TrustRadius
Symantec Critical System Protection is endpoint security and antivirus software.https://dudodiprj2sv7.cloudfront.net/product-logos/xP/G6/T6VTUKET0LL8.PNGSymantec Critical System Protection ReviewWe are using Symantec Critical System Protection as an advanced endpoint protection product on some critical systems. We would like to expand the product to any system on which we would like to implement "whitelist" products. Critical System Protection is a product that whitelists certain behaviors and does not allow any other behaviors on a protected system after a profile is locked. This helps with systems that are static that an organization would like to make sure does not change in any way. This product is not recommended for fluid systems such as user workstations because the administrative burden of keeping the profiles would be very difficult for small teams to accommodate.,Prevents exploits, unwanted executables, registry changes, and system file changes Can allow exceptions for software vendors such as Microsoft or Adobe Prevents lateral movement with certain network rules configured Can record file changes,Tuning takes a very long time Turning the product on or off can take time When an action is prevented by CSP, there is no pop up or notification, making this a burden for server administrators,5,Great protection for unchanging systems We have comfort that the protected systems are safe from intrusion Excellent price,Palo Alto Networks PA-3000 Series, Qualysguard, Symantec Endpoint ProtectionCritical System Protection Helps us Meet PCI RequirementsWhen I came into this role the company already had Symantec Critical System Protection, now called Data Center Security, already deployed and monitoring various PCI related systems. There was no one who was dedicated to manage this system until I was promoted into this position. Over the past 5 years we have expanded the use of this product to not only help us detect questionable activity within the various monitored systems but on some systems connected to our PCI environment, we have implemented intrusion prevention in terms of network traffic. This product helps us meet and exceed PCI requirements each and every year. It helps us achieve PCI compliance by monitoring what is required of us as well as block unauthorized/malicious activity. An example of this is last year our QSA's were able to successfully map a drive via the standard Microsoft ports and gain access into our retail environment. To close this finding, I created an IP policy to block this traffic at the host. After the policy was deployed to the agent, they were no longer able to gain access through the various tools they had access to. I have also set up various alerts, including when someone tampers with the IPS driver disabling it.,Data Center Security 6.0 and higher allows you to easily build out policies to deploy to monitor/block what is required/needed. The agent that is installed on the hosts has a small footprint in terms of CPU and memory usage. The ability to customize it anyway you need to as well as utilize out of the box policies to monitor critical OS functionality.,Symantec sometimes lacks when it comes to the interface. I hope they keep the software GUI based and do not strictly go to a web interface as they do with other products. Wish the policy packs were released separately via LiveUpdate instead of having to download new software versions. Wish agents could be updated via the console similar to SEP.,10,It is flexible and provides various functions where we would not need to purchase additional products. We do not have to monitor it 24/7 as long as the alerts are configured properly. It makes the various audits less painful since a majority of the information is at your fingertips when needed with the reports and queries you can run.,Bit9,Symantec Endpoint Protection, LogRhythm, DbProtect,No,10,No,A few years ago something happened with our SQL database for the product where it caused the system to become offline. They generally do not support SQL databases, it is generally outside their scope of support. Long story short, we had to rebuild the server and restore the database. During that time their backline support was on the phone with us via WebEx sessions and they assisted in restoring the required configuration files and certs needed. They also constantly followed up to ensure that all of the agents were reporting back properly after the database was up and running.
Windows, Linux
Symantec Critical System Protection
7 Ratings
Score 7.8 out of 101
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>TRScore

Symantec Critical System Protection Reviews

Symantec Critical System Protection
7 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 7.8 out of 101
Show Filters 
Hide Filters 
Filter 7 vetted Symantec Critical System Protection reviews and ratings
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role
Reviews (1-2 of 2)
  Vendors can't alter or remove reviews. Here's why.
Jennifer Greulich, GSED, GSEC profile photo
April 18, 2017

"Symantec Critical System Protection Review"

Score 5 out of 10
Vetted Review
Verified User
Review Source
We are using Symantec Critical System Protection as an advanced endpoint protection product on some critical systems. We would like to expand the product to any system on which we would like to implement "whitelist" products. Critical System Protection is a product that whitelists certain behaviors and does not allow any other behaviors on a protected system after a profile is locked. This helps with systems that are static that an organization would like to make sure does not change in any way. This product is not recommended for fluid systems such as user workstations because the administrative burden of keeping the profiles would be very difficult for small teams to accommodate.
  • Prevents exploits, unwanted executables, registry changes, and system file changes
  • Can allow exceptions for software vendors such as Microsoft or Adobe
  • Prevents lateral movement with certain network rules configured
  • Can record file changes
  • Tuning takes a very long time
  • Turning the product on or off can take time
  • When an action is prevented by CSP, there is no pop up or notification, making this a burden for server administrators
Symantec Critical System Protection (CSP) is very well suited for environments that do not change such as point of sale systems and critical servers. This product is spectacular at protecting end of life operating systems when supporting legacy software prevents upgrades. When security updates are no longer available, CSP will prevent exploits and other malware from taking advantage. This product is not well suited for systems that require a lot of changes. For one, it does not notify when a change has been blocked by CSP, causing some server administrators to waste many hours chasing a phantom technical problem when turning off CSP could have solved it right away. Also, profiling takes time so systems that constantly change would need hundreds of exceptions made.
Read Jennifer Greulich, GSED, GSEC's full review
No photo available
December 10, 2015

Symantec Critical System Protection Review: "Critical System Protection Helps us Meet PCI Requirements"

Score 10 out of 10
Vetted Review
Verified User
Review Source
When I came into this role the company already had Symantec Critical System Protection, now called Data Center Security, already deployed and monitoring various PCI related systems. There was no one who was dedicated to manage this system until I was promoted into this position. Over the past 5 years we have expanded the use of this product to not only help us detect questionable activity within the various monitored systems but on some systems connected to our PCI environment, we have implemented intrusion prevention in terms of network traffic. This product helps us meet and exceed PCI requirements each and every year. It helps us achieve PCI compliance by monitoring what is required of us as well as block unauthorized/malicious activity. An example of this is last year our QSA's were able to successfully map a drive via the standard Microsoft ports and gain access into our retail environment. To close this finding, I created an IP policy to block this traffic at the host. After the policy was deployed to the agent, they were no longer able to gain access through the various tools they had access to. I have also set up various alerts, including when someone tampers with the IPS driver disabling it.
  • Data Center Security 6.0 and higher allows you to easily build out policies to deploy to monitor/block what is required/needed.
  • The agent that is installed on the hosts has a small footprint in terms of CPU and memory usage.
  • The ability to customize it anyway you need to as well as utilize out of the box policies to monitor critical OS functionality.
  • Symantec sometimes lacks when it comes to the interface. I hope they keep the software GUI based and do not strictly go to a web interface as they do with other products.
  • Wish the policy packs were released separately via LiveUpdate instead of having to download new software versions.
  • Wish agents could be updated via the console similar to SEP.
For a company that needs to meet various compliance requirements such as PCI, SOX or HIPAA, I would highly recommend this product. It is highly suggested that you have a professional service of some kind assist with the deployment and initial creation of the policies needed.
Read this authenticated review

Symantec Critical System Protection Scorecard Summary

Feature Scorecard Summary

Centralized event and log data collection (1)
3
Deployment flexibility (1)
2
Custom dashboards and views (1)
3
Host and network-based intrusion detection (1)
3

About Symantec Critical System Protection

Symantec Embedded Security: Critical System Protection is a compact, signatureless security agent designed for devices being built for the collective category known as the Internet of Things. Optimized for embedded systems and resource constrained environments, it can be integrated by device manufacturers or installed post market as part of a cyber security strategy.

Symantec Embedded Security: Critical System Protection provides a host firewall, device and configuration control, file integrity monitoring, intrusion detection, operating system hardening, application whitelisting and automatic sandboxing. It has been designed to run on devices such as industrial control systems, medical devices, automotive telematics and infotainment units, Automated Teller Machines (ATM), Point of Sale terminals (PoS), and other single use devices. 

Symantec Critical System Protection Features

Security Information and Event Management (SIEM) Features
Has featureCentralized event and log data collection
Has featureCorrelation
Has featureEvent and log normalization
Has featureDeployment flexibility
Has featureIntegration with Identity and Access Management Tools
Has featureCustom dashboards and views
Has featureHost and network-based intrusion detection

Symantec Critical System Protection Competitors

Symantec Critical System Protection Support Options

 Free VersionPaid Version
Phone
Live Chat
Email
Forum/Community
FAQ/Knowledgebase
Social Media
Video Tutorials / Webinar

Symantec Critical System Protection Technical Details

Deployment Types:On-premise
Operating Systems: Windows, Linux
Mobile Application:No
Supported Countries:Americas, Europe, Middle East, Africa, Asia