We performed a comparison between McAfee ePolicy Orchestrator and Symantec Data Loss Prevention based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Investigations are something really remarkable. We can drill down right to the raw logs by running different queries and getting those on the console itself."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"There are a lot of things you can explore as a user. You can even go and actively hunt for threats. You can go on the offensive rather than on the defensive."
"The features that stand out are the detection engine and its integration with multiple data sources."
"It's pretty powerful and its performance is pretty good."
"We are able to deploy within half an hour and we only require one person to complete the implementation."
"Azure Application Gateway makes things a lot easier. You can create dashboards, alert rules, hunting and custom queries, and functions with it."
"The initial setup is very easy."
"What I like the most is the ability to manage centrally, to manage the various devices, the platform, and the endpoint, all from one console."
"From a single dashboard, I can take a look at several things including the endpoint protection, the file integrity section, the data activity monitor, and more."
"If you set it up right, it can really manage a very complex environment which require fine tuning where there are a lot of exceptions. That's what it caters to. It can just do those specifics in those exceptional situations, which is good."
"The most valuable feature of the solution is the central management console, which is used for DLP, endpoint security, drive encryption, and application control."
"The policy auditing, policy management, and device auditing are all valuable features. Our customers appreciated the ability to get alerts to system-wide events from a single view."
"The graphical interface of the solution is its most valuable aspect."
"The security is a key feature and the console is very user friendly."
"The accuracy in terms of the rate of detection is good."
"We find the product is easy to manage and maintain."
"The Network Monitor component is the most advanced on the market. Combined with the other Network DLP components."
"The exfiltration capabilities are great. You can put all of these rules in the product to detect the patterns and text."
"DLP's most valuable feature is compliance."
"It can prevent copying and encoding of HTTP data to various sites like Google, and Webex."
"The data matching features are the most valuable due to the easy policy setup and implementation."
"The dashboard, management section, and reporting are good."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"They're giving us the queries so we can plug them right into Sentinel. They need to have a streamlined process for updating them in the tool and knowing when things are updated and knowing when there are new detections available from Microsoft."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"If their UI was a bit more streamlined and easy to find when I need it, then that would be a great improvement."
"If I see an alert and I want to drill down and get more details about the alert, it's not just one click. In other SIEM tools, you just have to click the IP address of the entity and they give you the complete picture. In Sentinel, you have to write queries or use saved queries to get details."
"If Azure Sentinel had the ability to ingest Azure services from different tenants into another tenant that was hosting Azure Sentinel, and not lose any metadata, that would be a huge benefit to a lot of companies."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"The solution could improve the EDR component in many areas, such as the zero-day and persistent threats. The implementation is also complex for this feature."
"The solution sometimes has some false positives on IP addresses, from the web control aspect of the product. This needs to be improved."
"McAfee ePolicy Orchestrator needs to upgrade its technology since the solution's EDR function is not good compared to other vendors in the market."
"The rollout to cover the online resources, such as SharePoint, One Drive, and Office 365 doesn't seem to have a very clear path."
"Features such as full drive encryption are lacking in the cloud version."
"The areas of concern where improvements are needed are related to the product's assignment policy and tag assignment, where users can assign the policies with the help of tags and sort out the systems."
"McAfee ePolicy Orchestrator support has been helpful. However, sometimes when I raise the case they take a while to answer. For example, the last time I used them it took them two weeks to reply back by email. No one has contacted me back since. They should improve their service."
"The Virtual Patching feature needs to be improved."
"The console is not the best one. There is room for improvement in the management console."
"Since being acquired by Broadcom, the support has really degraded for small and medium enterprises."
"The product must improve its interface."
"I would like to see an improved interface, with better documentation and integration with other products."
"They need to expand the channels they check."
"Where things could be improved is that product engineering takes time to respond when we make a request. They get on a call for troubleshooting, but fixing the issue takes time."
"The one downside for Symantec is that, due to its transition from Symantec to Broadcom, there's been a lot of changes. I am based in the Philippines and we don't have a contact person locally for any Symantec."
"Symantec Data Loss Prevention's setup needs to be easier and support needs to be improved."
More Symantec Data Loss Prevention Pricing and Cost Advice →
McAfee ePolicy Orchestrator is ranked 9th in Security Orchestration Automation and Response (SOAR) with 39 reviews while Symantec Data Loss Prevention is ranked 3rd in Data Loss Prevention (DLP) with 53 reviews. McAfee ePolicy Orchestrator is rated 8.0, while Symantec Data Loss Prevention is rated 8.0. The top reviewer of McAfee ePolicy Orchestrator writes "Useful agent communication, reliable, but lacking support for microservices". On the other hand, the top reviewer of Symantec Data Loss Prevention writes "Consitent, accurate, and simple". McAfee ePolicy Orchestrator is most compared with Splunk SOAR, Zscaler DLP, Elastic Security, Trend Micro Integrated Data Loss Prevention and Forcepoint Data Loss Prevention, whereas Symantec Data Loss Prevention is most compared with Microsoft Purview Data Loss Prevention, Forcepoint Data Loss Prevention, Digital Guardian, Zscaler DLP and Code42 Incydr. See our McAfee ePolicy Orchestrator vs. Symantec Data Loss Prevention report.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
