Symantec Data Loss Prevention Reviews

I'm not sure about scanning speeds. In my previous experience, we had some problems and some speed issues. The data loss prevention feature is working pretty well; however, sometimes, if you want to discover or scan the data stored in the customer environment, it could take a long time. Sometimes the customer states, "I want to scan a computer," and it takes a few hours. It seems to sometimes be unnecessarily long. Reporting could be improved. The detection features are good, and the configuration is basic. It's really easy to use, or it's really to learn from scratch. However, the reporting features must be improved as the product doesn't provide us with many reporting screens. We only have an incident results screen, and we have filters we can use, and that's it. There are no other reporting features. It's really limited.

We can see everything about the users, meaning what kinds of data they use on their computers. When you install the Symantec agent on users' PCs, you define a role for the users and set the policy. We have set rights such that users can't copy sensitive data or send it via email or to USB. After, you can search monthly or yearly and see what kind of data they have used or shared and where they shared the data. We also like the analytics and reports. We can get yearly reports, six-month reports, and monthly reports for analytics that we can export. And for administrators and system engineers, it's easy to use, install, maintain, and upgrade. It's also easy for end-users. For detection, it has a great algorithm. It can recognize ID numbers and everything that you put in a policy for the end-users. That is really great for us as an institution where we have sensitive data. It recognizes all the sensitive data when someone tries to transfer it or put in other data. When that happens it sends me a notification that somebody needs to use an ID or sensitive data. Its accuracy of detection is high. Another positive aspect is that the speed of discovery is very high. We are very satisfied.

The upgrade process is convoluted. The server and database software must run in line with third-party providers like the Oracle database. If an Oracle database reaches the end of its life, then servers must be decommissioned, and you need to bring new servers online. When the maintenance packages are deployed to the management server, they don't get pushed to the detection servers. Each detection server must be manually installed rather than automatically made from a single server. If it's a large enterprise, you need to manually install it or use a GPO or some other technology, which I never use. The vendors should also give a heads-up long before updates are released so internal teams can meet their change management lead times. Some vendors don't provide enough notice. They often announce a new version or a vulnerability that needs patching a week before it comes out. It should be a month before. The upgrade packages should have better documentation on the upgrade procedure instead of prerequisites spread throughout multiple documents. The wording should be more precise.