Trellix ESM Reviews

We use McAfee ESM for IT operations and a few security-related things. 

It is easy to use and deploy. It comes with user-friendly manuals.

McAfee is no more providing security updates on this product, and the enhancements to this product seem to have stopped. Moreover, we don't get proper support, and we struggle to get its support.

It would be good if they can add some AI engine and out of the box use cases because it is currently limited to the same scenario and the same setup. I have done a POC for Securonix, LogRhythm. These products are much more ahead as compared to McAfee ESM. They have included multiple modules in the same solution. Correlation is very easy. If McAfee ESM can improve, especially in such implementations, then I believe it would be much better.

I have been using McAfee ESM for maybe the last six years. 

It has very good stability.

So far, we haven't tried scaling. Because it is on-premises, it is almost a setup environment. We don't do any major changes on the same site because it is quite critical and gets alerts. We don't want to mess up with our configuration.

They take a long time, and the technical person who comes from support doesn't seem to be knowledgeable. When something goes wrong on the hardware or the application side, or we need some technical support in filling up use cases, it takes a long time.

We always struggle to get proper support from their technical support team. It seems that there is only one person who is handling the Middle East technical support, and when we don't get that person, we struggle a lot.

The initial setup was straightforward. There were no complications in its deployment.

Its deployment was done by an engineer in our company. 

We are a security team of five members. Whoever a ticket is assigned to handles the cases.

The cost is all included. The finance department handles the financial part, and we mostly don't get involved in it.

We are quite happy with the product and its stability, but the problem is the lack of support, which is one of the major issues that we are facing. I really look forward to them providing proper technical support.

I would rate McAfee ESM a seven out of ten.

My primary use case for this solution is to secure the data on my laptop.

If I lost my computer somewhere then hopefully the software will protect my data from anyone.

The ability to secure my data is the most important feature.

It is easy to use. I just need to enter the username and the password and it protects my data.

I would like to see fingerprint recognition included in the next release of this solution.

I have not used technical support for the product.

My company did use another product previous to this one but I do not know why they switched.

The installation and setup of this solution is straightforward.

I handled the deployment myself.

This is a product that I would recommend to a colleague at another company.

I would rate this solution an eight out of ten.

Doing Incident analysis in my opinion with ESM is easier than other solutions. There are a lot of ways to build queries and a great filter engine; if you provide ESM with the Advanced Correlation Engine and Global Threat Intelligence you can raise your infrastructure to be a complete advanced SOC.

I work for a System Integrator.

I have almost no complaints with this solution because it's almost a complete solution, but I do hope to have more stability in the next upgrade and to have the interface re-engineered to be HTML5-based rather than Flash-based.

I'd also like some Splunk-like ELM (Log Manager) enterprise functions.

I've used it for three years, from versions 9.1 to 9.5

Yes, sometimes it seems that versions with major upgrades come with some bugs and regressions that affected deployment.

Yes, sometimes it seems that versions with major upgrades come with some bugs and regressions that affected stability.

It has scaled to our needs.

Customer service is very good and very professional.

Technical support is very good and very professional.

I also work with with RSA and McAfee SIEM solutions.

If you buy the all-in-one solution (Virtual or Hardware), the setup takes a couple of hours.

SIEM is not a Log Manager; ESM is meant for people who need advanced SOC functionality and not only to satisfy compliance rules.

We use this solution for correlation, alerting, and log management.

We are integrators.

I like the ease of deployment.

I would like to see good analytics in future releases.

McAfee has many issues with integration. I am looking for an end-to-end integration such as EDR, and Next-Generation SOC 2.0. 

I have been working with McAfee ESM for 20 years.

We are looking for horizontal and verticle expansion. McAfee has issues with scalability. Other ESM solutions, don't have the same issues.

We have not contacted technical support in quite some time. We had issues with the parsing.

The deployment is easy, but because it is a hybrid deployment which makes it complex. It is partly in the cloud and partly an on-premises deployment. The device will have to access the cloud and on-premises data.

We have an internal team to maintain this solution.

The pricing is fair.

I would recommend this solution to others who are interested in using it.

I would rate McAfee ESM a five out of ten.

• To gain transparency into potential vulnerabilities within the network. 
• To monitor problems, e.g., failure to update packages within the back-end security environment.

It is a good central viewpoint for issues. These can then be investigated in more detail on the subnet server(s)/endpoints.

Ability to create own views. Statistical (normalised) views help to highlight inconsistencies, which may need further investigation

• Product currently requires Flash. 
• Update to user interface from version 9 is cosmetic in some aspects, and after a few clicks you are back on the old interface.
• Some filters are still very low level "magic numbers", which do not make sense on the high level user interface. 
• We would welcome integrations with some of the new McAfee acquisitions, e.g., behavioral analytics.