Digital Guardian Reviews

Data security is now one of the most important aspects for any organization. Our customers are looking for a DLP solution that can help them protect data. It's both endpoint and network, and "network" covers cloud integration as well.

We cover both Endpoint Data Loss Prevention and Network DLP; in fact, we cover the whole portfolio of Digital Guardian. We have both cloud and on-premise solutions. We deploy it for medium and enterprise businesses.

There are a lot of issues with the current version of the Endpoint agent. It's not stable, it's resource-consuming, and there are some performance issues. If they could improve the stability of the agent it would be great.

They need to improve their product. If they keep just adding the features, it's not going to help them to sell the solution in the market. First of all, they need to improve their existing features, rather than onboarding new features.

It's close to three years that we have been dealing with Digital Guardian.

We are facing a lot of challenges with the agent's stability. Sometimes the application fails. Sometimes it works for 10 days or 15 days and then starts behaving abnormally. I have a lot of issues related to the agent and it's still a challenge.

It can scale from 100 to 10,000. There's no problem with the scalability.

The technical support is very bad. Support has to be drastically improved.

The initial setup is complex. It is not straightforward. You need to do lot of config when you create rules and policies. It takes a lot of time to create them. It takes a lot of testing. You also need to have a little understanding of the programming language. It's very difficult to create a policy.

Deployment takes three to six months.

It can be deployed by one person, but that person would need to dedicate his time to finish the project from start to end. Otherwise, it would require a minimum of two people because sometimes engineers are not available. You have to have at least two engineers.

If you don't have skilled staff, I would not recommend going with Digital Guardian. If you are looking more into deep-dive, postmortem, or forensic analysis, I would recommend it, but you need to have patience to implement the product. You need to bear in mind that support could be very challenging. The implementation, as I said, takes a long time. So if you have skilled staff, they can evaluate and onboard the solution but if you don't know have skilled staff, I would not recommend it.

My biggest lesson learned from dealing with this product is that they commit to something but they don't deliver it. That has been my experience.

I would rate it at five out of 10. Technically the product is good but the stability is not there.

We use the solution mainly for data classification and data loss prevention. We're seeing this solution being used by everyone from mid-market, medium-sized banks or financial institutions to insurance carriers, and we see it deployed at companies that work with personally identifiable information. 

One of the ways in which this technology has improved our organization is that it is set up in such a way that they have strict data classification rules. So if an end user wants to upload or email a document to one of their personal accounts, they are able to block certain files or certain information. They are able to block certain information from leaving the enterprise and corporate network.

What our customers find most valuable in Digital Guardian is the rule sets that they have for data classification. They are already set up to search for PII data, which is basically the personal identifying information for our customers. So you can quickly use their classification engine, or rule set, to set up inspection rules to determine whether data has PII, like social security numbers, date of birth, addresses and things like that.

I would like to see the workflow, to get all the rules and policies set up, be less complicated. If you've been in the field and have the technical knowledge, it's fairly intuitive, but the hardest part is setting everything up and doing the validation for the other rules. I think the whole system needs improvement, even though it works fine the way they designed it. The problem comes when a tool is written by engineers for engineers, and not necessarily for someone who doesn't have that background. Someone like a high-level manager. 

Some clients find it hard to set up all of their PII types. The interface also has some limitations in terms of which browser you can use. For me, that's the biggest headache. For the version we use, you must use Windows Explorer. The background requires you to have a bigger insight into the business processes. It's not just a tool that you can simply drop in and expect to work because there is an impact on business operations.

I would also love to see integration with cloud offerings, Like AWS, Azure, and GCP. And better browser support. 

I would say the stability of the solution is determined by whether or not you follow the recommended installation guidelines and sales engineering guidelines. Outside of that there are no guarantees, and we've had issues trying to push the boundaries. For instance, if the system requires you to use Internet Explorer, you may experience operational issues when you use another browser. So it doesn't mean that the system is unstable, it is just that the way the application is written, one may expect issues with the response codes from the different browsers.

We did have some issues with scalability, in terms of the HA replication, and the number of agents they have. In terms of the actual boundary limit, and what that boundary looks like, I don't know where scalability becomes an issue. I know we had issues going from region to region replication for those rule-sets.

I primarily work with Digital Guardian deployment for different clients using virtual infrastructure because I had a private cloud. I use them because they created an MSP version of their software. Colleagues of mine that used the standard appliances as well as the MSP version don't have any issues.

The technical support is really terrific. 

A lot of individuals that we get into contact with didn't have a previous solution in place. 

The initial installation of the software in the server is actually very straightforward and it is quite easy to install. It can, however, be a challenge for entities that do not have a data governance policy or structure already in place. This tool doesn't help them develop that, it only applies what the current policies are for data classification and data control.

It took me about three weeks to deploy the solution, but when a client has no data classification and they have to develop those systems first, installing and deployment might take as long as six months.

Provisioning is not a full-time job, but the continuous maintenance from all the alerts that occur from the different rule-sets that are created is based on the size of the organization. We've seen as little as three people managing alerts on a 24/7 basis, and we've seen companies where the alerts go to a security operations center, where there is an entire systems engineering department that helps triage those alerts. 

That is a problem with this tool - you can go from having nothing to do with this tool based on your policies, to having continuous tickets and a workload that requires you to get more staff to meet your IT Operations demand. 

I definitely see ROI in terms of data that has not left the company. If you're under GDPR and you prevent private information from leaving, then you see immediate value in returns. 

Our customers are happy with the pricing. There are additional costs if you use support contracts directly to Digital Guardian, so they do have professional services. These add-ons are helpful in building out rules, or in the event that the client has custom templated data. The professional services help to create the regular expression engine to detect that data. So, they do have professional services to actually help create these custom data cost-efficient rules.

Yes, they looked at other options like Symantec DLP, Forcepoint, and a few others. But based on technical needs or the way they could operationalize, they chose Digital Guardian. So if you look at enterprise data loss prevention this solution is the best.

I would recommend that you start looking at policies that would come out of the privacy office, or the DPO, the Data Privacy Officer. Most companies don't have a DPO, and that's why they really need to start looking at creating data classification guidelines and policies and understanding the impacts to the business on where their data flows and how it flows because this impacts the configuration of the digital guardian solution.

I would rate this solution an eight out of ten. It's not perfect, but it gets the job done.

I work for a company who is an integrator of the Digital Guardian product. We are selling the solution and installing the solution on all our customers' sites. We have several projects where Digital Guardian is deployed as a DLP solution mostly.

Digital Guardian can be also used as device control, application whitelisting, EDR, and user behavior analysis. There are a lot of good features in Digital Guardian.

Digital Guardian has cloud correlation servers which give you visibility. Works like EDR and the correlation servers are like a perfect instrument for security analysts.

The agent is a powerful thing because it is powered on the kernel site. You can control applications and data flow. 

You can use it with EDR solutions.

The room for improvement with Digital Guardian is that it will be better with the Linux agent because it is the only DLP solution for Linux workstations. It still needs to upgrade the agents to the latest version for the Linux kernel.

The vendor promised that in April they will have the universal agent for all operating systems, for Mac OS, Windows, and Linux. We are waiting for this new universal agent. I think Digital Guardian needs to improve the universal agent. That would be really great.

It would be good if Digital Guardian would have dictionaries from other languages inside of the solution, e.g., a Ukrainian language dictionary.

Digital Guardian has great stability. They are working on the solution and have updates coming up pretty fast where they are adding new features on the agent.

From our projects with our customers, it has pretty good stability.

Digital Guardian has great scalability. In one of our projects at the moment, there are 2500 users but they plan to implement about 15,000 users.

In other projects that we manage, there are about 1000 users using Digital Guardian. Also, we got some new projects in last year where it was supporting around 2000 users.

Our biggest customer is a Japanese fabric maker who has 100,000 endpoints.

The customer service with Digital Guardian is good because they answer fast. The Help Desk is also really good. We had some issues with one project. They solved it the same day, Digital Guardian connected via Webex and resolved all the issues on that project.

They support all languages.

It's pretty easy to install and implement the solution. Put it on our universal server and the solution is already working out-of-the-box.

Other DLP solutions are not quite so easy to install or to implement as Digital Guardian.

On all EOP solutions from the customer's side, it's hard to understand what data they want to protect.

It is really easy for us to deploy this solution.

Pricing and licensing I know mostly for the old versions of Digital Guardian. Now mostly DLP and other security solutions have subscription licensing.

Digital Guardian has both, subscription and perpetual licenses, but I think when everything (all technologies) will go to the cloud they will only offer subscriptions.

The vendors need to pay to cloud services like Amazon. They will need more money for that because Digital Guardian has the subscription linked to the cloud service.

If I compare Digital Guardian with Symantec, the license cost is lower, but McAfee can be cheaper than Digital Guardian. It depends on how many licenses you plan to buy and how big the project is. The cost is not so high as Symantec, but not as cheap as McAfee. They can easily sell the solution for price.

It is not the cheapest EOP solution. It's in the middle of the prices.

I tested previous options. I was working with McAfee DLP, but when compared to Digital Guardian, McAfee is old, i.e. not a next-generation DLP solution.

If somebody wants to implement a DLP solution, they need to understand which data they need to protect and how they would want to classify this data.

After that, make the choice in which DLP solution you want. I would rate Digital Guardian with a nine out of 10 because there is no solution that will be fully perfect.