Cisco Webex Support (discontinued) vs. Symantec Content & Malware Analysis

We use WebEx Support Center in the IT department to support users as well as work with vendors remotely. This applies to physical desktops, laptops, and Virtual Desktops. We have around 200 employees. Most employees work in one of our offices, but we do have at least 5-10 users who are more frequently remote than they are in the office. It helps us remotely access machines we wouldn't otherwise have access to, due to lack of physical access. It's excellent for troubleshooting access problems from users' personal machines, as well.

Incentivized

If you have Symantec based environment including Symantec proxy and endpoints, Content and Malware Analysis is the obvious choice. You can't run the CAS-MAS as a standalone deployment, you need proxies or ICAP supported devices capable to send the files/URLS. It's not a network security device where you can flow/direct the traffic to C/MAS. It does not have UBA, NBA or NTR features, it is just working for analyzing files as expected.

• Simple Remote Access - WebEx Support Center works with either a permanent install or temporary executable, so you don't have to worry about users being particularly comfortable or knowledgeable about software installation. It also doesn't matter if the user is on an account without admin rights, you can still connect and see what's going on using the temporary executable.
• Robust Access Options - You can take see the user's screen, take control of their screen, send files, and retrieve files. It's a great tool for troubleshooting issues that users might be experiencing and doesn't depend on them being able to find the files that you need to properly troubleshoot their issues.
• Great performance - Even when users don't have a particularly great internet connection, you can still typically get good results and help them quickly. You're not going to do it over dial-up (if that even still exists for anyone), but it works acceptably well even over very modest DSL or satellite internet connections.

Incentivized

• 0 day detection and prevenion
• Flawless integration with Symantec Ecosystem
• Integration with other vendors supporting ICAP is also working
• Custom and golden image support
• High performance on busy environments
• Many threats are already detected and prevented through the CAS, it improves the performance drastically.
• Already builtin virustotal integration
• Reference to updates and updates information where I can see the product/service detecting which APTs
• Multiple Antivirus engines which you can select/subscribe
• Manual submission of file is supported through the gui
• URL manual submission is also supported

• During initial setups it can be a little confusing.
• The look and feel is a little rigid. It feels like it is in need of a smoother UI update.
• When a new user is introduced to webex and they are asked to share their desktop, it maybe a little difficult for the user to navigate to the correct buttons.

• API support is lacking
• Symantec/Broadcom security vision in general
• Symantec support is not perfect
• You can't run the product as a standalone network device
• No packet capture capabiliy or work in span mode
• You need a dedicated hardware to make it run
• You need to buy

The Enterprise package we purchased (Event Center, Remote Support, Meeting Center, and Training Center) for 100 users is the same annual price as GoToMeeting for 25 users. We will renew as it is a package deal. If it were just WebEx Remote Support, we would not renew at all.

Honestly, there are people available. But none of them will help you with your issues. They just keep assigning new service engineers who are often clueless.

As a user of Cisco Webex Support, I have never had to contact Cisco for technical support as it is a very easy to use tool.

Incentivized

I would say that Cisco Webex Support stacks up pretty evenly in capability, but in some regards (video clarity, toll-free access, etc.) they were even better. Where they did provide a better solution for toll-free access on audio bridges, their audio quality was worse for those that wanted to use VoIP for the audio conference bridge.

We have been using many solutions even tested nearly all available 0day sandbox solutions in the market. We choose Symantec CMA as we have already Symantec endpoint protection/EDR on the client, Symantec proxy for the web access, SCMA fits our environment. We have a big bargain when we puchase lots of equipment from the Symantec. Detection and prevention is very good at SCMA but some constant issues; like the product is not designed for heterogeneous environments, we can not integrate the SCMA with WAFs, it's lacking in api and request/reply calls. There's no file scanning, discover the option. SIEM integration is not smooth. I can not run some of the SOAR playbooks through the SCMA.

• WebEx Support Center works pretty excellently for us as we are a small shop. We are experienced and have pretty good skill sets. WebEx Support Center is an excellent product for our use cases with our users and client to troubleshoot issues.
• WebEx Support Center is more expensive than our previous product MXIE or Logmein. It has a more user-friendly UI, and overall performance is better and reliable.

Incentivized

• 0-day and APT risk is covered by the SCMA
• As the SSL is inspected and analyzed at Bluecoat proxy servers, hidden threats, malicous files are passed to SCMA to be analyzed.
• Getting full visibility at file trajectory level
• As it's a full proxy and ICAP integration, we are sure that the files are to analyzed and scanned for malicious activity. This is a big plus compared to NGFW analyze concept, as the NGFWs have special failsafe mechanisms allowing bypass of file analysis. SCMA fully catches the hidden threats.
• Flawless integration with Bluecoat systems is a big plus, customers are getting the same type of messages within their browsers.
• A negative impact is the standardization when I deploy SCAM to one of our locations. Then the auditors demand the same coverage within other areas and it comes with the cost. Especially maintaining these devices on premise environment has a significant cost.