Please share with the community what you think needs improvement with Symantec Data Loss Prevention.
What are its weaknesses? What would you like to see changed in a future version?
Symantec could improve by being more creative and simplifying the functions. Additionally, the data protection should be bundled with data classification and labeling instead of them being separate.
Symantec needs to improve the policies. If they could gear the policies, or the templates, and publish them, enabling customers to download them, it would simplify things. They currently have a package uploaded in the system with some policies but there is no option to download our link device. There are some difficulties on the portals with Symantec. In general, the softwares are not available for partners on their portal. If a new patch requires updating on customer sites, those particular softwares are not available on the partner portal. The products they're giving the agent for Linux operating system could be simplified but Symantec is not geared for writing that option for Linux and running windows on it. Symantec doesn't have any agent for DLP on the operating system.
We are looking for DLP software that protects some shared folders on the server. these folders can be read and written but cannot be sent by mail or file sharing, copied to the clipboard, etc.
what software do you recommend?
@Danilo Ferrero if you have a question, please just go to https://www.itcentralstation.com/home_feed and post it from the Ask Question tab. This way you get much more visibility and relevant answers.
The problem is most companies use a single data protector. The drawback is that they will install Oracle in one server and the application also in one server and detection also, all in one server. If the server crashes, everything crashes. Things should be implemented on another server. Previously, when we had Dropbox, if we transferred a document, we would get a popup, and if we transferred 500 documents, we would get 500 popups. We're looking to find out if there is a way around this. If we get a fatal error issue, if the agent isn't working out, we need a hard fix file. We need to check in pre-production machines. When we're doing data scanning, the machines can be slow. In the object capture recognition, which we implemented recently, there are a lot of false positives that have been happening. We are expecting them to fix this issue soon.
The solution is not user-friendly. I've had to do a lot of research to try and figure things out on my own. Due to its database, I first had to install an Oracle database. This should change. The product should allow for the use of an SQL database, and, if possible, it should have an embedded database. The solution should be easier to integrate on different solutions. The data classification is very difficult in Symantec. It's hard to integrate the detect activation tools, whereas, in Forcepoint DLP, it's better. It's very user-friendly and the quality is defined and it is very clear. Symantec should try to emulate those aspects of Forcepoint. It's difficult to implement in a protected environment, due to its architectural layout. The initial implementation is quite complex. The technical support has really dropped in quality since Broadcom acquired the product.
Technical support is pathetic. Stability and scalability can be improved as well. It would also be better if it could restrict Bluetooth transfers. Symantec also uses Oracle databases, which isn't really convenient for most customers. It would be better if they switched to SQL.
We are having support issues. We had local support but since the acquisition, the support is now only five teams. It is very difficult to log in to create a support ticket because no one is available to support our queries. In India, it's especially needed. It has some feature deficiencies, as well. For example, it won't monitor the remote desktop and the file-sharing to the RDP. It's not detecting it and RDP is not supported well. The issue is not only with RDP, but rather it's with the product used to provide the remote support. If the data is leaked through that application, then Symantec doesn't monitor that section. There are some features that are not available, which are required by every data loss prevention solution. In the next release, encryption should be available. For example, if an extended drive is plugged into the endpoint and someone tried to copy the data to the external drive, the Symantec DLP component doesn't encrypt the drive. If you want the encryption feature you have to purchase an additional component for it. This could be an integral part of Symantec today.
I would like for the administrator management interface to improve. It's kind of old and slow. Updating it would make this solution better.
Generally, we're not seeing any places for improvement at the moment. The solution doesn't integrate well with other products. We're not sure if there was an issue or a bug on the system recently because as of right now if someone sends out a compressed encrypted file, the DLP won't scan it. The menus need to be updated.
I would like to see this solution made more user-friendly, and the administration needs improvement. The enforce service is difficult to understand, and free courses made available on the internet would be useful.
This product is very powerful but it is very complex, so making it simpler to use would be an improvement. It takes eight or ten services to activate all of the features, which is too difficult to manage.
The backend side of the server needs improvement. In a majority of cases, most of the companies are using DLP for endpoint sessions, where you have a user that might be communicating information outside of the company. However, they forget there are actual interfaces that can directly communicate with either the database or other files within the data center that uses end-to-end encryption. In those cases, you might need things like your DLP to be able to monitor and block some of that. The solution needs to catch information communicated through the data center on the server-side.
I do have a problem with the database. It uses the Oracle database and sometimes this causes some problems. I would prefer it to use the MS SQL database because it has a more stable connection than the Symantec database.
Each company is used to working their own way because they invested in developers and they worked with their project team already. We have worked on some projects and got feedback from the customer. Most of the time I develop this data loss deployment, when I assign data loss threshold values, some data thresholds will need to be higher. For example, IT users need a higher threshold because technical documents include confidential work. In a 60 page technical document the confidential work might appear 50 times. If that document comes out of the machine or if he tries to send it to another IT user, it will technically be considered data loss because of the threshold value end for the confidential work. In that same way, I have to fine tune those metrics depending on the customer or customer group and the employee group. IT needs certain metrics. A financial user or financial goods need different metrics. That fine-tuning has to be done for the customer as well as the vendor. If I take Symantec DLP, we have to have some final fine tuning but we may need some time developing this depending on the customer. This is an area where something can be done to improve the product. Also, due to the cloud emerging technology in the world at the moment, most of the content and data that we use from the cloud if from some organizations in Europe and the US. For those users, I think Symantec DLP has already provided a testing agent. Those are advantages and improvements that could be made to Symantec DLP. Their user interface and other features are fine as is.
We want a more proactive reporting structure. Have a regular newsletter or report to the implementers, letting them what is going on in the market. It should contain case studies and use cases. There are some features available in the competitors, like Trend Micro and McAfee, which are not available in Symantec.
They could improve the predefined reports because they don't have much information. We would like detailed reports. If they could include the same features for their mobile device product, like Android and iOS, it would be helpful.
Symantec customer support is very bad. We are finding delayed response if the macOS is updated. They need to make sure their solution is compatible. Also, if any data at all is going outside of our network and it matches our screening it has to be captured and we should see it detailed properly: Who is sending it, where they're sending it.
This product should be integrated with virtualization technology and work with other applications.
What do you like most about Symantec Data Loss Prevention?
Thanks for sharing your thoughts with the community!