What needs improvement with Symantec Data Center Security?

Agent management is a challenging task. We cannot do it from the console. We will have to use other tools.

There is room for improvement in enhancing its graphical user interface for a more user-friendly experience.

The negative aspect of that particular product is the fact it has a very, very, very complex policy structure. A user or administrator making the policy in the DCS should have a very thorough knowledge of the operating system or policy making. You have to be very specific about the data structure. If you want to secure a Linux server, an administrator should be very confident about how the directory structure of Linux, how Linux works, and where it puts the important logs. You have to be very cautious about the complete path, and you have to write it over there in the policy part. If you are not very specific, there will be a lot of noise in the system. You're going to receive thousands of events that are false positives. The fine-tuning of the policy is a very complex thing in the DCS itself. Another negative aspect that I have observed is if the product gets installed on the kernel level of any non-Windows server, it has some issues, comparability issues. Sometimes the product doesn't work properly, so it shuts down the machine and crashes the system. There are many cases in which I've observed the DCS crashing the system.

I'd like to see better reporting capabilities and better support. I had the chance to work with Tripwire Solutions and that solution has some added capabilities, not just checking the folders, but the abilities of the whole configuration. They also have the capability of connection through interface to the network devices and to check specific configurations from the reports that might create a better product. It possibly converts the solution to a complete change management solution and you can follow the integrity of the old configuration, not just the files. I've also noticed that the support of the newer version of the operating system is not really up to date on the software. I think the support of the newer operating systems version might have updated support more quickly.

Symantec is a little bit behind on the most recent advances, such as products that are more lightweight and more flexible in their deployment to multiple operating systems. They need to develop a more flexible product that can be scaled such that it fits well into a small business or a bigger, enterprise-level solution. If I want to set up an endpoint solution that is on the cloud or is a hybrid, then there's a dependency on old-fashioned patterns, like hash values, in the internal policies. However, in a next-generation solution, we don't have to work in this traditional way. They are capable of automatically detecting and adapting to new threats that are coming out. This solution does not offer as many centralized management options as other vendors. for example, you cannot install or uninstall machines using the console. Better integration with other solutions is needed. Nowadays, keeping costs in mind, people don't want to be restricted to using a single vendor or dedicated platform. They want to be able to integrate with different products from multiple vendors. Better integration allows them to stay flexible and maintain or build a competitive edge.

This solution clashes with Microsoft defender, which results in performance degradation on the machine. Technical support needs more local representation in India.

There is plenty of room for improvement with this product, and it could start with platform metrics. We are changing certain platforms in terms of preparing them for the system to support it. We always want legacy platforms, or those which need virtual protection or host protection, to be supported no matter how old they are. We want the speed at which content is delivered to be improved, but not at the cost of complicating the product or reducing its stability.