Please share with the community what you think needs improvement with Symantec Cyber Security Services.
What are its weaknesses? What would you like to see changed in a future version?
This solution needs to improve with respect to zero-day attack response. Technical support is slow and needs to be improved.
The part of the product that I think needs the most work is reporting. From time-to-time, we face different challenges, so flexibility and improved reporting details would be more convenient in order to get the information we need. If we generate a report from SIEM (Security Information and Event Management) we see all the details end-to-end. In fact, they also show us the global map as well. Symantec needs to do something more like this and expand the reporting capabilities to match the competition. The technology over time leads to change and evolution, and competing products need to stay in the race. Besides this divergence in reporting, Cyber Security Services is a genuinely great product. Besides the reporting, I think Symantec has to focus on some cloud service as well. Most of the appliances getting fees from AlienVault cloud have more focus on the potential of the cloud as it seems to be much of the future of all aspects of computing. I think these are the two focusing points Symantec needs to take into account.
At the endpoint, the client memory utilization should be very optimized. The client takes up a lot of memory when processing CPU, so it affects the endpoint performance. It's the reason we ended up switching solutions. The stability of the solution could use a lot of improvement. It was our biggest concern.
As far as new ransomware and the next-generation malware is concerned, Symantec is not quite up to the mark. I wouldn't say it is the best, but average and competitive compared to other anti-malware security products. The pricing and licensing need to be simplified because it is more on the commercial side. Technical support needs to be improved. In the next release of this solution, I would like to see more features for APT and ADR.
When my IPS detects a malicious URL it should automatically add it in the firewall, but as it works now, I have to manually add the firewall entry. There should be better integration between the two. I would like to have a single console, or dashboard, like McAfee or Telstra, for the entire product. As it is now, I have to load all of the components manually. When I load a new product, it should be automatically put into the common dashboard. Technical support for this solution is bad and it needs to be improved.