VMware Carbon Black Endpoint Reviews

We used it for EDR, as well as endpoint protection, the whitelisting feature.

The EDR and reports were helpful in improving our organization.

The EDR was amazing. It was very responsive. It did an excellent job of providing us the information we needed in a timely fashion, as long as the latest agent was up-to-date on the client.

The whitelisting system, and the concept of it, overall, is pretty decent. The problem with the whitelisting capability is that it's pretty archaic. Based on all the security roles and the release privilege, it could take time for an application to be whitelisted and approved for use.

The Mac support needs improvement, as it had next to none.

The biggest problem we had was the Mac support. It had very little, and my C-suite is almost exclusively Mac, as is my marketing and development department.

We had used the Carbon Black CB Defense for two years. We changed to another solution approximately nine months ago.

We were using the latest version at the time.

The stability of the on-premises servers had no issues but the resource allocation on the clients was a bit high, especially with having to run two agents. The detection agent, the Whitelist, and the control agent.

We didn't have any problems scaling this solution.

It did the job. It was great for Windows, but it had no Mac support and had nothing for Linux, which makes it hard.

We had 150 users in our organization. Their roles varied from CSF departments through to my C-suite.

Technical support seemed pretty good and I didn't have any problems with it. 

If we had a problem or a question, and they would get back to us in a reasonable amount of time. 

The only place that we ran into trouble was with Macs. That's my general theme here with Carbon Black, unfortunately.

I would rate them an eight or a nine. They were good for the most part.

Previously, we were on the Kaspersky Enterprise Solution for a couple of years. It was a signature-based system. Signature-based systems are getting easier to get around by the attackers these days, so we swapped over to something that is a little closer to attack vectors, which says, don't run anything that we don't approve.

The initial setup was moderate.

For others who are interested in using Carbon Black, I would recommend checking your use case. If your use case is Linux and Mac, then it will be problematic, based on my experience.

These days, with VMware taking them over, I'm willing to bet that that's going to change.

I see some redemption in their future, with VMware owning them. VMware is a very strong player in the workspace, and especially with their workspace tool that VMware's building to work with Windows, Mac, and Linux clients, in order to do VDI.

For the Windows endpoints, it was incredibly useful, nothing got through it, which is a bad thing in some cases because we hadn't tagged the certificate platform appropriately. So, it's a bit of an improvement needed there, but the biggest complaint is around the operating systems not being available.

I would rate Carbon Black CB Defense a seven out of ten.

What I like the most about it is the dynamic grouping, where you get to group endpoints based on setup criteria. That's pretty cool. I like the simplified policy management and simplified white-listing process. Coming from McAfee, management has been much simpler and much easier to look at. 

I like the simplified management, it has a nice UI, and it's very simple.

The EDR portion could be better. I'm not a big fan, but it works.

The End Point Detection Response and the way it lays our processes with our endpoint and its detection engine, in the way that it detects the admin or alerts we based on a threat. I feel that they're a little behind on the market from my perspective.  

Overall, areas of improvement would be the EDR part, the detection, also the cloud console. If you're trying to write queries or something, it's very slow, just not robust.

It's a cloud console so it should be fast. If I run a query and I press enter, if it took two seconds, it wouldn't give me a nice loading interface, because it's stuck. I would see an operating system most of the time. 

I feel like it should be faster. But as far as the price and everything, I think it's a good product.

We're actually doing a migration from McAfee to Carbon Black. The migration project has been about 12 months right now. We're slowly migrating.

Stability is one thing that's not robust. Other products are faster, but as far as the CB Defense, it's slow. We had some issues with the sensors and we also saw slowness on the Windows side, Windows file share, which actually was fixed in the next new version of the sensor.

I'm the only network security person here. But the other users who have different roles have access as well. In my team, there are five or six people. But I'm the only one actually directing changes.

We use it on a daily basis. 

There are always alerts so I'll always have to check into alerts and see what's going on and then do some more analysis. If it's a new application we are implementing that will also need to be configured on Carbon. 

The deployment process is straightforward. 

We're still deploying it slowly, little by little because we use a lot of critical applications and if Carbon Black interferes with the application, it will stop working. It needs to be tested thoroughly. It's a long process. 

All of its applications need to be tested thoroughly and then tested in a testing environment. Then we deploy and monitor, make changes, and stuff like that. As far as general users, laptops, and stuff, that's pretty straightforward. It's just part of the image. I have to write that script to uninstall McAfee, the whole migration. It's pretty straightforward. It wasn't complex as far as the installation or deployment.

There was also a technical lead for this project. It automatically comes with professional services for 10 hours and the documentation is pretty clear. The professors helped through the process. 

I think it's 28 per employee a year. 

We also looked at CrowdStrike but it was a little too expensive. 

The implementation is very easy but the security aspects could be better. 

If you don't have a SIEM solution in your organization, you're probably engaging via email.But there's no way to point me to customize the email templates if I want to see more information on that email before going to the console. It's still a business and company, but I'm the only one who is managing everything. So when I see the email on my phone, I want to see more information before logging into the console. I want to see more filtering options to narrow down more field training. 

I also wish it was easier and more intuitive in terms of searching for queries. I feel like it should be simpler. It doesn't make sense to have it this hard.

I would rate it a seven out of ten. 

We started using it to protect our environment from ransomware specifically.

Carbon Black works completely differently from other products. We tested different products and Carbon Black was selected because it does not remove a virus but it kills any suspect operations and it's up to the admin to check the scenario. It kills the "effect," if you will. If you receive ransomware or anything suspicious, it will kill the process unless you allow it, after receiving warnings.

I cannot say it's pure AI, but the way it works is that it stops any suspicious activity, not based on signature-based attacks. It works in a way that it detects that a given effect is unusual.

Also, you can deploy it through the cloud so that even if your stuff is outside of your controlled environment, you are still under control, based on the policies you create. The policies are controlled through the cloud. For example, if I don't allow anyone to do a certain activity or to install a particular app, and a consultant or a partner who is not part of our environment is doing so, it will stop them as well. Because of COVID-19, we are all working from home. Imagine if the centralization and control provided by the product were not on the cloud. We would lose control of the people working from home. So the centralized cloud control is one of its more effective aspects.

As far as I know, Carbon Defense has nothing that can be installed on mobile devices. It lacks a defense solution for mobile devices, especially mobile tablets. I would like to see support for mobile devices and the pricing should be less than the pricing for a normal workstation.

Also, there is not much education for customers about Defense versus its other products. They promote Defense as enough, but then they say if you need more protection you can go for CB Response. I don't know whether it's a technology issue or a marketing issue, but they should teach the customer more. They tell you you are secure with Carbon Defense but then they recommend Carbon Protect. There is not a lot of education on this.

I don't want to have an incident in the future and their answer will be, "Sorry, you did not buy Protect." Security is a continuous process. I can accept that it has more features, but don't tell me, "You are not protected because you did not buy the more expensive product."

In addition, these other products should be add-ons, not separate products. And the cost for them should be much less for adding on because you are already a customer.

Finally, we receive a lot of high alerts. There is no priority system, from one to 10, where 10 is very dangerous and one is something easy. There is no way for us to tell why this alert is similar to that one.

I have been using Carbon Black CB Defense for two years.

It is stable. It does not use a lot of CPU or RAM. This is one of its good points.

We have about 1,000 users. Scaling is always possible because it's a cloud solution.

They have good local support, here in Dubai.

Deployment takes too much time because it has a lot of options. The implementation was not an easy process. I wish the implementation was easier. But it has a positive effect in the end. The complexity pays for itself ultimately. You do not spend time on the complexity and then get nothing as a result. So the complexity is something that is necessary.

We were new to this product. If the deployment took, say, two weeks, it took us a very long time, maybe a couple of months, until we knew this product was solid. The education services given by the partner are not enough. It was a completely new product for us, so we needed a lot of education. While the implementation took two weeks, it really took two months to go through all the options.

We had a consultant at the beginning.

We have branches, we have different companies, but we cannot buy less than 100 licenses. This does not make sense to me. We do have some big companies within our group. But if I have a small office with 20 users and all my licenses are in use, the next buy cannot be less than 100 licenses. We have to do a lot of implementation and communication to add that many. But we only need 20. They are not flexible in the licensing part. It should be more flexible. 

I can understand their saying, "Okay, to be a customer you need 100," but to add on to that number it should be something very straightforward. If I need to add five, for example, I shouldn't need to add 100.

I'm not happy with the way they are treating existing customers for adding licenses. I sent an angry communication to them, to the management, and said to them: "With 1,000 users, I need only another 50 licenses. Why do you want me to go for 100? It's a stupid policy." Then I got approval from them for fewer. I don't need to buy subscriptions for users I don't have.

Also, licenses should not be per endpoint but rather per user. If I am the same user on a mobile device or on a workstation it should be one license for me.

To compare apples to apples, before going for Carbon Black I was thinking about CrowdStrike. CrowdStrike has a lot of very beautiful features that Carbon Black does not have, like IT asset management. But I am not buying this type of software for IT asset management. I'm buying it to protect my infrastructure from big threats. While CrowdStrike has many good features that Carbon Black does not have, that's not the case when it comes to security. CrowdStrike is a very good product but it's more expensive. If you buy all the components of CrowdStrike I can assure you it will be much better than Carbon Black, but cost is a factor.

Our previous product, Kaspersky, was fine but it's not on the level of Carbon Black. Carbon Black is called a next-generation antivirus because it does not only work based on signatures. With Kaspersky we had an incident, and one of the servers affected was the Kapsersky control server.

My advice is to get enough information about the differences in Carbon Black products from day one. In other words, if Carbon Black is claiming that Carbon Black CB Defense is enough, why are they always promoting the more expensive product, which is Carbon Black Protect? So, you need to be educated well about the differences between the products.

Also, look at the roadmap of the product regarding whether there will be good mobile protection for mobile users or not. And be aware of the minimum license purchasing policy.

The number of people for maintenance of the solution depends on how your environment is structured, but in our company I need five people.

The product's most valuable feature is its ability to be fully integrated with the VMware environment.

The product's stability could be improved.

I have been using VMware Carbon Black Endpoint for one or two years as a system integrator.

Stability-wise, the product could be better. 

The platform is very easy to scale. It is suitable for small and medium businesses.

The technical support services are good.

Positive

VMware Carbon Black Endpoint's installation is easy. The deployment takes one or two days, but the training administrator takes more time.

I rate VMware Carbon Black Endpoint a ten out of ten.

We use the solution for threat detection and endpoint protection. It generates alerts in case of invalid signatures while installing software.

The solution's most valuable feature is live response. We can verify and view the task list and the processes. Also, we can create policies with its help.

It is challenging to extract a report on the status of ongoing scans. They should work on this particular area of the solution.

The solution's customer service team responds quickly.

Positive

I rate the solution as seven.

It is a very complete platform. It is very useful for my customers.

Carbon Black CB Defense is ideal for a medium-sized business. It is not, in my opinion, suited for large enterprise companies.

Carbon Black works very well for the endpoint. It explains the situation very clearly.

I believe they could improve the new intelligence solution to monitor activity, in the network. They will most likely need to create or include a feature that checks the network.

I have worked with Carbon Black CB Defense for three or four years.

Carbon Black CB Defense is a very stable product.

The scalability of Carbon Black CB Defense is very good.

I would rate Carbon Black CB Defense an eight out of ten.

We primarily leverage the product for its security functionality.

The product is pretty strong in terms of security and their features are very good in that respect. Their research engine, the antivirus engine, it's very strong compared to any other product on the market right now.

The solution is stable.

They do have options on the market that can scale. 

Technical support is great.

It's not too difficult to set up and the deployment is fast. 

Carbon Black does not have a big market in Pakistan right now. They are actually trying to penetrate the region right now. They don't have many customers. Even we are new to the Carbon Black as well, in that we knew about Carbon Black for a long time, however, as far as implementing it and giving it to our customers, we are still new to it.

The pricing could be more reasonable. 

I've been dealing with the solution for six to seven years or so. It's been a while. 

The stability has been excellent. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. The performance is good. 

There are versions of the product that can scale. 

We have about three customers that use the product at this time. It's not that many as it's not a well-known product in our region. 

Normally they have pretty good technical support. Specifically, if you purchase the technical support directly from Carbon Black, then they are very responsive and very quick.

I also deal with McAfee and Kaspersky.

The initial setup is pretty straightforward, and the deployment is fairly quick. Of course, it depends on the environment. However, it shouldn't take more than a day or two to set up and to have everything up and running. 

We have one person, an engineer, that can handle deployment and maintenance tasks as necessary. 

We are able to implement the solution for our clients. 

The pricing could always be a bit better. They could work to make it less expensive. Right now, they are far and above more expensive than other similar options on the market. 

The license costs are paid yearly.

We are resellers. 

The solution can be deployed both on-premises and in the cloud.

I would definitely advise new users of just this one thing: that before thinking about Carbon Black or purchasing it, they should look for other solutions as well. As far as the cost is concerned, Carbon Black is much more expensive than any other product. That's something that needs to be taken into account.

I would rate the solution at a nine out of ten. 

We manage service providers. We provide this solution to other clients and companies that need it, and we are using the latest version.

It is stable and easy to set up.

The application control can be improved. It should also have an automatic update of the agents.

I have been using this solution for six months.

It is stable.

It is scalable.

Technical support is very effective. I am satisfied with them.

The initial setup is easy. It is not something difficult.

I would recommend this solution. We are going to keep providing this product. 

I would rate Carbon Black CB Defense a six out of ten.