Microsoft Defender for Cloud vs. Trellix ePolicy Orchestrator

If you need to proceed with pay as you go service then go ahead with Microsoft Defender for Cloud. This could be expensive in the long run but if the organization usage is slightly less than then this would suite the purpose. Also, it has the latest threat updates, so you're future proof in terms of potential treats.

Incentivized

McAffee ePolicy Orchestrator is very well suited in large environments. You can load your updates to the repository and deploy them to every node on your network. It has great reporting and auditing features. You can control your users and groups all from the System Tree. DLP is great for USB devices. You can restrict all the ports on a computer and open them up for a limited time to plug in a device. EPO is to bulky for small networks.

Incentivized

• Automation is crucial to managing sprawl and the additional complexity that comes with it. SOC management workbooks and process automation give significant flexibility.
• The Security posture score and Security Alerts are neatly centralized and offer me crucial information quickly.
• Defender for Cloud avoids the common compromise of simplicity for completeness (former Azure Security Center). The security warnings and advice go into great detail while remaining current and useful.

Incentivized

• Applies the policy settings for the selected group
• Keeps the hosts updated well, in general
• Allows update of available software from within the management console
• Assigns and runs ongoing tasks with little need for intervention
• Provides quick high-level view of systems

Incentivized

• UI/UX. It can get a little messy when navigating around with all the flyouts in the Azure portal which can be frustrating, particularly when under time pressure.
• The query languages for the queries and workbooks are another language that needs to be learned - it would be nice to have kept it closer to T-SQL or something like that to minimize the need to learn new syntax.
• Adding cost estimations to the security recommendations would really improve the experience.

Incentivized

• It has a slow mechanism when adding custom threat feeds. For example, if McAfee didn't have a signature or detection about a new virus and we try to add it to our console it is like a really big process in adding that to our available signatures.
• Whenever a scan is performed, the system CPU utilization goes up 100 percent.
• Installation fails due to difference in timestamp when we try to shuffle between packages.

It is a great product that integrates nicely when running an Azure platform and even multi-cloud environment. Not looking for point-solutions but a suite that answers most requirements. It is very comfortable being able to use KQL, workbooks and automation that is native to the azure platform

Compliance mapping capabilities of the software and reporting.

Ease in deployment and implementation.

Seamless integration of the software with cloud and other third party applications.

The software ensures quick incident response and avilability of ready to help customer services providers.

User interface of the product is very friendly.

McAfee support is definitely GREAT! It is one of the best technical support on a business level. GOLD support is recommended to business. Their website is easy and quick to create a ticket. Their technical team usually responds right away with an email or call. Via call and web they provide a full and complete support until the issue is resolved. The best, most of the time they explain in detail what is the issue, the reason and how to resolve it.

Incentivized

I believe Microsoft Defender for Cloud stacks up well against the other tools we looked at. It is native to the Azure platform and provides the same insights as the other tools. We selected Microsoft Defender for Cloud because it integrates well with the Azure resources and gives the needed insight, security alerts and recommendations.

Incentivized

McAfee ePolicy Orchestrator really seemed to have all the best pieces in one platform and the network admin and asst. network admin both had previous experience with the product. The others tend to focus more on singular aspects, whereas McAfee ePolicy Orchestrator has data loss prevention, encryption, anti-virus and other functionality and the excel on each of those points equally.

Incentivized

• Ensuring compliance with data protection regulations can prevent costly fines and legal issues, positively impacting ROI.
• Effective cloud resource protection can optimize cloud spending and resource utilization, ultimately reducing cloud infrastructure costs.
• The subscription costs associated with Defender for Cloud can add to an organization's operational expenses, impacting ROI.
• Smaller organizations may find the feature set and complexity of Defender for Cloud unnecessary, potentially overinvesting in security solutions.

Incentivized

• As with most things the price of products goes up and more-so if your business is growing.
• We've been able to provide auditors with tangible evidence that our network is protected because of the reporting McAfee ePO provides. Auditors like McAfee because it's been around almost forever and is a mature product.
• Being a mature product, though, it's very much set in the way it does things and as such there's not a whole lot of innovation.

Incentivized