Symantec Data Loss Prevention Reviews

I like how I have the possibility to check different channels with the same policy set.

The machine learning solution is very good. Many of our partners are not using mostly the machine learning function yet, however, the index document matching, the IDM, and the actual data matching function are the most useful. Those are very, very good functions of the DLP.

The OCR functionality could be better. We have OCR functionality. However, it is not as effective. It could be more effective. They need to work on the function that can catch PDF 5 and PDF 5 based on pictures, images, JPEGs, and so on, with text-to-all content. The main goal of this is to check those pictures against corporate policies.

I'd like it if, in DLP, the agent could have more detection capabilities.

Currently, many features can work only with Endpoint Prevention, Network Prevention, and Email Prevention. Those capabilities do not work on the Endpoint Prevent and Endpoint Detection. 

They need to expand the channels they check. It could be wider. So it should be able to check, for example, WhatsApp and mobile solutions, mobile communications, Facebook, et cetera. We're worried about data leakage on these channels. 

I've been using the solution for six to eight years.

In terms of stability, we have issues, yet not too many. The basic functionality works fine. In my opinion, it is one of the best of the market.

The solution is scalable. 

We can use it in a single tier if there are not too many users and agents. That said, it can be easily extended to use as many server components as we would like. If there are too many people, 4,000 or 5,000 agents and users, we can use 10 or 15 servers. There is no problem with the scalability of DLP. 

On two or three servers, we have around 1,000 agents. Not more than that.

I have problems with Symantec technical support. It is too slow. There are also problems with competency. With the time factor, the reaction time and response time are very long. There was a situation where I had 168 hours between the initial outreach and response. It was not the best for my customer and for me.

Neutral

I did not previously use a different solution. 

The setup is a bit complex due to the Oracle database. I now have many problems installing and managing the Oracle database. At the moment, I just have a huge problem upgrading Oracle 12 to Oracle 19. It is not too easy. That said, if Oracle and the basic DLP are installed, then it can go smoothly. Afterward, there are no problems with it.

I am not a sales. However, I see Symantec's prices are the highest in the market.

The technical solution is quite good, however, when the customer sees the prices, they tend to say "Okay. It is very good, yet we do need to choose a cheaper one."

I'm a reseller and integrator.

I am just upgrading the previous version, 15.5, to the newest one, 15.8.

I'd rate the solution eight out of ten. 

We used Symantec Data Loss Prevention for security purposes, mainly to handle confidential data and protect it from external interventions.

Symantec Data Loss Prevention helped us secure highly credible data of our customers, protect it from being copied, and safeguard it from external threats.

I found Symantec to be user-friendly and easy to use. It was easy to install and work with. These features were some of the factors I liked about the product.

It's been around six months since we switched. I don't recall all necessary updates. However, I do recall the installation and recovery time took longer than expected, which impacted our payment gateways and token changes. 

Updates sometimes overlap, causing technical errors.

I worked with Symantec Data Loss Prevention for around one year and four months.

Symantec Data Loss Prevention was definitely stable for our needs.

Different teams managed scaleability and elasticity. I did not have direct involvement in this aspect.

The technical support from Broadcom was splendid. Whenever we wrote tickets, they were answered immediately. Their support was remarkable.

Positive

We moved to a different vendor based on the organization's decision. However, I did not have control over this switch.

The initial setup and installation were managed by the IT tech team. Deployment took longer, particularly during installation and server restarts.

The IT tech team handled the installation phase.

I don't have a clear idea of the ROI.

I do not have an idea about pricing, as it is handled by another team responsible for procurements.

I haven't used another DLP solution apart from Symantec.

For any technology meets or usability meetings, I have often recommended Symantec Data Loss Prevention.

I'd rate the solution nine out of ten.

We use the solution to prevent it from data leakage.

Symantec DLP covers almost all the main trajectory of confidential data, including storage, endpoints, networks, and the cloud. We use it for discovery, prevention and network monitoring on the network side. In the cloud, we use cloud services such as email, detection services, and discovery.

Symantec Data Loss Prevention can both monitor and block data at the endpoint level. It can prevent copying and encoding of HTTP data to various sites like Google, and Webex. It can also prevent data leakage by capturing and blocking various forms of data, including images, videos, and audio. Even if an end user attempts to send an image file or screenshot, it will undergo scanning. Symantec Data Loss Prevention will extract fingerprints from the image and prevent the data from being transmitted.

Data Masking could be improved.

I have been using Symantec Data Loss Prevention as a reseller since 2005.

The product is stable.

I rate the solution’s stability an 8 out of 10.

I rate the solution’s scalability a 7 out of 10.

The initial setup is moderate. It'll take a day or 2, depending on troubleshooting needs and database integration. It only supports Oracle databases.

The product is expensive.

I rate the product’s pricing a 3 out of 10, where 1 is expensive and 10 is cheap.

We do have many built-in components on the policy tab. So, if you're in the UK or anywhere else, we have some pre-built policies, making it easy for users to configure. These policies cover SSN, driver's license information, and other sensitive conversations. Additionally, we have some import policies, making the process even easier.

We have almost 65 components, and we are the ones handling the stack for Broadcom. We are responsible for both level one and level two support for Broadcom.

Overall, I rate the solution an 8 out of 10.

We use Symantec DLP because we have different kinds of users who have been moving around for the mobility of their work, they work either from office, home or other offices. So the encryption of this solution supports us in controlling the data within the organization and not getting any data breached. 

All of the features are really important, including DLP for the OCR and endpoint. It will be all of the combined features that will give you the strength to control the data. Every feature has its own uniqueness, different control and will help you to protect the data. 

Their support program needs a lot of improvement. If you are stuck somewhere, getting their support can be difficult. 

Adding the feature of control over Bluetooth is very important right now, most BOPs are don't get control over the Bluetooth function. The features would become more friendly and their dashboard would help us. 

I have been working with this solution for four years. 

I would rate stability an eight out of ten. 

I would rate the scalability an eight out of ten. Our company has about two to three thousand users of this solution. 

Their support program needs to be improved. 

The solution has a simple setup and upgrade process. But both things require time to mature and further improve. The deployment process takes only a day if you have the hardware. 

The product pricing is above average, near to high. 

Trend Micro has a complete suite just like Symantec DLP. Both are good products and nearly equal to each other.

I would rate this product an eight out of ten. 

Symantec DMP is for preventing the loss of data from any part of the network, for example, from the network to the core of the data. It has many props, or as it's called in Symantec DLP, "detection servers." There are many detection servers, such as prevention servers and discover servers. Although they can be installed on one server, they can also be deployed on many servers, and they will prevent data leakage in a powerful manner.

Symantec DLP has many servers, and the solution is very powerful because you can use it in ports, endpoints, networks, and email servers to prevent the leakage of emails. DLP can be integrated with Symantec encryption. It's very important because you can integrate these products, and they will protect against the leakage or loss of data. For example, when someone loses flash memory, you can run the automatic response in DLP and encryption, and the flash memory will be encrypted. In the case of the loss of flash memory, it could be easily protected with automatic rules.

Symantec DLP could be better. Symantec DLP is very scalable, but while some other products have been improved in years, Symantec DLP is using core steel, and Symantec could be better with infrastructure.

I've used Symantec DLP for about nine or even ten years.

Symantec DLP is a stable product, and I give its stability a ten out of ten. I have had the solution break down, but it was a user interruption.

I give Symantec DLP's scalability a nine out of ten.

The initial setup is difficult. You need knowledge to use it. Symantec uses Oracle for the database, and not everybody can work with Oracle.

The solution takes one day, but only for server installation. But that is because it has a template. When you deploy the template on an Oracle database, it will take about 30 minutes to deploy the template.

I think that it's an expensive product, even as an enterprise-suite product.

I rate Symantec DLP a nine out of ten. Because of ransomware attacks, you must use a DLP in your environment in today's world.

We use DLP to monitor network traffic and prevent sensitive data from being exfiltrated outside of the company. Symantec also helps us discover data at rest in an environment that may be sensitive. The solution covers more than 10,000 users across various business units and layers, including endpoints, networks, and storage.

DLP is a control instrument for ensuring that an organization complies with regulatory requirements. For example, banks have requirements for storing credit card data, GLBA regulations, etc. DLP can help a bank avoid fines and protect it from civil liabilities.

Companies are audited annually, and DLP improves their risk posture. It ensures business operations won't get shut down because we don't know what we don't know. There are also internal threats, such as people leaving with privileged information on a USB. For instance, an earnings report could be stolen by a disgruntled worker and leaked to competitors. Symantec provides good definitions in the rule set. It can be customized to scan inside documents and pattern-match any unstructured data to comply with what the company needs.

The data-at-rest features are the most valuable because they let us identify data infected with ransomware and prevent employees from being exploited through phishing attacks. If an employee is compromised, the attacker can access servers and deposit ransomware. This enables the attacker to exfiltrate data remotely using employees' credentials. It might be valuable data that could cause a business reputational and financial damage if stolen and publicized. It could also be credit card data or personal health information stored on critical servers.

The false positive rate is excellent. It's about 90 percent accurate and gets better as we fine-tune the rule sets. When we have new incidents, we can work to lower the overall risk based on user behavior on the endpoint, the kinds of data we out on SharePoint, and the type of web or FDP traffic generated internally. I assess the effectiveness of a policy based on the number of false positives generated. We need to tune the rule set if it's greater than 20 percent. 

The solution's data recovery is fast. It depends on the size of your storage, but I have no complaints about the speed of data recovery because there are several detection servers with the necessary horsepower to handle the amount of data that needs to be discovered. It could be remotely scanning a SharePoint server or a file server. The local agents can process data in the expected timeframe.

The upgrade process is convoluted. The server and database software must run in line with third-party providers like the Oracle database. If an Oracle database reaches the end of its life, then servers must be decommissioned, and you need to bring new servers online.

When the maintenance packages are deployed to the management server, they don't get pushed to the detection servers. Each detection server must be manually installed rather than automatically made from a single server. If it's a large enterprise, you need to manually install it or use a GPO or some other technology, which I never use. 

The vendors should also give a heads-up long before updates are released so internal teams can meet their change management lead times. Some vendors don't provide enough notice. They often announce a new version or a vulnerability that needs patching a week before it comes out. It should be a month before. 

The upgrade packages should have better documentation on the upgrade procedure instead of prerequisites spread throughout multiple documents. The wording should be more precise.

I have used the solution for ten years.

Symantec DLP is highly stable. I've operated on Linux and Windows. Linux is stable and doesn't require much patching, but Windows requires more patching, and the service sometimes needs to be restarted. 

Symantec DLP has unlimited scalability if you buy enough licenses. Symantec has servers in the USA, Canada, Asia, and Europe that manage policies differently. For example, Europe has its own compliance rules for GDPR. Incident response can be managed well and segmented away from the rest of the world. You can implement Europe-specific policies. 

I rate Symantec technical support a seven out of ten. 

Neutral

I previously used an appliance called Websense to analyze traffic for data loss. I used other Broadcom tools before Broadcom bought Symantec called Broadcom Proxy and CloudSOC Gateway. I didn't switch from Websense to Broadcom. It was just something I tried, so it wasn't a full deployment. Symantec DLP is head and shoulders above the competing on-prem DLP solutions.

There are a few tricky parts when setting up Symantec DLP, but it's straightforward overall. We used an integrator for the deployment and didn't experience any hiccups after they were finished. About ten people from my company were involved. 

We have two or three people doing maintenance on the solution, like weekly health checks to ensure services are running and traffic flows through the console dashboard. We need to check the incidents generated from the detection servers and verify that everyone can log in. The main part of maintenance is periodic system updates and vulnerability patches.

We see an ROI. During testing, I found it captures and blocks immediately. DLP is able to perform the necessary alerts. We can work with the business and get them on board to see what kind of data they use. We can assign the right roles and manage each business to assess its performance in terms of data loss. Symantec enables us to generate reports to show if their security posture or data loss is changing over time. It's a valuable tool that does what it claims. 

The price of Symantec DLP is fair. I don't recall the cost of the license, but it wasn't outrageous enough that it was an obstacle to approval. I'm not concerned with how much per seat or server, but I know they charge a lot. 

If you're thinking about going for a cheaper solution, I suggest a close comparative analysis of the strengths and weaknesses of each solution by researching online and reading the vendor's documentation. You have to define your security requirements and look at factors like false positive ratios and whether it meets your compliance needs. Some companies only need to meet the minimum regulatory requirements, so a cheap solution that ticks all the right boxes might work. However, if security is the primary goal, you should compare the strengths and weaknesses of that cheap vendor against two or three other DLP vendors.

I didn't evaluate other solutions before choosing Symantec DLP this time, but I evaluated other DLPs for different projects. However, those were cloud-based DLPs, so it's not an apples-to-apples comparison. 

I rate Symantec Data Loss Prevention an eight out of ten.

We primarily use the solution to follow a process that's already come in. If anyone takes a snap of anything, we can see that. Anything sent through email, uploaded to a drive, or shared to a public drive can be extracted by the DLP agent. 

Whatever features Symantec has provided have all been valuable. The indexing features, where if anyone captures the image of the data, then it can be extracted to any of the channels, is quite useful. If you have a point DLP, email DLP, network DLP, et cetera it can capture that. 

It offers a pretty straightforward setup process. 

The solution can easily scale. 

It is stable. 

The support has been pretty decent.

The sensitivity to the agent path could be improved. Some of the false positive reporting could be detected by Symantec DLP better. 

Auto-parsing is required. We need to have agent auto-parsing. 

We need better clustering. Right now, the total amount of clusters depends upon Oracle. Instead of Oracle, the application-level cluster would be ideal.

Beyond that, we don't really need any new features as Symantec already offers pretty good items.

I've been using the solution for four years. The last time I used the solution was six months ago.

It's been stable and reliable. There are no bugs or glitches, and it doesn't crash or freeze. I'd rate stability eight out of ten. 

The solution is scalable. It expands easily. I'd rate the ability to scale nine out of ten.

We have about 15,000 people using the DLP part of Symantec.

Broadcom acquired the Symantec DLP, and they're supporting it nowadays. Since they are now giving the support via a partner, we find we get support right away.

I've also worked with Forcepoint DLP. It has a feature that allows for time-based user transfers. 

We have found the initial setup to be straightforward. I'd rate the ease of deployment nine out of ten. It's not overly complex in any way. 

Symantec already provides onsite authentication, Magneto integration, and email integration as a part of the product.

I don't handle the pricing. I'm not a part of the sales or purchasing team. 

We're a Symantec partner. 

I'd rate the solution nine out of ten. 

The use case for Symantec Data Loss Prevention depends on the requirements, for example, customer requirements and needs. Overall, the solution is used for identifying data and handling exact data matching criteria.

What I like about Symantec Data Loss Prevention is the technical support it provides. It's good.

Currently, I can't see any areas for improvement in Symantec Data Loss Prevention because the solution seems to be better than all the other vendors out there. It seems all the other vendors are trying to mimic what Symantec Data Loss Prevention is doing in terms of components, practice, and modules.

Sometimes setting up the solution can get a little tricky because it would depend on your internal infrastructure. For example, you have to connect the Symantec Data Loss Prevention platform and you need to integrate it, so that could make the process somewhat difficult.

I've been dealing with Symantec Data Loss Prevention for ten years. I'm using the most up-to-date version of the solution.

Symantec Data Loss Prevention is a stable solution.

Symantec Data Loss Prevention is a scalable solution.

I like the technical support for Symantec Data Loss Prevention. It's pretty good. Support is one of the advantages of the solution. Support is a little costly, but you get what you pay for.

The initial setup for Symantec Data Loss Prevention is straightforward, particularly if you use the guide, but it gets a little complex based on the networking connectivity you have within your environment. Sometimes setting up the solution can get a little tricky because it would depend on your internal infrastructure. For example, you have to connect the Symantec Data Loss Prevention platform and you need to integrate it, so that could make the process somewhat difficult.

The advice I would give to others looking into implementing Symantec Data Loss Prevention is to make sure they have a lot of resources on their servers, particularly in terms of disc size, CPU, etc. The bigger the box is, the better.

There's no perfect solution, so I'm giving Symantec Data Loss Prevention a rating of nine.