LogMeIn Resolve vs. Symantec Content & Malware Analysis

I don't think I have ever encountered a scenario where LogMeIn is inappropriate. I work directly with customers 80% of the time, and even when I need to help a fellow IT professional out, LogMeIn is my go-to option. Viewing and reviewing all the units I manage is very helpful; it saves me a lot of time, especially after the frequent long-term power outages (where it surpasses the USP's protection) we often experience in our area.

Incentivized

If you have Symantec based environment including Symantec proxy and endpoints, Content and Malware Analysis is the obvious choice. You can't run the CAS-MAS as a standalone deployment, you need proxies or ICAP supported devices capable to send the files/URLS. It's not a network security device where you can flow/direct the traffic to C/MAS. It does not have UBA, NBA or NTR features, it is just working for analyzing files as expected.

• Performs well for remote access in terms of speed - there isn't much lag on fast networks.
• Provides an easy way to share files with the client which stramlines the support process.
• GoTo Support has been responsive when I've needed help.

Incentivized

• 0 day detection and prevenion
• Flawless integration with Symantec Ecosystem
• Integration with other vendors supporting ICAP is also working
• Custom and golden image support
• High performance on busy environments
• Many threats are already detected and prevented through the CAS, it improves the performance drastically.
• Already builtin virustotal integration
• Reference to updates and updates information where I can see the product/service detecting which APTs
• Multiple Antivirus engines which you can select/subscribe
• Manual submission of file is supported through the gui
• URL manual submission is also supported

• More flexibility with customizing the agent dashboard
• Change the support interface to make simultaneous remote session a bit more accessible on the left-side menu
• Include detailed instructions on the agent's screen when helping a Mac user run through all the necessary permissions needed to connect

Incentivized

• API support is lacking
• Symantec/Broadcom security vision in general
• Symantec support is not perfect
• You can't run the product as a standalone network device
• No packet capture capabiliy or work in span mode
• You need a dedicated hardware to make it run
• You need to buy

I would say yes, we would definitely renew, everyone likes it in the IT dept, and there are more features we have yet to put to use. I am expanding the Windows update / Endpoint features as I get time, and the remote PowerShell console is unbeatable for me at present when facing remote computers that are not letting create a new remote PSSession.

Incentivized

Navigation is easy and friendly. It does almost everything, but being cloud, it gets slow. Session recording is allowed. Zoom in and out feature works very well, especially during remote sessions and multiple machine sessions simultaneously. Dual-screen monitors are accessible. East and convenient user interface. The diagnostics feature is outstanding, and it gives detailed diagnostics of the system. So these are the pros that prompt me to provide such ratings.

Incentivized

Usually available without a problem, although sometimes calls get dropped or users sit in empty meeting rooms while waiting for an admin to arrive, while the call is actually going on.

If you are connected to someone with proper bandwidth, there are no issues at all. With all things, if you connect to someone with dial-up (yes, it still exists), the performance is terrible.

Ive used their tech support a handful of times, and each time they have been able to help me sort out any hiccups or kinks that arise. They have a resourceful knowledge base, and have experts available for training and troubleshooting. I often recommend them to my other coworkers and colleagues because of the ease of use and security

Incentivized

we did not have in person training

Incentivized

n/a - wasnt in attendance

Incentivized

GoToAssist SeeIt was very easy to implement. As long as your techs have a basic understanding of most remote support tools they will be able to understand this product easily.

Incentivized

I previously used Dameware but since they came out with the new version, I find it difficult to use. Many times, it takes a long time to connect using Dameware and the added time if it connects at all adds to the user's frustration as well as my own

Incentivized

We have been using many solutions even tested nearly all available 0day sandbox solutions in the market. We choose Symantec CMA as we have already Symantec endpoint protection/EDR on the client, Symantec proxy for the web access, SCMA fits our environment. We have a big bargain when we puchase lots of equipment from the Symantec. Detection and prevention is very good at SCMA but some constant issues; like the product is not designed for heterogeneous environments, we can not integrate the SCMA with WAFs, it's lacking in api and request/reply calls. There's no file scanning, discover the option. SIEM integration is not smooth. I can not run some of the SOAR playbooks through the SCMA.

I wasn't involved with this element of the sale/purchase

Incentivized

The system was implemented quite quickly and easily.

Incentivized

I wasn't involved with this element of the sale/purchase

Incentivized

• We are able to solve 99% of technical issues remotely.
• Our productivity rate has increased because we are able to conveniently seek out assistance in the matter of a few minutes.
• As this is compatible with Microsoft products like teams, this has allowed us to collaborate and save time and money by using existing software to submit tickets for assistance.

• 0-day and APT risk is covered by the SCMA
• As the SSL is inspected and analyzed at Bluecoat proxy servers, hidden threats, malicous files are passed to SCMA to be analyzed.
• Getting full visibility at file trajectory level
• As it's a full proxy and ICAP integration, we are sure that the files are to analyzed and scanned for malicious activity. This is a big plus compared to NGFW analyze concept, as the NGFWs have special failsafe mechanisms allowing bypass of file analysis. SCMA fully catches the hidden threats.
• Flawless integration with Bluecoat systems is a big plus, customers are getting the same type of messages within their browsers.
• A negative impact is the standardization when I deploy SCAM to one of our locations. Then the auditors demand the same coverage within other areas and it comes with the cost. Especially maintaining these devices on premise environment has a significant cost.