Automation in Symantec ecosystem is very good. It's easy to maintain.
IT Manager at Piisa
Provides automation with easy maintenance and easy setup
What is most valuable?
What needs improvement?
The solution could improve their service.
For how long have I used the solution?
I have been using Symantec Endpoint Detection and Response for two years.
What do I think about the stability of the solution?
Stability is good.
Buyer's Guide
Symantec Endpoint Detection and Response
October 2024
Learn what your peers think about Symantec Endpoint Detection and Response. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
816,406 professionals have used our research since 2012.
What do I think about the scalability of the solution?
Scalability is good. I rate the solution’s scalability a ten out of ten.
How are customer service and support?
Support is good. I had a problem, but the support resolve the problem.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I evaluated WatchGuard, Palo Alto and Cisco.
How was the initial setup?
The initial setup is easy.
What's my experience with pricing, setup cost, and licensing?
The product is expensive.
What other advice do I have?
It is a good product and functions for me. It is easy to install to the administration.
Overall, I rate the solution a nine out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Jul 1, 2024
Flag as inappropriateThreat Analyst at SA RVE Bank
Has the ability to work with a consistent and defined set of virtual machines
Pros and Cons
- "The most valuable features of this product include network isolation for machines and the ability to work with a consistent and defined set of virtual machines."
- "One potential area for improvement in Symantec EDR is the reporting engine."
What is our primary use case?
We mainly use AWS Glue for three key purposes. First, we rely on it for managing files and ensuring data integrity by tracking changes. Second, it helps us prepare data efficiently for Tableau, supporting our visual analytics. Lastly, it simplifies the process of uploading files to the Spiceworks website and aids in tasks like PowerShell detection and external file transfers, enhancing our data management and integration capabilities.
What is most valuable?
The most valuable features of this product include network isolation for machines and the ability to work with a consistent and defined set of virtual machines. This helps maintain data security and streamline processes.
What needs improvement?
One potential area for improvement in Symantec EDR is the reporting engine. It is not exactly a weakness, but rather a feature that might need enhancement in the future. The current reporting capabilities are somewhat limited, lacking extensive filtering options. Currently, our experience with Symantec EDR is generally positive. Performance and user-friendliness are satisfactory. In our regular assessments, the main area for improvement that has emerged is the reporting engine, which is somewhat limited. Enhancing this reporting functionality to reduce the need for manual data manipulation and export to tools like Power BI would be a valuable improvement for the application. In the future, it would be beneficial to have AI-driven analytics and automated workflow capabilities integrated into Symantec EDR. This would enable more efficient detection, response, and mitigation of security incidents. Specifically, having workflows that can automate incident analysis, qualification for closure, and escalation when needed within the application would be a valuable addition. This would reduce the manual effort of security analysts and streamline incident management.
For how long have I used the solution?
I have been using Symantec Endpoint Detection and Response for over two years.
What do I think about the stability of the solution?
The solution has been stable and effective in reducing the number of agents on endpoints. This stability extends to the other two endpoints as well.
What do I think about the scalability of the solution?
It is a scalable solution. In our company, a team of about seven people use the application, but the product itself is deployed on more than 25,000 endpoints.
How are customer service and support?
The technical support for Symantec EDR is reliable. Support tickets are typically acknowledged within 24 hours, and a support engineer promptly contacts you for a real-time troubleshooting session to address any issues. I would rate the support as a seven out of ten.
How would you rate customer service and support?
Neutral
How was the initial setup?
The initial setup of Symantec EDR was straightforward and error-free. We had the necessary expertise from our DBA and network system operators, making the process smooth and trouble-free. Deployment takes about two days. We installed Symantec EDR in under an hour using the file from the support website. For the deployment of Symantec EDR, we required the expertise of a DBA, a system administrator, and support from Symantec. Having these individuals in place ensured a smooth installation process, although we didn't encounter any significant issues that would have halted the installation.
What's my experience with pricing, setup cost, and licensing?
The pricing of Symantec EDR can vary, but it is generally not considered affordable. Maintenance and support are typically included in the package unless there are specific professional services required. In most cases, support is a part of the standard offering.
Which other solutions did I evaluate?
The advantages of Symantec EDR over competitors, such as RSA, are subjective and depend on how organizations want to approach security. RSA is preferred by some because it offers both EDR and network capabilities, while Symantec focuses primarily on EDR. RSA also has distinct platforms for different functions, which can be seen as an advantage. It ultimately comes down to the specific needs and preferences of each organization in choosing the right solution.
What other advice do I have?
My advice for those considering Symantec EDR is to start by thoroughly assessing their business requirements and needs. Engage with stakeholders to understand specific business applications and their scale. Based on this assessment, you can make an informed decision on whether Symantec EDR or another tool is the right fit. It is also important to perform POC or tool assessment to validate its suitability for your organization's unique requirements. Overall, I would rate Symantec EDR as an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Symantec Endpoint Detection and Response
October 2024
Learn what your peers think about Symantec Endpoint Detection and Response. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
816,406 professionals have used our research since 2012.
Technology Specialist at Locuz
Outdated, lacks add-on features, and the interface has many issues
Pros and Cons
- "The security is good."
- "The interface has many issues."
What is our primary use case?
I use the solution to detect threats.
What is most valuable?
The security is good.
What needs improvement?
Symantec is a dead product. The product does not have any add-on features. The interface has many issues. There is no proper KB article to fix the error.
For how long have I used the solution?
I have been using the solution for five years.
How was the initial setup?
The solution is easy to install.
What's my experience with pricing, setup cost, and licensing?
The product is cheap.
Which other solutions did I evaluate?
We have trial licenses for Trend Micro, Sophos, and Kaspersky.
What other advice do I have?
People can use the tool. There are not many options, though. We are unable to log in or work in the trial version. We are unable to learn the features. Overall, I rate the solution a one out of ten.
Which deployment model are you using for this solution?
Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Mar 2, 2024
Flag as inappropriateTechnical Support Administrator at a newspaper with 51-200 employees
Good detection and advanced threat protection but needs to be more efficient
Pros and Cons
- "The pricing is pretty reasonable."
- "The interface is very complicated."
What is our primary use case?
We primarily use the solution for its powerful detection capabilities.
What is most valuable?
It is very good at detection. The advanced threat protection is great.
The EDR and the events it is able to collect are quite helpful aspects a=of the solution.
Its initial setup is fairly straightforward.
The product is stable.
The pricing is pretty reasonable.
What needs improvement?
We are in Iran, so for some Symantec services, we face sanctions.
The interface is very complicated. It needs to be simplified in future releases.
It needs to offer better documentation around configurations during setup.
Scalability is limited. It needs more expansion capabilities and should offer more efficiency.
For how long have I used the solution?
I've used the solution for about three years.
What do I think about the stability of the solution?
It's a stable solution. It's reliable and free of bugs and glitches. It doesn't crash or freeze.
I'd rate the stability seven out of ten.
What do I think about the scalability of the solution?
We have about 5,000 clients using the solution right now. It is something that is used on a daily basis.
I'd rate the ability to scale five out of ten.
My understanding is the solution is not so scalable. I've never tried to scale it, however. That may be why XDR was suggested as an alternative.
How are customer service and support?
Due to our location, there isn't official technical support available. We have some small businesses that can assist if necessary.
Which solution did I use previously and why did I switch?
We also work with Kaspersky.
We likely will switch from Symantec EDR to XTR.
How was the initial setup?
The initial setup is not overly difficult. However, the documentation sometimes does not make it clear about configurations.
I'd rate the initial setup six out of ten in terms of ease of deployment.
What about the implementation team?
We have no official Symantec branch here, and so I did try to implement it myself. However, I did have assistance from a third party.
What's my experience with pricing, setup cost, and licensing?
My understanding is the solution is cheaper than other options. I can't say what the exact price is for my company, however.
I'd rate the affordability of the product at a six or seven out of ten.
What other advice do I have?
While I have no experience with the cloud and work mainly with on-premises deployments, I have heard the cloud is very good.
I'd rate the solution seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Head: Cyber and Information Research Centre at Council for Scientific and Industrial Research
Regular updates, high performance, but integration could improve
Pros and Cons
- "The most valuable feature of Symantec Endpoint Detection and Response is its ability to conduct large scans on the endpoints without affecting the network."
- "In the future, it would be nice to have playbooks in the tool, to allow for some of the common activities to be automated. For example, some of the scannings of the malware can be too manual for a specific device. Additionally, a vulnerability manager would be beneficial."
What is our primary use case?
Symantec Endpoint Detection and Response is mainly used for endpoint protection against malware and other threats.
What is most valuable?
The most valuable feature of Symantec Endpoint Detection and Response is its ability to conduct large scans on the endpoints without affecting the network.
What needs improvement?
In the future, it would be nice to have playbooks in the tool, to allow for some of the common activities to be automated. For example, some of the scannings of the malware can be too manual for a specific device. Additionally, a vulnerability manager would be beneficial.
For how long have I used the solution?
I have been using Symantec Endpoint Detection and Response for approximately three years.
What do I think about the stability of the solution?
The stability of Symantec Endpoint Detection and Response is good.
What do I think about the scalability of the solution?
Symantec Endpoint Detection and Response scalability depends on the agents. You have to discover the devices. It's scalable, but it's not as flexible as one would like.
We have approximately 10,000 endpoints using this solution. We use the solution every day.
How are customer service and support?
I rate the support from Symantec Endpoint Detection and Response a four out of five.
They have given quick resolutions to our questions.
Which solution did I use previously and why did I switch?
I have not used other solutions. However, if you compare what Microsoft may provide to Symantec Endpoint Detection and Response, the integration with other systems, such as AD, Microsoft EDR solution treats it much better than Symantec Endpoint Detection and Response.
Symantec Endpoint Detection and Response advantages are the ease of use, quick introduction of new technicians, and it's much faster. It doesn't require a lot of training. In terms of usability, it's something that you can deploy and run quickly.
How was the initial setup?
The initial setup of Symantec Endpoint Detection and Response was not complex, it was easy.
What about the implementation team?
We had access to the Symantec Endpoint Detection and Response consultant to assist us with the implementation.
What's my experience with pricing, setup cost, and licensing?
I rate the price of Symantec Endpoint Detection and Response a three out of five.
The more devices we have the more expensive it becomes, which is where the challenge is.
What other advice do I have?
I rate Symantec Endpoint Detection and Response a seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Consultant Cybersecurity & SD WAN at a computer software company with 201-500 employees
A market leader with a broad presence internationally and easy to set up
Pros and Cons
- "The solution can scale well."
- "They need to improve their cloud presence."
What is our primary use case?
The solution is mainly used for antivirus. When clients don't want a heavy agent on their system, they like to use a solution like this. This isn't a signature-based approach which isn't very effective.
What is most valuable?
Symantec has been a leader in the space. The threat intel they gather is very good.
They have a wide presence across the globe. They often are the first to pick up on threats and malware.
They have the capability to address zero-day vulnerabilities.
They do have managed service offerings.
It is easy to set up.
The solution can scale well.
It is stable.
The pricing is reasonable.
What needs improvement?
They need to improve their cloud presence. They need to keep developing prevention. Many OEMs are focusing on the detection part only. They need to address the challenge of gathering false positives.
We do not need any extra features.
For how long have I used the solution?
I've been using the solution for two years now.
What do I think about the stability of the solution?
The stability and performance are great. It is very stable. I'd rate it nine out of ten in terms of reliability.
What do I think about the scalability of the solution?
The solution is very scalable. I'd rate it nine out of ten. It extends easily.
They are leaders in this entire segment, and they have a good understanding of malware and antiviruses is very strong and their presence across the globe is very robust.
We tend to work with medium-sized organizations.
Which solution did I use previously and why did I switch?
I've used CrowdStrike and they have done a good job in terms of using AI and ML behavior-based analysis. No signature is required on endpoint devices. When you scan devices, it does not decrease user performance.
How was the initial setup?
The initial setup is very easy to set up. I'd rate the initial setup eight out of ten in terms of ease of the process.
Most customers are on-premises, although they do now have a cloud option.
The deployment generally takes a few days.
What's my experience with pricing, setup cost, and licensing?
The pricing is pretty reasonable. I'd rate it nine out of ten.
What other advice do I have?
I am a reseller.
I'd rate the solution nine out of ten. Depending on the use case and the problem you are trying to solve, this is a decent solution.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
Senior Information Security Engineer at Herbalife
Dashboard shows new and unknown threats in the environment but support isn't so responsive
Pros and Cons
- "The most valuable features are that it is easy to connect and global settings are good."
- "That's why I wouldn't recommend it for other systems. It works only with SAP clients. That's why I'm giving it a six. It would get higher if it worked on all networks without the help of SAP."
What is most valuable?
The most valuable features are that:
- It is easy to connect
- Global settings are good
What needs improvement?
I don't see much room for improvement. I am not an analyst for this product. I just manage this product for an analyst. I like the dashboard, it has lots of information like threats and we can see activity on the dashboard. It shows new and unknown threats in the environment. This feature is very good for EDR monitoring and management.
For how long have I used the solution?
We have been using Symantec EDR for the last year. We also have Symantec Endpoint Protection
What do I think about the stability of the solution?
We are facing our own issues that we are checking to see if it's secure. We are working on this with support but they are not able to fix that now. We haven't had any issues regarding the features. It works perfectly.
What do I think about the scalability of the solution?
Scalability is good.
How are customer service and technical support?
We have contacted technical support multiple times. They are good but not excellent. We had a few issues and it took them a long time to respond.
How was the initial setup?
We did the POC within one week and the entire deployment took one month.
What other advice do I have?
It's a good product if you have a lot of SAP solutions.
I would rate it a six out of ten. Not a 10 because it works on version 14 but SAP clients have some issues and EDR is different on SAP. That's why I wouldn't recommend it for other systems. It works only with SAP clients. That's why I'm giving it a six. It would get higher if it worked on all networks without the help of SAP.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
IT Manager at Piisa
I like the solution's device control and USB security features
Pros and Cons
- "I like Symantec EDR's device control and USB security features."
- "It should be easier to deploy Symantec's client for end-users."
What is our primary use case?
We use Symantec EDR to protect users and endpoints.
What is most valuable?
I like Symantec EDR's device control and USB security features.
What needs improvement?
It should be easier to deploy Symantec's client for end-users.
For how long have I used the solution?
I have used Symantec EDR for more than 10 years.
How was the initial setup?
It isn't difficult to install Symantec EDR. We use the on-prem and the cloud versions.
What other advice do I have?
I rate Symantec Endpoint Detection and Response eight out of 10.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Symantec Endpoint Detection and Response Report and get advice and tips from experienced pros
sharing their opinions.
Updated: October 2024
Product Categories
Endpoint Detection and Response (EDR)Popular Comparisons
CrowdStrike Falcon
Microsoft Defender for Endpoint
Fortinet FortiEDR
Cisco Secure Endpoint
Elastic Security
Intercept X Endpoint
VMware Carbon Black Endpoint
Trend Vision One
Trellix Endpoint Security (ENS)
Bitdefender GravityZone EDR
Kaspersky Endpoint Detection and Response Expert
Fidelis Elevate
WatchGuard Threat Detection and Response
Sangfor Endpoint Secure
Buyer's Guide
Download our free Symantec Endpoint Detection and Response Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What is the biggest difference between EPP and EDR products?
- What is the difference between EDR and traditional antivirus?
- What is your recommendation for a 5-star EDR with low resource consumption for a financial services company?
- Which is the best EDR for a logistics company with 500-1000 employees?
- What is the best EDR or XDR product for a company with 9000 employees?
- What to choose: an endpoint antivirus, an EDR solution or both?
- Do we need to use both EDR and Antivirus (AV) solutions for better protection of IT assets?
- How does EternalBlue work?
- What are the best on-premise Endpoint Security solutions for a Tech Services company with 10,000 employees?
- What is Mimikatz?