The reports could be better. For example, the report is installed on the VMware Virtual Appliance. It must support other things like HighBar RE, et cetera.

The cost has risen and it is more expensive than it used to be.

There is not any reporting on the central appliance. If a new developer can add basic reporting, and real-time monitoring, it would be ideal. There is no real-time monitor. It'll be a great enhancement if Symantec can add a real-time monitor to the appliance. Other competitors have a real-time monitor on them. 

The platform’s data center is not capable of managing most of the traffic.

It's not user-friendly, and we end up making too many phone calls to get things fixed. Furthermore, rebuilding machines and managing the licenses is an immense pain. In addition, the website is not very good.

Another issue is that they force us to go through dealers. We used to be able to pay directly, and we can't do that anymore. In addition, you can't go to Symantec Secure Web Gateway, which adds another layer of complexity.

The major challenge is their support. The support from Broadcom is quite poor. It takes forever for them to get back to you, and when they get back to you, they ask you for so much information, which makes it more difficult. That's the only problem I have with Broadcom. This is one of the reasons why we are switching to another solution. Another reason for switching is that we have a plan to adopt solutions in the cloud so that we can offload the administration efforts to the vendor.

In future releases, they can improve its reporting and the process for rules creation. They can also improve Broadcom on things such as security information and event management so that from my same platform, I can carry out functions and probably block websites. Such a feature would be nice. Currently, Broadcom is integrated with McAfee to block access to certain sites automatically. It would be nice if they can expand their integration to IBM Resilient Security Orchestration and Automation Response.

One of the problems with using Symantec is that it's widely known and the people who are making malware have designed to circumvent it. You have to keep that in mind. The other thing that I find is a weakness is that it doesn't give you a statement so you don't have an ability to really test something to see if something's suspicious because if it is, it might have a payload that could disable Symantec and get through it. I'm always more concerned about that. This is one of the reasons we separate it from our Comodo.

It needs to be easier to set up rules for what sites it should allow or not allow us in certain areas of our computer for programs. It would also be nice really nice to have it give you better information about what it's finding. A lot of the alerts we get are very difficult to understand what it's actually telling you. It's too generic.

The interface could be made more user-friendly. As it is, we have trouble when we want to do certain operations, such as choosing when and what we want to block or allow. For example, we don't want to block WhatsApp, but we do want to block uploads. This means that we have to enter some codes. It's not like you can just drag and drop, as we have seen in other security solutions.

Another example is on the main page. When you're logged into the device using HTTPS, you still have to go to another link to access the policy manager. When you are redirected to another function, it loads very slowly. 

There's a need for increased firewall functionality and capabilities. I'm not seeing a competitive Symantec cloud product. Specifically, functionalities with security as filtering from the cloud. I am aware that there is a product, a proxy in the cloud but I have compared it with other vendors and I don't find it that powerful.

I think the worst thing that we're experiencing is very poor and inadequate technical support. It seems to me that tech support engineers aren't qualified to fulfill their job duties.

The major requirement is a firewall. That's the only thing we're lacking now.

The Credential ID part where you need to register it: Sometimes, it does not register a device, for some reason. As a workaround, we register it for our users from the Symantec VIP Manager portal.

There are definitely considerable problems with this solution. Most notably, compared to Cisco Umbrella it was a lot more difficult to deploy. The deployment process should definitely be significantly simplified.  

The service pack file system should also be improved or even abandoned. The way the packed files are set up could definitely be better and maybe they do not have to be deployed that way at all. There are better solutions which is demonstrated by the fact that other products and companies no longer handle updates this way. They do it in a way that is easier to handle.  

They should have a tool to help with the deployment. It is needed to point all the clients to the proxy.

I don't think either vendor has a deployment tool as such.

Also, Zscaler has something called the Zscaler Internet Access which also acts as a signin box on the next-generation firewall. WSS doesn't do this.