Site of promotion
https://www.comss.ru/page.php?id=6131
Event
  1. Other type of event
Instructions
Get it from McAfee Endpoint Security
Extract the components you want to install , run setup, install,done .

Chri.Mi

Level 7
10.PNG
 

Vitali Ortzi

Level 20
Verified
I don't see anything new in the settings since last time I used it.
But as you see the GUi is usable unlike SEP unmanaged Wich feels like a barebone av.
But SEP management server has many nice things that McAfee lacks.

I have only 1 doubt if is free or not... look pictures on modules is write trial-active

View attachment 240374
I think it's an unlimited trial.
 
  • Like
Reactions: roger_m

Vitali Ortzi

Level 20
Verified
Finally installed this AV in a VM, so far it's working good and I'll test it on the MH.
Only time will tell if this trial won't expire someday.

View attachment 240499

PD: it deletes infected files by default for me, also you need to enable the browser plugin for web protection to work.

View attachment 240500

View attachment 240501
at least the web protection of SEP doesn't require an extension even though it's quite limited without the WSS add-on wich is dam expansive.
 

Vitali Ortzi

Level 20
Verified
Only time will tell if this trial won't expire someday.
I'm pretty sure it won't expire
But If it somehow will expire I have a few workaround .

I prefer the extension approach, the AV doesn't needs to break SSL security by doing MITM to every connection and slowing things down
Yeah breaking SSL is very risky .
Google made it clearly to venders they shouldn't do it.

But I got no idea how the extension works .
And if somehow the account that manages the extension got pished
It's game over .
( already happened to a security vender).

For me both approaces are near similarly bad ,
But I enjoy the visibility I get by certificate injection.
If you have a good alternative my ears are open.
 
Last edited:

geminis3

Level 15
Verified
Malware Tester
@Vitali Ortzi I'm bonus testing an already known malware in the hub, but wanted to know if that's how you disable static AV?
the static detection was artemis.... after disabling those options and running the file now is JTI/.... so is that dynamic detection/cloud/behaviour blocker?

McAfee Enterprise-2020-05-20-12-36-43.png
 

Vitali Ortzi

Level 20
Verified
@Vitali Ortzi I'm bonus testing an already known malware in the hub, but wanted to know if that's how you disable static AV?
the static detection was artemis.... after disabling those options and running the file now is JTI/.... so is that dynamic detection/cloud/behaviour blocker?

View attachment 240513
I don't know much about McAfee but it tells below the option what each option does .
 
  • Like
Reactions: geminis3

Vitali Ortzi

Level 20
Verified
Indeed it was detected by ATP

View attachment 240514

I'm really surprised this isn't the consumer grade crapware McAfee sells to home users, this is a really effective AV
I know one of the best Enterprise products.

Highly underrated ,
Anyway almost every vender sells crapware to home users XD.

And use the great patents in Endpoint exclusive products only.

But If McAfee ported half of the Endpoint product to the consumer and used good marketing/ UI optimizations .
They would be able to take much market share among enthusiast market group (Malware tips ,wilders for example)
But since it won't help taking enough market share it would be R&D wasted .
 
Last edited:
  • Like
Reactions: roger_m

Chri.Mi

Level 7
Top