Symantec Data Loss Prevention Review

Detects percentages of interrogate words within documents. Finds leaks of documents and restricted controlled information.


What is most valuable?

  • Detects the percentages of text and interrogate words within documents and emails.
  • Finds leaks of documents and restricted controlled information.

How has it helped my organization?

We use it to discover unacceptable employee behavior, such as threats and bullying. It helps us identify insider threats.

What needs improvement?

I would like to see a reduction in false positives.

For how long have I used the solution?

I have used this solution for three years.

What do I think about the stability of the solution?

There haven’t been stability issues with the product. There have been stability issues with the user community when trying to embargo documents.

What do I think about the scalability of the solution?

There were no scalability issues other than some impact on sending large documents when tracking content for restricted data.

How is customer service and technical support?

The technical support has been excellent. We had DLP engineers on site.

How was the initial setup?

The installation was pretty straightforward. We had to adjust for policy allowances. Once the user community gained some experience, we were able to expand the scope.

What's my experience with pricing, setup cost, and licensing?

I have no real comment as we had an enterprise license. Make sure you cover all users and plan growth metrics.

Which other solutions did I evaluate?

We evaluated alternative solutions, but I can't recall which ones. We had an enterprise license and the product integrated with the SIEM well. There was little reason to go outside of the existing contracts.

What other advice do I have?

Take the following steps:

  1. Go to monitoring for 90 days.
  2. Start to reduce the allowed events. Start at 100 and reduce by 20 per month.
  3. Communicate any failures. (Allow for application changes, as legacy apps may be guilty of data transfer that is embedded in the architecture/file transfer.)
Disclosure: My company has a business relationship with this vendor other than being a customer: I have moved on from the USPS and Salient CRGT. I was in a teaming relationship. I did not use the product internally.
Add a Comment
Guest
Sign Up with Email