Symantec Data Loss Prevention Reviews

Our customers mostly use it for data discovery, content monitoring, and policy enforcement.

The most valuable aspect of Symantec DLP is its powerful policy system. It helps us control data, like making sure nothing leaves our setup. The policy management console is user-friendly, and it offers a range of options to suit our specific requirements.

There is room for improvement in the remote control capabilities of the DLP solution. Currently, if the client-side agent is not installed, there are limited features available, and remote management through the manager portal is lacking. This is particularly important for users on VPN who would benefit from full remote control and management features.

I have been using Symantec Data Loss Prevention for a year.

If we had the remote control feature, it would significantly improve the overall stability level of the solution. I would rate the stability as an eight out of ten.

I would rate the scalability of Symantec Data Loss Prevention as a seven out of ten. It could use some improvement. We have eight users of the solution at our company. This product is not designed for small or medium businesses; it is intended for enterprise-level use, particularly in sectors like banking, finance, and insurance. We currently serve about ten enterprise customers who utilize the DLP features of the product. We have a few hundred clients using the solution.

I would rate the technical support as a nine out of ten. It is fantastic.

Positive

Our deployment process begins by understanding the customer's requirements and ensuring they have the necessary server infrastructure in place. We then install our DLP product on the customer's site and set up data agents. The customer is responsible for installing the agent on their users' devices. We proceed by creating and applying data protection policies tailored to their specific data requirements. Many of our customers have a lot of sensitive data, so they worry about its safety even after we've applied the rules. I would rate the easiness of the initial setup as a seven out of ten. It is quite user-friendly. The deployment time for this product varies based on customer needs and availability. If everything goes smoothly, it typically takes around one and a half months to deploy all the necessary components, including agents and other requirements. 

I am a technical person, so I don't have specific pricing details. However, I consider it to be in the average to moderately expensive range because it is tailored for enterprise use, not SMBs. Pricing can vary depending on specific needs and configurations.

My advice to people who are considering implementing Symantec DLP is to request a demo to see how it works and experience its features. Subscribing to these features, applying policies, and learning about the advantages will help them make an informed decision about whether it meets their specific needs. Overall, I would rate it as an eight out of ten.

We have some sectors that have sensitive data, and for that reason we use  Symantec Data Loss Prevention. We have some policies on those sectors so that if somebody uses an ID number or some other sensitive number, we record it in our system.

The benefit is that users can't copy or send sensitive data to another user outside our organization.

It has also helped save so much time. For me, as an administrator of the agents, who installs and puts group policies and rights in place, it saves me 20 or 30 percent of my time.

We can see everything about the users, meaning what kinds of data they use on their computers. When you install the Symantec agent on users' PCs, you define a role for the users and set the policy. We have set rights such that users can't copy sensitive data or send it via email or to USB. After, you can search monthly or yearly and see what kind of data they have used or shared and where they shared the data.

We also like the analytics and reports. We can get yearly reports, six-month reports, and monthly reports for analytics that we can export.

And for administrators and system engineers, it's easy to use, install, maintain, and upgrade. It's also easy for end-users.

For detection, it has a great algorithm. It can recognize ID numbers and everything that you put in a policy for the end-users. That is really great for us as an institution where we have sensitive data. It recognizes all the sensitive data when someone tries to transfer it or put in other data. When that happens it sends me a notification that somebody needs to use an ID or sensitive data. Its accuracy of detection is high.

Another positive aspect is that the speed of discovery is very high. We are very satisfied.

I would like to see changes to the analytics. 

I have been using Symantec since 2018, making it about five years.

It has constantly worked fine for me all these years. I haven't had any problems with it. It's highly stable.

It's also highly scalable.

The support could be more knowledgeable.

However, the firm we bought it from supports me very well. I would rate that firm a 10 out of 10.

Positive

We have only used Symantec File Share Encryption and Data Loss Prevention.

We have it installed on-premises on virtual services.

Deploying it to the end-users was not complex. It was very easy for me. I installed it on about 40 computers, each used by two users, who are all in one location. It took two or three weeks in total.

In terms of maintenance, I maintain the agents and all the servers where Symantec is installed.

I would highly recommend Symantec DLP. This is the best algorithm that I have seen compared to other products.

We use DLP to monitor network traffic and prevent sensitive data from being exfiltrated outside of the company. Symantec also helps us discover data at rest in an environment that may be sensitive. The solution covers more than 10,000 users across various business units and layers, including endpoints, networks, and storage.

DLP is a control instrument for ensuring that an organization complies with regulatory requirements. For example, banks have requirements for storing credit card data, GLBA regulations, etc. DLP can help a bank avoid fines and protect it from civil liabilities.

Companies are audited annually, and DLP improves their risk posture. It ensures business operations won't get shut down because we don't know what we don't know. There are also internal threats, such as people leaving with privileged information on a USB. For instance, an earnings report could be stolen by a disgruntled worker and leaked to competitors. Symantec provides good definitions in the rule set. It can be customized to scan inside documents and pattern-match any unstructured data to comply with what the company needs.

The data-at-rest features are the most valuable because they let us identify data infected with ransomware and prevent employees from being exploited through phishing attacks. If an employee is compromised, the attacker can access servers and deposit ransomware. This enables the attacker to exfiltrate data remotely using employees' credentials. It might be valuable data that could cause a business reputational and financial damage if stolen and publicized. It could also be credit card data or personal health information stored on critical servers.

The false positive rate is excellent. It's about 90 percent accurate and gets better as we fine-tune the rule sets. When we have new incidents, we can work to lower the overall risk based on user behavior on the endpoint, the kinds of data we out on SharePoint, and the type of web or FDP traffic generated internally. I assess the effectiveness of a policy based on the number of false positives generated. We need to tune the rule set if it's greater than 20 percent. 

The solution's data recovery is fast. It depends on the size of your storage, but I have no complaints about the speed of data recovery because there are several detection servers with the necessary horsepower to handle the amount of data that needs to be discovered. It could be remotely scanning a SharePoint server or a file server. The local agents can process data in the expected timeframe.

The upgrade process is convoluted. The server and database software must run in line with third-party providers like the Oracle database. If an Oracle database reaches the end of its life, then servers must be decommissioned, and you need to bring new servers online.

When the maintenance packages are deployed to the management server, they don't get pushed to the detection servers. Each detection server must be manually installed rather than automatically made from a single server. If it's a large enterprise, you need to manually install it or use a GPO or some other technology, which I never use. 

The vendors should also give a heads-up long before updates are released so internal teams can meet their change management lead times. Some vendors don't provide enough notice. They often announce a new version or a vulnerability that needs patching a week before it comes out. It should be a month before. 

The upgrade packages should have better documentation on the upgrade procedure instead of prerequisites spread throughout multiple documents. The wording should be more precise.

I have used the solution for ten years.

Symantec DLP is highly stable. I've operated on Linux and Windows. Linux is stable and doesn't require much patching, but Windows requires more patching, and the service sometimes needs to be restarted. 

Symantec DLP has unlimited scalability if you buy enough licenses. Symantec has servers in the USA, Canada, Asia, and Europe that manage policies differently. For example, Europe has its own compliance rules for GDPR. Incident response can be managed well and segmented away from the rest of the world. You can implement Europe-specific policies. 

I rate Symantec technical support a seven out of ten. 

Neutral

I previously used an appliance called Websense to analyze traffic for data loss. I used other Broadcom tools before Broadcom bought Symantec called Broadcom Proxy and CloudSOC Gateway. I didn't switch from Websense to Broadcom. It was just something I tried, so it wasn't a full deployment. Symantec DLP is head and shoulders above the competing on-prem DLP solutions.

There are a few tricky parts when setting up Symantec DLP, but it's straightforward overall. We used an integrator for the deployment and didn't experience any hiccups after they were finished. About ten people from my company were involved. 

We have two or three people doing maintenance on the solution, like weekly health checks to ensure services are running and traffic flows through the console dashboard. We need to check the incidents generated from the detection servers and verify that everyone can log in. The main part of maintenance is periodic system updates and vulnerability patches.

We see an ROI. During testing, I found it captures and blocks immediately. DLP is able to perform the necessary alerts. We can work with the business and get them on board to see what kind of data they use. We can assign the right roles and manage each business to assess its performance in terms of data loss. Symantec enables us to generate reports to show if their security posture or data loss is changing over time. It's a valuable tool that does what it claims. 

The price of Symantec DLP is fair. I don't recall the cost of the license, but it wasn't outrageous enough that it was an obstacle to approval. I'm not concerned with how much per seat or server, but I know they charge a lot. 

If you're thinking about going for a cheaper solution, I suggest a close comparative analysis of the strengths and weaknesses of each solution by researching online and reading the vendor's documentation. You have to define your security requirements and look at factors like false positive ratios and whether it meets your compliance needs. Some companies only need to meet the minimum regulatory requirements, so a cheap solution that ticks all the right boxes might work. However, if security is the primary goal, you should compare the strengths and weaknesses of that cheap vendor against two or three other DLP vendors.

I didn't evaluate other solutions before choosing Symantec DLP this time, but I evaluated other DLPs for different projects. However, those were cloud-based DLPs, so it's not an apples-to-apples comparison. 

I rate Symantec Data Loss Prevention an eight out of ten.

We primarily use the solution to follow a process that's already come in. If anyone takes a snap of anything, we can see that. Anything sent through email, uploaded to a drive, or shared to a public drive can be extracted by the DLP agent. 

Whatever features Symantec has provided have all been valuable. The indexing features, where if anyone captures the image of the data, then it can be extracted to any of the channels, is quite useful. If you have a point DLP, email DLP, network DLP, et cetera it can capture that. 

It offers a pretty straightforward setup process. 

The solution can easily scale. 

It is stable. 

The support has been pretty decent.

The sensitivity to the agent path could be improved. Some of the false positive reporting could be detected by Symantec DLP better. 

Auto-parsing is required. We need to have agent auto-parsing. 

We need better clustering. Right now, the total amount of clusters depends upon Oracle. Instead of Oracle, the application-level cluster would be ideal.

Beyond that, we don't really need any new features as Symantec already offers pretty good items.

I've been using the solution for four years. The last time I used the solution was six months ago.

It's been stable and reliable. There are no bugs or glitches, and it doesn't crash or freeze. I'd rate stability eight out of ten. 

The solution is scalable. It expands easily. I'd rate the ability to scale nine out of ten.

We have about 15,000 people using the DLP part of Symantec.

Broadcom acquired the Symantec DLP, and they're supporting it nowadays. Since they are now giving the support via a partner, we find we get support right away.

I've also worked with Forcepoint DLP. It has a feature that allows for time-based user transfers. 

We have found the initial setup to be straightforward. I'd rate the ease of deployment nine out of ten. It's not overly complex in any way. 

Symantec already provides onsite authentication, Magneto integration, and email integration as a part of the product.

I don't handle the pricing. I'm not a part of the sales or purchasing team. 

We're a Symantec partner. 

I'd rate the solution nine out of ten. 

The primary use case for this solution is ensuring compliance. Organizations that handle sensitive data find it crucial to implement a data loss prevention solution to prevent unauthorized data breaches.

One of the most valuable aspects of this solution is its integration capabilities with Office 365. This integration enables comprehensive monitoring and control over data leaving the organization.

A significant area for improvement in the product is reducing the number of agents required and improving integration as a unified client ecosystem.

Integrating artificial intelligence to automate policy creation based on user behavior and data sensitivity would be highly beneficial

I have been using Symantec DLP since 2013.

I rate the product stability an eight. 

I rate the product scalability an eight or nine out of ten. 

Symantec has a good support network. However, since the acquisition by Broadcom, support has become more challenging, although some regions still provide excellent support.

The installation process for this solution, based on my experience, is straightforward and user-friendly, ensuring minimal disruption during deployment.

It can be deployed on-premises and in hybrid models, providing flexibility to organizations based on their specific security and operational needs.

The product is high-priced. However, it is worth it for the comprehensive data protection it provides.

We have considered products from other vendors like Microsoft, Forcepoint, McAfee, and Trend Micro. However, Symantec covers all aspects and use cases effectively.

Incident response capabilities are integral to this solution's functionality. It features robust workflow controls that facilitate timely and effective responses to security incidents.

I rate it a nine out of ten.

Our company is a partner and deploys the solution for customers as a management server and email network.

The solution is simple to use with good administrative controls and a console that is easy to understand. This is particularly important because end users are security engineers, CSOs and compliance managers with minimal technical knowledge. 

The DLP is very effective on the application side because there is a control on both endpoint and network storage. These components are separate from each other which needs to be planned out carefully but reduces server needs. 

The solution should integrate with other databases because it relies on Oracle which is not financially feasible for many customers, particularly in small or poor countries. Oracle is very expensive on the cloud side. 

Operational costs are too high for small offices that rely on Microsoft Office, so they instead opt for free yet powerful databases such as MySQL. 

Data tagging and classification would be useful because multiple agent roles are needed solve issues. 

I have been using the solution for ten years. 

The network and storage are very stable. 

I've experienced a few issues with the DLP agent on the windows side when operating systems are mismatched or there is an issue with a group policy. 

The solution is scalable. 

The effectiveness of technical supports depends on the agent. Support from America is good because they immediately direct you to a person or department knowledgeable in your issue. 

For example, American support asks if deployments are new or old and then opens the appropriate case type which speeds up the process. 

I rate customer support a seven out of ten. 

Neutral

The initial setup and implementation are very straightforward. 

Setup is very clear and much easier than McAfee or Forcepoint. 

I rate setup an eight out of ten. 

We implement the solution for our customers. 

The solution's pricing is based on a license model. 

The DLP category is very competitive and we implement tools based on our client's needs such as the solution, Forcepoint, and Microsoft. 

Competitive products don't even compare to the solution with regard to its capabilities. 

The only reason to choose another solution is budget because the solution requires licenses for the product and the database. 

I rate the solution a seven out of ten. 

Our primary use case for Symantec Data Loss Prevention revolves around addressing internal data security concerns, particularly email communication and data leakage prevention.

Symantec Data Loss Prevention has significantly improved our organization, particularly regarding data management and incident response. The solution has streamlined internal processes and enhanced data security measures. By integrating Symantec into our management systems, we've achieved better packaging and handling of sensitive information.

The most valuable features of Symantec Data Loss Prevention (DLP) are the Optical Character Recognition (OCR) functionality and its automation capabilities.

The product's pricing and support services need improvement.

The platform is stable. Initially, there were minor delays during the setup phase, especially when implementing certain features on the cloud. However, these issues have been resolved over time, and the system runs smoothly. It has been consistently reliable for the past three years. While it may demand slightly higher bandwidth, it remains easily adaptable to any network environment.

I rate the platform's scalability a nine out of ten. Currently, we are working with three companies as our customers for the product, one of which boasts over 10,000 users.

Our experience with customer service and support has improved over time. Previously, we encountered technical issues and concerns while working in the same area of DLP. However, in 2020, we noticed a positive shift. The team has become more responsive and effective in addressing our needs. The personnel handling technical support are helpful.

To deploy Symantec to protect sensitive information in our company, we implement various policies such as web, endpoint, mail, and cloud prevention. While the deployment process itself is simple, there is a requirement for an Oracle database, which can add a layer of complexity, particularly for smaller businesses that may not have the infrastructure readily available. However, we offer a software solution that manages this aspect. We leverage both on-premises and cloud-based functionalities, with customization options available for policies. Default configurations work well for cloud-based deployments, and we utilize comprehensive licensing packages. Cloud management simplifies deployment and implementation tasks significantly compared to on-premises setups, reducing the burden on our team and clients. However, there can be challenges when transitioning existing customers from on-premises to cloud-based solutions, particularly regarding feature availability and accessibility.

The platform is expensive.

The platform provides valuable data for preventing loss in various ways. It operates on a cloud-based platform and is beneficial through email and the web.

The incident response capability has been instrumental in mitigating potential data loss. The response agents are deployed strategically, and licenses govern their access. It ensures that only authorized personnel with the appropriate IT label can intervene.

I rate it an eight out of ten.

We use this solution for exact and index data matching, vector machine learning and endpoint prevention. We can use USB, make the solution notify a block policy and make response rules. It allows us to add the directory indication, make the agent configuration from the DLP, and then enforce them.

We can also complete different types of single-tier, two-tier and three-tier installations. For single-tier installation, it can enforce or recommend detections servers on the same servers. For two-tier, it can enforce on the same server and the detection server. And for three-tier, Oracle enforced, and the detection server is on separate servers.

The most valuable features are file integration and optical character recognition. It is a new technology integrated in DLP. File recognition technology mainly uses DLP, and we can use encryption technology to integrate the endpoint detection servers. The solution also helps to integrate the cloud access service broker in the DLP console, and we can complete information-centric tagging. For example, we can tag the files as private or public and protect them on the DLP console. In addition, we can classify data according to the environments and handle the files per the policy created from the console.

Different departments should manage administration, reporting, normalization and incident management. For example, for incident management, escalation can be completed in a specific department, and we can notify a manager and send an email when an incident has been triggered. In addition, confidential files that shouldn't be sent as a CV are managed. A DLP is a confidential solution that cannot be used to send unauthorized organizations' data to others.

The previous versions had a flaw when we installed the agents. We can install the agents manually or by the SCCM and easily manage the database and incident services. We can make several rules if we have a network or endpoint. We can also manage dashboards and administrators, super users and view roles. The larger administrator that manages the activities and daily reports has access to the best access tools. We can utilize user roles for the view access tools and to make policies.

We have been using this solution for ten years and are using version 15.8. It is deployed on-premises, and the cloud is used for network payment for email.

This solution is very stable.

It is very scalable, and there are no issues with maintenance.

We can easily manage technical support unless we need clarification on a version of data or a task for principal clarification. I rate the technical support a nine out of ten.

Positive

The initial setup was straightforward. First, we had to install the Oracle database, which requires 19C if you use version 15.8. Then, we had to deploy and make the info server. After that, we had to complete the Oracle and listener configurations and connect the database. We then had to install the Windows Server and add the detection servers from the endpoint server.

During the installation, we imported different templates in .VSP format. The solution allows you to make policies and procedures with built-in templates, and there are templates for multiple sectors, such as energy, banking, financial, and telecommunication. It can be downloaded from the portal during the installation of the Oracle added to the enforce server. We can make different policies like data matching, index data matching, vector machine learning, and desktop content matching. For example, we can use proximity matching to detect data for 70% matches, 50% matches, or 20% matches. We can also upload different documents for index data matching. Exact data matching is for structured data, and index data matching is for unstructured data. Vector machine learning is for positive and negative threats, and the threshold is set for that purpose. I rate the deployment a ten out of ten.

There is a perpetual license for three, five and two years. There is also a one-year renewable license for different parts. In addition, there are licenses for different consoles, namely Endpoint Discover, Endpoint Prevent, and Network Prevent. So it is an easy tool per the budget firewall and not difficult at all.

I rate this solution a ten out of ten. Regarding advice, it is the best solution and has the best reputation. It is easy to manage and an excellent solution for data classification. It is the best solution I have ever used. We prefer Symantec to other solutions because their products are not difficult to integrate with a single console that is easy to manage.