Symantec VIP Review

One of the most valuable features is two-factor authentication


What is most valuable?

The two-factor authentication is most definitely valuable and moves us closer to being able to check off those important boxes for compliance.

How has it helped my organization?

Currently, it is only for select users, but the infrastructure is in place to expand to a larger group. The increased security for those users is beneficial, as well as getting them used to the app. Just getting used to 2FA is a benefit, as we move closer to a more security-centric environment and mindset.

What needs improvement?

The gateway server is a RADIUS server, but it lacks the functionality of returning RADIUS attributes other than those that are required for the gateway to authenticate the users.

This could be improved a lot by providing additional values, and greatly improving the value and functionality of the Enterprise Gateway. This would remove the need for additional servers/firewall configurations.

The solution does what it is asked, but it has some configuration issues and the support is lackluster.

For how long have I used the solution?

We have used this solution for about a year.

What do I think about the stability of the solution?

Stability issues with failover have been experienced. When the services lock up on one server, failover to the other server is not automatic. This may be on the front-end devices that point to the gateways, but the services seem to become unresponsive instead of failing and allowing the failover to function properly. This has not happened too often, however.

What do I think about the scalability of the solution?

There were no issues with scalability, as we are still a small group.

How is customer service and technical support?

Technical support is one of the worst problems. Every time I have submitted a ticket or called tech support, the tech didn’t seem to know anything about my issues. Granted, I was asking about out-of-band support.

However, they failed to do anything about it, and it didn’t seem like it was important to them. The only movement I got was when my director emailed one of his corporate contacts who provided us with a solution directly.

Which solutions did we use previously?

This was the first solution of its kind.

How was the initial setup?

The initial setup for the gateway was fine. LDAP binding and synching was easy, even for a beginner. However, it became complicated when we attempted to configure the access control enforcement of DACLs we wanted to inject for remote users.

Natively, it does not support such features, so we had to get creative with a Microsoft NPS server as a forwarder to the Enterprise Gateway. This was fine, but the injection of DACLs was the issue. This was solved with Cisco AV-Pairs.

What's my experience with pricing, setup cost, and licensing?

Licensing and pricing seems very fair.

Which other solutions did I evaluate?

We did not evaluate other options.

What other advice do I have?

This product works fine when it is setup. Once we have it setup, we haven’t had to do much. The Gateway configuration is easy, and it is easy to backup, allowing you to spin up VM's and replace them if need be, (as no AD info is stored on them). The various capabilities for authentication are nice and allow for multiple methods.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email