Sr. Career Services-HRM at U Education Management Private Limited
Real User
Top 10
2024-09-18T08:09:00Z
Sep 18, 2024
It's been around six months since we switched. I don't recall all necessary updates. However, I do recall the installation and recovery time took longer than expected, which impacted our payment gateways and token changes. Updates sometimes overlap, causing technical errors.
Associate at a insurance company with 10,001+ employees
Real User
Top 5
2024-09-09T06:22:10Z
Sep 9, 2024
Creating any new Microsoft policy is easier compared to Symantec Data Loss Prevention. The creation of any new policy in Symantec Data Loss Prevention needs to be made easier.
A significant area for improvement in the product is reducing the number of agents required and improving integration as a unified client ecosystem. Integrating artificial intelligence to automate policy creation based on user behavior and data sensitivity would be highly beneficial
Team Leader - Network Security Engineer at a tech services company with 11-50 employees
Real User
Top 10
2024-05-23T16:17:00Z
May 23, 2024
In my opinion, Symantec DLP could improve by offering a better online service option, making it more competitive compared to Forcepoint. Performance could also be enhanced, especially in terms of prevention capabilities. Additionally, it would be beneficial to add features that allow for better policy integration with GDPR, such as international credit, bank account, or identity management. This would make it more straightforward for IT, especially in regions like Indonesia.
Learn what your peers think about Symantec Data Loss Prevention. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
Head Cyber Digital and Security at a financial services firm with 10,001+ employees
Real User
Top 10
2023-12-21T04:07:00Z
Dec 21, 2023
Their support program needs a lot of improvement. If you are stuck somewhere, getting their support can be difficult. Adding the feature of control over Bluetooth is very important right now, most BOPs are don't get control over the Bluetooth function. The features would become more friendly and their dashboard would help us.
Symantec DLP could be better. Symantec DLP is very scalable, but while some other products have been improved in years, Symantec DLP is using core steel, and Symantec could be better with infrastructure.
There is room for improvement in the remote control capabilities of the DLP solution. Currently, if the client-side agent is not installed, there are limited features available, and remote management through the manager portal is lacking. This is particularly important for users on VPN who would benefit from full remote control and management features.
The product must improve its interface. The solution did improve the interface, and it looks better. However, the report filtering features could be much better. The in-built ITSM module needs to be revamped. If anybody has been flagged for violation, the violation content shows all the credit card details. Any administrator can see the credit card details. I would like to see the tool integrated with Symantec Endpoint Protection.
I'm not sure about scanning speeds. In my previous experience, we had some problems and some speed issues. The data loss prevention feature is working pretty well; however, sometimes, if you want to discover or scan the data stored in the customer environment, it could take a long time. Sometimes the customer states, "I want to scan a computer," and it takes a few hours. It seems to sometimes be unnecessarily long. Reporting could be improved. The detection features are good, and the configuration is basic. It's really easy to use, or it's really to learn from scratch. However, the reporting features must be improved as the product doesn't provide us with many reporting screens. We only have an incident results screen, and we have filters we can use, and that's it. There are no other reporting features. It's really limited.
The upgrade process is convoluted. The server and database software must run in line with third-party providers like the Oracle database. If an Oracle database reaches the end of its life, then servers must be decommissioned, and you need to bring new servers online. When the maintenance packages are deployed to the management server, they don't get pushed to the detection servers. Each detection server must be manually installed rather than automatically made from a single server. If it's a large enterprise, you need to manually install it or use a GPO or some other technology, which I never use. The vendors should also give a heads-up long before updates are released so internal teams can meet their change management lead times. Some vendors don't provide enough notice. They often announce a new version or a vulnerability that needs patching a week before it comes out. It should be a month before. The upgrade packages should have better documentation on the upgrade procedure instead of prerequisites spread throughout multiple documents. The wording should be more precise.
The sensitivity to the agent path could be improved. Some of the false positive reporting could be detected by Symantec DLP better. Auto-parsing is required. We need to have agent auto-parsing. We need better clustering. Right now, the total amount of clusters depends upon Oracle. Instead of Oracle, the application-level cluster would be ideal. Beyond that, we don't really need any new features as Symantec already offers pretty good items.
The solution should integrate with other databases because it relies on Oracle which is not financially feasible for many customers, particularly in small or poor countries. Oracle is very expensive on the cloud side. Operational costs are too high for small offices that rely on Microsoft Office, so they instead opt for free yet powerful databases such as MySQL. Data tagging and classification would be useful because multiple agent roles are needed solve issues.
Senior Systems Engineer at a logistics company with 11-50 employees
Reseller
Top 20
2022-08-10T15:59:00Z
Aug 10, 2022
The OCR functionality could be better. We have OCR functionality. However, it is not as effective. It could be more effective. They need to work on the function that can catch PDF 5 and PDF 5 based on pictures, images, JPEGs, and so on, with text-to-all content. The main goal of this is to check those pictures against corporate policies. I'd like it if, in DLP, the agent could have more detection capabilities. Currently, many features can work only with Endpoint Prevention, Network Prevention, and Email Prevention. Those capabilities do not work on the Endpoint Prevent and Endpoint Detection. They need to expand the channels they check. It could be wider. So it should be able to check, for example, WhatsApp and mobile solutions, mobile communications, Facebook, et cetera. We're worried about data leakage on these channels.
Different departments should manage administration, reporting, normalization and incident management. For example, for incident management, escalation can be completed in a specific department, and we can notify a manager and send an email when an incident has been triggered. In addition, confidential files that shouldn't be sent as a CV are managed. A DLP is a confidential solution that cannot be used to send unauthorized organizations' data to others. The previous versions had a flaw when we installed the agents. We can install the agents manually or by the SCCM and easily manage the database and incident services. We can make several rules if we have a network or endpoint. We can also manage dashboards and administrators, super users and view roles. The larger administrator that manages the activities and daily reports has access to the best access tools. We can utilize user roles for the view access tools and to make policies.
DLP doesn't work well with Mac OS systems and tends to give false positives. There are also problems in terms of CPU utilization because all the policies are based on a traditional DLP system, which makes it quite heavy and creates issues with user experience. In the next release, DLP should include OCR features, and I'd like the agent to be lightweight, which means the policy should be in the cloud.
Data Loss Prevention and Data Classification at a insurance company with 10,001+ employees
Real User
2022-05-11T20:16:00Z
May 11, 2022
Currently, I can't see any areas for improvement in Symantec Data Loss Prevention because the solution seems to be better than all the other vendors out there. It seems all the other vendors are trying to mimic what Symantec Data Loss Prevention is doing in terms of components, practice, and modules. Sometimes setting up the solution can get a little tricky because it would depend on your internal infrastructure. For example, you have to connect the Symantec Data Loss Prevention platform and you need to integrate it, so that could make the process somewhat difficult.
It's not a scalable product. It only works on the Windows platform. It doesn't support Linux, which is unfortunate. Most of the clients these days use Linux. It would be ideal if Symantec could have more integrations with the different operating systems as well on the DLP. That would be much better. The deployment is complex.
Information Security GRC at a manufacturing company with 10,001+ employees
Real User
2021-09-28T07:53:08Z
Sep 28, 2021
There should be more information about the features of the solution and what they do. This way we would be able to use all the features that are available.
Data Protection Manager at a healthcare company with 10,001+ employees
Real User
2021-08-18T14:33:47Z
Aug 18, 2021
Symantec could improve by being more creative and simplifying the functions. Additionally, the data protection should be bundled with data classification and labeling instead of them being separate.
Solutions Engineer at Trends and Technologies, Inc
Real User
Top 20
2021-08-05T14:16:29Z
Aug 5, 2021
The one downside for Symantec is that, due to its transition from Symantec to Broadcom, there's been a lot of changes. I am based in the Philippines and we don't have a contact person locally for any Symantec. We no longer have any contact for any Symantec opportunities. It's getting hard for us to request a demo license, or trial license, for a proof of value or proof of POC. Basically, speaking with respect to the technology, technically speaking, Symantec is really good, however, on the commercial side, we're really having a problem with that. We always have a problem with respect to the commercial side and how we are offering it to the client. It gets really costly with the database as it's strictly required that clients must have an Oracle database and it's quite expensive if you would compare that to Microsoft SQL. From the technical side, what they need to improve is the database. I'm talking about the on-premise, as, with the on-premise, the database that they require is strictly Oracle and not many end-users are using Oracle for their databases. Some are using MySQL. So it gets really costly when we're offering Symantec and then we have to renew. Oracle is expensive. What they need to improve is the management console. It's pretty straightforward, however, they need to upgrade it to make it more attractive. While it's easy to understand, from an end-user perspective, they need to upgrade it so that it will be more pleasing on the client's side. It would make them more inclined to look up, for example, for maintenance or visibility and monitoring.
Symantec doesn't necessarily catch things that are happening in the DLP features such as someone attempting credit card fraud. For the future, I'd like to see better documentation with a more informative focus.
Associate at a insurance company with 10,001+ employees
Real User
2021-07-27T10:52:32Z
Jul 27, 2021
I would like to see an improved interface, with better documentation and integration with other products. The initial setup could also be better, so that the solution would easily interact with other monitoring tools without the need for taking further steps.
Symantec needs to improve the policies. If they could gear the policies, or the templates, and publish them, enabling customers to download them, it would simplify things. They currently have a package uploaded in the system with some policies but there is no option to download our link device. There are some difficulties on the portals with Symantec. In general, the softwares are not available for partners on their portal. If a new patch requires updating on customer sites, those particular softwares are not available on the partner portal. The products they're giving the agent for Linux operating system could be simplified but Symantec is not geared for writing that option for Linux and running windows on it. Symantec doesn't have any agent for DLP on the operating system.
We are looking for DLP software that protects some shared folders on the server. these folders can be read and written but cannot be sent by mail or file sharing, copied to the clipboard, etc.
Senior IT Architect at a tech services company with 201-500 employees
Real User
2021-05-22T00:23:19Z
May 22, 2021
The database is a problem for us, as it's running on Oracle and not everybody likes that. There's a licensing issue with the database. There's a sizing issue with licensing. They did improve it a bit. It supports a virtual server now. However, the pricing and the fact that you install it on the machine and you have to count all the CPU, makes it a problem. It's workable. We dedicated a physical machine to it. It's a bit of a legacy solution. The licensing is a bit of an issue for us. They need to work on the way the licensing is set up. A feature we would like to see is entropy detection in text. We need something that detects when you send an email and you try to hide something by using simple encryption techniques. It's typically called entropy. If we had entropy detection in the regular text that would be ideal
Associate at a insurance company with 10,001+ employees
Real User
2021-04-05T23:46:12Z
Apr 5, 2021
The problem is most companies use a single data protector. The drawback is that they will install Oracle in one server and the application also in one server and detection also, all in one server. If the server crashes, everything crashes. Things should be implemented on another server. Previously, when we had Dropbox, if we transferred a document, we would get a popup, and if we transferred 500 documents, we would get 500 popups. We're looking to find out if there is a way around this. If we get a fatal error issue, if the agent isn't working out, we need a hard fix file. We need to check in pre-production machines. When we're doing data scanning, the machines can be slow. In the object capture recognition, which we implemented recently, there are a lot of false positives that have been happening. We are expecting them to fix this issue soon.
Information Security Engineer at a security firm with 11-50 employees
Real User
2021-02-16T10:34:55Z
Feb 16, 2021
The solution is not user-friendly. I've had to do a lot of research to try and figure things out on my own. Due to its database, I first had to install an Oracle database. This should change. The product should allow for the use of an SQL database, and, if possible, it should have an embedded database. The solution should be easier to integrate on different solutions. The data classification is very difficult in Symantec. It's hard to integrate the detect activation tools, whereas, in Forcepoint DLP, it's better. It's very user-friendly and the quality is defined and it is very clear. Symantec should try to emulate those aspects of Forcepoint. It's difficult to implement in a protected environment, due to its architectural layout. The initial implementation is quite complex. The technical support has really dropped in quality since Broadcom acquired the product.
Technical support is pathetic. Stability and scalability can be improved as well. It would also be better if it could restrict Bluetooth transfers. Symantec also uses Oracle databases, which isn't really convenient for most customers. It would be better if they switched to SQL.
Manager Cyber Forensic at a financial services firm with 51-200 employees
Real User
2020-07-05T09:38:10Z
Jul 5, 2020
We are having support issues. We had local support but since the acquisition, the support is now only five teams. It is very difficult to log in to create a support ticket because no one is available to support our queries. In India, it's especially needed. It has some feature deficiencies, as well. For example, it won't monitor the remote desktop and the file-sharing to the RDP. It's not detecting it and RDP is not supported well. The issue is not only with RDP, but rather it's with the product used to provide the remote support. If the data is leaked through that application, then Symantec doesn't monitor that section. There are some features that are not available, which are required by every data loss prevention solution. In the next release, encryption should be available. For example, if an extended drive is plugged into the endpoint and someone tried to copy the data to the external drive, the Symantec DLP component doesn't encrypt the drive. If you want the encryption feature you have to purchase an additional component for it. This could be an integral part of Symantec today.
Generally, we're not seeing any places for improvement at the moment. The solution doesn't integrate well with other products. We're not sure if there was an issue or a bug on the system recently because as of right now if someone sends out a compressed encrypted file, the DLP won't scan it. The menus need to be updated.
I would like to see this solution made more user-friendly, and the administration needs improvement. The enforce service is difficult to understand, and free courses made available on the internet would be useful.
This product is very powerful but it is very complex, so making it simpler to use would be an improvement. It takes eight or ten services to activate all of the features, which is too difficult to manage.
The backend side of the server needs improvement. In a majority of cases, most of the companies are using DLP for endpoint sessions, where you have a user that might be communicating information outside of the company. However, they forget there are actual interfaces that can directly communicate with either the database or other files within the data center that uses end-to-end encryption. In those cases, you might need things like your DLP to be able to monitor and block some of that. The solution needs to catch information communicated through the data center on the server-side.
IT Security Engineer at a tech services company with 1-10 employees
Real User
2019-07-10T12:01:00Z
Jul 10, 2019
I do have a problem with the database. It uses the Oracle database and sometimes this causes some problems. I would prefer it to use the MS SQL database because it has a more stable connection than the Symantec database.
Engineer - Information Security at a tech services company with 51-200 employees
Reseller
2019-05-07T23:26:00Z
May 7, 2019
Each company is used to working their own way because they invested in developers and they worked with their project team already. We have worked on some projects and got feedback from the customer. Most of the time I develop this data loss deployment, when I assign data loss threshold values, some data thresholds will need to be higher. For example, IT users need a higher threshold because technical documents include confidential work. In a 60 page technical document the confidential work might appear 50 times. If that document comes out of the machine or if he tries to send it to another IT user, it will technically be considered data loss because of the threshold value end for the confidential work. In that same way, I have to fine tune those metrics depending on the customer or customer group and the employee group. IT needs certain metrics. A financial user or financial goods need different metrics. That fine-tuning has to be done for the customer as well as the vendor. If I take Symantec DLP, we have to have some final fine tuning but we may need some time developing this depending on the customer. This is an area where something can be done to improve the product. Also, due to the cloud emerging technology in the world at the moment, most of the content and data that we use from the cloud if from some organizations in Europe and the US. For those users, I think Symantec DLP has already provided a testing agent. Those are advantages and improvements that could be made to Symantec DLP. Their user interface and other features are fine as is.
We want a more proactive reporting structure. Have a regular newsletter or report to the implementers, letting them what is going on in the market. It should contain case studies and use cases. There are some features available in the competitors, like Trend Micro and McAfee, which are not available in Symantec.
Senior Cyber Security Consultant at Infosec Ventures
Reseller
2019-02-25T08:45:00Z
Feb 25, 2019
They could improve the predefined reports because they don't have much information. We would like detailed reports. If they could include the same features for their mobile device product, like Android and iOS, it would be helpful.
System Administrator at a tech services company with 1,001-5,000 employees
Real User
2019-02-25T08:45:00Z
Feb 25, 2019
Symantec customer support is very bad. We are finding delayed response if the macOS is updated. They need to make sure their solution is compatible. Also, if any data at all is going outside of our network and it matches our screening it has to be captured and we should see it detailed properly: Who is sending it, where they're sending it.
Keeping sensitive corporate information safe and compliant has never been easy. But today, you’re faced with a totally new set of data protection challenges. Sensitive information is leaving the safety of your corporate network as more employees share files over consumer cloud storage services and access those files on their own mobile devices. The number of targeted cyber attacks continues to grow, as cybercriminals develop effective new methods for defeating traditional security measures...
It's been around six months since we switched. I don't recall all necessary updates. However, I do recall the installation and recovery time took longer than expected, which impacted our payment gateways and token changes. Updates sometimes overlap, causing technical errors.
Creating any new Microsoft policy is easier compared to Symantec Data Loss Prevention. The creation of any new policy in Symantec Data Loss Prevention needs to be made easier.
A significant area for improvement in the product is reducing the number of agents required and improving integration as a unified client ecosystem. Integrating artificial intelligence to automate policy creation based on user behavior and data sensitivity would be highly beneficial
In my opinion, Symantec DLP could improve by offering a better online service option, making it more competitive compared to Forcepoint. Performance could also be enhanced, especially in terms of prevention capabilities. Additionally, it would be beneficial to add features that allow for better policy integration with GDPR, such as international credit, bank account, or identity management. This would make it more straightforward for IT, especially in regions like Indonesia.
The product's pricing and support services need improvement.
Data Masking could be improved.
Their support program needs a lot of improvement. If you are stuck somewhere, getting their support can be difficult. Adding the feature of control over Bluetooth is very important right now, most BOPs are don't get control over the Bluetooth function. The features would become more friendly and their dashboard would help us.
The product's technical support services need improvement.
Symantec DLP could be better. Symantec DLP is very scalable, but while some other products have been improved in years, Symantec DLP is using core steel, and Symantec could be better with infrastructure.
There is room for improvement in the remote control capabilities of the DLP solution. Currently, if the client-side agent is not installed, there are limited features available, and remote management through the manager portal is lacking. This is particularly important for users on VPN who would benefit from full remote control and management features.
The console is not the best one. There is room for improvement in the management console.
Symantec Data Loss Prevention's setup needs to be easier and support needs to be improved.
The product must improve its interface. The solution did improve the interface, and it looks better. However, the report filtering features could be much better. The in-built ITSM module needs to be revamped. If anybody has been flagged for violation, the violation content shows all the credit card details. Any administrator can see the credit card details. I would like to see the tool integrated with Symantec Endpoint Protection.
I'm not sure about scanning speeds. In my previous experience, we had some problems and some speed issues. The data loss prevention feature is working pretty well; however, sometimes, if you want to discover or scan the data stored in the customer environment, it could take a long time. Sometimes the customer states, "I want to scan a computer," and it takes a few hours. It seems to sometimes be unnecessarily long. Reporting could be improved. The detection features are good, and the configuration is basic. It's really easy to use, or it's really to learn from scratch. However, the reporting features must be improved as the product doesn't provide us with many reporting screens. We only have an incident results screen, and we have filters we can use, and that's it. There are no other reporting features. It's really limited.
Symantec DLP doesn't provide complete cloud coverage. We need another DLP solution to monitor our cloud applications.
The upgrade process is convoluted. The server and database software must run in line with third-party providers like the Oracle database. If an Oracle database reaches the end of its life, then servers must be decommissioned, and you need to bring new servers online. When the maintenance packages are deployed to the management server, they don't get pushed to the detection servers. Each detection server must be manually installed rather than automatically made from a single server. If it's a large enterprise, you need to manually install it or use a GPO or some other technology, which I never use. The vendors should also give a heads-up long before updates are released so internal teams can meet their change management lead times. Some vendors don't provide enough notice. They often announce a new version or a vulnerability that needs patching a week before it comes out. It should be a month before. The upgrade packages should have better documentation on the upgrade procedure instead of prerequisites spread throughout multiple documents. The wording should be more precise.
The sensitivity to the agent path could be improved. Some of the false positive reporting could be detected by Symantec DLP better. Auto-parsing is required. We need to have agent auto-parsing. We need better clustering. Right now, the total amount of clusters depends upon Oracle. Instead of Oracle, the application-level cluster would be ideal. Beyond that, we don't really need any new features as Symantec already offers pretty good items.
The solution should integrate with other databases because it relies on Oracle which is not financially feasible for many customers, particularly in small or poor countries. Oracle is very expensive on the cloud side. Operational costs are too high for small offices that rely on Microsoft Office, so they instead opt for free yet powerful databases such as MySQL. Data tagging and classification would be useful because multiple agent roles are needed solve issues.
The OCR functionality could be better. We have OCR functionality. However, it is not as effective. It could be more effective. They need to work on the function that can catch PDF 5 and PDF 5 based on pictures, images, JPEGs, and so on, with text-to-all content. The main goal of this is to check those pictures against corporate policies. I'd like it if, in DLP, the agent could have more detection capabilities. Currently, many features can work only with Endpoint Prevention, Network Prevention, and Email Prevention. Those capabilities do not work on the Endpoint Prevent and Endpoint Detection. They need to expand the channels they check. It could be wider. So it should be able to check, for example, WhatsApp and mobile solutions, mobile communications, Facebook, et cetera. We're worried about data leakage on these channels.
Different departments should manage administration, reporting, normalization and incident management. For example, for incident management, escalation can be completed in a specific department, and we can notify a manager and send an email when an incident has been triggered. In addition, confidential files that shouldn't be sent as a CV are managed. A DLP is a confidential solution that cannot be used to send unauthorized organizations' data to others. The previous versions had a flaw when we installed the agents. We can install the agents manually or by the SCCM and easily manage the database and incident services. We can make several rules if we have a network or endpoint. We can also manage dashboards and administrators, super users and view roles. The larger administrator that manages the activities and daily reports has access to the best access tools. We can utilize user roles for the view access tools and to make policies.
DLP doesn't work well with Mac OS systems and tends to give false positives. There are also problems in terms of CPU utilization because all the policies are based on a traditional DLP system, which makes it quite heavy and creates issues with user experience. In the next release, DLP should include OCR features, and I'd like the agent to be lightweight, which means the policy should be in the cloud.
What could be improved in Symantec Data Loss Prevention is its security. It should be more secure.
DLP could be improved by implementing a cloud-based console. The implementation and installation process could also be made less complicated.
Currently, I can't see any areas for improvement in Symantec Data Loss Prevention because the solution seems to be better than all the other vendors out there. It seems all the other vendors are trying to mimic what Symantec Data Loss Prevention is doing in terms of components, practice, and modules. Sometimes setting up the solution can get a little tricky because it would depend on your internal infrastructure. For example, you have to connect the Symantec Data Loss Prevention platform and you need to integrate it, so that could make the process somewhat difficult.
There should be more documentation with Symantec Data Loss Prevention. We had trouble with the first few deployments.
Symantec Data Loss Prevention could improve by having better system resource management, cloud option, and more features.
It's not a scalable product. It only works on the Windows platform. It doesn't support Linux, which is unfortunate. Most of the clients these days use Linux. It would be ideal if Symantec could have more integrations with the different operating systems as well on the DLP. That would be much better. The deployment is complex.
There should be more information about the features of the solution and what they do. This way we would be able to use all the features that are available.
Symantec could improve by being more creative and simplifying the functions. Additionally, the data protection should be bundled with data classification and labeling instead of them being separate.
The one downside for Symantec is that, due to its transition from Symantec to Broadcom, there's been a lot of changes. I am based in the Philippines and we don't have a contact person locally for any Symantec. We no longer have any contact for any Symantec opportunities. It's getting hard for us to request a demo license, or trial license, for a proof of value or proof of POC. Basically, speaking with respect to the technology, technically speaking, Symantec is really good, however, on the commercial side, we're really having a problem with that. We always have a problem with respect to the commercial side and how we are offering it to the client. It gets really costly with the database as it's strictly required that clients must have an Oracle database and it's quite expensive if you would compare that to Microsoft SQL. From the technical side, what they need to improve is the database. I'm talking about the on-premise, as, with the on-premise, the database that they require is strictly Oracle and not many end-users are using Oracle for their databases. Some are using MySQL. So it gets really costly when we're offering Symantec and then we have to renew. Oracle is expensive. What they need to improve is the management console. It's pretty straightforward, however, they need to upgrade it to make it more attractive. While it's easy to understand, from an end-user perspective, they need to upgrade it so that it will be more pleasing on the client's side. It would make them more inclined to look up, for example, for maintenance or visibility and monitoring.
Symantec doesn't necessarily catch things that are happening in the DLP features such as someone attempting credit card fraud. For the future, I'd like to see better documentation with a more informative focus.
I would like to see an improved interface, with better documentation and integration with other products. The initial setup could also be better, so that the solution would easily interact with other monitoring tools without the need for taking further steps.
Symantec needs to improve the policies. If they could gear the policies, or the templates, and publish them, enabling customers to download them, it would simplify things. They currently have a package uploaded in the system with some policies but there is no option to download our link device. There are some difficulties on the portals with Symantec. In general, the softwares are not available for partners on their portal. If a new patch requires updating on customer sites, those particular softwares are not available on the partner portal. The products they're giving the agent for Linux operating system could be simplified but Symantec is not geared for writing that option for Linux and running windows on it. Symantec doesn't have any agent for DLP on the operating system.
We are looking for DLP software that protects some shared folders on the server. these folders can be read and written but cannot be sent by mail or file sharing, copied to the clipboard, etc.
what software do you recommend?
@Danilo Ferrero if you have a question, please just go to https://www.itcentralstation.com/home_feed and post it from the Ask Question tab. This way you get much more visibility and relevant answers.
The database is a problem for us, as it's running on Oracle and not everybody likes that. There's a licensing issue with the database. There's a sizing issue with licensing. They did improve it a bit. It supports a virtual server now. However, the pricing and the fact that you install it on the machine and you have to count all the CPU, makes it a problem. It's workable. We dedicated a physical machine to it. It's a bit of a legacy solution. The licensing is a bit of an issue for us. They need to work on the way the licensing is set up. A feature we would like to see is entropy detection in text. We need something that detects when you send an email and you try to hide something by using simple encryption techniques. It's typically called entropy. If we had entropy detection in the regular text that would be ideal
The problem is most companies use a single data protector. The drawback is that they will install Oracle in one server and the application also in one server and detection also, all in one server. If the server crashes, everything crashes. Things should be implemented on another server. Previously, when we had Dropbox, if we transferred a document, we would get a popup, and if we transferred 500 documents, we would get 500 popups. We're looking to find out if there is a way around this. If we get a fatal error issue, if the agent isn't working out, we need a hard fix file. We need to check in pre-production machines. When we're doing data scanning, the machines can be slow. In the object capture recognition, which we implemented recently, there are a lot of false positives that have been happening. We are expecting them to fix this issue soon.
The solution is not user-friendly. I've had to do a lot of research to try and figure things out on my own. Due to its database, I first had to install an Oracle database. This should change. The product should allow for the use of an SQL database, and, if possible, it should have an embedded database. The solution should be easier to integrate on different solutions. The data classification is very difficult in Symantec. It's hard to integrate the detect activation tools, whereas, in Forcepoint DLP, it's better. It's very user-friendly and the quality is defined and it is very clear. Symantec should try to emulate those aspects of Forcepoint. It's difficult to implement in a protected environment, due to its architectural layout. The initial implementation is quite complex. The technical support has really dropped in quality since Broadcom acquired the product.
Technical support is pathetic. Stability and scalability can be improved as well. It would also be better if it could restrict Bluetooth transfers. Symantec also uses Oracle databases, which isn't really convenient for most customers. It would be better if they switched to SQL.
We are having support issues. We had local support but since the acquisition, the support is now only five teams. It is very difficult to log in to create a support ticket because no one is available to support our queries. In India, it's especially needed. It has some feature deficiencies, as well. For example, it won't monitor the remote desktop and the file-sharing to the RDP. It's not detecting it and RDP is not supported well. The issue is not only with RDP, but rather it's with the product used to provide the remote support. If the data is leaked through that application, then Symantec doesn't monitor that section. There are some features that are not available, which are required by every data loss prevention solution. In the next release, encryption should be available. For example, if an extended drive is plugged into the endpoint and someone tried to copy the data to the external drive, the Symantec DLP component doesn't encrypt the drive. If you want the encryption feature you have to purchase an additional component for it. This could be an integral part of Symantec today.
I would like for the administrator management interface to improve. It's kind of old and slow. Updating it would make this solution better.
Generally, we're not seeing any places for improvement at the moment. The solution doesn't integrate well with other products. We're not sure if there was an issue or a bug on the system recently because as of right now if someone sends out a compressed encrypted file, the DLP won't scan it. The menus need to be updated.
I would like to see this solution made more user-friendly, and the administration needs improvement. The enforce service is difficult to understand, and free courses made available on the internet would be useful.
This product is very powerful but it is very complex, so making it simpler to use would be an improvement. It takes eight or ten services to activate all of the features, which is too difficult to manage.
The backend side of the server needs improvement. In a majority of cases, most of the companies are using DLP for endpoint sessions, where you have a user that might be communicating information outside of the company. However, they forget there are actual interfaces that can directly communicate with either the database or other files within the data center that uses end-to-end encryption. In those cases, you might need things like your DLP to be able to monitor and block some of that. The solution needs to catch information communicated through the data center on the server-side.
I do have a problem with the database. It uses the Oracle database and sometimes this causes some problems. I would prefer it to use the MS SQL database because it has a more stable connection than the Symantec database.
Each company is used to working their own way because they invested in developers and they worked with their project team already. We have worked on some projects and got feedback from the customer. Most of the time I develop this data loss deployment, when I assign data loss threshold values, some data thresholds will need to be higher. For example, IT users need a higher threshold because technical documents include confidential work. In a 60 page technical document the confidential work might appear 50 times. If that document comes out of the machine or if he tries to send it to another IT user, it will technically be considered data loss because of the threshold value end for the confidential work. In that same way, I have to fine tune those metrics depending on the customer or customer group and the employee group. IT needs certain metrics. A financial user or financial goods need different metrics. That fine-tuning has to be done for the customer as well as the vendor. If I take Symantec DLP, we have to have some final fine tuning but we may need some time developing this depending on the customer. This is an area where something can be done to improve the product. Also, due to the cloud emerging technology in the world at the moment, most of the content and data that we use from the cloud if from some organizations in Europe and the US. For those users, I think Symantec DLP has already provided a testing agent. Those are advantages and improvements that could be made to Symantec DLP. Their user interface and other features are fine as is.
We want a more proactive reporting structure. Have a regular newsletter or report to the implementers, letting them what is going on in the market. It should contain case studies and use cases. There are some features available in the competitors, like Trend Micro and McAfee, which are not available in Symantec.
They could improve the predefined reports because they don't have much information. We would like detailed reports. If they could include the same features for their mobile device product, like Android and iOS, it would be helpful.
Symantec customer support is very bad. We are finding delayed response if the macOS is updated. They need to make sure their solution is compatible. Also, if any data at all is going outside of our network and it matches our screening it has to be captured and we should see it detailed properly: Who is sending it, where they're sending it.
This product should be integrated with virtualization technology and work with other applications.