Symantec Data Loss Prevention Reviews

The primary use case for this solution is ensuring compliance. Organizations that handle sensitive data find it crucial to implement a data loss prevention solution to prevent unauthorized data breaches.

One of the most valuable aspects of this solution is its integration capabilities with Office 365. This integration enables comprehensive monitoring and control over data leaving the organization.

A significant area for improvement in the product is reducing the number of agents required and improving integration as a unified client ecosystem.

Integrating artificial intelligence to automate policy creation based on user behavior and data sensitivity would be highly beneficial

I have been using Symantec DLP since 2013.

I rate the product stability an eight. 

I rate the product scalability an eight or nine out of ten. 

Symantec has a good support network. However, since the acquisition by Broadcom, support has become more challenging, although some regions still provide excellent support.

The installation process for this solution, based on my experience, is straightforward and user-friendly, ensuring minimal disruption during deployment.

It can be deployed on-premises and in hybrid models, providing flexibility to organizations based on their specific security and operational needs.

The product is high-priced. However, it is worth it for the comprehensive data protection it provides.

We have considered products from other vendors like Microsoft, Forcepoint, McAfee, and Trend Micro. However, Symantec covers all aspects and use cases effectively.

Incident response capabilities are integral to this solution's functionality. It features robust workflow controls that facilitate timely and effective responses to security incidents.

I rate it a nine out of ten.

Symantec Data Loss Prevention is an enterprise-level solution and we utilize it for its customization, and flexibility across the platform as well as the excellent support and feature levels compared to other similar solutions.

There is still potential for improvement when it comes to data discovery over a network. How successful the process is depends largely on the network configuration and connectivity to the destination. Utilizing a detection server or network discovery can help facilitate the data discovery process. Recently, I discovered around 15,000 to 20,000 shareholders for Symantec using DLP for data discovery. Agent Discovery is also highly effective, with no performance issues showing up when performing endpoint discovery for the Symantec database.

I have not had much experience working with Macs, but they come with an in-built security feature. This can be challenging to work with, as not all features are supported in comparison to Windows. However, the solution recently became compatible with the Linux operating system, allowing us to deploy agents on this system as well.

Symantec Data Loss Prevention is a globally accepted product that provides an enterprise-level view of an organization. Although some of the features the solution offers are being utilized, there is still more potential to be explored if the organization puts more focus on using them to their fullest potential. Recently, the ICD or ID features, which cover all increase points and every other technology, were introduced. The solution provides features that correlate all events and generate top results. In DLP, the role bit and success management are present, allowing us to escalate incidents. We can also define an escalation process, allowing data owners to view incidents and escalate them as necessary. This functionality is provided by the solution. The primary goal of the DLP is to monitor and control the organization's data usage, as well as to facilitate audibility and accountability. Symantec Data Loss Prevention is well-suited to fulfill these needs.

The solution helps us find sensitive data and apply policies based on user risk. We can use indexing for highly confidential documents that are not to be published or shared with more than two to five people outside of the organization, such as the board of directors. Indexed Document Matching is a useful feature that can help ensure that the document remains secure. We can create remote detection over the product and map the UNC part. The data owner will put the file of a particular document, which will be converted into IDX format. We can then apply the policy remotely so that the data will not come to the DLP admin or any other person and will remain protected.

The solution offers a range of pre-defined data identifiers to meet all regulatory requirements, such as those mandated by the GDPR, PHI, PCI, and USUN. These data identifiers can be used to identify and protect personal data globally.

The solution helped reduce the time our DLP administrator spends on data loss protection. Spending time monitoring the data is essential. We have to stay up to date and investigate any issues that arise in order to improve health monitoring by fine-tuning incidents and reducing false positives because automation is not available. 

The solution offers a one-click view from a single console, with detailed incident investigation capabilities that capture activity from end users, the web, and email. Symantec Data Loss Prevention provides comprehensive information conveniently and efficiently while also conforming to good architectural standards.

Compared to Forcepoint DLP, we can see that the email is not available. In Symantec, we are dependent on other products, such as DashMagiq, to release quarantined emails. This is because DashMagiq is able to do this through its API integration with the Office 365 email box. Unlike Forcepoint DLP, we don't have the option to release quarantined emails ourselves.

The detection capabilities are comprehensive. The solution covers all channels and supports cloud scanning. Additionally, the cloud-based solutions provided by CASB offer additional functionalities and now include AdvExt.

Symantec Data Loss Prevention has good detection accuracy. In some instances, the solution can produce a false positive. The solution's Application Monitoring feature allows us to monitor data that should be uploaded through an application; however, it can trigger an incident when the application is opened. The features provided by Broadcom are generally practical, but some of the less-used features may not be as accurate.

Before the release of version 16.0, some features were missing. Location-based detection and USB print blocking are still not available. This means we cannot configure the blocking of a USB printer, and we also cannot identify whether a system is on the network or off the network in a large environment. Additionally, the feature that is currently available is not fully operational. The domain-based resolution can sometimes take time to determine whether the system is accessible over the network or not.

From a management perspective, it takes a lot of time to manage the infrastructure. It seems that having cloud options available would reduce the overhead of managing infrastructure. Depending on the organization, we can choose to have the solution on-premises or on the cloud. If we choose the cloud, we can focus more on data loss prevention instead of managing the infrastructure.

I have been using the solution for seven years.

Both the free and paid technical support from Symantec are good.

Positive

I give the solution a nine out of ten.

We have several use cases, the main one is probably the prevention of prohibited files from being uploaded. I'm a user of this product and a network engineer. 

Reporting is the most valuable feature the solution offers. It provides information on any incidents that occur in our environment. 

Symantec doesn't necessarily catch things that are happening in the DLP features such as someone attempting credit card fraud. For the future, I'd like to see better documentation with a more informative focus. 

I've been using this solution for about three years. 

This solution is stable. 

This is a scalable solution. We currently have 15,000 users so it's very scalable.

We have primary support from one of the vendors and they are good. 

The initial setup is not very complex but it's not simple either. We had assistance from the vendor. There is no maintenance required - at the initial stage we created a policy for monitoring only and we get the day to day logs. After that we impose a policy for blocking and justification. This solution is used on a daily basis. 

I've worked with other DLP solutions that I think were better than Symantec, but it's working well for us currently.

This is a good solution for us and I would recommend it. I'd rate Symantec DLP a nine out of 10. 

I am an L2 engineer. I'm doing the part of the implementation and the agent upgrades. If any requirements come in for Oracle upgrading we go forward and make it happen. Apart from that, we are doing agent installation and troubleshooting. 

Moreover, we'll be in contact with the SCCM team, and give packages to them. They will push the package to all the machines for the SCCM. We can connect to the virtual team and do the other lines for server backups or upgrades. 

The solution is very good at fingerprinting the documents. This means, basically if a user tries to modify the data or change the file extensions, the system will recognize this action. It will offer the DLP images, so it will fingerprint the data. If a user is trying to modify data, they're trying to change the extension to whatever data, it will tune in on the IP, based on the indexing. 

There are a lot of features. We can modify only particular agent configurations. 

A new feature I've seen is a device block, which is very interesting. Previously, we used to create a policy for blocking certain data, which was transferred from our local machine to the mobile media. Now, we found that there'll be one more option called agent configuration device control. Under the device control, there'll be a block device connections option. It will alert us that a USP has been blocked. 

The solution offers very good virtual machine learning. The ML will capture information based on certain policies. We haven't used it yet. We're still learning about it.

The solution offers good data classifications. What we used to do, is we used to create one template and we used to sit with different project team members. We'd collect the information from the project managers, on the management side. We'd put the information into one Excel sheet and collect the information from that. Now, we're using that to review one data classification tool. What it will do now is, whenever you're working in the document, is it will ask you to determine the data. It will ask that if it is internal or confidential.  

We can integrate with some other tools such as Splunk, which is very useful.

The problem is most companies use a single data protector. The drawback is that they will install Oracle in one server and the application also in one server and detection also, all in one server. If the server crashes, everything crashes. Things should be implemented on another server. 

Previously, when we had Dropbox, if we transferred a document, we would get a popup, and if we transferred 500 documents, we would get 500 popups. We're looking to find out if there is a way around this.

If we get a fatal error issue, if the agent isn't working out, we need a hard fix file. We need to check in pre-production machines. 

When we're doing data scanning, the machines can be slow. 

In the object capture recognition, which we implemented recently, there are a lot of false positives that have been happening. We are expecting them to fix this issue soon.

I've been using the solution for four and a half years at this point.

Occasionally, there are stability issues. If that's the case, I can help clients troubleshoot them.

The solution is very easy to scale. If a company needs to expand it, it can do so with relative ease.

Whenever any issues are reported, for example, a fatal error or multiple errors, or if any machines come up with a blue screen, et cetera, well look for patch releases. We tend to do that monthly and push them to machines.  However, sometimes the issues might be very bad. For example, sometimes the KB will be not compatible with the Symantec DLP, or some of the versions. Maybe an agent will be corrupted, or a machine will get rebooted multiple times.

Initially, we'll check the logs. We'll do the checking and the troubleshooting and the removal of agents if necessary. We initially collect requirement logs and upload them to the Symantec portal. From those details, they will create a hard fix file for us and we will implement it. 

We work well together. We're quite satisfied with the level of service they provide and the assistance they give when we have issues. 

The initial setup is straightforward.

Usually, if we are doing it from the scratch, every time when we are doing the implementation, there will be one document that will be created for other servers. 

If new users come on, they'll reference the document. It's part of our best practices. 

We recommend that someone should be available via stacking, somewhere. For example, to set up the password with the protector, or as an admin password. We used to prefer at least one person. If we get stuck, we'll have a Symantec engineer on a call to assist us. 

Usually, I'll do everything from the scratch, setting up the port under whatever LAN is required and what other system requires. 

For an Oracle installation, it will take three hours or four hours. And for the server that's at least one hour. A total of five hours to six hours is required in order to complete our implementation.

The maintenance is contract-based. Some of the clients will ask that only I implement the Symantec DLP. Then we'll do the implementation and we'll create some documents as per requirements. Clients will ask the contract be for one year or two years, and we'll do the analysis and the reports, which we need to send on a daily basis and weekly basis and monthly basis and quarterly basis. On yearly ones, we'll do the auditing. 

We used to delete the duplicate machines, or any machines supposed to be in stock or offline. Every month we will send the policy to our customers asking if there is anything they want to add, or any rule they want to delete, or anything specifically they want to create, et cetera. For example, if there are any personal kinds of users they want to monitor. We'll whatever they recommend. This is the type of maintenance I do.

The pricing is moderate. It's not the cheapest, or the most expensive. 

There are various types of licenses. For example, if you are a customer for endpoint prevention, that is a different license. And if you want to cloud prevent, that is a different license. It's flexible. If you need to purchase a full suite, you can purchase it, or if you want only endpoint or cloud or network, you can buy it as a separate command.

We are implementors. 

As of now, in my current company, I was designed to DLP around seven months back. My previous company is a service-based company. Normally we will connect with other partners. 

Usually, we are service providers, so we'll take the project from Symantec and we will implement the approach for our business partners. Then we'll go directly to the onset location and we'll stay there and we'll do the implementation and we'll create a policy, as per the requirements. We'll do the handout documents to the management team, and we'll relocate them to the local engineers. These kinds of activities I've done. For around four years, I've continuously been doing this DLP and encryption.

I'd recommend the solution. I'd rate it at a ten out of ten.

We use Symantec Data Loss Prevention mostly for preventing and protecting against email threats. The tool tracks internal to external emails. Whatever attachment there is that's moving from internal to external is also tracked. If someone's sending a file, it would also be forwarded to the team lead or manager. The password for signing into the email should not be shared because when shared, it will be blocked. We have configured these policies in Symantec Data Loss Prevention. The tool also tracks whenever a user transfers data from one machine to another. These are our use cases for it.

What we like about Symantec Data Loss Prevention is that it's a very good product. We never faced any problems with its performance. It has very good performance. There was this RAM issue, but it was an internal issue which we've sorted out. Apart from the RAM issue, there are no other issues with Symantec Data Loss Prevention.

What could be improved in Symantec Data Loss Prevention is its security. It should be more secure.

I've been dealing with Symantec Data Loss Prevention for almost four years.

Symantec Data Loss Prevention is a stable tool.

The technical support for Symantec Data Loss Prevention is very good.

The installation for Symantec Data Loss Prevention was straightforward. It took almost fifteen days to completely roll it out.

I have experience with Symantec Data Loss Prevention. I've implemented it. I was the Symantec expert, and I've also implemented Symantec Endpoint Protection, Symantec Mail Security for Exchange, Symantec SharePoint, and Symantec network storage devices, in my previous projects.

Symantec Data Loss Prevention was deployed on-premises only because the customer requirement was to not forward the logs through the cloud directly, so the solution was installed on-premises.

In terms of the number of clients my company has for Symantec Data Loss Prevention, there are currently two thousand clients.

I would surely recommend the tool to others. Whenever my company goes to the customers, the team always recommends either Forcepoint or Symantec Data Loss Prevention.

My rating for Symantec Data Loss Prevention is nine out of ten.

Our company is a partner and deploys the solution for customers as a management server and email network.

The solution is simple to use with good administrative controls and a console that is easy to understand. This is particularly important because end users are security engineers, CSOs and compliance managers with minimal technical knowledge. 

The DLP is very effective on the application side because there is a control on both endpoint and network storage. These components are separate from each other which needs to be planned out carefully but reduces server needs. 

The solution should integrate with other databases because it relies on Oracle which is not financially feasible for many customers, particularly in small or poor countries. Oracle is very expensive on the cloud side. 

Operational costs are too high for small offices that rely on Microsoft Office, so they instead opt for free yet powerful databases such as MySQL. 

Data tagging and classification would be useful because multiple agent roles are needed solve issues. 

I have been using the solution for ten years. 

The network and storage are very stable. 

I've experienced a few issues with the DLP agent on the windows side when operating systems are mismatched or there is an issue with a group policy. 

The solution is scalable. 

The effectiveness of technical supports depends on the agent. Support from America is good because they immediately direct you to a person or department knowledgeable in your issue. 

For example, American support asks if deployments are new or old and then opens the appropriate case type which speeds up the process. 

I rate customer support a seven out of ten. 

Neutral

The initial setup and implementation are very straightforward. 

Setup is very clear and much easier than McAfee or Forcepoint. 

I rate setup an eight out of ten. 

We implement the solution for our customers. 

The solution's pricing is based on a license model. 

The DLP category is very competitive and we implement tools based on our client's needs such as the solution, Forcepoint, and Microsoft. 

Competitive products don't even compare to the solution with regard to its capabilities. 

The only reason to choose another solution is budget because the solution requires licenses for the product and the database. 

I rate the solution a seven out of ten. 

Our primary use case for Symantec Data Loss Prevention revolves around addressing internal data security concerns, particularly email communication and data leakage prevention.

Symantec Data Loss Prevention has significantly improved our organization, particularly regarding data management and incident response. The solution has streamlined internal processes and enhanced data security measures. By integrating Symantec into our management systems, we've achieved better packaging and handling of sensitive information.

The most valuable features of Symantec Data Loss Prevention (DLP) are the Optical Character Recognition (OCR) functionality and its automation capabilities.

The product's pricing and support services need improvement.

The platform is stable. Initially, there were minor delays during the setup phase, especially when implementing certain features on the cloud. However, these issues have been resolved over time, and the system runs smoothly. It has been consistently reliable for the past three years. While it may demand slightly higher bandwidth, it remains easily adaptable to any network environment.

I rate the platform's scalability a nine out of ten. Currently, we are working with three companies as our customers for the product, one of which boasts over 10,000 users.

Our experience with customer service and support has improved over time. Previously, we encountered technical issues and concerns while working in the same area of DLP. However, in 2020, we noticed a positive shift. The team has become more responsive and effective in addressing our needs. The personnel handling technical support are helpful.

To deploy Symantec to protect sensitive information in our company, we implement various policies such as web, endpoint, mail, and cloud prevention. While the deployment process itself is simple, there is a requirement for an Oracle database, which can add a layer of complexity, particularly for smaller businesses that may not have the infrastructure readily available. However, we offer a software solution that manages this aspect. We leverage both on-premises and cloud-based functionalities, with customization options available for policies. Default configurations work well for cloud-based deployments, and we utilize comprehensive licensing packages. Cloud management simplifies deployment and implementation tasks significantly compared to on-premises setups, reducing the burden on our team and clients. However, there can be challenges when transitioning existing customers from on-premises to cloud-based solutions, particularly regarding feature availability and accessibility.

The platform is expensive.

The platform provides valuable data for preventing loss in various ways. It operates on a cloud-based platform and is beneficial through email and the web.

The incident response capability has been instrumental in mitigating potential data loss. The response agents are deployed strategically, and licenses govern their access. It ensures that only authorized personnel with the appropriate IT label can intervene.

I rate it an eight out of ten.

I use Symantec Data Loss Prevention since it is a product that is currently involved in an API-level integration with Google Chrome while ensuring that users get to avail some advanced features in the current version of the solution, making it an overall good tool.

The most valuable feature of the solution is its OCR process for image recognition. Symantec Data Loss Prevention can extract all the data from the image. In scenarios where a user may be trying to get some screenshots of certain confidential documents, Symantec Data Loss Prevention will extract whatever data is included in that image, after which it may block the user who was involved in the act.

Symantec Data Loss Prevention's AI technology has certain shortcomings where improvements can be made. Some source code developer companies may have multiple source code data available, and our company may upload such multiple source code data, which may go up to 50 GB of data in Symantec Data Loss Prevention, and expect the AI part to look into what should be the confidential part in such a file so that we can create a policy in our company to manage what should be blocked or allowed.

I have been using Symantec Data Loss Prevention for two years.

It is a stable solution. With Symantec Data Loss Prevention, I have never experienced any downtime.

It is a scalable solution.

The solution's technical support was good. The technical support team of Symantec used to take up cases or issues on priority.

For Symantec Data Loss Prevention, my company needs to deploy a database from Oracle and add a detection server depending on the organization's needs. A company can proceed with either a two-tier deployment or a three-tier deployment. A database from Symantec needs to be included during the deployment process compulsorily.

The solution can be deployed in a day or two. Preparing the database takes one day, and adding Symantec's detection server takes around 30 to 60 minutes.

The solution is deployed on an on-premises model.

Right now, my company seems to be interested in Censornet's DLP product features.

I recommend the product to those who plan to use it since it offers all the good features, along with a good GUI and user experience.

I rate the overall product an eight out of ten.