Symantec Data Loss Prevention Reviews

The use cases depend on the industry. The use cases for the telecommunication industry and manufacturing industry are different. Typically, the tool is used for data loss prevention.

The product is mature. It has a simplified GUI. We do not have to navigate and hop to different places or UIs to make things work. Everything is in one console. We have a unified platform to do everything. Symantec has one of the best incident management capabilities. It can also be integrated with ServiceNow. We do not have to just use incident management on the Symantec Data Loss Prevention console. We can use ServiceNow, too.

Symantec Data Loss Prevention is a one-stop solution for DLP. Reporting for incidents is a USP of the solution. We get all the details we need. If I detect something but my incident response is weak and does not give me accurate or required details, then it's useless. Any detection will not help me if I do not take prompt action.

The product must provide data encryption. It is integrated with Microsoft MIP to import the labels. It can be used to apply RMS to the files. However, the product must also enable data encryption other than RMS. Elastica must be more flexible and user-friendly. The documentation on the cloud CASB must be more mature. Symantec must reconsider how it is sold to the end user.

I have been using the solution for eight to nine years.

I have never seen Symantec Data Loss Prevention crash or stop working.

I rate the product’s stability a ten out of ten.

Since the solution is deployed on-premise, the scalability depends on us and how much we want based on the resources available. However, the product is very scalable. We just have to get the server installed and connected, and it starts working.

The support people don’t just email us to say they have taken our case. One of the best things is that they give us details and ask about our problems. They prefer getting on calls, which support people from other vendors do not do. Other support teams usually email us and ask us questions. The conversation is only through emails.

Symantec’s support team asks for details initially and tries to get on a call to understand the problem well. They do not wait for five to six days to respond. The response is quick. The engineers at L1 and L2 also know how the product works. It would be one of the best things when the L1 engineer resolves a critical issue caused by bugs. If the issue is due to other environment-related issues, the L2 engineers get on a call and help us.

The price is a bit high. I do not know Symantec’s sales model, but the pricing is high. Currently, Symantec is providing solutions to certain big customers. I do not think it is good. It deprives other organizations of a very good product.

The solution is more mature than Purview. Symantec Data Loss Prevention is an enterprise product. It is very mature and has different modules. Symantec’s technical team and the end users know the product well. If Microsoft updates something in the backend, the product functionality changes the next day, and we are unaware of it. It is not good when we work in security.

We are partners. I rate the CASB product five out of ten.

Overall, I rate the solution a ten out of ten.

Symantec DMP is for preventing the loss of data from any part of the network, for example, from the network to the core of the data. It has many props, or as it's called in Symantec DLP, "detection servers." There are many detection servers, such as prevention servers and discover servers. Although they can be installed on one server, they can also be deployed on many servers, and they will prevent data leakage in a powerful manner.

Symantec DLP has many servers, and the solution is very powerful because you can use it in ports, endpoints, networks, and email servers to prevent the leakage of emails. DLP can be integrated with Symantec encryption. It's very important because you can integrate these products, and they will protect against the leakage or loss of data. For example, when someone loses flash memory, you can run the automatic response in DLP and encryption, and the flash memory will be encrypted. In the case of the loss of flash memory, it could be easily protected with automatic rules.

Symantec DLP could be better. Symantec DLP is very scalable, but while some other products have been improved in years, Symantec DLP is using core steel, and Symantec could be better with infrastructure.

I've used Symantec DLP for about nine or even ten years.

Symantec DLP is a stable product, and I give its stability a ten out of ten. I have had the solution break down, but it was a user interruption.

I give Symantec DLP's scalability a nine out of ten.

The initial setup is difficult. You need knowledge to use it. Symantec uses Oracle for the database, and not everybody can work with Oracle.

The solution takes one day, but only for server installation. But that is because it has a template. When you deploy the template on an Oracle database, it will take about 30 minutes to deploy the template.

I think that it's an expensive product, even as an enterprise-suite product.

I rate Symantec DLP a nine out of ten. Because of ransomware attacks, you must use a DLP in your environment in today's world.

Our primary use case for Symantec Data Loss Prevention revolves around addressing internal data security concerns, particularly email communication and data leakage prevention.

Symantec Data Loss Prevention has significantly improved our organization, particularly regarding data management and incident response. The solution has streamlined internal processes and enhanced data security measures. By integrating Symantec into our management systems, we've achieved better packaging and handling of sensitive information.

The most valuable features of Symantec Data Loss Prevention (DLP) are the Optical Character Recognition (OCR) functionality and its automation capabilities.

The product's pricing and support services need improvement.

The platform is stable. Initially, there were minor delays during the setup phase, especially when implementing certain features on the cloud. However, these issues have been resolved over time, and the system runs smoothly. It has been consistently reliable for the past three years. While it may demand slightly higher bandwidth, it remains easily adaptable to any network environment.

I rate the platform's scalability a nine out of ten. Currently, we are working with three companies as our customers for the product, one of which boasts over 10,000 users.

Our experience with customer service and support has improved over time. Previously, we encountered technical issues and concerns while working in the same area of DLP. However, in 2020, we noticed a positive shift. The team has become more responsive and effective in addressing our needs. The personnel handling technical support are helpful.

To deploy Symantec to protect sensitive information in our company, we implement various policies such as web, endpoint, mail, and cloud prevention. While the deployment process itself is simple, there is a requirement for an Oracle database, which can add a layer of complexity, particularly for smaller businesses that may not have the infrastructure readily available. However, we offer a software solution that manages this aspect. We leverage both on-premises and cloud-based functionalities, with customization options available for policies. Default configurations work well for cloud-based deployments, and we utilize comprehensive licensing packages. Cloud management simplifies deployment and implementation tasks significantly compared to on-premises setups, reducing the burden on our team and clients. However, there can be challenges when transitioning existing customers from on-premises to cloud-based solutions, particularly regarding feature availability and accessibility.

The platform is expensive.

The platform provides valuable data for preventing loss in various ways. It operates on a cloud-based platform and is beneficial through email and the web.

The incident response capability has been instrumental in mitigating potential data loss. The response agents are deployed strategically, and licenses govern their access. It ensures that only authorized personnel with the appropriate IT label can intervene.

I rate it an eight out of ten.

We use the product to mitigate the malicious attack and prevent data loss for specific servers.

The product helps with blocking sensitive data transmission and permission management.

The product's technical support services need improvement.

We have been using Symantec Data Loss Prevention for three years.

It is a stable product. I rate its stability a nine out of ten.

We have 20 Symantec Data Loss Prevention users in our organization. We use it daily. I rate its scalability a seven out of ten.

The technical support team replies slowly. The process needs enhancement.

Positive

The initial setup takes a few days. However, overall, it requires a month to fine-tune the components. The deployment team includes one or two vendor executives and multiple teams from our organization. One executive can easily maintain the product. I rate the process a seven out of ten.

We take help from third-party integrators for product implementation.

The platform is not very expensive. I rate its pricing an eight out of ten.

I recommend Symantec Data Loss Prevention and rate it a seven out of ten.

It's important for information security due to the fact that it's a powerful solution. It defines sensitive secret data on the customer's environment and monitors for any breaches.

There are two things this solution has helped improve. 

In terms of the DLP, it can protect from data breaches in your company since you need to define secret and sensitive data in your organization. And the DLP solution monitors all of this data. For example, if you have personal data, you can define this data to the DLP, and then, if someone tries to send this data outside of your organization, this solution would prevent that data breach or generate an alert. 

The second way the DLP solution can help is by implementing best practices. For example, every organization has a business flow. This business flow can sometimes be wrong according to regulations. For example, with GDPR, if you are working with European customers, European clients, or European residents, you need to follow GDPR regulations. Or, if you are working with the payment industry or storing credit card data, you need to follow PCI DSS rules. This DLP solution can help customer organizations ensure they follow best practices.

The level of simplicity in terms of ease of use is moderate. It's not easy to implement. There are some requirements from organizations. For example, businesses must be rated to implement this solution. If businesses want to implement data loss prevention or information security policies, they have to be accredited. However, with Broadcom's product, it's easy to implement. There are modules you can deploy and use. It's easy to plan and easy to deploy, however, you do need to have a proper plan in place.

If we compare with other solutions, Broadcom's Symantec Data Loss Prevention has different kinds of detection techniques. It's just keyword, structural data, OCR, or a combination of all these metrics.

The accuracy in terms of the rate of detection is good. I have worked with big enterprises with this solution. For example, we had 30,000 endpoints with the data loss prevention solution, and I also managed 10,000 clients with Symantec Data Loss Prevention. The accuracy has been pretty good. You just need to fine-tune your policies. If you create policies in the proper way, Symantec works really well.

DLP helps us find sensitive data and apply policies based on user risk. First of all, we need to define which data is sensitive and which data is secret. DLP couldn't find it by itself. Therefore, we need to create a normal policy. Then DLP can manage this risk. 

The solution comes with a default configuration. This can be adjusted. If you need to follow GDPR requirements and GDPR defines your personal sensitive data, you can adjust for that. You can set predefined detectors. You can use this in a policy to protect yourself and ensure compliance.

DLP has helped to reduce the work or the time our DLP administrator spends on data loss protection.

It's a consistent product. You just need to create a policy one time, and then you can apply it to all of the channels you are monitoring.

I'm not sure about scanning speeds. In my previous experience, we had some problems and some speed issues. The data loss prevention feature is working pretty well; however, sometimes, if you want to discover or scan the data stored in the customer environment, it could take a long time. Sometimes the customer states, "I want to scan a computer," and it takes a few hours. It seems to sometimes be unnecessarily long. 

Reporting could be improved. The detection features are good, and the configuration is basic. It's really easy to use, or it's really to learn from scratch. However, the reporting features must be improved as the product doesn't provide us with many reporting screens. We only have an incident results screen, and we have filters we can use, and that's it. There are no other reporting features. It's really limited. 

I've been using the solution for five years. 

The scalability is easy. You just need to install core components and then you scale. You create a new server, and then you can add 10,000 clients, for example. 

I work with Symantec technical support. If you don't have premium support; it's not easy to fix your issues via technical support.

I've not had the best support experience. I know for other products it's the same. Technical support is usually the weakest part of the company if you are creating a ticket to fix an issue. It was really hard to manage the ticket status. You're always waiting for someone else just to get back to you. It's not easy to manage support. You really need to push them to fix issues. They always say the same thing, and it takes a long time to resolve things. 

I've worked with other support teams, and they have been pretty good. For example, the encryption support team is very good. This support team, you really have to push to escalate. 

Negative

I used, for a limited time, ForcePoint DLP and McAfee DLP.

I've handled deployments in the past. I've deployed four or five organizations from scratch.

The setup process is moderate in terms of difficulty. You need to plan which channels you want to monitor. This solution uses Oracle Database, and you need to calculate scalability and extensions. It's not too easy, and it's not the hardest.

If you deploy the DLP properly, you need to have business support from the business side. Two or three people can deploy this solution or all required service policies, et cetera. However, we need support from the organization since you couldn't define a policy by yourself. You need to understand what data is important and which data is sensitive. You need to talk with all of the stakeholders. For example, software developers. You need to sit with them, and you need to talk about what they are working on, and which data is important. You need to talk with human resources, finance, the entire company.

Generally, we deploy the solution in a central way. We will have one central management console and then granular access for stakeholders. For other business functions, for example, we can create a GDPR policy for the HR business since we need to follow the guidelines. And then, other shareholders can access the central data to granular access. 

In the past, I have deployed 26 DLP components into an organization with 2000 clients. It was a huge project.

Once deployed, you need to maintain the solution. You need to follow product updates. Databases are updated with new features and security fixes. A database update is not very common. You just need to update the database once a year. Also, for example, if a new Windows or Google Chrome, or Firefox version becomes available, you will also need to update your DLP product. Every three or four months, you likely have maintenance tasks related to updates. 

I work as an integrator. I work with clients and customers and uncover what they want to achieve, what their situation is, and which resources they have got in their data center. Once I have completed deployment with them, I work as an integrator and as a consultant.

I am not aware of the exact pricing of the solution. 

I have worked with different customers, and we have evaluated different DLP solutions for our customers. However, all of my experience is a limited experience. I have one year of experience with ForcePoint and McAfee DLP.  

Customers or enterprises looking for the best detection options would need to look at Symantec Data Loss Prevention as it has the best detection options. 

The other solutions just follow basic keyword detection. A complete DLP solution should monitor all of the other aspects. Symantec has powerful monitoring features and options that can provide us with much more than just basic options.

I work as an integrator.

While the solution may support Mac and Linux, Windows endpoints are more important. Every business uses IT directories and manages internal clients with Windows. Symantec already supports Mac endpoints, just not Linux clients or Linux agents. However, that's not a common thing anyway. It's a special condition. You will need a Linux agent if you are using those servers in your environment. Generally, we don't need to install a server-level agent. We also monitor a gateway-level inspection. For example, if your server is open to the internet, generally from a security perspective, the security personnel must follow a gateway-level inspection.

And the end of the day, this works for a Windows client. Generally, we don't require Linux agents for the data loss prevention solution. However, it depends on the business and it depends on the environment.

If someone just wants to use the cheapest option available, they likely will get just keyword detection. They might not get OCR or email attachment monitoring. 

I cannot say that Symantec has helped reduce operating costs. However, I can say that, in general, if you don't lose data, you don't lose money.

I'd rate the solution nine out of ten. The reporting and technical support are not the greatest; however, overall, the product is good.

If an organization has a proper data classification solution or qualification levels in their organization, a DLP implementation will be much easier for them. Otherwise, they will have to work on their DLP deployment policy creation, and then they have to create a data classification policy. 

We use Symantec DLP for endpoint, network, and storage data loss prevention. Symantec DLP is deployed across multiple locations and departments, covering around 10,000 users. 

With Symantec DLP, we can identify where most of our sensitive data resides. By scanning the database and file server, we can find sensitive data and determine how people use it with the analytical view. For example, we discovered someone copying some sensitive data and project information during their two-week notice period. The SOP for any solution implemented in the infrastructure is placed in SharePoint. They tried to copy that information and send it to their personal email. We identified the potential leak and notified the leaders of the firm.

The endpoint DLP isn't something that provides 100 percent coverage. It is a strategic solution and a process by which we strengthen rules and policies for detecting and identifying sensitive information and how it can leave the company. The DLP solution doesn't provide total coverage, but it can protect about 70 percent of our daily process activity. It also reduces the time DLP admins spend on these tasks by about 20 percent.

Symantec also helps us meet our regulatory requirements. Symantec DLP has preset rules for PCI DSS compliance that we can use to monitor if any users are sending credit card numbers to outside parties. It has similar features for compliance with GDPR and other types of regulations.

The most valuable aspect of Symantec DLP is its broad coverage. Symantec DLP covers USB, Outlook email clients, and web traffic. If we install the endpoint DLP, we can cover multiple channels, including the clipboard and printer. 

What distinguishes Symantec from other solutions is the technology to create policies based on our customer's requirements, like ID items and index documents. We can fingerprint our documents so that any attempt to send the data outside the organization is detected. Symantec DLP has Described Content Matching if you need to send unstructured data. We can carry out the rule with the Described Content Matching technology. 

This enables us to create multiple rules. Symantec offers various technologies, like Index Document Matching, Described Content Matching, and Exact Data Matching. We can also create rules for structured data stored in the Excel database.

In addition to these features, Symantec DLP also provides email traffic monitoring, giving us visibility into on-prem Exchange email servers and cloud-based tools like Office 365. We can extend DLP detection to all email and SMTP traffic. 

I rate Symantec DLP a ten out of ten for ease of use and implementation. It's easier to use than other DLP solutions. 

The detection capabilities are also excellent. I rate Symantec DLP eight and a half out of ten for detection. I give Symantec an eight out of ten for accuracy and seven out of ten for scanning speed. 

Symantec DLP doesn't provide complete cloud coverage. We need another DLP solution to monitor our cloud applications. 

I've used Symantec DLP for around five years.

Symantec DLP is stable. 

Symantec DLP is scalable.

I rate Symantec's support an eight out of ten. 

Positive

I used Forcepoint and McAfee. Symantec is easier to implement and manage. The coverage is also better. Symantec easily covers email and web traffic. I rate Symantec's detention capabilities an eight out of ten versus seven for Forcepoint and five for McAfee.

Deploying Symantec DLP is a little complex. We had to create an Oracle database when we implemented the solution. That part was difficult, but the rest was straightforward. 

There are three phases of implementation and many tasks in the beginning. First, we had to identify our sensitive data, where they are, and how they are being used. It was a long process initially. After finding all those things, we implemented the DLP solution in the infrastructure. We had been using an endpoint DLP, which didn't cover most email traffic, so we implemented email and web DLP.

We had to do a lot of work in the early stages, but the solution doesn't need much oversight once it's mature in the infrastructure. One or two people can manage it. I and one of my team members administer it. Two other people handle the incident management. Few changes are required after it is fully deployed and mature. You occasionally need to modify some rules and add some exceptions. 

The initial installation took about a week, but it takes nearly a month to configure all the policies. Two admins and one engineer were responsible for the deployment. Maintenance involves the database, networking team, and DLP teams. That's five people altogether.

Symantec saves us time and costs. It enables us to easily monitor all the incidents and quickly configure policies. The solution reduced our operating costs by about 20 to 25 percent. 

Symantec's pricing is competitive. I would recommend Symantec DLP over cheaper solutions because it provides a broader range of detection across various channels that isn't easy to achieve with other solutions. The solution also makes compliance with multiple regulatory regimes easier. 

I rate Symantec Data Loss Prevention an eight out of ten. 

Symantec Data Loss Prevention is an enterprise-level solution and we utilize it for its customization, and flexibility across the platform as well as the excellent support and feature levels compared to other similar solutions.

There is still potential for improvement when it comes to data discovery over a network. How successful the process is depends largely on the network configuration and connectivity to the destination. Utilizing a detection server or network discovery can help facilitate the data discovery process. Recently, I discovered around 15,000 to 20,000 shareholders for Symantec using DLP for data discovery. Agent Discovery is also highly effective, with no performance issues showing up when performing endpoint discovery for the Symantec database.

I have not had much experience working with Macs, but they come with an in-built security feature. This can be challenging to work with, as not all features are supported in comparison to Windows. However, the solution recently became compatible with the Linux operating system, allowing us to deploy agents on this system as well.

Symantec Data Loss Prevention is a globally accepted product that provides an enterprise-level view of an organization. Although some of the features the solution offers are being utilized, there is still more potential to be explored if the organization puts more focus on using them to their fullest potential. Recently, the ICD or ID features, which cover all increase points and every other technology, were introduced. The solution provides features that correlate all events and generate top results. In DLP, the role bit and success management are present, allowing us to escalate incidents. We can also define an escalation process, allowing data owners to view incidents and escalate them as necessary. This functionality is provided by the solution. The primary goal of the DLP is to monitor and control the organization's data usage, as well as to facilitate audibility and accountability. Symantec Data Loss Prevention is well-suited to fulfill these needs.

The solution helps us find sensitive data and apply policies based on user risk. We can use indexing for highly confidential documents that are not to be published or shared with more than two to five people outside of the organization, such as the board of directors. Indexed Document Matching is a useful feature that can help ensure that the document remains secure. We can create remote detection over the product and map the UNC part. The data owner will put the file of a particular document, which will be converted into IDX format. We can then apply the policy remotely so that the data will not come to the DLP admin or any other person and will remain protected.

The solution offers a range of pre-defined data identifiers to meet all regulatory requirements, such as those mandated by the GDPR, PHI, PCI, and USUN. These data identifiers can be used to identify and protect personal data globally.

The solution helped reduce the time our DLP administrator spends on data loss protection. Spending time monitoring the data is essential. We have to stay up to date and investigate any issues that arise in order to improve health monitoring by fine-tuning incidents and reducing false positives because automation is not available. 

The solution offers a one-click view from a single console, with detailed incident investigation capabilities that capture activity from end users, the web, and email. Symantec Data Loss Prevention provides comprehensive information conveniently and efficiently while also conforming to good architectural standards.

Compared to Forcepoint DLP, we can see that the email is not available. In Symantec, we are dependent on other products, such as DashMagiq, to release quarantined emails. This is because DashMagiq is able to do this through its API integration with the Office 365 email box. Unlike Forcepoint DLP, we don't have the option to release quarantined emails ourselves.

The detection capabilities are comprehensive. The solution covers all channels and supports cloud scanning. Additionally, the cloud-based solutions provided by CASB offer additional functionalities and now include AdvExt.

Symantec Data Loss Prevention has good detection accuracy. In some instances, the solution can produce a false positive. The solution's Application Monitoring feature allows us to monitor data that should be uploaded through an application; however, it can trigger an incident when the application is opened. The features provided by Broadcom are generally practical, but some of the less-used features may not be as accurate.

Before the release of version 16.0, some features were missing. Location-based detection and USB print blocking are still not available. This means we cannot configure the blocking of a USB printer, and we also cannot identify whether a system is on the network or off the network in a large environment. Additionally, the feature that is currently available is not fully operational. The domain-based resolution can sometimes take time to determine whether the system is accessible over the network or not.

From a management perspective, it takes a lot of time to manage the infrastructure. It seems that having cloud options available would reduce the overhead of managing infrastructure. Depending on the organization, we can choose to have the solution on-premises or on the cloud. If we choose the cloud, we can focus more on data loss prevention instead of managing the infrastructure.

I have been using the solution for seven years.

Both the free and paid technical support from Symantec are good.

Positive

I give the solution a nine out of ten.

We have some sectors that have sensitive data, and for that reason we use  Symantec Data Loss Prevention. We have some policies on those sectors so that if somebody uses an ID number or some other sensitive number, we record it in our system.

The benefit is that users can't copy or send sensitive data to another user outside our organization.

It has also helped save so much time. For me, as an administrator of the agents, who installs and puts group policies and rights in place, it saves me 20 or 30 percent of my time.

We can see everything about the users, meaning what kinds of data they use on their computers. When you install the Symantec agent on users' PCs, you define a role for the users and set the policy. We have set rights such that users can't copy sensitive data or send it via email or to USB. After, you can search monthly or yearly and see what kind of data they have used or shared and where they shared the data.

We also like the analytics and reports. We can get yearly reports, six-month reports, and monthly reports for analytics that we can export.

And for administrators and system engineers, it's easy to use, install, maintain, and upgrade. It's also easy for end-users.

For detection, it has a great algorithm. It can recognize ID numbers and everything that you put in a policy for the end-users. That is really great for us as an institution where we have sensitive data. It recognizes all the sensitive data when someone tries to transfer it or put in other data. When that happens it sends me a notification that somebody needs to use an ID or sensitive data. Its accuracy of detection is high.

Another positive aspect is that the speed of discovery is very high. We are very satisfied.

I would like to see changes to the analytics. 

I have been using Symantec since 2018, making it about five years.

It has constantly worked fine for me all these years. I haven't had any problems with it. It's highly stable.

It's also highly scalable.

The support could be more knowledgeable.

However, the firm we bought it from supports me very well. I would rate that firm a 10 out of 10.

Positive

We have only used Symantec File Share Encryption and Data Loss Prevention.

We have it installed on-premises on virtual services.

Deploying it to the end-users was not complex. It was very easy for me. I installed it on about 40 computers, each used by two users, who are all in one location. It took two or three weeks in total.

In terms of maintenance, I maintain the agents and all the servers where Symantec is installed.

I would highly recommend Symantec DLP. This is the best algorithm that I have seen compared to other products.