Symantec Endpoint Detection and Response Reviews

The solution is easy to deploy on both on-cloud and on-premises infrastructures.

The solution's price could be better. Presently, it is expensive for basic functionality. Also, they should make its UI more user-friendly. It takes time to find the policies and analyze their effects. They should add a customization option for policies. In addition, they should add more scanning features to it.

We have been using the solution for a year.

It is a stable solution. I rate its stability as an eight.

We have around 150 solution users of the solution in our organization. It is scalable, and I rate its scalability as an eight.

The solution's customer service could be better.

Neutral

The solution's initial setup is straightforward. It takes a day to complete the process.

Our team of three executives deploys and maintains the solution.

The solution is expensive. I rate it as a five for pricing.

I rate the solution as an eight.

Symantec Endpoint Detection and Response is used for threat protection.

There are times when Symantec Endpoint Detection and Response tags an executable as malicious when it is trying to get executed on the machine. In this case, it prevents the execution and it gives you a process view of things where you can look into what has happened and whether it is a genuine process trying to access some system activities, or it's a malicious one. Depending upon the process, it gives you a clear identification, and we can do the containment from the interface itself and isolate the machine from the network. The process review on network isolation is good.

Symantec Endpoint Detection and Response could improve the reporting. It is very difficult to create reports from the user interface.

I have been using Symantec Endpoint Detection and Response for approximately six months.

Symantec Endpoint Detection and Response is a stable solution.

The stability of Symantec Endpoint Detection and Response is good.

We have the solution running on 3,000 endpoints. After two years after we have more clients, we might increase usage.

I have not contacted support. The administrator of the platform is taking care of the support for us. They might have contacted the support but I have not.

I have not used another solution previously.

The initial setup of Symantec Endpoint Detection and Response is straightforward.

We have three people that are supporting the solution.

I have evaluated McAfee.

I would recommend this solution to others.

I rate Symantec Endpoint Detection and Response an eight out of ten.

The primary use case of this solution is for protection.

The most valuable feature is that the same agent can act as the endpoint detection and response agent. You don't need to deploy an additional agent. As you do with other solutions.

If you try to deploy a new solution you have to replace the existing agent with a new agent, but with Symantec, you can use the same agent.

Reporting is a major issue, as it is not user friendly. It's the biggest challenge we are facing. I have raised this issue multiple times.

With virus detection, if one OEM vendor is detecting the virus at 1:10 am, within 24 hours all others will detect it. For example, Symantec will detect the virus, then McAfee will detect it then Trend Micro, all within 24 hours, everyone will have it covered.

In the next release, I would like to see the option to customize the report as per our needs, and better reporting in general.

I have worked with all Symantec products. Detection and response is a new technology that they have come up with and I have been working with it for two years.

If the solution is updated regularly then there is no challenge with stability.

This solution is definitely scalable.

The technical support is very bad. It's been outsourced. The level one support does not have the expertise to support people properly, from a technical perspective. 

I'd say that the level of understanding has been reduced as a result of outsourcing to a third party.

Previously, I was working with Trend Micro. Before the detection and response were included, I would have recommended Trend Micro. However, Symantec Endpoint has now taken the lead.

Endpoint detection and response have not been developed into Trend Micro.

The initial setup is straightforward. It's not complex. You will have to license it, then you are good to go.

If you try to establish the replication then you should plan it properly. If you do proper planning then it manages well. As an example, with one of my customers, I updated 3,000 machines that were in remote sites in less than a month's time.

The price is okay, but it really depends on the customer's requirements.

I am a user of Symantec as well as an admin with the Symantec support team. I was the technical support account manager and I would support other customers.

Symantec release updates two or three times per day. If you have a low bandwidth it will never get updated, although there are options to resolve this.

First, you have to decide on your requirements and what features you are looking for, then you can consider any endpoint detection and response solution.

There are good products on the market; there is one in particular that is cloud-based, where you don't need a single investment, but you will need to have good bandwidth. 

Before looking for any solutions the planning must be done.

Overall, this is a good product but it is still in the early stages and there are some improvements that need to be made.

I would rate this solution an eight out of ten.

It's part of the endpoint and is an EDR product. There are many use cases we're looking at, including power share and general detection.

The initial setup is quick and easy.

We found the product to be scalable.

The stability is good. It's reliable. 

The pricing is good.

Technical support is okay.

It's easy to add hash files. 

I have not picked up anything that is lacking in terms of features while using this tool. 

They do need to minimize the number of agents installed on a server.

The response time for technical support takes too long. 

I've been using the solution for two and four months years now. 

The solution is stable. There are no bugs or glitches and it doesn't crash or freeze. it's reliable. 

The solution is scalable. That's not a problem. 

We have about 2,500 endpoints. It's actually even more than that as it is deployed on the server as well. 

While technical support is great, it does take up to two days before I get a response. They are a bit slow.

The implementation process was quick and easy, and we didn't need a DBU, a database administrator.

Two people handled the initial setup it was done over one day.

Our team handled the deployment in-house. We didn't need any outside assistance. 

The cost of the solution is affordable and manageable. 

We are a customer and an end-user.

I'd rate the solution an eight out of ten.

In the past, we deployed for Government organizations and right now we are dealing with a financial institution that is considering implementing Symantec. We primarily work in the Middle East and Australia. We are Symantec partners and implement the solution for our clients. I'm a security engineer. 

I like the IPS , GIN and the user interface, they are good features and simple to use. In addition to that, I believe that Symantec is the only vendor that actually includes the deception technology component as part of SEP.

I think the network forensics feature could be improved. It's not part of SEP, but it's part of the package and I think that could be improved because we need the decryptor. Without  that you can't actually decrypt the SSL traffic going in the network. If the solution could be completely software-based, it would be a formidable product.

Symantec could include that as an additional feature, it's something that other solutions provide. Secondly, instead of just making it endpoint deception, they could make it network deception as well and that would make it a complete endpoint protection solution.

I've been using this solution for the last 12 months. 

The stability of the solution is fine. 

We haven't had any issues with scalability. Three months ago we put in a bid where they initially wanted 300 users, but then decided they wanted to scale up to 7,000 users. Symantec had no problem with that. It just requires preparation by taking into account the increased number of endpoints. 

Technical support is very good.

We used McAfee and Trend-Micro previously, but we didn't get many good reviews for the product. Once we switched to Symantec, the market responded well so we switched to pushing that. We depend a lot on market feedback and after speaking to a lot of cyber experts in the information security field, they said they wanted Symantec. It's pretty much based on market feedback. 

Deploying on-prem makes Symantec a very expensive product but if it's being deployed on cloud it's quite cheap. We lost a lot of bids when we proposed on-prem deployment because of the high cost. 

I would definitely recommend Symantec because the company provides great support from its engineers. Whenever we've had any issues, we give them a call and 10 or 20 minutes later, they make contact. They're also very good at helping us quote for tenders and they negotiate well. 

I would rate this solution an eight out of 10. 

Symantec Endpoint Detection and Response is used for the protection of endpoints.

I have been using Symantec Endpoint Detection and Response for approximately four years.

Symantec Endpoint Detection and Response is stable.

The scalability of Symantec Endpoint Detection and Response is good.

The technical support from Broadcom has given us some challenges. Previously, they had experienced people who handle the end user's query and escalate the problems within a good timeframe. Since Broadcom took over, we have not been satisfied by the way they are handling the end user's query or end-user support.

Symantec Endpoint Detection and Response

We have a partner that has helped us with the implementation, configuration, and policies.

Determining if this is the right solution for someone depends on the region or what type of partner they have. Broadcom user support might be different in your region but we are in the Asia Pacific region is not good. I don't know who is providing the proper support.

I rate Symantec Endpoint Detection and Response a seven out of ten.

It is mostly used for malware detection and antivirus purposes.

The unpredictability of the pricing is a cause of concern.

It would be good if it can anticipate zero-day attacks. I don't know how it can be done and if it is even a feature of this product.

I have been working with this solution for more than three years. 

It is stable.

We haven't had any issue with scaling the product. Its scalability has not been an issue.

I have used Sophos in another company, but that was almost 10 years ago.

I was not a part of the installation team. When I arrived, it was already there.

Of late, because of the Broadcom purchase, its price has been increasing.

I would rate it a seven out of 10.

We employ the latest version. 

Our clients make general use of the solution for endpoint detection. They are interested in its EDR capabilities. 

There is no need to do an additional installation for the EDR, as the one belonging to Symantec is pretty much dependent on the endpoint agent, which is already deployed. This is my favorite feature, as it saves a person from the complexity involved in the deployment of additional EDR agents. 

The solution should offer more features, such as ones which are forensic and timeline. 

The tech support was very bad in the immediate aftermath of the merger, although it is now slightly better. The problem came down to the ownership of the case. Support was horrible when the Broadcom entered the picture, but they have done much work in this area and things are mostly better. 

It would be nice to see more granular timeline analysis. 

We have been using Symantec Endpoint Detection and Response for ten years. 

While the earlier version had many bugs, the current version is relatively quite stable.

The solution is easy to scale and its methods of deployment are totally up to the needs of one's organization, be them on-cloud, on-premises or hybrid. 

Just following the merger, the tech support was very bad, although it has since slightly improved. Ownership of the case was the real issue. At the time when the Broadcom came into the picture, the support was terrible, yet much work in this area has since been undertaken and things are, for the most part, better.   

The setup is quite easy. 

I do not deal with the pricing. As such, I cannot comment on it. 

The method of deployment varies with the client. 

Rather than handling the implementation on one's own, it is important to engage a good system integrator. Although a person's expertise may make the process seem straightforward, the experience a good system integrator brings to bear can benefit one beyond what is written in the documentation. Such a person can evaluate one's infrastructure and advise on the best approach. 

I rate Symantec Endpoint Detection and Response as a seven out of ten.