We performed a comparison between McAfee ePolicy Orchestrator and Symantec Data Loss Prevention based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."In Azure Sentinel, we have found, they do have a store in their capability. AI and intelligence features. We found that to be very helpful for us because some other things we do need to integrate again or find another vendor for the store"
"I've worked on most of the top SIEM solutions, and Sentinel has an edge in most areas. For example, it has built-in SOAR capabilities, allowing you to run playbooks automatically. Other vendors typically offer SOAR as a separate licensed solution or module, but you get it free with Sentinel. In-depth incident integration is available out of the box."
"The machine learning and artificial intelligence on offer are great."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"The features that stand out are the detection engine and its integration with multiple data sources."
"I like the KQL query. It simplifies getting data from the table and seeing the logs. All you need to know are the table names. It's quite easy to build use cases by using KQL."
"Sentinel uses Azure Logic Apps for automation, which is really powerful. This allows us to easily automate responses to incidents."
"The most valuable features of McAfee ePolicy Orchestrator are the easy-to-use console, and lots of reports, such as customized reports and inventory reports. Additionally, overall the centralized management is very good where you can see the compliance levels and inventory."
"The central management console is the solution's most valuable aspect."
"I like the solution's feasibility. McAfee ePolicy Orchestrator is also better and easier to use than other ePOs."
"Technical support is very helpful."
"We get fewer false positives than with other solutions."
"The feature that I have found most valuable is its general purpose of protecting our endpoints from infections, malicious files, and all those kinds of things. The fact that there are organized policies and policy inheritance. The general management."
"I really like the auditing component because it really looks at exactly what has happened on the network."
"It is a highly scalable solution. Scalability-wise, I rate the solution a ten out of ten."
"Users like the product because of its simplicity and the rate of detection."
"The exfiltration capabilities are great. You can put all of these rules in the product to detect the patterns and text."
"The detection capabilities are comprehensive."
"The most valuable aspect of Symantec DLP is its broad coverage. Symantec DLP covers USB, Outlook email clients, and web traffic. If we install the endpoint DLP, we can cover multiple channels, including the clipboard and printer."
"Symantec Data Loss Prevention is the number one product in its field. It does its job well and it has all the necessary features. It is definitely better than any other solution on the market."
"The most valuable features of Symantec Data Loss Prevention are endpoint security, endpoint agent, and DLP. Additionally, we have been satisfied with the policies."
"DLP's most valuable feature is that it's more granular in terms of creating block-based policies, which gives you more options to create policies in a filtered way."
"It can prevent copying and encoding of HTTP data to various sites like Google, and Webex."
"There is some relatively advanced knowledge that you have to have to properly leverage Sentinel's full capabilities. I'm thinking about things like the creation of workbooks, how you do threat-hunting, and the kinds of notifications you're getting... It takes time for people to ramp up on that and develop a familiarity or expertise with it."
"It has been a challenge with Azure Sentinel to onboard the Syslog server from FortiGate. Azure Sentinel can work better on that shift between the Syslog server and a firewall."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"The solution should allow for a streamlined CI/CD procedure."
"There are certain delays. For example, if an alert has been rated on Microsoft Defender for Endpoint, it might take up to an hour for that alert to reach Sentinel. This should ideally take no more than one or two seconds."
"For certain vendors, some of the data that Microsoft Sentinel captures is redacted due to privacy reasons."
"Its documentation is not so simple. It is easy for somebody who is Microsoft certified or more closely attached to Microsoft solutions. It is not easy for those who are working on open-source platforms. There isn't a central point where everything is documented, and there is no specific training or certification."
"They only classify alerts into three categories: high, medium, and low. So, from the user's point of view, having another critical category would be awesome."
"There are some issues relating to the automation of reports. That's why I wanted the DLP reports. There are some problems in this area. Sometimes it does not work even though all the configuration words are right. There are also some problems with automatic updates."
"McAfee ePolicy Orchestrator should improve its integration with other tools."
"The installation process is quite difficult and requires technical support."
"The detection aspect should be improved so that signatures are updated more quickly."
"Lacks a single plug-in for multiple uses."
"The solution is difficult to tune to avoid false positives."
"We need to consolidate multiple features into one console. It would be beneficial to have all the important features on a single platform."
"There is a problem when it comes to agent communication and duplicate records, where the rebooting of a machine leads to the installation of a new agent and you get a lot of duplicate records that ultimately affect your compliance monitoring."
"We need to have agent auto-parsing."
"I would like to see changes to the analytics."
"The Symantec DLP solution is very complex, and installation requires many components."
"From a management perspective, it takes a lot of time to manage the infrastructure."
"Symantec Data Loss Prevention's AI technology has certain shortcomings where improvements can be made."
"The product's pricing and support services need improvement."
"Virtualization is not currently supported."
"Symantec Data Loss Prevention's setup needs to be easier and support needs to be improved."
More Symantec Data Loss Prevention Pricing and Cost Advice →
McAfee ePolicy Orchestrator is ranked 9th in Security Orchestration Automation and Response (SOAR) with 39 reviews while Symantec Data Loss Prevention is ranked 3rd in Data Loss Prevention (DLP) with 53 reviews. McAfee ePolicy Orchestrator is rated 8.0, while Symantec Data Loss Prevention is rated 8.0. The top reviewer of McAfee ePolicy Orchestrator writes "Useful agent communication, reliable, but lacking support for microservices". On the other hand, the top reviewer of Symantec Data Loss Prevention writes "Consitent, accurate, and simple". McAfee ePolicy Orchestrator is most compared with Splunk SOAR, Zscaler DLP, Elastic Security, Trend Micro Integrated Data Loss Prevention and Forcepoint Data Loss Prevention, whereas Symantec Data Loss Prevention is most compared with Microsoft Purview Data Loss Prevention, Forcepoint Data Loss Prevention, Digital Guardian, Zscaler DLP and Code42 Incydr. See our McAfee ePolicy Orchestrator vs. Symantec Data Loss Prevention report.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
