What is our primary use case?
It is for protecting endpoints from cyber attacks, intrusions, and malware. We activated the Adaptive Protection for more sophisticated attacks, to prevent Living Off the Land Binaries from executing. Those are our main uses of the product.
How has it helped my organization?
When we prevent attacks, what is very important is that we don't have downtime in processes and we don't lose data. With this solution, we haven't had any attacks. Of course, we have a firewall, but Symantec is very good.
Symantec Endpoint Security Complete has helped us view activity that was not previously visible to us. Now, every malicious activity is blocked and monitored. We can view everything.
We can integrate it with our SIEM and correlate logs from all security devices in the SIEM. That way, we can monitor attacks and efficiently manage activity within the SIEM.
It also automatically increases our protection and detection coverage without heavy configuration changes. We can choose the default configuration and tune it a little bit and it is effective.
What is most valuable?
The feature I like the most is Adaptive Protection. It is a very good feature and it helps a lot. It enables enhanced security capabilities for our organization's clients and helps prevent attacks. And it does not negatively affect users' activities because we can adapt it and allow binaries that are executed regularly while forbidding those that are not executed within the company.
In case of a ransomware attack, it can prevent the binaries from executing and that helps us prevent such attacks. We simply forbid the execution of binaries that are not used within our organization. In case of an attack, the hacker cannot execute those binaries. It's forbidden and monitored and that's useful. It is important for preventing sophisticated attacks.
Also, the agent is more complete when it comes to defense and the IPS features work very well, inhibiting many attacks. And the antivirus, the new agent, has many functionalities, so the Adaptive Protection inhibits attacks when a hacker tries to execute lateral movements or to execute something on the endpoint. It's forbidden and we can isolate those on that endpoint.
What needs improvement?
The Threat Defense for Active Directory feature has a problem in that it is not possible to deploy it within a hybrid management architecture. We tried to deploy it within our hybrid management, where the clients are on-prem and the feature is in the cloud, just like the Adaptive Protection, but it's impossible. We would have to migrate all the infrastructure to be managed by the cloud to deploy this feature, so we have not deployed it.
We want to be able to manage it in hybrid mode so that we don't have to migrate all the management to the cloud to use this feature. That's the main improvement needed.
For how long have I used the solution?
I have been using Symantec Endpoint Security Complete for about two years.
What do I think about the stability of the solution?
The stability is good. The machines are working fine. We haven't faced any problems with the product. In our environment, there are 140 users including end-users and admins.
What do I think about the scalability of the solution?
It is scalable.
We are a midsize enterprise so our usage is generally the same. We may add two to three users, but it's generally constant.
How are customer service and support?
The technical support is very good.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We did not use another solution like this. The only solution we have used is this one from Symantec, and it is very good. We have been with Symantec for many years. We used Symantec Endpoint Protection, and then we had Symantec EDR. And now we have Endpoint Security Complete.
How was the initial setup?
The antivirus server is on-prem and I have some features on the cloud, like Adaptive Protection, but our infrastructure is all on-prem.
The initial setup was not complex and customer support helped us a lot with the deployment. It took us between one and two weeks.
Our implementation strategy was to migrate the database to the new one, the new manager. Then we updated the client and configured the cloud management to be managed in hybrid mode. Finally, we applied other features for the client.
Deployment and maintenance are done by just one person in our organization, with Symantec support.
What was our ROI?
When we invest in security and we prevent attacks, the investment is valuable.
What's my experience with pricing, setup cost, and licensing?
The pricing is good. It's good value for the money.
Other than the standard fees, you may have to acquire a hardware server or VMs to deploy it on-prem.
What other advice do I have?
I don't know if Symantec has an XDR solution that is effective or not. We are possibly planning to acquire it.
I recommend Endpoint Security Complete. It is good at preventing malware.
Which deployment model are you using for this solution?
On-premises
*Disclosure: I am a real user, and this review is based on my own experience and opinions.
