VMware Carbon Black Endpoint Reviews

The pricing for VMware Carbon Black Endpoint varies, with some users finding it more expensive than other options on the market. However, others believe that it is worth the cost and that there are no additional fees beyond the standard licensing fee. 

The pricing is usually on an annual basis and is determined by the number of endpoints. 

Reviewers provided mixed feedback regarding the ROI of VMware Carbon Black. Some have observed a positive ROI. Others stated that it is too early to determine the ROI. Many highlighted the subjectivity of calculating ROI for an antivirus. 

The primary use case of VMware Carbon Black Endpoint is threat detection, endpoint protection, and incident response. It is used for converged networks, firewalls, antivirus, EDR (Endpoint Detection and Response), application control, and providing threat intelligence to SOC (Security Operations Center). 

The solution is deployed on-premises and on the cloud, and it is used for investigating malware outbreaks, monitoring products, detecting small malware, vulnerabilities, and scanning in real-time, ongoing monitoring, and security functionality. 

It can also be used to manage multiple endpoints, isolate, repair, or remediate attacked machines and detect and respond to attacks on endpoints. 

The most valuable features of VMware Carbon Black Endpoint are its live response, offline scanning, continuous monitoring and threat detection, log analysis, cloud-based usage for remote devices, granular policy control, and API for remote access and automation.

Users also commented on its sandboxing capabilities, application control, threat intelligence library, ongoing monitoring, whitelisting and approval process, integration with other security solutions, MDR capability for log analysis and response and blocking of vulnerable sites. 

The solution is easy to use and offers a complete platform with strong security features.

The reviews indicate several areas where VMware Carbon Black Endpoint can be improved. Some of the key areas for improvement include:

1. Container and cloud security: The solution lacks maturity in terms of Kubernetes security and security for Linux and Mac. There is a need for stronger security measures in container and cloud environments.

2. Support and response time: The support and service team needs improvement in terms of faster response time. Work orders are taking more than two months to get resolved, causing disruptions to businesses.

3. Compatibility issues: There are compatibility issues between Carbon Black CB Defense and operating systems. Certain operating systems are not supported, hindering the installation process. Fine-tuning the deployment of sensors is also time-consuming.

4. User interface and reporting: The user interface could be more intuitive and provide better visibility for users. Additionally, there is a need for more comprehensive and customizable reporting features.

5. Automation and integration: The solution could benefit from additional automation features and better integration with other tools and platforms.

6. Investigative capabilities: The solution lacks a search bar for investigating alerts, leading to manual checking of numerous events. AI-related tasks and stronger AI capabilities would be helpful in identifying malicious activity.

7. Tenant management and GUI improvements: Making changes at the tenant level should be made easier, such as renaming or modifying tenants. The GUI could be improved to provide easier troubleshooting and a playback feature for better analysis.

8. Pricing and market penetration: The pricing of the solution could be more reasonable, and the solution should work towards penetrating new markets and gaining more customers.

9. Performance impact: The client's performance can be impacted when the solution is installed, and there is a need for better visibility for users.

10. Reporting and endpoint query tools: The built-in reporting could be improved, and there is a need for expanded endpoint query tools within the solution.

The initial setup for VMware Carbon Black Endpoint was generally straightforward and simple. Some users mentioned that it was easy and didn't take much time, while others mentioned that it required a bit of technical knowledge and expertise. 

The deployment time varied depending on the size of the environment and the number of endpoints, ranging from a few hours to several months. 

Some users had minor issues during setup yet were able to resolve them easily. 

VMware Carbon Black Endpoint is generally considered to be scalable by the reviewers. That said, some reviewers highlight that proper deployment is crucial for scalability. The solution is described as scalable and suitable for medium to large companies, particularly those in regulated environments or with a strong focus on security.

VMware Carbon Black has received mixed reviews in terms of support. Some users found the customer service team to be responsive and quick in their responses. The technical support was described as nice and available 24/7. On the other hand, there were complaints about the customer service and support team being slow in responding to queries and not knowledgeable enough. 

The stability of the VMware Carbon Black Endpoint solution is generally considered to be good. Users rate it between seven and nine out of ten, indicating that it is reliable and holds up well. Some users mention occasional stability issues, however, overall, the solution is described as stable and without major bugs or glitches.