Symantec Data Loss Prevention Review

Enables us to see people who are accessing or try to access information they are not supposed to be accessing based on their level of classification


What is our primary use case?

We primarily use the solution for the endpoint machines within the environment.

What is most valuable?

I'm able to track everyone who is trying to send information outside the environment and to know if they are not supposed to be sending it. I'm also able to see the people who are accessing or maybe try to access the information they are not supposed to be accessing based on their level of classification.

It gives me overall control of who has got access to what and at what point and who can do what with specific information.

What needs improvement?

The backend side of the server needs improvement.

In a majority of cases, most of the companies are using DLP for endpoint sessions, where you have a user that might be communicating information outside of the company. However, they forget there are actual interfaces that can directly communicate with either the database or other files within the data center that uses end-to-end encryption. In those cases, you might need things like your DLP to be able to monitor and block some of that. The solution needs to catch information communicated through the data center on the server-side.

For how long have I used the solution?

I've been using the solution for two years.

What do I think about the stability of the solution?

The solution is quite stable, especially when you run it on a Linux platform and when you code it and set it end-to-end on a Windows machine.

What do I think about the scalability of the solution?

I've never had any issues around scalability, mostly because of the environment I'm running on. We have about 50 users on the solution currently. 

It's used quite extensively in our environment as a security cluster, but going forward I don't think we will be adding more people to the environment. It's a minimized environment, so there's a limit to the number of people that are allowed to work with it.

How are customer service and technical support?

We've never had an issue outside our capabilities, so we've never had to contact technical support.

If you previously used a different solution, which one did you use and why did you switch?

I previously used McAfee DLP at a different company. I'm not sure what my current organization used previously.

How was the initial setup?

The initial setup of the solution was straightforward. It took us less than a week to make sure that we created all the rules. 

The setup itself it took less than two hours. However, applying all the rules and the configurations, and all the different qualities took longer. It total, everything took close to a week.

We only need two people for deployment and maintenance.

What about the implementation team?

We implemented the solution ourselves.

What's my experience with pricing, setup cost, and licensing?

Licensing depends on how you plan your deployment. If you have carefully planned it and you've already looked at the storage capacity and how it's going to grow over a period of two to five years, then you'll hardly have any problems or issues. If you have not planned it correctly then you might run into some issues.

What other advice do I have?

We are using the on-premises deployment model.

I would advise others that the solution does need careful planning before attempting an implementation.

I would rate the solution nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email