McAfee ePolicy Orchestrator
July 01, 2003
Networks Associates, Inc.Product:
$22.93 per node (25 nodes)
- Ease of Use:
- Value for Money:
- Overall Rating:
Powerful reporting and auditing, multiple vendor support.
Some clumsiness in the interface.
For Windows-only sites, keep this on your shortlist.
McAfee is one of the best-known names in anti-virus, and we expected impressive results from testing ePolicy Orchestrator 2.5. The product is capable of managing several anti-virus solutions, including McAfee's own and Symantec's Norton, with support for others in the pipeline. Although policies for separate products are configured individually, the integrated management interface will immediately be useful to large enterprises with multiple anti-virus solutions.
The system has been designed with large environments in mind from the word go. You start by creating sites, which encompass Windows domains or IP subnets/ ranges. The software discovers connected clients quickly and makes it simple to push out client software and gather configuration information from PCs.
Repositories of policies and configurations are set up, which can propagate this data either to other repositories or to client systems, making it possible to manage even enormous organizations from a single console while delegating some administrative tasks. Policies can be set to override other management changes, including local configuration, meaning that user error can easily be identified and rectified.
All activities are controlled by creating tasks within the tree-structure of sites and clients. Tasks propagate downwards, but can't be dragged from one part to another, which can mean some irritating extra work unless you take extra time planning where you want tasks run. Avoid generic names for tasks - propagating downwards includes creating duplicates of existing jobs with the same name, rather than updating them with new settings.
A key strength of the ePolicy Orchestrator is its excellent reporting. Reports can be generated in database-table or HTML format; there is a huge variety of pre-configured reports, covering recent policy deployment, virus activity, policy violations, audit trails, etc.
Documentation was also very good, thorough and with plenty of helpful diagrams explaining each component and process, making what is in fact an extremely complex product remarkably easy to get used to.
For large companies looking to manage multiple anti-virus solutions, this is a very good option, though we are somewhat put off by its exclusive support for Windows environments, exacerbated by lack of a browser interface for remote management.
Sign up to our newsletters
SC Magazine Articles
- Microsoft report explores dangers of running expired security software
- Survey: real-time SIEM solutions help orgs detect attacks within minutes
- Vulnerabilities identified in three Advantech products
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- State Department hack may be tied to White House network breach
- Operators disable firewall features to increase network performance, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Upping the ante: PCI Security Standard
- Study: Third of employees use company devices for social media and online shopping
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Swedish appeals court nixes Assange's plea
- Critical XSS vulnerability addressed in WordPress
- The Internet of Things (IoT) will fail if security has no context