City Proactively Blocks More Threats with Less Work, Saves 40 Hours Weekly with McAfee ENS

By on Jul 27, 2017

The information security team for the City of Gothenburg, in a Swedish metropolitan area of 1.1 million people, felt the impact of migrating to McAfee Endpoint Security almost immediately. First and foremost, the dramatic increase in the City’s ability to detect and protect against malware saved the team a lot of time.

“We saw a sudden reduction in infections and we had much better control over our web environment thanks to the McAfee ENS Web Control module,” recalls Kenneth Hamilton, an expert system specialist who manages endpoint protection from within the City’s Security Operations Center. “ENS began blocking users from downloading suspect files off the Internet. By reducing time spent remediating after infections, we probably save 40 hours per week.”

I can find only benefits from migrating to [McAfee] ENS, despite my searching for downsides. The new functionality, improved performance, and advanced protection make migration a no-brainer in my opinion. Plus migration was easy and painless.”

In addition, says Hamilton, McAfee ENS made his job much easier. “The modular architecture and fact that there is only one agent instead of multiple agents on the endpoint simplifies administration,” he explains.

“The ENS GUI is also more user-friendly, simple to understand and use, and offers more administrative support tools,” he adds. Because creating rules is so much easier with McAfee ENS, Hamilton decided to create them from scratch rather than porting them from the legacy solution.

Gothenburg City also experienced improved CPU performance from the start. Since anti-malware scans use less memory, are so much faster, and occur in the background, the City’s business users are happier, which makes the security team happier. Since deploying McAfee ENS, the City’s help desk receives only one to two calls a week—out of 35,000 users.

Hamilton sees no reason not to migrate from McAfee VirusScan Enterprise to McAfee ENS as soon as possible. “I can find only benefits from migrating to ENS, despite my searching for downsides,” he says. “The new functionality, improved performance, and advanced protection make migration a no-brainer in my opinion. Plus migration was easy and painless.”

Painless Migration from McAfee VirusScan Enterprise

Gothenburg migrated 35,000 desktops across all city departments to McAfee ENS. Most of the nodes migrated from McAfee VirusScan Enterprise to the McAfee ENS Threat Prevention module and added the ENS Web Control module. Some desktops also received the ENS firewall module, which provides improved Host Intrusion Prevention (HIPS). Migration of all 43 departments took one month from start to finish, including one week of planning and communications.

“We had been afraid that users would complain that the migration to ENS was hindering them or slowing down their computers, but only two people out of 35,000 complained—about not being able to access an unapproved website,” says Hamilton. “It was a pain-free installation all around.”

Protecting Both Physical and Virtual Endpoints

Using the McAfee ePolicy Orchestrator® (ePO™) central console, Hamilton can apply the same policies across endpoints, whether physical or virtual. Incorporating eight hypervisors, the City’s implementation of McAfee Management for Optimized Virtual Environments (MOVE) Antivirus protects 900 virtual servers, some with agents and others without, across two data centers. These servers manage a wide range of applications spanning city departments. Hamilton is also piloting using McAfee ENS in the City’s virtualized environment and has been pleased with initial results.

With both physical and virtual endpoints managed from ePO and superior protection from McAfee ENS, the City of Gothenburg is proactively blocking ransomware and other threats with less work. Since additional security components such as McAfee Threat Intelligence Exchange and McAfee Advanced Threat Defense (ATD) can easily be managed from that same ePO console, and since endpoint protection is now able to leverage the McAfee Data Exchange Layer (DXL), the City of Gothenburg has truly laid the foundation for a robust, adaptive, threat defense lifecycle that safeguards city operations and citizens’ data.


To read the City of Gothenburg full case study, click here. Get your questions answered by tweeting @McAfee_Business.

About the Author

McAfee Enterprise

McAfee offers industry-leading cybersecurity solutions for all business and enterprise needs. See our blog to stay up-to-date with the latest security trends

Read more posts from McAfee Enterprise

Subscribe to McAfee Securing Tomorrow Blogs