McAfee is a good solution if you're in a medium/large company and if you're looking for a solution that can be customized and expanded. I also recommend if you have the most common log sources on your environment, since McAfee supports the major log sources (but lack a lot of small vendors). In my opinion, I wouldn't recommend McAfee for small companies, since it's not that easy to manage and maintain.
Overall, we've had a great experience with FireEye Helix and would recommend it to organizations looking to improve their operational security. We've found Helix to be a great way to collect and analyze revenant security events and take action. Having a single pane of glass makes this process much more efficient. Prior to moving to FireEye Helix, we had different teams sending data to different applications, which resulted in confusion and critical data being missed.
If there is a requirement to integrate into other vendor products i.e. (log sharing) then this was very cumbersome.
Integration of vulnerability scanning that is available in other vendor products would be a good addition.
When integrating all of Intel's products a third party consultancy is usually required, where other vendor products can be configured without this additional cost.
Dealing with the McAfee support is a lottery. Sometimes you reach them and it's a really experienced engineer, but sometimes it's a person with no clue on the tool. We had few cases where our internal engineers knew more about the tool than the McAfee support. However, sometimes we get hold of some really good engineers that know the tool from inside out
McAfee Enterprise Security Manager is a better option than other security software because it's both inexpensive and extremely effective. Norton and other security software boast a high price tag but don't always back it up when it comes to performance. With McAfee Enterprise Security Manager, I know I'm getting a quality product for a fair price.
It offers extensive visibility thus easy detection of threats and easy mitigation practices. Utilization of its threats intelligence capabilities thus early detection of incidents and maximization of security investments. Offers great integration of cloud resources with existing security tools thus ensuring seamless performance and all-time security for the organizational resources.
Helix has had a significant impact on CSOC visibility efforts across the organization.
Helix fills the logging and alerting gaps that are missing across the infrastructure side.
Having a single pane of glass allows teams to more efficiently run incidents. Additionally, Helix is integrated with ServiceNow providing enhanced and efficient case management for all Helix alerts.
