Symantec Data Loss Prevention Reviews

I like how I have the possibility to check different channels with the same policy set.

The machine learning solution is very good. Many of our partners are not using mostly the machine learning function yet, however, the index document matching, the IDM, and the actual data matching function are the most useful. Those are very, very good functions of the DLP.

The OCR functionality could be better. We have OCR functionality. However, it is not as effective. It could be more effective. They need to work on the function that can catch PDF 5 and PDF 5 based on pictures, images, JPEGs, and so on, with text-to-all content. The main goal of this is to check those pictures against corporate policies.

I'd like it if, in DLP, the agent could have more detection capabilities.

Currently, many features can work only with Endpoint Prevention, Network Prevention, and Email Prevention. Those capabilities do not work on the Endpoint Prevent and Endpoint Detection. 

They need to expand the channels they check. It could be wider. So it should be able to check, for example, WhatsApp and mobile solutions, mobile communications, Facebook, et cetera. We're worried about data leakage on these channels. 

I've been using the solution for six to eight years.

In terms of stability, we have issues, yet not too many. The basic functionality works fine. In my opinion, it is one of the best of the market.

The solution is scalable. 

We can use it in a single tier if there are not too many users and agents. That said, it can be easily extended to use as many server components as we would like. If there are too many people, 4,000 or 5,000 agents and users, we can use 10 or 15 servers. There is no problem with the scalability of DLP. 

On two or three servers, we have around 1,000 agents. Not more than that.

I have problems with Symantec technical support. It is too slow. There are also problems with competency. With the time factor, the reaction time and response time are very long. There was a situation where I had 168 hours between the initial outreach and response. It was not the best for my customer and for me.

Neutral

I did not previously use a different solution. 

The setup is a bit complex due to the Oracle database. I now have many problems installing and managing the Oracle database. At the moment, I just have a huge problem upgrading Oracle 12 to Oracle 19. It is not too easy. That said, if Oracle and the basic DLP are installed, then it can go smoothly. Afterward, there are no problems with it.

I am not a sales. However, I see Symantec's prices are the highest in the market.

The technical solution is quite good, however, when the customer sees the prices, they tend to say "Okay. It is very good, yet we do need to choose a cheaper one."

I'm a reseller and integrator.

I am just upgrading the previous version, 15.5, to the newest one, 15.8.

I'd rate the solution eight out of ten. 

The most valuable features of Symantec Data Loss Prevention are endpoint security,  endpoint agent, and DLP. Additionally, we have been satisfied with the policies.

Symantec Data Loss Prevention could improve by having better system resource management, cloud option, and more features.

I have been using Symantec Data Loss Prevention for approximately eight years.

The solution is stable.

I have been satisfied with the technical support.

The price of Symantec Data Loss Prevention could be reduced.

I rate Symantec Data Loss Prevention an eight out of ten.

The solution is primarily used for the prevention of data leakage mostly from email and external drives or thumb drives. It's also used for setting certain policies.

The solution is very easy to use.

We find the product is easy to manage and maintain.

Their dashboard is very good. It allows us to see everything on the system and provides a good overview.

Overall, it's a very good product.

Generally, we're not seeing any places for improvement at the moment.

The solution doesn't integrate well with other products.

We're not sure if there was an issue or a bug on the system recently because as of right now if someone sends out a compressed encrypted file, the DLP won't scan it.

The menus need to be updated.

I've been using the solution for about three years.

The solution is mostly stable. However, we do seem to have some sort of glitch or oversight happening currently where the DLP won't scan large compressed encrypted files.

The solution is scalable. 

We've contacted technical support in the past, and have been satisfied with their level of support. However, we mostly deal with their partner, and not directly with them because their partner can just as easily solve any issue that we might face.

The initial setup was pretty straightforward. We didn't have any issues with it, even when we upgraded to version 15.

We're just a customer. We aren't a Symantec partner or reseller.

We recently upgraded to version 15.

We like the solution. Currently, there are no plans to switch to a different product.

I'd recommend the solution to other organizations. I'd rate it eight out of ten overall.

We use this to protect our client's data. They are China Mobile, China Unicom, and China Telecom.

When our Oracle database is corrupted, we have the ability to restore the data. This helps a lot.

The most valuable feature for us is the ability to backup our database, and restore it if necessary.

This product should be integrated with virtualization technology and work with other applications.

The stability of this product is good. I would rate it as very stable.

I feel that the scalability is good, but the virtualization could be improved. We only have one or two people that use the software. 

This is our original solution. The product was included on our servers that were shipped directly from HP and IBM.

The initial setup was done by our experienced engineer. The setup is not difficult and one or two hours is enough to complete it.

Our in-house engineer handled the implementation.

The pricing and licensing for this product is good.

We considered other data loss prevention business products, including the Dell EMC backup solution.

We are actively looking for a product that handles virtualization easily and efficiently. We would like to see support for virtual environments.

I would rate this product an eight out of ten.

We are only using the security part of it.

We are solution providers. We suggest this solution to our clients for data loss prevention. It also can prevent Trojan and virus attacks on data centers.

The synchronize application detection policies have been very good. We are able to use it with the cloud service connectors and manage it on the cloud.

We want a more proactive reporting structure.

Have a regular newsletter or report to the implementers, letting them what is going on in the market. It should contain case studies and use cases.

There are some features available in the competitors, like Trend Micro and McAfee, which are not available in Symantec.

The stability is at 85 to 90 percent.

We have two people looking after the maintenance and two people monitoring the endpoints.

We have between 150 to 200 users on any one client. Overall, we have approximately 2000 users.

We share feedback regularly with the Symantec technical support team. They provide us feedback and patches based on the reports (client specific) that we send them.

We did not have a solution previous to Symantec.

The initial setup is not very complex. You just have to run it from the configuration spreadsheet. If you follow the applied process, it is fine. If you deviate from the process, then the process can begin to become complex due to lack of understanding. You have to enable all the files based on size and there are some endpoint issues, as well.

It didn't take us very long deploy.

We implemented it in-house since we have people who are certified on Symantec. Before the product is implemented, we send those people over to Symantec. Then, they bring back Symantec's best practices.

We have six to seven Level 2 support people who do the implement part.

The pricing is competitive and not pricey. We also receive corporate discounts.

Initially, when checked out quite a few products, like Trend Micro, we found this product to be the most user-friendly.

Right now, their roadmap is not very visible, so we are trying out McAfee. Currently, we are simultaneously running both McAfee and Symantec.

We plan to increase our usage of this type of product since our clientele is increasing in numbers.

The tool helps to block based on different classifications such as characters and channels. 

Users like the product because of its simplicity and the rate of detection. 

Symantec Data Loss Prevention's setup needs to be easier and support needs to be improved. 

I have been working with the product for ten years. 

The tool is stable. 

The product is scalable. My company has 1000 users for Symantec Data Loss Prevention. 

The product's setup is not easy. 

The tool's licensing costs are yearly. 

I would rate Symantec Data Loss Prevention a six out of ten. I wouldn't recommend the solution for micro SMEs or small enterprises. It is not recommended for organizations that do not have the technical expertise or in-house support.

The primary use case is for handling confidential data, such as customer data, employee data, and IT confidential information. We used this solution in some contracting work. We classify the data by assigning each division user their own classification, e.g., confidential, restricted, internal, or public. According to the data we get from the customer, we find fairly unique keywords and common words from the data and we put it on the Symantec DLP engine as a use case or policy. If, for example, the content or classified files cannot leave the organization, I can turn the use case into a policy as keywords mentioning specific data and unique keywords in the documents. This restricts documents from leaving the organization. That's how I create a policy based on the use case.

Another unique feature which I have found is a solution that we needed for one of our customers. They provided laptops at one of their facilities. Their users had administrator access, but the company cannot control those laptops. They are things, moving outside and inside for technical work. They noticed that their users have personal email accounts through Gmail and they installed Google Drive on their laptops. The problem is when Google Drive synchronizes, most of these company documents have a few admins that sync back up to these personal laptops. 

After deploying Symantec, we created a policy for data loads. We found some confidential files had been backed up to the cloud from their personal laptops. The company documents back up through employees' personal Google Drive. They found it and informed the company, who restricted the application purpose for those employees.

The customer was happy about the solution.

They have a feature on the management side called the document indexer. If you have a unique document with many near-identical versions, which have one or several values that change, while the rest of the content stays the same. You can collect 50 of those documents and put them into this feature of the Symantec DLP system. It will compress them and create a profile specifically for that document. 

For example, if you are getting a daily performance report for your company, each report will be completely the same, except some of the numerical values may change. I can collect 50 documents from the last 50 days and put them into the system to compress the documents and create a profile. I can then put this in a policy that will monitor only those documents. If an employee tries to send those documents outside without authorization, the system will block the documents. I have found the data indexer in Symantec, but I didn't find it in McAfee.

Each company is used to working their own way because they invested in developers and they worked with their project team already. We have worked on some projects and got feedback from the customer. Most of the time I develop this data loss deployment, when I assign data loss threshold values, some data thresholds will need to be higher. For example, IT users need a higher threshold because technical documents include confidential work.

In a 60 page technical document the confidential work might appear 50 times. If that document comes out of the machine or if he tries to send it to another IT user, it will technically be considered data loss because of the threshold value end for the confidential work. In that same way, I have to fine tune those metrics depending on the customer or customer group and the employee group. IT needs certain metrics. A financial user or financial goods need different metrics.

That fine-tuning has to be done for the customer as well as the vendor. If I take Symantec DLP, we have to have some final fine tuning but we may need some time developing this depending on the customer. This is an area where something can be done to improve the product. 

Also, due to the cloud emerging technology in the world at the moment, most of the content and data that we use from the cloud if from some organizations in Europe and the US. For those users, I think Symantec DLP has already provided a testing agent. Those are advantages and improvements that could be made to Symantec DLP.

Their user interface and other features are fine as is.

It's stable. Currently, we are running on two and a half to almost three months. Up to now, I haven't experienced any system issue at the customer place. I used to go and do some fine tuning in the policies only.

It's scalable. There are three users for this solution at the customer. They are information security engineers. Two are senior and one is just an engineer.

Those users are responsible for the solution and the entire agent count is 800 users. For 800 users endpoints have been installed.

It's fine for now, but I think they are planning to expand the solution to another 500 users by next year.

We have experience and most of the time you get very good technical support. In our experience, we only needed support four times for some fine tuning because there is some fine tuning that I cannot do. In those cases, I created a ticket from the support portal and within three or four days they replied. They could typically rectify the issue within one or two weeks. Afterward, they send a report survey for evaluation. 

In short, the technical support is great.

The setup is straightforward. The only complexity comes from the Oracle Database side. Other than that, it is straightforward. It took a half hour to install it. Once you install the manual server, and the detection server on another server you just have to install the alias. I didn't have much problem installing the system.

I installed it myself. Implementation took one day.

I initially checked with the customer how to do their implementation and then I gave them the system requirements. Only then did I go on to staff, once they had given me access to the servers. I only did preliminary planning with technical staff first, then sat down with the customer and planned it more thoroughly.

Only three people take care of this solution from the management side. Externally, there is also a special SI engineer and a travel engineer.

In terms of pricing, Symantec DLP works with Oracle Database. Oracle Database licensing is much more expensive than other databases. That might be a drawback for customers.

The pricing is on a yearly subscription basis. For the current customer year, we already paid up front as part of the first three years.

We had a partnership with Symantec so we didn't use any other solution because we signed an agreement with them and we started deployment with the customer. We evaluated the system with the customer and once the customer confirmed that we should secure Symantec DLP we deployed the solution.

My advice is that the DLP solution is the emerging platform in the world at the moment. First, we had to get some idea on how data works at the customers: data in motion, data in rest, data traveling, etc. Typically data travels through emails from the endpoint by USB, email and CD writing it to a CD or copying it to a network share or from a network share. Those are what you need to know before starting the day of implementation. How this data travels inside and outside the environment.

I would rate this solution as nine out of ten, because they are a leader, competing with some other vendors, providing updates, releasing new versions, and providing technical improvements on their side. I would say it's fine.

DLP's most valuable feature is compliance.

DLP doesn't work well with Mac OS systems and tends to give false positives. There are also problems in terms of CPU utilization because all the policies are based on a traditional DLP system, which makes it quite heavy and creates issues with user experience. In the next release, DLP should include OCR features, and I'd like the agent to be lightweight, which means the policy should be in the cloud.

I've been using Symantec DLP for two to three years.

I don't find DLP stable.

DLP has no issues with scalability.

Since being acquired by Broadcom, the support has really degraded for small and medium enterprises. They don't help with anything and just send emails when we ask them to come on call.

Negative

The initial setup was easy.

DLP could be a bit cheaper.

I would rate DLP as five out of ten.