The negative aspect of that particular product is the fact it has a very, very, very complex policy structure. A user or administrator making the policy in the DCS should have a very thorough knowledge of the operating system or policy making. You have to be very specific about the data structure. If you want to secure a Linux server, an administrator should be very confident about how the directory structure of Linux, how Linux works, and where it puts the important logs. You have to be very cautious about the complete path, and you have to write it over there in the policy part. If you are not very specific, there will be a lot of noise in the system. You're going to receive thousands of events that are false positives. The fine-tuning of the policy is a very complex thing in the DCS itself. Another negative aspect that I have observed is if the product gets installed on the kernel level of any non-Windows server, it has some issues, comparability issues. Sometimes the product doesn't work properly, so it shuts down the machine and crashes the system. There are many cases in which I've observed the DCS crashing the system.
IT Security Specialist at a tech services company with 201-500 employees
Real User
2020-10-22T08:45:22Z
Oct 22, 2020
I'd like to see better reporting capabilities and better support. I had the chance to work with Tripwire Solutions and that solution has some added capabilities, not just checking the folders, but the abilities of the whole configuration. They also have the capability of connection through interface to the network devices and to check specific configurations from the reports that might create a better product. It possibly converts the solution to a complete change management solution and you can follow the integrity of the old configuration, not just the files. I've also noticed that the support of the newer version of the operating system is not really up to date on the software. I think the support of the newer operating systems version might have updated support more quickly.
Project Manager IT at a computer software company with 1,001-5,000 employees
Real User
2020-05-27T16:23:40Z
May 27, 2020
Symantec is a little bit behind on the most recent advances, such as products that are more lightweight and more flexible in their deployment to multiple operating systems. They need to develop a more flexible product that can be scaled such that it fits well into a small business or a bigger, enterprise-level solution. If I want to set up an endpoint solution that is on the cloud or is a hybrid, then there's a dependency on old-fashioned patterns, like hash values, in the internal policies. However, in a next-generation solution, we don't have to work in this traditional way. They are capable of automatically detecting and adapting to new threats that are coming out. This solution does not offer as many centralized management options as other vendors. for example, you cannot install or uninstall machines using the console. Better integration with other solutions is needed. Nowadays, keeping costs in mind, people don't want to be restricted to using a single vendor or dedicated platform. They want to be able to integrate with different products from multiple vendors. Better integration allows them to stay flexible and maintain or build a competitive edge.
Group Head - Information Security at a energy/utilities company with 1,001-5,000 employees
Real User
2020-01-26T09:26:00Z
Jan 26, 2020
This solution clashes with Microsoft defender, which results in performance degradation on the machine. Technical support needs more local representation in India.
Learn what your peers think about Symantec Data Center Security. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
Managing Director at a tech services company with 51-200 employees
Real User
2019-05-16T16:17:00Z
May 16, 2019
There is plenty of room for improvement with this product, and it could start with platform metrics. We are changing certain platforms in terms of preparing them for the system to support it. We always want legacy platforms, or those which need virtual protection or host protection, to be supported no matter how old they are. We want the speed at which content is delivered to be improved, but not at the cost of complicating the product or reducing its stability.
Docker containers make it easy to develop, deploy, and deliver applications where containers can be deployed and brought down in a matter of seconds. This flexibility makes it very useful for DevOps to automate deployment of containers. Symantec Data Center Security: Server Advanced provides agentless Docker container protection that allows you to achieve the performance benefits of Docker without sacrificing security. Full application control enables administrator privilege de-escalation,...
Agent management is a challenging task. We cannot do it from the console. We will have to use other tools.
There is room for improvement in enhancing its graphical user interface for a more user-friendly experience.
The negative aspect of that particular product is the fact it has a very, very, very complex policy structure. A user or administrator making the policy in the DCS should have a very thorough knowledge of the operating system or policy making. You have to be very specific about the data structure. If you want to secure a Linux server, an administrator should be very confident about how the directory structure of Linux, how Linux works, and where it puts the important logs. You have to be very cautious about the complete path, and you have to write it over there in the policy part. If you are not very specific, there will be a lot of noise in the system. You're going to receive thousands of events that are false positives. The fine-tuning of the policy is a very complex thing in the DCS itself. Another negative aspect that I have observed is if the product gets installed on the kernel level of any non-Windows server, it has some issues, comparability issues. Sometimes the product doesn't work properly, so it shuts down the machine and crashes the system. There are many cases in which I've observed the DCS crashing the system.
I'd like to see better reporting capabilities and better support. I had the chance to work with Tripwire Solutions and that solution has some added capabilities, not just checking the folders, but the abilities of the whole configuration. They also have the capability of connection through interface to the network devices and to check specific configurations from the reports that might create a better product. It possibly converts the solution to a complete change management solution and you can follow the integrity of the old configuration, not just the files. I've also noticed that the support of the newer version of the operating system is not really up to date on the software. I think the support of the newer operating systems version might have updated support more quickly.
Symantec is a little bit behind on the most recent advances, such as products that are more lightweight and more flexible in their deployment to multiple operating systems. They need to develop a more flexible product that can be scaled such that it fits well into a small business or a bigger, enterprise-level solution. If I want to set up an endpoint solution that is on the cloud or is a hybrid, then there's a dependency on old-fashioned patterns, like hash values, in the internal policies. However, in a next-generation solution, we don't have to work in this traditional way. They are capable of automatically detecting and adapting to new threats that are coming out. This solution does not offer as many centralized management options as other vendors. for example, you cannot install or uninstall machines using the console. Better integration with other solutions is needed. Nowadays, keeping costs in mind, people don't want to be restricted to using a single vendor or dedicated platform. They want to be able to integrate with different products from multiple vendors. Better integration allows them to stay flexible and maintain or build a competitive edge.
This solution clashes with Microsoft defender, which results in performance degradation on the machine. Technical support needs more local representation in India.
There is plenty of room for improvement with this product, and it could start with platform metrics. We are changing certain platforms in terms of preparing them for the system to support it. We always want legacy platforms, or those which need virtual protection or host protection, to be supported no matter how old they are. We want the speed at which content is delivered to be improved, but not at the cost of complicating the product or reducing its stability.