We performed a comparison between McAfee ePolicy Orchestrator and Symantec Data Loss Prevention based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The automation rules and playbooks are the most useful that I've seen. A number of other places segregate the automation and playbook as separate tools, whereas Microsoft is a SIEM and SOAR tool in one."
"The connectivity and analytics are great."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"Having your logs put all in one place with machine learning working on those logs is a good feature. I don't need to start thinking, "Where are my logs?" My logs are in a centralized repository, like Log Analytics, which is why you can't use Sentinel without Log Analytics. Having all those logs in one place is an advantage."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"What is most useful, is that it has a good connection to the Microsoft ecosystem, and I think that's the key part."
"There are some very powerful features to Sentinel, such as the integration of various connectors. We have a lot of departments that use both IaaS and SaaS services, including M365 as well as Azure services. The ability to leverage connectors into these environments allows for large-scale data injection."
"One of the most valuable features of Microsoft Sentinel is that it's cloud-based."
"The DLP feature in McAfee ePolicy Orchestrator is good."
"It is a highly scalable solution. Scalability-wise, I rate the solution a ten out of ten."
"The central management console is the solution's most valuable aspect."
"McAfee ePolicy Orchestrator's performance is good."
"The feature that I have found most valuable is its general purpose of protecting our endpoints from infections, malicious files, and all those kinds of things. The fact that there are organized policies and policy inheritance. The general management."
"The most valuable feature of the McAfee ePolicy Orchestrator is agent communication."
"The best part is management in McAfee ePolicy Orchestrator."
"Application control and traffic encryption are the most valuable features."
"The dashboard, management section, and reporting are good."
"The dashboard, management section, and reporting are good."
"Good end point encryption and data loss prevention."
"The data-at-rest features are the most valuable because they let us identify data infected with ransomware and prevent employees from being exploited through phishing attacks. If an employee is compromised, the attacker can access servers and deposit ransomware. This enables the attacker to exfiltrate data remotely using employees' credentials. It might be valuable data that could cause a business reputational and financial damage if stolen and publicized. It could also be credit card data or personal health information stored on critical servers."
"The initial setup is easy."
"The data matching features are the most valuable due to the easy policy setup and implementation."
"The most valuable feature is file-level DLP."
"Symantec DLP has many servers, and the solution is very powerful because you can use it in ports, endpoints, networks, and email servers to prevent the leakage of emails. DLP can be integrated with Symantec encryption."
"The on-prem log sources still require a lot of development."
"The dashboards can be improved. Creating dashboards is very easy, but the visualizations are not as good as Microsoft Power BI. People who are using Microsoft Power BI do not like Sentinel's dashboards."
"Sentinel's reporting is complex and can be more user-friendly."
"The solution could improve the playbooks."
"Microsoft Defender has a built-in threat expert option that enables you to contact an expert. That feature isn't available in Sentinel because it's a huge product that integrates all the technologies. I would like Microsoft to add the threat expert option so we can contact them. There are a few other features, like threat assessment that the PG team is working on. I expect them to release this feature in the next quarter."
"Sentinel still has some anomalies. For example, sometimes when we write a query for log analysis with KQL, it doesn't give us the data in a proper way... Also, the fields or columns could be improved. Sometimes, it is not giving the desired results and there is a blank field."
"Azure Sentinel will be directly competing with tools such as Splunk or Qradar. These are very established kinds of a product that have been around for the last seven, eight years or more."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"The installation process is quite difficult and requires technical support."
"McAfee ePolicy Orchestrator should improve its integration with other tools."
"The Virtual Patching feature needs to be improved."
"There are some issues we are having with updating our Windows server. So we need to contact support or access our support portal."
"McAfee should improve in terms of customer support and assigning a knowledgeable TAM to customers."
"There is a problem when it comes to agent communication and duplicate records, where the rebooting of a machine leads to the installation of a new agent and you get a lot of duplicate records that ultimately affect your compliance monitoring."
"McAfee ePolicy Orchestrator needs to upgrade the technology; it's like their area function is not quite as good as compared to other market vendors."
"The impact of the agent on the endpoint's performance - the resources it takes. Additionally, the difficulties we experience with inheriting and breaking inheritance on the organization's structure breakdown for policy inheritance and then for rules inheritance. We are actually struggling with this."
"DLP could be improved by implementing a cloud-based console."
"Symantec Data Loss Prevention's setup needs to be easier and support needs to be improved."
"The console is not the best one. There is room for improvement in the management console."
"Symantec could improve by being more creative and simplifying the functions. Additionally, the data protection should be bundled with data classification and labeling instead of them being separate."
"I do have a problem with the database."
"I would like to see changes to the analytics."
"The policies need to be improved."
"That fine tuning has to be done for the customer as well as the vendor. So if I take Symantec DLP, we have to have some final fine tuning but we may need some time developing this depending on the customer. This is an area where something can be done to improve the product."
More Symantec Data Loss Prevention Pricing and Cost Advice →
McAfee ePolicy Orchestrator is ranked 9th in Security Orchestration Automation and Response (SOAR) with 39 reviews while Symantec Data Loss Prevention is ranked 3rd in Data Loss Prevention (DLP) with 53 reviews. McAfee ePolicy Orchestrator is rated 8.0, while Symantec Data Loss Prevention is rated 8.0. The top reviewer of McAfee ePolicy Orchestrator writes "Useful agent communication, reliable, but lacking support for microservices". On the other hand, the top reviewer of Symantec Data Loss Prevention writes "Consitent, accurate, and simple". McAfee ePolicy Orchestrator is most compared with Splunk SOAR, Zscaler DLP, Forcepoint Data Loss Prevention, Trend Micro Integrated Data Loss Prevention and Elastic Security, whereas Symantec Data Loss Prevention is most compared with Microsoft Purview Data Loss Prevention, Forcepoint Data Loss Prevention, Digital Guardian, Zscaler DLP and Code42 Incydr. See our McAfee ePolicy Orchestrator vs. Symantec Data Loss Prevention report.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.