We performed a comparison between McAfee ePolicy Orchestrator and Zscaler DLP based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."Sentinel's most important feature is the ability to centralize all the logs in one place. There's no need to search multiple systems for information."
"Sentinel improved how we investigate incidents. We can create watchlists and update them to align with the latest threat intelligence. The information Microsoft provides enables us to understand thoroughly and improve as we go along. It allows us to provide monthly reports to our clients on their security posture."
"Microsoft Sentinel provides the capability to integrate different log sources. On top of having several data connectors in place, you can also do integration with a threat intelligence platform to enhance and enrich the data that's available. You can collect as many logs and build all the use cases."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"It is quite efficient. It helps our clients in identifying their security issues and respond quickly. Our clients want to automate incident response and all those things."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"The log query feature has been the most valuable because it's very good. You can put your data on the cloud and run queues from Sentinel. It will do it all very fast. I love that I don't have to upload it to an Excel file and then manually look for a piece of information. Sentinel is much faster and is good for big databases."
"One of the most valuable features is that it creates a kind of a single pane of glass for organizations that already use Microsoft software. So, when they have things like Microsoft 365, it is very easy for them to kind of plug in or enroll those endpoints into the Azure Sentinel service."
"The most valuable features of this solution are the antivirus and the DLP."
"The most valuable feature of the McAfee ePolicy Orchestrator is agent communication."
"McAfee ePolicy Orchestrator's performance is good."
"The security is a key feature and the console is very user friendly."
"The feature that I have found most valuable is its general purpose of protecting our endpoints from infections, malicious files, and all those kinds of things. The fact that there are organized policies and policy inheritance. The general management."
"It is a highly scalable solution. Scalability-wise, I rate the solution a ten out of ten."
"If you set it up right, it can really manage a very complex environment which require fine tuning where there are a lot of exceptions. That's what it caters to. It can just do those specifics in those exceptional situations, which is good."
"From a single dashboard, I can take a look at several things including the endpoint protection, the file integrity section, the data activity monitor, and more."
"You can close your data protection gaps with Zscaler. You can quickly find all the classified, sensitive data across the cloud."
"The policies are very easy to implement."
"Its impressive scalability allows the combination of multiple dictionaries and using them as one engine, resulting in narrower data loss gaps."
"The product’s most valuable features are data discovery, activity control, and zero trust exchange."
"Zscaler Cloud DLP provides you with basic DLP features that you get out of the box such as keywords, regular expressions, and data identifiers, for example, your social security numbers, and credit card numbers, with everything built into the product, so you can directly use those features within the policies. You don't need to create it from scratch, and to me, this is the biggest benefit of Zscaler Cloud DLP. You have a lot of templates to choose from in the solution, rather than having to create templates from scratch or reinvent templates."
"The most valuable aspect of Zscaler Cloud DLP is its automatic DLP feature."
"The product’s most valuable features are inbound and outbound scanning and API control."
"The initial setup is easy."
"We are invoiced according to the amount of data generated within each log."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"The KQL query does not function effectively with Windows 11 machines, and in the majority of machine-based investigations, KQL queries are essential for organizing the data during investigations."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"The troubleshooting has room for improvement."
"The playbook is a bit difficult and could be improved."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"Sometimes agents hang. We have to reinstall the agents."
"It's a little bit complex to configure it, but when you start using it, it is much easier. There are many policies that you need to create, and in three or four places"
"McAfee ePolicy Orchestrator needs to upgrade the technology; it's like their area function is not quite as good as compared to other market vendors."
"The way that ePolicy launches the updates is very slow. It would be great if that was faster."
"The solution sometimes has some false positives on IP addresses, from the web control aspect of the product. This needs to be improved."
"McAfee should improve in terms of customer support and assigning a knowledgeable TAM to customers."
"There needs to be support for Mac computers. Currently, McAfee does not work on iOS."
"McAfee ePolicy Orchestrator support has been helpful. However, sometimes when I raise the case they take a while to answer. For example, the last time I used them it took them two weeks to reply back by email. No one has contacted me back since. They should improve their service."
"Another area of improvement is implementation through non-client connectors. The solution can be implemented in two ways. One uses the back file; the other one uses client connectors. So the client connector is pretty fast, but when it comes to non-client connectors and procedures, it's kind of delayed and slow."
"On the improvement side, when we bypass certain internet traffic types, it's currently recommended to have a one-click option, but audio and video aren't always supported. Thus, we need to bypass that kind of traffic. So, it is an area of improvement."
"Zscaler Cloud DLP needs to improve its compatibility with other security tools."
"They should work on a replica account. There could be alerts and replica files sent to the DLP team during data collection."
"The product must allow users to check logs for an entire year in the local console."
"You won't find anything that can help you with the configuration part and other areas related to the product if you search for proper or exact details of Zscaler Cloud DLP online in very easy language."
"The customers would benefit from more robust documentation and conversations around configurations, as it is slightly complex."
"There aren't really any missing features that I have witnessed."
McAfee ePolicy Orchestrator is ranked 9th in Security Orchestration Automation and Response (SOAR) with 39 reviews while Zscaler DLP is ranked 4th in Data Loss Prevention (DLP) with 15 reviews. McAfee ePolicy Orchestrator is rated 8.0, while Zscaler DLP is rated 8.6. The top reviewer of McAfee ePolicy Orchestrator writes "Useful agent communication, reliable, but lacking support for microservices". On the other hand, the top reviewer of Zscaler DLP writes "Provides a range of security measures to protect network traffic". McAfee ePolicy Orchestrator is most compared with Splunk SOAR, Symantec Data Loss Prevention, Elastic Security, Trend Micro Integrated Data Loss Prevention and Forcepoint Data Loss Prevention, whereas Zscaler DLP is most compared with Microsoft Purview Data Loss Prevention, Forcepoint Data Loss Prevention, Symantec Data Loss Prevention, Varonis Platform and Cyberhaven.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
