TrustRadius
Critical System Protection Helps us Meet PCI Requirements
https://www.trustradius.com/iot-securitySymantec Critical System ProtectionUnspecified8.37101
No photo available
December 10, 2015

Critical System Protection Helps us Meet PCI Requirements

Score 10 out of 101
Vetted Review
Verified User
Review Source

Overall Satisfaction with Symantec Critical System Protection

When I came into this role the company already had Symantec Critical System Protection, now called Data Center Security, already deployed and monitoring various PCI related systems. There was no one who was dedicated to manage this system until I was promoted into this position. Over the past 5 years we have expanded the use of this product to not only help us detect questionable activity within the various monitored systems but on some systems connected to our PCI environment, we have implemented intrusion prevention in terms of network traffic. This product helps us meet and exceed PCI requirements each and every year. It helps us achieve PCI compliance by monitoring what is required of us as well as block unauthorized/malicious activity. An example of this is last year our QSA's were able to successfully map a drive via the standard Microsoft ports and gain access into our retail environment. To close this finding, I created an IP policy to block this traffic at the host. After the policy was deployed to the agent, they were no longer able to gain access through the various tools they had access to. I have also set up various alerts, including when someone tampers with the IPS driver disabling it.
  • Data Center Security 6.0 and higher allows you to easily build out policies to deploy to monitor/block what is required/needed.
  • The agent that is installed on the hosts has a small footprint in terms of CPU and memory usage.
  • The ability to customize it anyway you need to as well as utilize out of the box policies to monitor critical OS functionality.
  • Symantec sometimes lacks when it comes to the interface. I hope they keep the software GUI based and do not strictly go to a web interface as they do with other products.
  • Wish the policy packs were released separately via LiveUpdate instead of having to download new software versions.
  • Wish agents could be updated via the console similar to SEP.
  • It is flexible and provides various functions where we would not need to purchase additional products.
  • We do not have to monitor it 24/7 as long as the alerts are configured properly.
  • It makes the various audits less painful since a majority of the information is at your fingertips when needed with the reports and queries you can run.
  • Bit9
We evaluated Bit 9 and you have more flexibility with the rule set and do not rely on the cloud to tell you what is approved and not approved. You build out the policies the way you need them to be and who better knows the environment that the people that work it daily.
For a company that needs to meet various compliance requirements such as PCI, SOX or HIPAA, I would highly recommend this product. It is highly suggested that you have a professional service of some kind assist with the deployment and initial creation of the policies needed.

Symantec Critical System Protection Support

They respond quickly and efficiently without the need to reiterate the actual issue. Their backline support is amazing and always there for us when it is needed. They explain the troubleshooting steps taken and what they did to help us resolve the issue just incase it creeps up again we have the information to correct it ourselves.
ProsCons
Quick Resolution
Good followup
Knowledgeable team
Problems get solved
Kept well informed
Immediate help available
Support understands my problem
Support cares about my success
Quick Initial Response
None
No - We have a great relationship with Symantec so we pay standard maintenance costs but if there was ever a need to escalate a critical issue they have always been there for us to disregard the SLA's and get our issue resolved quickly and correctly. This is part of what keeps us coming back to Symantec and purchasing other products.
A few years ago something happened with our SQL database for the product where it caused the system to become offline. They generally do not support SQL databases, it is generally outside their scope of support. Long story short, we had to rebuild the server and restore the database. During that time their backline support was on the phone with us via WebEx sessions and they assisted in restoring the required configuration files and certs needed. They also constantly followed up to ensure that all of the agents were reporting back properly after the database was up and running.