Symantec Data Loss Prevention Reviews

We use this solution for exact and index data matching, vector machine learning and endpoint prevention. We can use USB, make the solution notify a block policy and make response rules. It allows us to add the directory indication, make the agent configuration from the DLP, and then enforce them.

We can also complete different types of single-tier, two-tier and three-tier installations. For single-tier installation, it can enforce or recommend detections servers on the same servers. For two-tier, it can enforce on the same server and the detection server. And for three-tier, Oracle enforced, and the detection server is on separate servers.

The most valuable features are file integration and optical character recognition. It is a new technology integrated in DLP. File recognition technology mainly uses DLP, and we can use encryption technology to integrate the endpoint detection servers. The solution also helps to integrate the cloud access service broker in the DLP console, and we can complete information-centric tagging. For example, we can tag the files as private or public and protect them on the DLP console. In addition, we can classify data according to the environments and handle the files per the policy created from the console.

Different departments should manage administration, reporting, normalization and incident management. For example, for incident management, escalation can be completed in a specific department, and we can notify a manager and send an email when an incident has been triggered. In addition, confidential files that shouldn't be sent as a CV are managed. A DLP is a confidential solution that cannot be used to send unauthorized organizations' data to others.

The previous versions had a flaw when we installed the agents. We can install the agents manually or by the SCCM and easily manage the database and incident services. We can make several rules if we have a network or endpoint. We can also manage dashboards and administrators, super users and view roles. The larger administrator that manages the activities and daily reports has access to the best access tools. We can utilize user roles for the view access tools and to make policies.

We have been using this solution for ten years and are using version 15.8. It is deployed on-premises, and the cloud is used for network payment for email.

This solution is very stable.

It is very scalable, and there are no issues with maintenance.

We can easily manage technical support unless we need clarification on a version of data or a task for principal clarification. I rate the technical support a nine out of ten.

Positive

The initial setup was straightforward. First, we had to install the Oracle database, which requires 19C if you use version 15.8. Then, we had to deploy and make the info server. After that, we had to complete the Oracle and listener configurations and connect the database. We then had to install the Windows Server and add the detection servers from the endpoint server.

During the installation, we imported different templates in .VSP format. The solution allows you to make policies and procedures with built-in templates, and there are templates for multiple sectors, such as energy, banking, financial, and telecommunication. It can be downloaded from the portal during the installation of the Oracle added to the enforce server. We can make different policies like data matching, index data matching, vector machine learning, and desktop content matching. For example, we can use proximity matching to detect data for 70% matches, 50% matches, or 20% matches. We can also upload different documents for index data matching. Exact data matching is for structured data, and index data matching is for unstructured data. Vector machine learning is for positive and negative threats, and the threshold is set for that purpose. I rate the deployment a ten out of ten.

There is a perpetual license for three, five and two years. There is also a one-year renewable license for different parts. In addition, there are licenses for different consoles, namely Endpoint Discover, Endpoint Prevent, and Network Prevent. So it is an easy tool per the budget firewall and not difficult at all.

I rate this solution a ten out of ten. Regarding advice, it is the best solution and has the best reputation. It is easy to manage and an excellent solution for data classification. It is the best solution I have ever used. We prefer Symantec to other solutions because their products are not difficult to integrate with a single console that is easy to manage.

We are using Symantec Data Loss Prevention for protecting IPs and intellectual properties.

I have found the most valuable feature to be partial enlisting.

Symantec could improve by being more creative and simplifying the functions. Additionally, the data protection should be bundled with data classification and labeling instead of them being separate.

I have been using Symantec Data Loss Prevention for approximately four years.

The stability has been good.

I would rate the stability of Symantec Data Loss Prevention a four out of five. There is room for some improvement.

The unpaid support can have a lot of delays but the paid premium support is good.

I rate the technical support of Symantec Data Loss Prevention a three out of five.

The installation is more complex than other solutions.

We did the implementation of the solution ourselves.

The price of the solution is expensive.

We did evaluate other options before choosing Symantec Data Loss Prevention, such as Microsoft solutions.

I would recommend this solution to others if it fits their companies requirements. 

I would advise those dealing with critical sensitive information to use Symantec, such as in the health care industry. If the data is not as sensitive, I would recommend Microsoft.

I rate Symantec Data Loss Prevention an eight out of ten.

We have several use cases, the main one is probably the prevention of prohibited files from being uploaded. I'm a user of this product and a network engineer. 

Reporting is the most valuable feature the solution offers. It provides information on any incidents that occur in our environment. 

Symantec doesn't necessarily catch things that are happening in the DLP features such as someone attempting credit card fraud. For the future, I'd like to see better documentation with a more informative focus. 

I've been using this solution for about three years. 

This solution is stable. 

This is a scalable solution. We currently have 15,000 users so it's very scalable.

We have primary support from one of the vendors and they are good. 

The initial setup is not very complex but it's not simple either. We had assistance from the vendor. There is no maintenance required - at the initial stage we created a policy for monitoring only and we get the day to day logs. After that we impose a policy for blocking and justification. This solution is used on a daily basis. 

I've worked with other DLP solutions that I think were better than Symantec, but it's working well for us currently.

This is a good solution for us and I would recommend it. I'd rate Symantec DLP a nine out of 10. 

We primarily use the solution to follow a process that's already come in. If anyone takes a snap of anything, we can see that. Anything sent through email, uploaded to a drive, or shared to a public drive can be extracted by the DLP agent. 

Whatever features Symantec has provided have all been valuable. The indexing features, where if anyone captures the image of the data, then it can be extracted to any of the channels, is quite useful. If you have a point DLP, email DLP, network DLP, et cetera it can capture that. 

It offers a pretty straightforward setup process. 

The solution can easily scale. 

It is stable. 

The support has been pretty decent.

The sensitivity to the agent path could be improved. Some of the false positive reporting could be detected by Symantec DLP better. 

Auto-parsing is required. We need to have agent auto-parsing. 

We need better clustering. Right now, the total amount of clusters depends upon Oracle. Instead of Oracle, the application-level cluster would be ideal.

Beyond that, we don't really need any new features as Symantec already offers pretty good items.

I've been using the solution for four years. The last time I used the solution was six months ago.

It's been stable and reliable. There are no bugs or glitches, and it doesn't crash or freeze. I'd rate stability eight out of ten. 

The solution is scalable. It expands easily. I'd rate the ability to scale nine out of ten.

We have about 15,000 people using the DLP part of Symantec.

Broadcom acquired the Symantec DLP, and they're supporting it nowadays. Since they are now giving the support via a partner, we find we get support right away.

I've also worked with Forcepoint DLP. It has a feature that allows for time-based user transfers. 

We have found the initial setup to be straightforward. I'd rate the ease of deployment nine out of ten. It's not overly complex in any way. 

Symantec already provides onsite authentication, Magneto integration, and email integration as a part of the product.

I don't handle the pricing. I'm not a part of the sales or purchasing team. 

We're a Symantec partner. 

I'd rate the solution nine out of ten. 

We use Symantec Data Loss Prevention mostly for preventing and protecting against email threats. The tool tracks internal to external emails. Whatever attachment there is that's moving from internal to external is also tracked. If someone's sending a file, it would also be forwarded to the team lead or manager. The password for signing into the email should not be shared because when shared, it will be blocked. We have configured these policies in Symantec Data Loss Prevention. The tool also tracks whenever a user transfers data from one machine to another. These are our use cases for it.

What we like about Symantec Data Loss Prevention is that it's a very good product. We never faced any problems with its performance. It has very good performance. There was this RAM issue, but it was an internal issue which we've sorted out. Apart from the RAM issue, there are no other issues with Symantec Data Loss Prevention.

What could be improved in Symantec Data Loss Prevention is its security. It should be more secure.

I've been dealing with Symantec Data Loss Prevention for almost four years.

Symantec Data Loss Prevention is a stable tool.

The technical support for Symantec Data Loss Prevention is very good.

The installation for Symantec Data Loss Prevention was straightforward. It took almost fifteen days to completely roll it out.

I have experience with Symantec Data Loss Prevention. I've implemented it. I was the Symantec expert, and I've also implemented Symantec Endpoint Protection, Symantec Mail Security for Exchange, Symantec SharePoint, and Symantec network storage devices, in my previous projects.

Symantec Data Loss Prevention was deployed on-premises only because the customer requirement was to not forward the logs through the cloud directly, so the solution was installed on-premises.

In terms of the number of clients my company has for Symantec Data Loss Prevention, there are currently two thousand clients.

I would surely recommend the tool to others. Whenever my company goes to the customers, the team always recommends either Forcepoint or Symantec Data Loss Prevention.

My rating for Symantec Data Loss Prevention is nine out of ten.

We are managed service provider and system integrator. We have different deployment models and scenarios for different customers, but usually, we deploy Symantec Data Loss Prevention on-premise.

Our clients that are using Symantec Data Loss Prevention have massive use of documentation and they are supporting the digital signatures happening now everywhere. They wanted to secure this information with the solution.

We typically add another solution with Symantec Data Loss Prevention from Titus. It is used for data classification, allowing us to have the DLP and the data classification in one offering.

The most valuable feature of Symantec Data Loss Prevention is the ease of modification.

There should be more documentation with Symantec Data Loss Prevention. We had trouble with the first few deployments.

I have been using Symantec Data Loss Prevention for approximately five years.

Symantec Data Loss Prevention is highly scalable.

We didn't find a lot of need to test the scalability because usually, we do our designs with scalability in place. We didn't need to add licenses, servers, compute capacity, or data center footprints later.

The support can improve in the future. They can use some training to help them have a better understanding of their knowledge of the solution.

The ease of deployment of Symantec Data Loss Prevention is great. We can deploy it easily and it is flexible after the deployment. The deployment difficulty can depend on the client's requirements, there was not a client that took us more than eight weeks to complete which included the assessment, the design, the data classification, which is the second part of the solution,

There is an annual license required to use this solution.

I would recommend this solution to others.

I rate Symantec Data Loss Prevention a seven out of ten.

The product has enterprise-level use cases. The product protects the endpoints and the network. I mostly worked on endpoints and networks.

We used the solution to protect data from going out of the organization based on emails or regular expressions. We didn’t want users to share their debit or credit card details with others outside.

The product is very robust. We can ensure that whatever we want to protect can be protected much better than Zscaler. The tool uses regular expressions, OCR, and other useful enterprise protection features.

The product must improve its interface. The solution did improve the interface, and it looks better. However, the report filtering features could be much better. The in-built ITSM module needs to be revamped.

If anybody has been flagged for violation, the violation content shows all the credit card details. Any administrator can see the credit card details. I would like to see the tool integrated with Symantec Endpoint Protection.

I have been using the solution for more than a year.

The tool is pretty stable. I rate the stability a nine out of ten.

The scalability is good. I rate the tool’s scalability a seven out of ten.

The technical support is not that good.

Neutral

The initial setup was not very straightforward, but it was kind of easy.

We have seen an ROI on the product.

The product charges a little on the higher side.

People evaluating the solution must test the product against various vectors of threats. Symantec is very consistent, but sometimes it is a hit or miss. It is 95% accurate. It should be appropriately evaluated. Overall, I rate the solution an eight out of ten.

I've been working with Forcepoint, Symantec, and also McAfee. From my experience with the three of them, Symantec has one of the best LP solutions on offer. Forcepoint is on par with Symantec on some points, however, with respect to the granularity of how Symantec has laid it out for the customers, is much easier when compared to Forcepoint. The client also has more opportunities for customization.

With respect to the amount of intelligence that they have with respect to how they formed the DLP solution, for example, exact data matching. If you compare Forcepoint with Symantec, Symantec is more sophisticated than Forcepoint. 

I would prefer Symantec over Forcepoint. 

With respect to how Symantec Data Loss Prevention works now, it's got an edge over all the rest of the Data Loss Prevention with the exact data matching and also the partial matching. We've done a test with that with other solutions, for example, with McAfee and Forcepoint. Symantec is really more sophisticated when it comes to partial matching as compared to other solutions. There's data around this as well. There's a document about a specific confidential file. We will configure everything so that 50% of the data from a document should be scanned. The rest will be detected as black or whatever the option should be or the response should be.

With Symantec, they are capable of doing that. Only a part of the document is scanned and they are capable of detecting the amount of information that is supposedly secure and that should not be sent outside to any unauthorized users. Technically, Forcepoint can also do that, but there are certain limitations. Forcepoint can only do so much. With Symantec, it's very straightforward. You can just specify the version page and then upload the identifier, upload a sample, for example, a series of programming codes. You upload that, you give a sample, and then, just like that, you can already specify a specific response for that and it will be detected. That's also one of the samples that we were able to do with one of our clients. 

Aside from exact data matching and aside from partial matching, there is better machine learning. 

Symantec can offer a more sophisticated OCR. The optical character recognition, which we often showcase specifically for hospitals with x-rays, CT scans, and ultrasounds, is quite useful.

The one downside for Symantec is that, due to its transition from Symantec to Broadcom, there's been a lot of changes. I am based in the Philippines and we don't have a contact person locally for any Symantec.

We no longer have any contact for any Symantec opportunities. It's getting hard for us to request a demo license, or trial license, for a proof of value or proof of POC. Basically, speaking with respect to the technology, technically speaking, Symantec is really good, however, on the commercial side, we're really having a problem with that. 

We always have a problem with respect to the commercial side and how we are offering it to the client. It gets really costly with the database as it's strictly required that clients must have an Oracle database and it's quite expensive if you would compare that to Microsoft SQL. From the technical side, what they need to improve is the database. I'm talking about the on-premise, as, with the on-premise, the database that they require is strictly Oracle and not many end-users are using Oracle for their databases. Some are using MySQL. So it gets really costly when we're offering Symantec and then we have to renew. Oracle is expensive.

What they need to improve is the management console. It's pretty straightforward, however, they need to upgrade it to make it more attractive. While it's easy to understand, from an end-user perspective, they need to upgrade it so that it will be more pleasing on the client's side. It would make them more inclined to look up, for example, for maintenance or visibility and monitoring.  

I've been working with the solution for two or three years. I've only been working within the industry for two or three years, or something like that.

It's stable. Out of all the data loss preventions that I've experienced, Symantec, with respect to its technology, is quite good. Aside from the database, I don't have much of a complaint with Symantec, technically speaking. 

We work mostly with enterprises, however, we also work with some SMBs.

In terms of scalability, it is scalable. Symantec Data Loss Prevention is not only for endpoints. It is also for networks, the cloud, and also for email. It pretty much covers your entire infrastructure.

With respect to the partner support, previously, when we started working with Symantec, support was pretty straightforward and really helpful. I've only been handled a support case a couple of times. It's not much, however, they've been really accommodating. That said, when the transition happened, from Symantec to Broadcom, when Broadcom acquired Symantec, that's when things got really hard for us. Not only from the technical side, not only from the support side but even from the commercial and pre-sales side. It's gotten really difficult requesting licenses, requesting trials, requesting support cases, et cetera.

I've been working with Forcepoint, Symantec,

the last project that we worked on, we worked on the latest version of Symantec. I just can't remember what version was it.

and also McAfee. That's the closest solutions that I've been working with most recently.

I only started learning Forcepoint come 2020, and I have done a POC. However, I find Symantec to be better overall if you compared the two.

The setup is straightforward, as long as you know what you're doing. Back in the day, when I was just starting to learn data loss prevention, it got really confusing. For those who are just starting to learn how it works, it's important to note how the flow works - from identifying what data to protect, to the responses that should be applied to the policies that were configured. It's also important to note the architectural side. You need to pay attention to how the endpoint was set up, as well as the database and the detectors. 

My last deployment for Symantec took a month, however, it came with the testing already. We did it phase by phase. What really took a long time for us to set it up, was encryption, which we deployed together with the data loss prevention. We had Symantec Data Loss Prevention and at the same time, Symantec Endpoint Encryption. We would deploy them together. That client also had the programming codes. We had to deal with a lot of programming codes and it took us a lot of time to review. We had a sit-down meeting with the customer in order for them to disclose the necessary information we would need for the pilot deployment. Then we had to do testing after that. That's why, in that case, it took a month.

They have a subscription based on one-year, three-year, and five-year terms.

The pricing is adequate and good enough for the market.

I'm a reseller. We used to have a partnership with Broadcom, or rather, with Symantec. We're still working on Broadcom. I believe we still have that partnership in place.

In the last project that we worked on, we worked on the latest version of Symantec. I just can't remember what version it was.

I'd rate the solution at a nine out of ten.