Coming October 25: PeerSpot Awards will be announced! Learn more

Symantec Control Compliance Suite OverviewUNIXBusinessApplication

Symantec Control Compliance Suite is #3 ranked solution in top IT Governance tools. PeerSpot users give Symantec Control Compliance Suite an average rating of 8.0 out of 10. Symantec Control Compliance Suite is most commonly compared to RSA Archer: Symantec Control Compliance Suite vs RSA Archer. The top industry researching this solution are professionals from a financial services firm, accounting for 24% of all views.
What is Symantec Control Compliance Suite?

Symantec Control Compliance Suite (CCS) delivers the core assessment technologies to enable security and compliance programs, as well as support IT operations in the data center. Control Compliance Suite delivers asset autodiscovery, automates security assessments across procedural, technical, and third-party controls, and calculates and aggregates risk scores according to business-defined threshholds. Customers use this information for operational- and mandate-based reporting, as well as to prioritize remediation and risk reduction in the data center. 

Each of the five Control Compliance Suite Modules is available independently or as part of a broader suite. The Control Compliance Suite Control Studio and Infrastructure combines evidence from the multiple modules as well as third party systems; and maps assets and evidence to control statements, standards, and policies and regulations to enable mandate- based and operational reporting. Role-based, customizable Web-based dashboards and reports enable the organization to measure risk and track the performance of its security and compliance programs. Workflow integration with ticketing systems and Symantec server hardening solutions automates remediation and facilitates the hardening of the data center infrastructure.

Symantec Control Compliance Suite was previously known as Control Compliance Suite.

Symantec Control Compliance Suite Customers

Banjercito, Barnabas Health, BNY Mellon, Cabela's Inc., Citizens Business Bank, Great Eastern Life Assurance (Malaysia) Berhad, Molina Healthcare Inc., Osterreichische Post Aktiengesellschaft (Austrian Post), Symantec Corporation (Enterprise Security), Visa

Symantec Control Compliance Suite Video

Symantec Control Compliance Suite Pricing Advice

What users are saying about Symantec Control Compliance Suite pricing:
"Symantec Control Compliance Suite was the cheaper option for us. But the main reason why we're still using it is that we purchased the complete suite back in 2011."

Symantec Control Compliance Suite Reviews

Filter by:
Filter Reviews
Filter Unavailable
Company Size
Filter Unavailable
Job Level
Filter Unavailable
Filter Unavailable
Filter Unavailable
Order by:
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Showingreviews based on the current filters. Reset all filters
Assistant Manager Transmission Planning at a comms service provider with 1,001-5,000 employees
Real User
Top 20Leaderboard
A good security tool for vulnerability assessment and asset prioritization
Pros and Cons
  • "I find the vulnerability assessment and asset prioritization feature valuable."
  • "The support mechanism can be improved."

What is our primary use case?

There are two use cases. One is the compliance of policies or standards, and the second is vulnerability assessment. The Symantec Control and Compliance Suite helps us in the development of policies and policy lifecycles.

We perform vulnerability assessments on our technology infrastructure and compliance audits to do a compliance check on CIS benchmarks. We can perform CIS benchmarking and compliance testing with this tool. 

What is most valuable?

I find the vulnerability assessment and asset prioritization feature valuable. It actually creates a risk profile of assets. It's also good for basic infrastructure scanning.

What needs improvement?

The support mechanism can be improved. I would also like to add that it would be great if we could scan a previous date or based on the previous date's updates. Like today, if I want to run that scan on a system, if a system allows me to exclude all the patches that were released after October 2020, it will actually provide a clearer picture. This is because in October, we had these vulnerabilities, and these vulnerabilities are fixed now.

Anyway, there's no point in talking about improvements. Symantec has already told us to buy another product as they are discontinuing this solution. 

For how long have I used the solution?

We have been using Symantec Control Compliance Suite for about ten years.

What do I think about the stability of the solution?

Symantec Control Compliance Suite is a stable solution.

What do I think about the scalability of the solution?

Symantec Control Compliance Suite is scalable. We can deploy different, multiple scanners to scale across multiple geographic locations.

How are customer service and support?

The support mechanism needs improvement because whenever we went to them with a problem, the support was very poor.

Which solution did I use previously and why did I switch?

We deployed or used several products. We used Nessus, Qualys, and Rapid7. It isn't easy to compare these products. For example, I am very comfortable with the Symantec product for endpoint protection or email security, but I'm not comfortable using it for vulnerability scanning.

For vulnerability scanning, I would go with other products like Nexpose, Nessus, and Qualys. I personally rate those products better than Symantec. But for the vulnerability assessment and compliance area, and something not generic like antivirus, Symantec is good. We are also using the email gateway, which is good.

How was the initial setup?

The initial setup was simple.

What about the implementation team?

We deployed it by ourselves. My team also maintains the product.

What's my experience with pricing, setup cost, and licensing?

Symantec Control Compliance Suite was the cheaper option for us. But the main reason why we're still using it is that we purchased the complete suite back in 2011. At that time, product prices were low. Over the last ten years, there's been an annual incremental growth of prices, but our previous contract lowered the prices through renewals.

Initially, the local vendor will charge you for deployment. The rest are all patches, updates, upgrades, and everything was covered in the license, even support. But at that time, these deployment charges weren't all for Symantec Control and Compliance Suite alone. It was for an umbrella project we did with nine different products.

What other advice do I have?

The vulnerability scanning market is mature. I would recommend products like
BeyondTrust, Rapid7, Qualys, Nexpose, and Nessus. These are all good, but they have their limitations. For example, some of these products aren't specialized for network scanning, and you'll have to use another product for that.

On a scale from one to ten, I would give Symantec Control and Compliance Suite an eight.

Which deployment model are you using for this solution?

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user