We performed a comparison between McAfee ePolicy Orchestrator and Symantec Data Loss Prevention based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The Log analytics are useful."
"The product can integrate with any device."
"The automation feature is valuable."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"It has basic out-of-the-box integrations with multiple log sources."
"The most valuable feature is the alert notifications, which are categorized by severity levels: informational, low, medium, and high."
"It is a scalable solution...I rate its scalability a nine out of ten."
"The feature that I have found most valuable is its general purpose of protecting our endpoints from infections, malicious files, and all those kinds of things. The fact that there are organized policies and policy inheritance. The general management."
"McAfee ePolicy Orchestrator has a built-in advanced pattern, which is very useful because it can detect any pattern."
"Technical support is very helpful."
"The policy auditing, policy management, and device auditing are all valuable features. Our customers appreciated the ability to get alerts to system-wide events from a single view."
"Their support is really good. I would rate it a nine out of ten. I have never any issues with their support. They always reply and follow our queries on time."
"The initial setup is very easy."
"The valuable feature of the McAfee ePolicy Orchestrator is the management of the policies."
"Symantec Data Loss Prevention is the number one product in its field. It does its job well and it has all the necessary features. It is definitely better than any other solution on the market."
"The most valuable feature is file-level DLP."
"There's only one policy needed to implement for all channels."
"The product is very robust."
"The initial setup is easy."
"The most valuable feature of this solution is endpoint security."
"It can prevent copying and encoding of HTTP data to various sites like Google, and Webex."
"The dashboard, management section, and reporting are good."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"Only one thing is missing: NDR is not available out-of-the-box. The competitive cloud-native SIEM providers have the NDR component. Currently, Sentinel needs NDR to be powered from either Corelight or some other NDR provider."
"The performance could be improved. If I create 15 to 20 lines for a single-use case in KQL, sometimes it takes more time to execute. If I create use cases within a certain timeline, the result will show in .01 seconds. A complex query takes more time to get results."
"We're satisfied with the comprehensiveness of the security protection. That said, we do have issues sometimes where there have been global outages and we need to raise a ticket with Microsoft."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"The on-prem log sources still require a lot of development."
"Sentinel's reporting is complex and can be more user-friendly."
"The troubleshooting has room for improvement."
"McAfee ePolicy Orchestrator needs to upgrade its technology since the solution's EDR function is not good compared to other vendors in the market."
"The impact of the agent on the endpoint's performance - the resources it takes. Additionally, the difficulties we experience with inheriting and breaking inheritance on the organization's structure breakdown for policy inheritance and then for rules inheritance. We are actually struggling with this."
"The detection aspect should be improved so that signatures are updated more quickly."
"I would like to see McAfee reduce the amount of manual work required."
"As for improvements, I think that putting everything on a cloud and one console would be a great idea and would be useful for customers."
"McAfee ePolicy Orchestrator needs to upgrade the technology; it's like their area function is not quite as good as compared to other market vendors."
"The solution is difficult to tune to avoid false positives."
"There are some issues we are having with updating our Windows server. So we need to contact support or access our support portal."
"Where things could be improved is that product engineering takes time to respond when we make a request. They get on a call for troubleshooting, but fixing the issue takes time."
"Sometimes setting up the solution can get a little tricky because it would depend on your internal infrastructure. For example, you have to connect the Symantec Data Loss Prevention platform and you need to integrate it, so that could make the process somewhat difficult."
"The product's pricing and support services need improvement."
"Their support program needs a lot of improvement. If you are stuck somewhere, getting their support can be difficult."
"Different departments should manage administration, reporting, normalization and incident management."
"The upgrade process is convoluted. The server and database software must run in line with third-party providers like the Oracle database. If an Oracle database reaches the end of its life, then servers must be decommissioned, and you need to bring new servers online. When the maintenance packages are deployed to the management server, they don't get pushed to the detection servers. Each detection server must be manually installed rather than automatically made from a single server. If it's a large enterprise, you need to manually install it or use a GPO or some other technology, which I never use."
"In the object capture recognition, which we implemented recently, there are a lot of false positives that have been happening."
"Symantec Data Loss Prevention's AI technology has certain shortcomings where improvements can be made."
More Symantec Data Loss Prevention Pricing and Cost Advice →
McAfee ePolicy Orchestrator is ranked 9th in Security Orchestration Automation and Response (SOAR) with 39 reviews while Symantec Data Loss Prevention is ranked 3rd in Data Loss Prevention (DLP) with 53 reviews. McAfee ePolicy Orchestrator is rated 8.0, while Symantec Data Loss Prevention is rated 8.0. The top reviewer of McAfee ePolicy Orchestrator writes "Useful agent communication, reliable, but lacking support for microservices". On the other hand, the top reviewer of Symantec Data Loss Prevention writes "Consitent, accurate, and simple". McAfee ePolicy Orchestrator is most compared with Splunk SOAR, Zscaler DLP, Elastic Security, Trend Micro Integrated Data Loss Prevention and Forcepoint Data Loss Prevention, whereas Symantec Data Loss Prevention is most compared with Microsoft Purview Data Loss Prevention, Forcepoint Data Loss Prevention, Digital Guardian, Zscaler DLP and Code42 Incydr. See our McAfee ePolicy Orchestrator vs. Symantec Data Loss Prevention report.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.