How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
We use Symantec Data Center Security for SEP — Symantec Endpoint Protection.
Our primary use case of this solution was for checking some program file changes. We are customers of Symantec and I'm an IT security specialist.
This product makes up part of our security solution that we offer to customers for use in data centers and remote sites. As many people are now working from home, they use this solution so that they can work remotely to their data centers and still keep operations centralized. They need to work flexibly, not only from a geolocation point of view but geographically.
Symantec Data Center Security is part of our overall security solution that includes anti-virus, anti-spam, and anti-malware protection.
We have a public zone that is a mix of intranet and public service. We have to ensure that none of the hosts are compromised and that nothing impacts the integrity of the servers. This is our primary use case. Next, we have to protect data that is stored inside of Docker containers. In developing features, they are outside to an extent, so these have to be brought up in a secured form. This means that we had to create split architectures. Also, we needed something that allowed us to integrate the identity mapping and ensure a certificate-based review. The advantage in the field is that they have a template and a certificate broker. The broker wraps the application around that certificate, which can be put into the firewall security policy. For example, if one of the programmers comes out with a new code review, which is not wrapped on our stack, then I will not allow him to put that into the code. It first has to be checked into the repository, signed, and then put back into the system. The advantage to this is that the integrity of the person who created it, and the person who modifies it, are all approved as part of the audit entry. Because it is worked on by a lot of people, and there are millions of lines of code that are changed using this mechanism, we need to know who made what change. The code review team is integrating, but they have to rely on the integrity of the system. So, the snapshot mechanism and the ability to integrate that along with the Docker capabilities is something that is very important to us. We have also used the Firewall and IPS components, as well as the capability for monitoring the integrity of files.
We all know it's really hard to get good pricing and cost information.
Please share what you can so you can help your peers.