valuable feature for us is the central management – we can scale it up and dial back when we need to. It gives us a big picture, enterprise solution for our endpoint needs. We don’t have to go to three interfaces for the security picture as it's all in one shared space.
Endpoints are more than just customer laptops, they are also servers. Day-to-day, it’s a lot better when your solution is natively covering laptops, servers, and virtual servers.
It’s all organized and makes it much easier to follow up with individual issues or if there are breaches which need a start-to-finish investigation into IT security events, I can get one picture to follow the breadcrumbs.
A quicker turnaround with patches and updates would be good. Say there is a new patch or update, such as a new Apple OS, there is a bit of a lag between hot fixes. They are really good with Windows, so it may be an Apple thing more than Intel. If they are quicker with hot fixes with Apple OS, that would be an improvement.
We have been using this solution for the last three years.
It's not crashed once on me, and is up 99.99% of the time. It's only if there is an issue with the OS that it becomes unavailable, and there never an issue with the software end of things.
It's very easy to grow. We recently acquired another company, they did a whole new setup with no license and no new server, and they even have their own policy as they integrated into our system. There were no worries about our main policy. I didn’t need a second server for a small branch company as it collects all the data from the endpoints and then sends that back to our main server. It’s very easy to scale and Intel is great about that – even if you get an audit, it’s just to take care of you.
We're very happy with customer service. I can go on to the website and get live chat communication and in minutes -- maybe not even minutes -- I'll have the issue solved.
Technical Support:We're very happy with technical support. I can go on to the website and get live chat communication and in minutes -- maybe not even minutes -- I'll have the issue solved. The only issue that needs improvement is Mac or Linux support issues, but that’s not a regular occurrence. Even on the phone, I have been happy.
Initial setup was very straightforward and easy. Fine-tuning for your environment takes a little love and care, but that’s true for any product.
It's well worth the investment as we have a lot of laws governing us. In terms of security, it helps keep our environment clean. It recently caught an issue in the company with cryptolocker, and the amount of money it saved because we found that is huge. We didn’t have to pay fees to decrypt it and we were in the clear.
We looked at Norton and we used Gartner to see what players were in the space and looked at them all.
I can say that all the features of this product are most valuable for me, but I believe that Antivirus, McAfee Data Loss Prevention Endpoint, McAfee Device Control , Drive Encryption and Deep Command are the basic features that any business needs (Enterprise, Small or Medium).
One of the key features of this product, as seen by my customers, was the central administration from the ePO console. If the client needed new components, ePO helps them with a few clicks to bring the new products into the organization.
All the improvements I thought were needed, were implemented over time by the vendor.
I've used it for two years.
On the older ePO versions, there were some issues at the install, but with the latest version, the installation is smooth.
I didn’t have any stability issues.
There was no issue with the scalability. If a client needs a quick deployment, and doesn’t have a dedicated SQL Server, it can start with the Express version, and migrate later to a new instance.
10/10.
Technical Support:10/10.
I have worked with Symantec, and still do, as my firm is partner with both.
Best Practice from my point of view is to start small and go big. Install the server and all the components, enroll two to three endpoints (server,laptop,desktop), create the needed policies, and extend the deployment to other endpoints, and so on until you cover all the organization and you are sure that there are no issues with the server or endpoint performance.
I was the person that implemented the product.
The commercial value of the product depends of the firm that buys it. From my point of view, the ROI is 100% from the moment the client is fully protected from external attacks.
Try to take a bundle of needed McAfee products, as the price is more attractive.
I have evaluated Bitdefender, Kaspersky and Symantec.
This product is very easy to use and to extend after the installation. Look on McAfee Knowledge Base page and see the tutorials.
The central management solution by far.
There can be like a religious war between the large antivirus systems, but I do think that all of the larger competitors deliver good antivirus solutions.
The thing that separates them is:
- The way they are managed.
- The way they adapt to new threats.
- The products around the product that give you a higher value.
Every time I have installed this at a customer site they are most impressed by the central management, reporting, and options to do more.
Improvements are made all the time as the threats change.
I think the improvements on speed are the most important after actually finding the threats.
I have used this or the predecessor to this since 2002.
The polices and rules take time if you don’t know the product.
This is not unique to McAfee and it's not really an issue.
Not really with the antivirus part, but the application firewall and encryption can make functions stop working if not tested vastly before deployment.
No
10/10
Technical Support:
10/10 (maybe not tier 1 but every one after)
I have used F-Secure, Symantec, Kaspersky Lab and Trend Micro.
It's all about planning and testing.
ePO can be complex but the antivirus is not that complex.
I am a consultant.
I have used F-Secure, Symantec, Kaspersky Lab and Trend Micro.
I think that in the enterprise space, this is by far the best solution and not because the actual antivirus. It's because of ePO.
Hi! Have a look at McAfee Endpoint Security 10.5.2 with the "mini sandbox" mode (Known as Dynamic Application Control) next time, this is a great way to control ransomware and block it.