This article can also be found in the Premium Editorial Download "Information Security magazine: Comparing seven top integrated endpoint security suites."
Download it now to read this article plus other related content.
CA's management console has improved significantly since we last looked at it in our antispyware analysis in May 2006. Its latest version is much faster and more interactive than previous versions. Still, checking the status of different workstations required moving between different screens, and policy configuration of this purely Web-based GUI was more difficult than with other products.
We found the IBM ISS product quite difficult to manage. Determining the current status of clients from the management console was cumbersome, and managing all of the separate features was complicated and confusing. Also, at several points we encountered cryptic error messages that didn't explain the problems we encountered in installing and configuring the product. Finally, the IBM ISS endpoint product is exclusively for Windows clients; it cannot be used to manage servers, Windows or otherwise. Server security is available only as a completely separate product.
McAfee's new enterprise management server, ePolicy Orchestrator (ePO) 4.0, was a great disappointment. The more you loved the previous versions of McAfee's ePO, the more frustrated you will likely be with the new version.
McAfee has completely rewritten its flagship management product with a Web-based GUI, letting admins manage it from any browser in their enterprise.
The well-laid-out and quick GUI of earlier
| ePO versions has been replaced with a complex and bewildering Web-based interface. The easy drag- and-drop features of the thick-client ePO have been replaced with countless Web-based drop-down menus in screens that make it difficult to find what you need.
The difficult-to-use management GUI and default policy are of significant concern. While testing, we accidentally applied a baseline medium security policy to the McAfee management server itself. In the complex ePO 4.0 GUI, such mistakes are frustratingly easy to make--we did it while being guided step-by-step on the phone by McAfee support. By simply applying the default security policy to the management server, ePO killed itself. We were unable to get access to any of the management capabilities, and had to reinstall everything from scratch to resume testing.
This was first published in November 2007