The solution is easy to deploy on both on-cloud and on-premises infrastructures.
Easy to deploy and has a good stability
Pros and Cons
- "The solution is scalable."
- "Its UI could be more user-friendly."
What is most valuable?
What needs improvement?
The solution's price could be better. Presently, it is expensive for basic functionality. Also, they should make its UI more user-friendly. It takes time to find the policies and analyze their effects. They should add a customization option for policies. In addition, they should add more scanning features to it.
For how long have I used the solution?
We have been using the solution for a year.
What do I think about the stability of the solution?
It is a stable solution. I rate its stability as an eight.
Buyer's Guide
Symantec Endpoint Detection and Response
October 2024
Learn what your peers think about Symantec Endpoint Detection and Response. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
What do I think about the scalability of the solution?
We have around 150 solution users of the solution in our organization. It is scalable, and I rate its scalability as an eight.
How are customer service and support?
The solution's customer service could be better.
How would you rate customer service and support?
Neutral
How was the initial setup?
The solution's initial setup is straightforward. It takes a day to complete the process.
What about the implementation team?
Our team of three executives deploys and maintains the solution.
What's my experience with pricing, setup cost, and licensing?
The solution is expensive. I rate it as a five for pricing.
What other advice do I have?
I rate the solution as an eight.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Systems Analyst at Central Information Systems Division
Is stable, scalable, and reasonably priced, but scanning needs improvement
Pros and Cons
- "I've mainly found the antivirus and antispyware features valuable. The documentation is okay as well."
- "I would like to see better scanning capabilities."
What is most valuable?
I've mainly found the antivirus and antispyware features valuable.
The documentation is okay as well.
What needs improvement?
I would like to see better scanning capabilities.
For how long have I used the solution?
I've been dealing with this solution for nearly two years now.
What do I think about the stability of the solution?
Symantec Endpoint Detection and Response is a stable solution.
What do I think about the scalability of the solution?
It is easy to scale it.
How are customer service and support?
We have local support here, so we usually contact them, and they investigate the issue and solve it.
How was the initial setup?
The initial setup was easy and took about a week.
What's my experience with pricing, setup cost, and licensing?
The price is reasonable.
What other advice do I have?
I would give this solution a seven out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Symantec Endpoint Detection and Response
October 2024
Learn what your peers think about Symantec Endpoint Detection and Response. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
Security Consultant at IBM Thailand
Effective process review, useful machine isolation, and reliable
Pros and Cons
- "There are times when Symantec Endpoint Detection and Response tags an executable as malicious when it is trying to get executed on the machine. In this case, it prevents the execution and it gives you a process view of things where you can look into what has happened and whether it is a genuine process trying to access some system activities, or it's a malicious one. Depending upon the process, it gives you a clear identification, and we can do the containment from the interface itself and isolate the machine from the network. The process review on network isolation is good."
- "Symantec Endpoint Detection and Response could improve the reporting. It is very difficult to create reports from the user interface."
What is our primary use case?
Symantec Endpoint Detection and Response is used for threat protection.
What is most valuable?
There are times when Symantec Endpoint Detection and Response tags an executable as malicious when it is trying to get executed on the machine. In this case, it prevents the execution and it gives you a process view of things where you can look into what has happened and whether it is a genuine process trying to access some system activities, or it's a malicious one. Depending upon the process, it gives you a clear identification, and we can do the containment from the interface itself and isolate the machine from the network. The process review on network isolation is good.
What needs improvement?
Symantec Endpoint Detection and Response could improve the reporting. It is very difficult to create reports from the user interface.
For how long have I used the solution?
I have been using Symantec Endpoint Detection and Response for approximately six months.
What do I think about the stability of the solution?
Symantec Endpoint Detection and Response is a stable solution.
What do I think about the scalability of the solution?
The stability of Symantec Endpoint Detection and Response is good.
We have the solution running on 3,000 endpoints. After two years after we have more clients, we might increase usage.
How are customer service and support?
I have not contacted support. The administrator of the platform is taking care of the support for us. They might have contacted the support but I have not.
Which solution did I use previously and why did I switch?
I have not used another solution previously.
How was the initial setup?
The initial setup of Symantec Endpoint Detection and Response is straightforward.
What about the implementation team?
We have three people that are supporting the solution.
Which other solutions did I evaluate?
I have evaluated McAfee.
What other advice do I have?
I would recommend this solution to others.
I rate Symantec Endpoint Detection and Response an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Project Manager at a consultancy with 501-1,000 employees
Threat protection that is priced well, easy to deploy, and allows you to use the same agent for detection and response
Pros and Cons
- "The most valuable feature is that the same agent can act as the endpoint detection and response agent."
- "Reporting is a major issue, as it is not user friendly."
What is our primary use case?
The primary use case of this solution is for protection.
What is most valuable?
The most valuable feature is that the same agent can act as the endpoint detection and response agent. You don't need to deploy an additional agent. As you do with other solutions.
If you try to deploy a new solution you have to replace the existing agent with a new agent, but with Symantec, you can use the same agent.
What needs improvement?
Reporting is a major issue, as it is not user friendly. It's the biggest challenge we are facing. I have raised this issue multiple times.
With virus detection, if one OEM vendor is detecting the virus at 1:10 am, within 24 hours all others will detect it. For example, Symantec will detect the virus, then McAfee will detect it then Trend Micro, all within 24 hours, everyone will have it covered.
In the next release, I would like to see the option to customize the report as per our needs, and better reporting in general.
For how long have I used the solution?
I have worked with all Symantec products. Detection and response is a new technology that they have come up with and I have been working with it for two years.
What do I think about the stability of the solution?
If the solution is updated regularly then there is no challenge with stability.
What do I think about the scalability of the solution?
This solution is definitely scalable.
How are customer service and technical support?
The technical support is very bad. It's been outsourced. The level one support does not have the expertise to support people properly, from a technical perspective.
I'd say that the level of understanding has been reduced as a result of outsourcing to a third party.
Which solution did I use previously and why did I switch?
Previously, I was working with Trend Micro. Before the detection and response were included, I would have recommended Trend Micro. However, Symantec Endpoint has now taken the lead.
Endpoint detection and response have not been developed into Trend Micro.
How was the initial setup?
The initial setup is straightforward. It's not complex. You will have to license it, then you are good to go.
If you try to establish the replication then you should plan it properly. If you do proper planning then it manages well. As an example, with one of my customers, I updated 3,000 machines that were in remote sites in less than a month's time.
What's my experience with pricing, setup cost, and licensing?
The price is okay, but it really depends on the customer's requirements.
What other advice do I have?
I am a user of Symantec as well as an admin with the Symantec support team. I was the technical support account manager and I would support other customers.
Symantec release updates two or three times per day. If you have a low bandwidth it will never get updated, although there are options to resolve this.
First, you have to decide on your requirements and what features you are looking for, then you can consider any endpoint detection and response solution.
There are good products on the market; there is one in particular that is cloud-based, where you don't need a single investment, but you will need to have good bandwidth.
Before looking for any solutions the planning must be done.
Overall, this is a good product but it is still in the early stages and there are some improvements that need to be made.
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Threat Analyst at SA RVE Bank
Quick and easy to set up with good reliability
Pros and Cons
- "The pricing is good."
- "They do need to minimize the number of agents installed on a server."
What is our primary use case?
It's part of the endpoint and is an EDR product. There are many use cases we're looking at, including power share and general detection.
What is most valuable?
The initial setup is quick and easy.
We found the product to be scalable.
The stability is good. It's reliable.
The pricing is good.
Technical support is okay.
It's easy to add hash files.
What needs improvement?
I have not picked up anything that is lacking in terms of features while using this tool.
They do need to minimize the number of agents installed on a server.
The response time for technical support takes too long.
For how long have I used the solution?
I've been using the solution for two and four months years now.
What do I think about the stability of the solution?
The solution is stable. There are no bugs or glitches and it doesn't crash or freeze. it's reliable.
What do I think about the scalability of the solution?
The solution is scalable. That's not a problem.
We have about 2,500 endpoints. It's actually even more than that as it is deployed on the server as well.
How are customer service and support?
While technical support is great, it does take up to two days before I get a response. They are a bit slow.
How was the initial setup?
The implementation process was quick and easy, and we didn't need a DBU, a database administrator.
Two people handled the initial setup it was done over one day.
What about the implementation team?
Our team handled the deployment in-house. We didn't need any outside assistance.
What's my experience with pricing, setup cost, and licensing?
The cost of the solution is affordable and manageable.
What other advice do I have?
We are a customer and an end-user.
I'd rate the solution an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Security Engineer at Suraksha
IPS and user interface are great; includes deception technology component as part of SEP
Pros and Cons
- "IPS and the user interface are good features."
- "The network forensics feature could be improved."
What is our primary use case?
In the past, we deployed for Government organizations and right now we are dealing with a financial institution that is considering implementing Symantec. We primarily work in the Middle East and Australia. We are Symantec partners and implement the solution for our clients. I'm a security engineer.
What is most valuable?
I like the IPS , GIN and the user interface, they are good features and simple to use. In addition to that, I believe that Symantec is the only vendor that actually includes the deception technology component as part of SEP.
What needs improvement?
I think the network forensics feature could be improved. It's not part of SEP, but it's part of the package and I think that could be improved because we need the decryptor. Without that you can't actually decrypt the SSL traffic going in the network. If the solution could be completely software-based, it would be a formidable product.
Symantec could include that as an additional feature, it's something that other solutions provide. Secondly, instead of just making it endpoint deception, they could make it network deception as well and that would make it a complete endpoint protection solution.
For how long have I used the solution?
I've been using this solution for the last 12 months.
What do I think about the stability of the solution?
The stability of the solution is fine.
What do I think about the scalability of the solution?
We haven't had any issues with scalability. Three months ago we put in a bid where they initially wanted 300 users, but then decided they wanted to scale up to 7,000 users. Symantec had no problem with that. It just requires preparation by taking into account the increased number of endpoints.
How are customer service and technical support?
Technical support is very good.
Which solution did I use previously and why did I switch?
We used McAfee and Trend-Micro previously, but we didn't get many good reviews for the product. Once we switched to Symantec, the market responded well so we switched to pushing that. We depend a lot on market feedback and after speaking to a lot of cyber experts in the information security field, they said they wanted Symantec. It's pretty much based on market feedback.
What's my experience with pricing, setup cost, and licensing?
Deploying on-prem makes Symantec a very expensive product but if it's being deployed on cloud it's quite cheap. We lost a lot of bids when we proposed on-prem deployment because of the high cost.
What other advice do I have?
I would definitely recommend Symantec because the company provides great support from its engineers. Whenever we've had any issues, we give them a call and 10 or 20 minutes later, they make contact. They're also very good at helping us quote for tenders and they negotiate well.
I would rate this solution an eight out of 10.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Senior Manager IT at Ami Organics
Scalable, reliable, but support could improve
Pros and Cons
- "Symantec Endpoint Detection and Response is stable."
What is our primary use case?
Symantec Endpoint Detection and Response is used for the protection of endpoints.
For how long have I used the solution?
I have been using Symantec Endpoint Detection and Response for approximately four years.
What do I think about the stability of the solution?
Symantec Endpoint Detection and Response is stable.
What do I think about the scalability of the solution?
The scalability of Symantec Endpoint Detection and Response is good.
How are customer service and support?
The technical support from Broadcom has given us some challenges. Previously, they had experienced people who handle the end user's query and escalate the problems within a good timeframe. Since Broadcom took over, we have not been satisfied by the way they are handling the end user's query or end-user support.
How was the initial setup?
Symantec Endpoint Detection and Response
What about the implementation team?
We have a partner that has helped us with the implementation, configuration, and policies.
What other advice do I have?
Determining if this is the right solution for someone depends on the region or what type of partner they have. Broadcom user support might be different in your region but we are in the Asia Pacific region is not good. I don't know who is providing the proper support.
I rate Symantec Endpoint Detection and Response a seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Vice President, Head of Infrastructure, Information Systems Group at a financial services firm with 10,001+ employees
Good in terms of malware detection and scalability, but unpredictable pricing is a cause of concern
Pros and Cons
- "It is mostly used for malware detection and antivirus purposes."
- "It would be good if it can anticipate zero-day attacks. I don't know how it can be done and if it is even a feature of this product."
What is most valuable?
It is mostly used for malware detection and antivirus purposes.
What needs improvement?
The unpredictability of the pricing is a cause of concern.
It would be good if it can anticipate zero-day attacks. I don't know how it can be done and if it is even a feature of this product.
For how long have I used the solution?
I have been working with this solution for more than three years.
What do I think about the stability of the solution?
It is stable.
What do I think about the scalability of the solution?
We haven't had any issue with scaling the product. Its scalability has not been an issue.
Which solution did I use previously and why did I switch?
I have used Sophos in another company, but that was almost 10 years ago.
How was the initial setup?
I was not a part of the installation team. When I arrived, it was already there.
What's my experience with pricing, setup cost, and licensing?
Of late, because of the Broadcom purchase, its price has been increasing.
What other advice do I have?
I would rate it a seven out of 10.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Symantec Endpoint Detection and Response Report and get advice and tips from experienced pros
sharing their opinions.
Updated: October 2024
Product Categories
Endpoint Detection and Response (EDR)Popular Comparisons
CrowdStrike Falcon
Microsoft Defender for Endpoint
Fortinet FortiEDR
Cisco Secure Endpoint
Cortex XDR by Palo Alto Networks
Elastic Security
Intercept X Endpoint
VMware Carbon Black Endpoint
Trend Vision One
Trellix Endpoint Security (ENS)
Bitdefender GravityZone EDR
Kaspersky Endpoint Detection and Response Expert
Fidelis Elevate
WatchGuard Threat Detection and Response
Sangfor Endpoint Secure
Buyer's Guide
Download our free Symantec Endpoint Detection and Response Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What is the biggest difference between EPP and EDR products?
- What is the difference between EDR and traditional antivirus?
- What is your recommendation for a 5-star EDR with low resource consumption for a financial services company?
- Which is the best EDR for a logistics company with 500-1000 employees?
- What is the best EDR or XDR product for a company with 9000 employees?
- What to choose: an endpoint antivirus, an EDR solution or both?
- Do we need to use both EDR and Antivirus (AV) solutions for better protection of IT assets?
- How does EternalBlue work?
- What are the best on-premise Endpoint Security solutions for a Tech Services company with 10,000 employees?
- What is Mimikatz?