I'm trying to find a definitive answer and to be honest I haven't found one. For a traditional shop using CMA/VSE/HIPS/FRP/MDE, why would I ever move to EP? I guess I don't understand the key differences there. Hopefully someone can shed some light. I understand that the "shared component" idea is very present with Endpoint Protection but the little bit of integration introduced with SysCore has left me reeling already so would I want to adopt this more?
Thanks for the insight everyone,
Endpoint Security 10 is not a replacement for every product you've listed. Endpoint Security 10 is the successor to VSE/HIPS/SAE. Don't misunderstand, VSE/HIPS/SAE are still very much supported, but you should definitely be looking to ENS 10 as the future. For example, ENS 10 introduces a new Dynamic Application Containment (DAC) feature which monitors application behavior and can contain "greyware." FRP/DE are their own products and have nothing to do with ENS 10. ENS 10 is still managed via the McAfee Agent or can be installed standalone. You'd still be managing FRP/DE/DLPe/etc. as you are today.
Easiest way I can think of to explain the "shared component" aspect is to describe the ENS 10 UI as the "platform" and there are blades (modules) that can be deployed atop the platform. The current available modules are Threat Prevention (think VSE), Firewall (think HIPS), Web Control (think SiteAdvisor Enterprise). SysCore is completely separate. SysCore is a set of shared components that each point product can leverage instead of reinventing the wheel and writing their own. With ENS 10, SysCore becomes easier to manage because all the components leverage the same version of SysCore, but it's also because each module gets updated at the same time.
I'd recommend reviewing Migrate to McAfee Endpoint Security 10 | Intel Security for migration information as well as to understand the performance improvements available with ENS 10.