McAfee’s MVISION Endpoint augments the security built into Windows 10 and Windows Server 2016 and newer versions to combat advanced zero-day attacks. It showcases machine learning, credential theft monitoring, attack behavior blocking and enhanced rollback remediation. McAfee contends that many endpoint security products lack agility, are complex and costly to maintain with inconsistent security controls across the emerging attack surface, leading to inadequate protection against modern threats.
An add-on for existing McAfee platforms, MVISION Endpoint Security 2019 provides advanced protection and management of endpoint security technologies to protect against cyber adversaries by leveraging a combination of antivirus, firewall, exploit protection and advanced remediation technologies.
Security teams can create automated responses that are triggered according to preferred configurations. They can configure various out-of-the-box policy options that depend on the desired level of scrutiny and enable additional protection features. The group policy editor Endpoint machine learning and remediation capabilities in the group policy editor augment signature-based detection from Windows Defender and users can synchronize exclusions and apply them to both solutions.
Installation was straightforward. After an executable is deployed, it goes back and checks into the environment to automatically download the selected package then completes installation on that endpoint.
We noted some confusion with Windows and Linux support. MVISION is specifically designed for new Windows clients and does not support older versions of Windows and Linux. The dashboard layout, has a relatively modern feel and design, though not as much as some of the others we have seen.
Using our lab’s toolsets, we ran MVISION through some maneuvers and its detections functioned as designed and expected. Additionally, we received a report back on the dashboard stating there was an issue on Windows Server 2016 and Windows 10. Drilling down into the event, we could see greater detail, such as which machines encountered the threat.
Other products include storyboarding capabilities with tremendous insight and visibility into what occurred and MVISION would benefit from a similar. We were told the June release will include StoryGraph, a pictorial description providing additional visibility and context for how everything is engaging on the system and where files are have been spawned.
Using a propriety data store to create a backup of infected file, the rollback remediation feature can undo damage caused by malware. It restores them after the process has been convicted by leveraging advanced behavioral machine learning.
Tested by Tom Weilk