Try our new research platform with insights from 80,000+ expert users
reviewer2098977 - PeerSpot reviewer
Manager at a financial services firm with 1,001-5,000 employees
Real User
Helps to meet all regulatory requirements, is customizable, and flexible
Pros and Cons
  • "The detection capabilities are comprehensive."
  • "From a management perspective, it takes a lot of time to manage the infrastructure."

What is our primary use case?

Symantec Data Loss Prevention is an enterprise-level solution and we utilize it for its customization, and flexibility across the platform as well as the excellent support and feature levels compared to other similar solutions.

How has it helped my organization?

There is still potential for improvement when it comes to data discovery over a network. How successful the process is depends largely on the network configuration and connectivity to the destination. Utilizing a detection server or network discovery can help facilitate the data discovery process. Recently, I discovered around 15,000 to 20,000 shareholders for Symantec using DLP for data discovery. Agent Discovery is also highly effective, with no performance issues showing up when performing endpoint discovery for the Symantec database.

I have not had much experience working with Macs, but they come with an in-built security feature. This can be challenging to work with, as not all features are supported in comparison to Windows. However, the solution recently became compatible with the Linux operating system, allowing us to deploy agents on this system as well.

Symantec Data Loss Prevention is a globally accepted product that provides an enterprise-level view of an organization. Although some of the features the solution offers are being utilized, there is still more potential to be explored if the organization puts more focus on using them to their fullest potential. Recently, the ICD or ID features, which cover all increase points and every other technology, were introduced. The solution provides features that correlate all events and generate top results. In DLP, the role bit and success management are present, allowing us to escalate incidents. We can also define an escalation process, allowing data owners to view incidents and escalate them as necessary. This functionality is provided by the solution. The primary goal of the DLP is to monitor and control the organization's data usage, as well as to facilitate audibility and accountability. Symantec Data Loss Prevention is well-suited to fulfill these needs.

The solution helps us find sensitive data and apply policies based on user risk. We can use indexing for highly confidential documents that are not to be published or shared with more than two to five people outside of the organization, such as the board of directors. Indexed Document Matching is a useful feature that can help ensure that the document remains secure. We can create remote detection over the product and map the UNC part. The data owner will put the file of a particular document, which will be converted into IDX format. We can then apply the policy remotely so that the data will not come to the DLP admin or any other person and will remain protected.

The solution offers a range of pre-defined data identifiers to meet all regulatory requirements, such as those mandated by the GDPR, PHI, PCI, and USUN. These data identifiers can be used to identify and protect personal data globally.

The solution helped reduce the time our DLP administrator spends on data loss protection. Spending time monitoring the data is essential. We have to stay up to date and investigate any issues that arise in order to improve health monitoring by fine-tuning incidents and reducing false positives because automation is not available. 

What is most valuable?

The solution offers a one-click view from a single console, with detailed incident investigation capabilities that capture activity from end users, the web, and email. Symantec Data Loss Prevention provides comprehensive information conveniently and efficiently while also conforming to good architectural standards.

Compared to Forcepoint DLP, we can see that the email is not available. In Symantec, we are dependent on other products, such as DashMagiq, to release quarantined emails. This is because DashMagiq is able to do this through its API integration with the Office 365 email box. Unlike Forcepoint DLP, we don't have the option to release quarantined emails ourselves.

The detection capabilities are comprehensive. The solution covers all channels and supports cloud scanning. Additionally, the cloud-based solutions provided by CASB offer additional functionalities and now include AdvExt.

Symantec Data Loss Prevention has good detection accuracy. In some instances, the solution can produce a false positive. The solution's Application Monitoring feature allows us to monitor data that should be uploaded through an application; however, it can trigger an incident when the application is opened. The features provided by Broadcom are generally practical, but some of the less-used features may not be as accurate.

What needs improvement?

Before the release of version 16.0, some features were missing. Location-based detection and USB print blocking are still not available. This means we cannot configure the blocking of a USB printer, and we also cannot identify whether a system is on the network or off the network in a large environment. Additionally, the feature that is currently available is not fully operational. The domain-based resolution can sometimes take time to determine whether the system is accessible over the network or not.

From a management perspective, it takes a lot of time to manage the infrastructure. It seems that having cloud options available would reduce the overhead of managing infrastructure. Depending on the organization, we can choose to have the solution on-premises or on the cloud. If we choose the cloud, we can focus more on data loss prevention instead of managing the infrastructure.

Buyer's Guide
Symantec Data Loss Prevention
November 2024
Learn what your peers think about Symantec Data Loss Prevention. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,067 professionals have used our research since 2012.

For how long have I used the solution?

I have been using the solution for seven years.

How are customer service and support?

Both the free and paid technical support from Symantec are good.

How would you rate customer service and support?

Positive

What other advice do I have?

I give the solution a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Network Engineer at LTTS
Real User
Provides an excellent reporting feature
Pros and Cons
  • "The solution offers great reporting."
  • "The solution could offer improved more informative documentation."

What is our primary use case?

We have several use cases, the main one is probably the prevention of prohibited files from being uploaded. I'm a user of this product and a network engineer. 

What is most valuable?

Reporting is the most valuable feature the solution offers. It provides information on any incidents that occur in our environment. 

What needs improvement?

Symantec doesn't necessarily catch things that are happening in the DLP features such as someone attempting credit card fraud. For the future, I'd like to see better documentation with a more informative focus. 

For how long have I used the solution?

I've been using this solution for about three years. 

What do I think about the stability of the solution?

This solution is stable. 

What do I think about the scalability of the solution?

This is a scalable solution. We currently have 15,000 users so it's very scalable.

How are customer service and technical support?

We have primary support from one of the vendors and they are good. 

How was the initial setup?

The initial setup is not very complex but it's not simple either. We had assistance from the vendor. There is no maintenance required - at the initial stage we created a policy for monitoring only and we get the day to day logs. After that we impose a policy for blocking and justification. This solution is used on a daily basis. 

Which other solutions did I evaluate?

I've worked with other DLP solutions that I think were better than Symantec, but it's working well for us currently.

What other advice do I have?

This is a good solution for us and I would recommend it. I'd rate Symantec DLP a nine out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Symantec Data Loss Prevention
November 2024
Learn what your peers think about Symantec Data Loss Prevention. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,067 professionals have used our research since 2012.
Moataz  Ahmed - PeerSpot reviewer
Senior Network & Security Administrator at a financial services firm with 10,001+ employees
Real User
Top 10
Has efficient data transmission blocking features, but its technical support services need improvement
Pros and Cons
  • "The product helps with blocking sensitive data transmission and permission management."
  • "The product's technical support services need improvement."

What is our primary use case?

We use the product to mitigate the malicious attack and prevent data loss for specific servers.

What is most valuable?

The product helps with blocking sensitive data transmission and permission management.

What needs improvement?

The product's technical support services need improvement.

For how long have I used the solution?

We have been using Symantec Data Loss Prevention for three years.

What do I think about the stability of the solution?

It is a stable product. I rate its stability a nine out of ten.

What do I think about the scalability of the solution?

We have 20 Symantec Data Loss Prevention users in our organization. We use it daily. I rate its scalability a seven out of ten.

How are customer service and support?

The technical support team replies slowly. The process needs enhancement.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup takes a few days. However, overall, it requires a month to fine-tune the components. The deployment team includes one or two vendor executives and multiple teams from our organization. One executive can easily maintain the product. I rate the process a seven out of ten.

What about the implementation team?

We take help from third-party integrators for product implementation.

What's my experience with pricing, setup cost, and licensing?

The platform is not very expensive. I rate its pricing an eight out of ten.

What other advice do I have?

I recommend Symantec Data Loss Prevention and rate it a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Associate at a insurance company with 10,001+ employees
Real User
Great technical support, good features, and scales well
Pros and Cons
  • "We can integrate with some other tools such as Splunk, which is very useful."
  • "In the object capture recognition, which we implemented recently, there are a lot of false positives that have been happening."

What is our primary use case?

I am an L2 engineer. I'm doing the part of the implementation and the agent upgrades. If any requirements come in for Oracle upgrading we go forward and make it happen. Apart from that, we are doing agent installation and troubleshooting. 

Moreover, we'll be in contact with the SCCM team, and give packages to them. They will push the package to all the machines for the SCCM. We can connect to the virtual team and do the other lines for server backups or upgrades. 

What is most valuable?

The solution is very good at fingerprinting the documents. This means, basically if a user tries to modify the data or change the file extensions, the system will recognize this action. It will offer the DLP images, so it will fingerprint the data. If a user is trying to modify data, they're trying to change the extension to whatever data, it will tune in on the IP, based on the indexing. 

There are a lot of features. We can modify only particular agent configurations. 

A new feature I've seen is a device block, which is very interesting. Previously, we used to create a policy for blocking certain data, which was transferred from our local machine to the mobile media. Now, we found that there'll be one more option called agent configuration device control. Under the device control, there'll be a block device connections option. It will alert us that a USP has been blocked. 

The solution offers very good virtual machine learning. The ML will capture information based on certain policies. We haven't used it yet. We're still learning about it.

The solution offers good data classifications. What we used to do, is we used to create one template and we used to sit with different project team members. We'd collect the information from the project managers, on the management side. We'd put the information into one Excel sheet and collect the information from that. Now, we're using that to review one data classification tool. What it will do now is, whenever you're working in the document, is it will ask you to determine the data. It will ask that if it is internal or confidential.  

We can integrate with some other tools such as Splunk, which is very useful.

What needs improvement?

The problem is most companies use a single data protector. The drawback is that they will install Oracle in one server and the application also in one server and detection also, all in one server. If the server crashes, everything crashes. Things should be implemented on another server. 

Previously, when we had Dropbox, if we transferred a document, we would get a popup, and if we transferred 500 documents, we would get 500 popups. We're looking to find out if there is a way around this.

If we get a fatal error issue, if the agent isn't working out, we need a hard fix file. We need to check in pre-production machines. 

When we're doing data scanning, the machines can be slow. 

In the object capture recognition, which we implemented recently, there are a lot of false positives that have been happening. We are expecting them to fix this issue soon.

For how long have I used the solution?

I've been using the solution for four and a half years at this point.

What do I think about the stability of the solution?

Occasionally, there are stability issues. If that's the case, I can help clients troubleshoot them.

What do I think about the scalability of the solution?

The solution is very easy to scale. If a company needs to expand it, it can do so with relative ease.

How are customer service and technical support?

Whenever any issues are reported, for example, a fatal error or multiple errors, or if any machines come up with a blue screen, et cetera, well look for patch releases. We tend to do that monthly and push them to machines.  However, sometimes the issues might be very bad. For example, sometimes the KB will be not compatible with the Symantec DLP, or some of the versions. Maybe an agent will be corrupted, or a machine will get rebooted multiple times.

Initially, we'll check the logs. We'll do the checking and the troubleshooting and the removal of agents if necessary. We initially collect requirement logs and upload them to the Symantec portal. From those details, they will create a hard fix file for us and we will implement it. 

We work well together. We're quite satisfied with the level of service they provide and the assistance they give when we have issues. 

How was the initial setup?

The initial setup is straightforward.

Usually, if we are doing it from the scratch, every time when we are doing the implementation, there will be one document that will be created for other servers. 

If new users come on, they'll reference the document. It's part of our best practices. 

We recommend that someone should be available via stacking, somewhere. For example, to set up the password with the protector, or as an admin password. We used to prefer at least one person. If we get stuck, we'll have a Symantec engineer on a call to assist us. 

Usually, I'll do everything from the scratch, setting up the port under whatever LAN is required and what other system requires. 

For an Oracle installation, it will take three hours or four hours. And for the server that's at least one hour. A total of five hours to six hours is required in order to complete our implementation.

The maintenance is contract-based. Some of the clients will ask that only I implement the Symantec DLP. Then we'll do the implementation and we'll create some documents as per requirements. Clients will ask the contract be for one year or two years, and we'll do the analysis and the reports, which we need to send on a daily basis and weekly basis and monthly basis and quarterly basis. On yearly ones, we'll do the auditing. 

We used to delete the duplicate machines, or any machines supposed to be in stock or offline. Every month we will send the policy to our customers asking if there is anything they want to add, or any rule they want to delete, or anything specifically they want to create, et cetera. For example, if there are any personal kinds of users they want to monitor. We'll whatever they recommend. This is the type of maintenance I do.

What's my experience with pricing, setup cost, and licensing?

The pricing is moderate. It's not the cheapest, or the most expensive. 

There are various types of licenses. For example, if you are a customer for endpoint prevention, that is a different license. And if you want to cloud prevent, that is a different license. It's flexible. If you need to purchase a full suite, you can purchase it, or if you want only endpoint or cloud or network, you can buy it as a separate command.

What other advice do I have?

We are implementors. 

As of now, in my current company, I was designed to DLP around seven months back. My previous company is a service-based company. Normally we will connect with other partners. 

Usually, we are service providers, so we'll take the project from Symantec and we will implement the approach for our business partners. Then we'll go directly to the onset location and we'll stay there and we'll do the implementation and we'll create a policy, as per the requirements. We'll do the handout documents to the management team, and we'll relocate them to the local engineers. These kinds of activities I've done. For around four years, I've continuously been doing this DLP and encryption.

I'd recommend the solution. I'd rate it at a ten out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
PeerSpot user
Nikhilesh Verma - PeerSpot reviewer
IT Security Specialist at TT Systems LLC
Real User
Top 10
Installation was straightforward and technical support was good
Pros and Cons
  • "What we like about Symantec Data Loss Prevention is that it's a very good product. We never faced any problems with its performance. It has very good performance. There was this RAM issue, but it was an internal issue which we've sorted out. Apart from the RAM issue, there are no other issues with Symantec Data Loss Prevention."
  • "What could be improved in Symantec Data Loss Prevention is its security. It should be more secure."

What is our primary use case?

We use Symantec Data Loss Prevention mostly for preventing and protecting against email threats. The tool tracks internal to external emails. Whatever attachment there is that's moving from internal to external is also tracked. If someone's sending a file, it would also be forwarded to the team lead or manager. The password for signing into the email should not be shared because when shared, it will be blocked. We have configured these policies in Symantec Data Loss Prevention. The tool also tracks whenever a user transfers data from one machine to another. These are our use cases for it.

What is most valuable?

What we like about Symantec Data Loss Prevention is that it's a very good product. We never faced any problems with its performance. It has very good performance. There was this RAM issue, but it was an internal issue which we've sorted out. Apart from the RAM issue, there are no other issues with Symantec Data Loss Prevention.

What needs improvement?

What could be improved in Symantec Data Loss Prevention is its security. It should be more secure.

For how long have I used the solution?

I've been dealing with Symantec Data Loss Prevention for almost four years.

What do I think about the stability of the solution?

Symantec Data Loss Prevention is a stable tool.

How are customer service and support?

The technical support for Symantec Data Loss Prevention is very good.

How was the initial setup?

The installation for Symantec Data Loss Prevention was straightforward. It took almost fifteen days to completely roll it out.

What other advice do I have?

I have experience with Symantec Data Loss Prevention. I've implemented it. I was the Symantec expert, and I've also implemented Symantec Endpoint Protection, Symantec Mail Security for Exchange, Symantec SharePoint, and Symantec network storage devices, in my previous projects.

Symantec Data Loss Prevention was deployed on-premises only because the customer requirement was to not forward the logs through the cloud directly, so the solution was installed on-premises.

In terms of the number of clients my company has for Symantec Data Loss Prevention, there are currently two thousand clients.

I would surely recommend the tool to others. Whenever my company goes to the customers, the team always recommends either Forcepoint or Symantec Data Loss Prevention.

My rating for Symantec Data Loss Prevention is nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
PeerSpot user
Muhammad Ejaz ul Hassan - PeerSpot reviewer
CEO at RISE Technologies
Real User
Top 5
A solution with superb capabilities and administrative controls but its reliance on Oracle is limiting
Pros and Cons
  • "The solution is simple to use with good administrative controls and a console that is easy to understand."
  • "The solution relies on and Oracle database which is not financially feasible for many customers."

What is our primary use case?

Our company is a partner and deploys the solution for customers as a management server and email network.

What is most valuable?

The solution is simple to use with good administrative controls and a console that is easy to understand. This is particularly important because end users are security engineers, CSOs and compliance managers with minimal technical knowledge. 

The DLP is very effective on the application side because there is a control on both endpoint and network storage. These components are separate from each other which needs to be planned out carefully but reduces server needs. 

What needs improvement?

The solution should integrate with other databases because it relies on Oracle which is not financially feasible for many customers, particularly in small or poor countries. Oracle is very expensive on the cloud side. 

Operational costs are too high for small offices that rely on Microsoft Office, so they instead opt for free yet powerful databases such as MySQL. 

Data tagging and classification would be useful because multiple agent roles are needed solve issues. 

For how long have I used the solution?

I have been using the solution for ten years. 

What do I think about the stability of the solution?

The network and storage are very stable. 

I've experienced a few issues with the DLP agent on the windows side when operating systems are mismatched or there is an issue with a group policy. 

What do I think about the scalability of the solution?

The solution is scalable. 

How are customer service and support?

The effectiveness of technical supports depends on the agent. Support from America is good because they immediately direct you to a person or department knowledgeable in your issue. 

For example, American support asks if deployments are new or old and then opens the appropriate case type which speeds up the process. 

I rate customer support a seven out of ten. 

How would you rate customer service and support?

Neutral

How was the initial setup?

The initial setup and implementation are very straightforward. 

Setup is very clear and much easier than McAfee or Forcepoint. 

I rate setup an eight out of ten. 

What about the implementation team?

We implement the solution for our customers. 

What's my experience with pricing, setup cost, and licensing?

The solution's pricing is based on a license model. 

Which other solutions did I evaluate?

The DLP category is very competitive and we implement tools based on our client's needs such as the solution, Forcepoint, and Microsoft. 

What other advice do I have?

Competitive products don't even compare to the solution with regard to its capabilities. 

The only reason to choose another solution is budget because the solution requires licenses for the product and the database. 

I rate the solution a seven out of ten. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator / Partner
PeerSpot user
Shridhar Shimpi - PeerSpot reviewer
Technical Support Engineer at Jainam Technologies
Real User
Top 5
Enhances data security measures and provides efficient automation features
Pros and Cons
  • "The incident response capability has been instrumental in mitigating potential data loss."
  • "The product's pricing and support services need improvement."

What is our primary use case?

Our primary use case for Symantec Data Loss Prevention revolves around addressing internal data security concerns, particularly email communication and data leakage prevention.

How has it helped my organization?

Symantec Data Loss Prevention has significantly improved our organization, particularly regarding data management and incident response. The solution has streamlined internal processes and enhanced data security measures. By integrating Symantec into our management systems, we've achieved better packaging and handling of sensitive information.

What is most valuable?

The most valuable features of Symantec Data Loss Prevention (DLP) are the Optical Character Recognition (OCR) functionality and its automation capabilities.

What needs improvement?

The product's pricing and support services need improvement.

What do I think about the stability of the solution?

The platform is stable. Initially, there were minor delays during the setup phase, especially when implementing certain features on the cloud. However, these issues have been resolved over time, and the system runs smoothly. It has been consistently reliable for the past three years. While it may demand slightly higher bandwidth, it remains easily adaptable to any network environment.

What do I think about the scalability of the solution?

I rate the platform's scalability a nine out of ten. Currently, we are working with three companies as our customers for the product, one of which boasts over 10,000 users.

How are customer service and support?

Our experience with customer service and support has improved over time. Previously, we encountered technical issues and concerns while working in the same area of DLP. However, in 2020, we noticed a positive shift. The team has become more responsive and effective in addressing our needs. The personnel handling technical support are helpful.

How was the initial setup?

To deploy Symantec to protect sensitive information in our company, we implement various policies such as web, endpoint, mail, and cloud prevention. While the deployment process itself is simple, there is a requirement for an Oracle database, which can add a layer of complexity, particularly for smaller businesses that may not have the infrastructure readily available. However, we offer a software solution that manages this aspect. We leverage both on-premises and cloud-based functionalities, with customization options available for policies. Default configurations work well for cloud-based deployments, and we utilize comprehensive licensing packages. Cloud management simplifies deployment and implementation tasks significantly compared to on-premises setups, reducing the burden on our team and clients. However, there can be challenges when transitioning existing customers from on-premises to cloud-based solutions, particularly regarding feature availability and accessibility.

What's my experience with pricing, setup cost, and licensing?

The platform is expensive.

What other advice do I have?

The platform provides valuable data for preventing loss in various ways. It operates on a cloud-based platform and is beneficial through email and the web.

The incident response capability has been instrumental in mitigating potential data loss. The response agents are deployed strategically, and licenses govern their access. It ensures that only authorized personnel with the appropriate IT label can intervene.

I rate it an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Aman-Yadav - PeerSpot reviewer
Sr technical support executive at Immenzza
Real User
Top 5
A stable and scalable tool that detects users accessing information from confidential documents
Pros and Cons
  • "It is a scalable solution...The solution's technical support was good."
  • "Symantec Data Loss Prevention's AI technology has certain shortcomings where improvements can be made."

What is our primary use case?

I use Symantec Data Loss Prevention since it is a product that is currently involved in an API-level integration with Google Chrome while ensuring that users get to avail some advanced features in the current version of the solution, making it an overall good tool.

What is most valuable?

The most valuable feature of the solution is its OCR process for image recognition. Symantec Data Loss Prevention can extract all the data from the image. In scenarios where a user may be trying to get some screenshots of certain confidential documents, Symantec Data Loss Prevention will extract whatever data is included in that image, after which it may block the user who was involved in the act.

What needs improvement?

Symantec Data Loss Prevention's AI technology has certain shortcomings where improvements can be made. Some source code developer companies may have multiple source code data available, and our company may upload such multiple source code data, which may go up to 50 GB of data in Symantec Data Loss Prevention, and expect the AI part to look into what should be the confidential part in such a file so that we can create a policy in our company to manage what should be blocked or allowed.

For how long have I used the solution?

I have been using Symantec Data Loss Prevention for two years.

What do I think about the stability of the solution?

It is a stable solution. With Symantec Data Loss Prevention, I have never experienced any downtime.

What do I think about the scalability of the solution?

It is a scalable solution.

How are customer service and support?

The solution's technical support was good. The technical support team of Symantec used to take up cases or issues on priority.

How was the initial setup?

For Symantec Data Loss Prevention, my company needs to deploy a database from Oracle and add a detection server depending on the organization's needs. A company can proceed with either a two-tier deployment or a three-tier deployment. A database from Symantec needs to be included during the deployment process compulsorily.

The solution can be deployed in a day or two. Preparing the database takes one day, and adding Symantec's detection server takes around 30 to 60 minutes.

The solution is deployed on an on-premises model.

Which other solutions did I evaluate?

Right now, my company seems to be interested in Censornet's DLP product features.

What other advice do I have?

I recommend the product to those who plan to use it since it offers all the good features, along with a good GUI and user experience.

I rate the overall product an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Symantec Data Loss Prevention Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Product Categories
Data Loss Prevention (DLP)
Buyer's Guide
Download our free Symantec Data Loss Prevention Report and get advice and tips from experienced pros sharing their opinions.