I'm not sure about scanning speeds. In my previous experience, we had some problems and some speed issues. The data loss prevention feature is working pretty well; however, sometimes, if you want to discover or scan the data stored in the customer environment, it could take a long time. Sometimes the customer states, "I want to scan a computer," and it takes a few hours. It seems to sometimes be unnecessarily long. 

Reporting could be improved. The detection features are good, and the configuration is basic. It's really easy to use, or it's really to learn from scratch. However, the reporting features must be improved as the product doesn't provide us with many reporting screens. We only have an incident results screen, and we have filters we can use, and that's it. There are no other reporting features. It's really limited. 

View full review »

Agent configuration should be improved for easier interaction for users, particularly by allowing configuration changes to be done on a grid. I would like to see OCR (Optical Character Recognition) features extended to endpoint devices in Symantec DLP. Currently, OCR is only available for network channels, but many users also require OCR functionality on endpoints, especially for scenarios involving data migration or interaction with USB devices. Enhancements for OCR support on endpoints would be beneficial for technical support and implementation on these devices.

View full review »

Their support program needs a lot of improvement. If you are stuck somewhere, getting their support can be difficult. 

Adding the feature of control over Bluetooth is very important right now, most BOPs are don't get control over the Bluetooth function. The features would become more friendly and their dashboard would help us. 

View full review »

The upgrade process is convoluted. The server and database software must run in line with third-party providers like the Oracle database. If an Oracle database reaches the end of its life, then servers must be decommissioned, and you need to bring new servers online.

When the maintenance packages are deployed to the management server, they don't get pushed to the detection servers. Each detection server must be manually installed rather than automatically made from a single server. If it's a large enterprise, you need to manually install it or use a GPO or some other technology, which I never use. 

The vendors should also give a heads-up long before updates are released so internal teams can meet their change management lead times. Some vendors don't provide enough notice. They often announce a new version or a vulnerability that needs patching a week before it comes out. It should be a month before. 

The upgrade packages should have better documentation on the upgrade procedure instead of prerequisites spread throughout multiple documents. The wording should be more precise.

View full review »

Symantec DLP could be better. Symantec DLP is very scalable, but while some other products have been improved in years, Symantec DLP is using core steel, and Symantec could be better with infrastructure.

View full review »

Currently, I can't see any areas for improvement in Symantec Data Loss Prevention because the solution seems to be better than all the other vendors out there. It seems all the other vendors are trying to mimic what Symantec Data Loss Prevention is doing in terms of components, practice, and modules.

Sometimes setting up the solution can get a little tricky because it would depend on your internal infrastructure. For example, you have to connect the Symantec Data Loss Prevention platform and you need to integrate it, so that could make the process somewhat difficult.

View full review »

There is room for improvement in the remote control capabilities of the DLP solution. Currently, if the client-side agent is not installed, there are limited features available, and remote management through the manager portal is lacking. This is particularly important for users on VPN who would benefit from full remote control and management features.

View full review »

Before the release of version 16.0, some features were missing. Location-based detection and USB print blocking are still not available. This means we cannot configure the blocking of a USB printer, and we also cannot identify whether a system is on the network or off the network in a large environment. Additionally, the feature that is currently available is not fully operational. The domain-based resolution can sometimes take time to determine whether the system is accessible over the network or not.

From a management perspective, it takes a lot of time to manage the infrastructure. It seems that having cloud options available would reduce the overhead of managing infrastructure. Depending on the organization, we can choose to have the solution on-premises or on the cloud. If we choose the cloud, we can focus more on data loss prevention instead of managing the infrastructure.

View full review »

The product's technical support services need improvement.

View full review »

The problem is most companies use a single data protector. The drawback is that they will install Oracle in one server and the application also in one server and detection also, all in one server. If the server crashes, everything crashes. Things should be implemented on another server. 

Previously, when we had Dropbox, if we transferred a document, we would get a popup, and if we transferred 500 documents, we would get 500 popups. We're looking to find out if there is a way around this.

If we get a fatal error issue, if the agent isn't working out, we need a hard fix file. We need to check in pre-production machines. 

When we're doing data scanning, the machines can be slow. 

In the object capture recognition, which we implemented recently, there are a lot of false positives that have been happening. We are expecting them to fix this issue soon.

View full review »

Symantec DLP doesn't provide complete cloud coverage. We need another DLP solution to monitor our cloud applications. 

View full review »

I would like to see changes to the analytics. 

View full review »

The solution should integrate with other databases because it relies on Oracle which is not financially feasible for many customers, particularly in small or poor countries. Oracle is very expensive on the cloud side. 

Operational costs are too high for small offices that rely on Microsoft Office, so they instead opt for free yet powerful databases such as MySQL. 

Data tagging and classification would be useful because multiple agent roles are needed solve issues. 

View full review »

Symantec Data Loss Prevention's AI technology has certain shortcomings where improvements can be made. Some source code developer companies may have multiple source code data available, and our company may upload such multiple source code data, which may go up to 50 GB of data in Symantec Data Loss Prevention, and expect the AI part to look into what should be the confidential part in such a file so that we can create a policy in our company to manage what should be blocked or allowed.

View full review »

Different departments should manage administration, reporting, normalization and incident management. For example, for incident management, escalation can be completed in a specific department, and we can notify a manager and send an email when an incident has been triggered. In addition, confidential files that shouldn't be sent as a CV are managed. A DLP is a confidential solution that cannot be used to send unauthorized organizations' data to others.

The previous versions had a flaw when we installed the agents. We can install the agents manually or by the SCCM and easily manage the database and incident services. We can make several rules if we have a network or endpoint. We can also manage dashboards and administrators, super users and view roles. The larger administrator that manages the activities and daily reports has access to the best access tools. We can utilize user roles for the view access tools and to make policies.

View full review »

Symantec could improve by being more creative and simplifying the functions. Additionally, the data protection should be bundled with data classification and labeling instead of them being separate.

View full review »

Symantec doesn't necessarily catch things that are happening in the DLP features such as someone attempting credit card fraud. For the future, I'd like to see better documentation with a more informative focus. 

View full review »

The sensitivity to the agent path could be improved. Some of the false positive reporting could be detected by Symantec DLP better. 

Auto-parsing is required. We need to have agent auto-parsing. 

We need better clustering. Right now, the total amount of clusters depends upon Oracle. Instead of Oracle, the application-level cluster would be ideal.

Beyond that, we don't really need any new features as Symantec already offers pretty good items.

View full review »

What could be improved in Symantec Data Loss Prevention is its security. It should be more secure.

View full review »

There should be more documentation with Symantec Data Loss Prevention. We had trouble with the first few deployments.

View full review »

The product must improve its interface. The solution did improve the interface, and it looks better. However, the report filtering features could be much better. The in-built ITSM module needs to be revamped.

If anybody has been flagged for violation, the violation content shows all the credit card details. Any administrator can see the credit card details. I would like to see the tool integrated with Symantec Endpoint Protection.

View full review »

The one downside for Symantec is that, due to its transition from Symantec to Broadcom, there's been a lot of changes. I am based in the Philippines and we don't have a contact person locally for any Symantec.

We no longer have any contact for any Symantec opportunities. It's getting hard for us to request a demo license, or trial license, for a proof of value or proof of POC. Basically, speaking with respect to the technology, technically speaking, Symantec is really good, however, on the commercial side, we're really having a problem with that. 

We always have a problem with respect to the commercial side and how we are offering it to the client. It gets really costly with the database as it's strictly required that clients must have an Oracle database and it's quite expensive if you would compare that to Microsoft SQL. From the technical side, what they need to improve is the database. I'm talking about the on-premise, as, with the on-premise, the database that they require is strictly Oracle and not many end-users are using Oracle for their databases. Some are using MySQL. So it gets really costly when we're offering Symantec and then we have to renew. Oracle is expensive.

What they need to improve is the management console. It's pretty straightforward, however, they need to upgrade it to make it more attractive. While it's easy to understand, from an end-user perspective, they need to upgrade it so that it will be more pleasing on the client's side. It would make them more inclined to look up, for example, for maintenance or visibility and monitoring.  

View full review »

The OCR functionality could be better. We have OCR functionality. However, it is not as effective. It could be more effective. They need to work on the function that can catch PDF 5 and PDF 5 based on pictures, images, JPEGs, and so on, with text-to-all content. The main goal of this is to check those pictures against corporate policies.

I'd like it if, in DLP, the agent could have more detection capabilities.

Currently, many features can work only with Endpoint Prevention, Network Prevention, and Email Prevention. Those capabilities do not work on the Endpoint Prevent and Endpoint Detection. 

They need to expand the channels they check. It could be wider. So it should be able to check, for example, WhatsApp and mobile solutions, mobile communications, Facebook, et cetera. We're worried about data leakage on these channels. 

View full review »

The product's pricing and support services need improvement.

View full review »

The console is not the best one. There is room for improvement in the management console. 

View full review »

Technical support is pathetic. Stability and scalability can be improved as well. It would also be better if it could restrict Bluetooth transfers.

Symantec also uses Oracle databases, which isn't really convenient for most customers. It would be better if they switched to SQL.

View full review »

Symantec Data Loss Prevention's setup needs to be easier and support needs to be improved. 

View full review »

DLP could be improved by implementing a cloud-based console. The implementation and installation process could also be made less complicated.

View full review »

The backend side of the server needs improvement.

In a majority of cases, most of the companies are using DLP for endpoint sessions, where you have a user that might be communicating information outside of the company. However, they forget there are actual interfaces that can directly communicate with either the database or other files within the data center that uses end-to-end encryption. In those cases, you might need things like your DLP to be able to monitor and block some of that. The solution needs to catch information communicated through the data center on the server-side.

View full review »

DLP doesn't work well with Mac OS systems and tends to give false positives. There are also problems in terms of CPU utilization because all the policies are based on a traditional DLP system, which makes it quite heavy and creates issues with user experience. In the next release, DLP should include OCR features, and I'd like the agent to be lightweight, which means the policy should be in the cloud.

View full review »

Symantec Data Loss Prevention could improve by having better system resource management, cloud option, and more features.

View full review »

Generally, we're not seeing any places for improvement at the moment.

The solution doesn't integrate well with other products.

We're not sure if there was an issue or a bug on the system recently because as of right now if someone sends out a compressed encrypted file, the DLP won't scan it.

The menus need to be updated.

View full review »

This product should be integrated with virtualization technology and work with other applications.

View full review »

It's not a scalable product.

It only works on the Windows platform. It doesn't support Linux, which is unfortunate. Most of the clients these days use Linux. It would be ideal if Symantec could have more integrations with the different operating systems as well on the DLP. That would be much better.

The deployment is complex.

View full review »

We want a more proactive reporting structure.

Have a regular newsletter or report to the implementers, letting them what is going on in the market. It should contain case studies and use cases.

There are some features available in the competitors, like Trend Micro and McAfee, which are not available in Symantec.

View full review »

There should be more information about the features of the solution and what they do. This way we would be able to use all the features that are available.

View full review »

I would like to see an improved interface, with better documentation and integration with other products.

The initial setup could also be better, so that the solution would easily interact with other monitoring tools without the need for taking further steps. 

View full review »

The solution is not user-friendly. I've had to do a lot of research to try and figure things out on my own.

Due to its database, I first had to install an Oracle database. This should change. The product should allow for the use of an SQL database, and, if possible, it should have an embedded database. The solution should be easier to integrate on different solutions.

The data classification is very difficult in Symantec. It's hard to integrate the detect activation tools, whereas, in Forcepoint DLP, it's better. It's very user-friendly and the quality is defined and it is very clear. Symantec should try to emulate those aspects of Forcepoint.

It's difficult to implement in a protected environment, due to its architectural layout.

The initial implementation is quite complex.

The technical support has really dropped in quality since Broadcom acquired the product.

View full review »

Each company is used to working their own way because they invested in developers and they worked with their project team already. We have worked on some projects and got feedback from the customer. Most of the time I develop this data loss deployment, when I assign data loss threshold values, some data thresholds will need to be higher. For example, IT users need a higher threshold because technical documents include confidential work.

In a 60 page technical document the confidential work might appear 50 times. If that document comes out of the machine or if he tries to send it to another IT user, it will technically be considered data loss because of the threshold value end for the confidential work. In that same way, I have to fine tune those metrics depending on the customer or customer group and the employee group. IT needs certain metrics. A financial user or financial goods need different metrics.

That fine-tuning has to be done for the customer as well as the vendor. If I take Symantec DLP, we have to have some final fine tuning but we may need some time developing this depending on the customer. This is an area where something can be done to improve the product. 

Also, due to the cloud emerging technology in the world at the moment, most of the content and data that we use from the cloud if from some organizations in Europe and the US. For those users, I think Symantec DLP has already provided a testing agent. Those are advantages and improvements that could be made to Symantec DLP.

Their user interface and other features are fine as is.

View full review »

The database is a problem for us, as it's running on Oracle and not everybody likes that. There's a licensing issue with the database. There's a sizing issue with licensing. They did improve it a bit. It supports a virtual server now. However, the pricing and the fact that you install it on the machine and you have to count all the CPU, makes it a problem. It's workable. We dedicated a physical machine to it. It's a bit of a legacy solution. 

The licensing is a bit of an issue for us. They need to work on the way the licensing is set up.

A feature we would like to see is entropy detection in text. We need something that detects when you send an email and you try to hide something by using simple encryption techniques. It's typically called entropy. If we had entropy detection in the regular text that would be ideal

View full review »

I would like to see a reduction in false positives.

View full review »

Symantec customer support is very bad.

We are finding delayed response if the macOS is updated. They need to make sure their solution is compatible.

Also, if any data at all is going outside of our network and it matches our screening it has to be captured and we should see it detailed properly: Who is sending it, where they're sending it.

View full review »

The Symantec DLP solution is very complex, and installation requires many components. Also, Oracle is only the DB used by Symantec.

View full review »

Data Masking could be improved.

View full review »

Symantec needs to improve the policies. If they could gear the policies, or the templates, and publish them, enabling customers to download them, it would simplify things.  They currently have a package uploaded in the system with some policies but there is no option to download our link device. There are some difficulties on the portals with Symantec. In general, the softwares are not available for partners on their portal. If a new patch requires updating on customer sites, those particular softwares are not available on the partner portal. The products they're giving the agent for Linux operating system could be simplified but Symantec is not geared for writing that option for Linux and running windows on it. Symantec doesn't have any agent for DLP on the operating system.

View full review »

We are having support issues. We had local support but since the acquisition, the support is now only five teams. It is very difficult to log in to create a support ticket because no one is available to support our queries. In India, it's especially needed.

It has some feature deficiencies, as well. For example, it won't monitor the remote desktop and the file-sharing to the RDP. It's not detecting it and RDP is not supported well. The issue is not only with RDP, but rather it's with the product used to provide the remote support. If the data is leaked through that application, then Symantec doesn't monitor that section.

There are some features that are not available, which are required by every data loss prevention solution.

In the next release, encryption should be available. For example, if an extended drive is plugged into the endpoint and someone tried to copy the data to the external drive, the Symantec DLP component doesn't encrypt the drive. If you want the encryption feature you have to purchase an additional component for it. This could be an integral part of Symantec today.

View full review »

I would like to see this solution made more user-friendly, and the administration needs improvement.

The enforce service is difficult to understand, and free courses made available on the internet would be useful.

View full review »

They could improve the predefined reports because they don't have much information. We would like detailed reports.

If they could include the same features for their mobile device product, like Android and iOS, it would be helpful.

View full review »

This product is very powerful but it is very complex, so making it simpler to use would be an improvement. It takes eight or ten services to activate all of the features, which is too difficult to manage.

View full review »

I do have a problem with the database. It uses the Oracle database and sometimes this causes some problems. I would prefer it to use the MS SQL database because it has a more stable connection than the Symantec database.

View full review »

1) Use of machine learning algorithm is good when it comes to automate the administrative chores. However, this feature is still unstable and sometimes the document classifier fails to properly classify even a similar looking document, thereby putting the document in a wrong group. 2) The feature of blocking the copying of sensitive data to removable media puts the responsibility on the end user, for correctly identifying the sensitive docs and enforcing the right policies. 3) Should have a feature to completely block USB ports. 4) Detecting P2P communication using ports is not that useful and requires a signature based engine to detect and block peer-to-peer traffic, irrespective of ports used. View full review »

I would like for the administrator management interface to improve. It's kind of old and slow. Updating it would make this solution better. 

View full review »