I'm a little confused on product positioning and in what scenario we might use the different products at our disposal. Looking for thoughts\advice\experience?
The four products right now are:
Endpoint Security for Servers (Smart Scheduler)
We run a small environment, mostly on Vmware - 12 Vmware hosts, 30 or so Citrix XenApp VMs, with about 25 users per VM running full desktop, plus a couple of hundred generic Windows\Linux servers doing various bits.
We used Agentless for several years, got bit by a bug and decided to move to MP not least to get better integration into the desktop environment. A rep told us that MP was moving from VSE to ENS and would have more of the advanced modern threat detection capabilities compared with either the VSE version, or the Agentless product, as Vmware were not enhancing the VMCI-based capabilities. So we moved to MP.
McAfee also tout ENS as a replacement for full-fat VSE on generic Windows servers (VMs and physical).
Then there is the "ENS for Servers" add-on/feature, in which the Agent coordinates with CWS to ensure ODS and update tasks aren't smashing the hypervisors.
So what is an admin to do?
Is there a one-size-fits-all solution?
What do you guys do for your various workload types?
The highest risks are on the Citrix VMs, where users browse websites and download files, so it would make sense to have the most security features active on those servers - ie. full fat ENS. But performance?
So on balance, perhaps run MP on the Citrix VMs, and full-fat ENS on the generic Windows server VMs?