This solution has been installed within a LAN/WAN topology, with slightly more than 300 clients, give or take.
Network Server Analyst at Everport Terminal Services
Console makes it easy to manage and administer protection of our network
Pros and Cons
- "The firewall, malware, and anti-virus protection have earned its keep in times past by catching the unexpected."
- "Managements' number one item on the "Wish List" would have to do with the real-time scan of external media inserted into any client."
What is our primary use case?
How has it helped my organization?
The firewall, malware, and anti-virus protection have earned its keep in times past by catching the unexpected. At the same time, illustrating in real-time the status of managed clients within the array.
What is most valuable?
The Server Console is a very helpful tool for managing and administrating.
What needs improvement?
Managements' number one item on the "Wish List" would have to do with the real-time scan of external media inserted into any client.
A secondary concern is software compatibility with other important networked tools: WSUS, Desktop Central, etc, without a large number of exception rules.
Buyer's Guide
Symantec Endpoint Security
November 2024
Learn what your peers think about Symantec Endpoint Security. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,053 professionals have used our research since 2012.
For how long have I used the solution?
We have been using Symantec Endpoint Protection for roughly three years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Enterprise Architect Manager at Accenture
Good standard malware detection via classic defs and newer heuristic controls
What is our primary use case?
Standard use case: firewall, malware, app/device control, reporting of compliance, etc. We use other features too.
How has it helped my organization?
A secure stable product, and good customer service of this product from the vendor. Waiting to see how the cloud version pans out.
What is most valuable?
- Application/device control. Wish encryption detection was integrated though.
- Good standard malware detection via classic defs and newer heuristic controls.
What needs improvement?
- Device encryption status and coding off of said status.
- Better inherent checks against duplicate IDs.
For how long have I used the solution?
More than five years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Symantec Endpoint Security
November 2024
Learn what your peers think about Symantec Endpoint Security. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,053 professionals have used our research since 2012.
Principal Consultant - Security at Insentra
You can deploy it to Windows, Mac, and Linux with one console to cover all three
Pros and Cons
- "I think the key thing for me, is interoperability, in that you can deploy it to Windows, Mac, and Linux. That's been a really important feature in the last two years. Now there's one management console to cover all three OSs."
- "They're just starting to get into this now, but I think they can do better - they're just starting out with I think is called the SEP Cloud Console. It has more limited functionality. It will be good once we can run SEP from the cloud. That would be good."
- "The support can be wanting. Sometimes the time to resolution is longer than I would expect."
What is our primary use case?
I'm an IT consultant, so I implement Symantec Endpoint Protection for customers, from SMB up to large enterprises and federal government.
What is most valuable?
There are a number of features that all work synergistically to be able to provide the protection. Originally, anti-virus was based on definition. About 10 years ago, the bad guys figured out how to get past that. So what they've been doing for the past 10 years is adding in additional features to help mitigate any of these other attack vectors that the hackers or malicious people have. So it's just a working together of all these components that makes it special.
And then SEP itself fits into the Symantec ecosystem, and inter-operates with a number of other technologies to provide a comprehensive security portfolio.
I think the key thing for me, is interoperability, in that you can deploy it to Windows, Mac, and Linux. That's been a really important feature in the last two years. Now there's one management console to cover all three OSs.
There are two key aspects to how it has improved. One is the threats that it protects the organization from versus the amount of resource utilization; and two is that compatibility has increased.
What needs improvement?
They're just starting to get into this now, but I think they can do better - they're just starting out with I think is called the SEP Cloud Console. It has more limited functionality. It will be good once we can run SEP from the cloud. That would be good.
For how long have I used the solution?
More than five years.
What do I think about the stability of the solution?
The big issues around stability were fixed back around 2010 or so. When the original SEP client was created, there were some challenges with the interoperability of the different components, because they took a number of different agents, put them into one agent, and then they broke things. With SEP 12 and forward, that all runs really well now.
What do I think about the scalability of the solution?
From a scalability perspective, in Australia and New Zealand, where I'm using it, it can easily manage any workload that we've got.
One of the challenges is people going the opposite way, that is, people trying to deploy Symantec Endpoint Protection - which is an enterprise level product - into a small business of a hundred users. It can introduce a lot of complexity that doesn't have to be there.
There are other solutions like SEP.cloud which can make it easier for small businesses to be able to use very similar technologies to Symantec Endpoint Protection.
How are customer service and technical support?
Most times it's good, but there are instances where there are some challenges in that the people who you're working with don't know how to fix what you're doing. Then you have to ask for an escalation. Normally what I'll do is I'll work with my Symantec colleagues to help escalate any internal issues, where we see that things are getting bogged down in support.
From a Symantec technology perspective I'm very happy with it. However, the support can be wanting, for those reasons. Sometimes the time to resolution is longer than I would expect.
Which solution did I use previously and why did I switch?
Based on the roles that I've had, I've been working as a Symantec consultant for 10 years, and so I've just been working with SEP. There are people who, as their consulting function would be an endpoint protection guy, would do McAfee, SEP, Trend, etc., whereas my strategy was different. I basically covered off all Symantec technologies. My intent was to be able to be specialized across the entire range of security technologies. I've only worked with SEP.
How was the initial setup?
The initial setup is easy. That's one of the selling features, that you can roll it out in an hour. (They might say 15 minutes or something like that). But the initial rollout, setting up SEPM server, you can do in an hour. Then, the challenge is that you can make it as complex as you want after that. It's very, very capable, but it can get quite complex.
Symantec Endpoint Protection installation and Administration Guide is awesome. The documentation is good. They provide online training and you can also do instructor-led training. There should always be training available, or information available, to help you get where you have to go. That's one of the things I do like.
I've been an instructor for Symantec for 10 years too, and I've taught the SEP course, and I think it covers off what you need to know.
What's my experience with pricing, setup cost, and licensing?
From a simplicity perspective, it's per user. Therefore, it makes it easy to do licensing.
I'll be honest, I haven't really done licensing with Symantec for seven years. I just do professional services and we let our partners handle the licensing.
Which other solutions did I evaluate?
Back in the day, when I worked for a distributor, there were other products available, that were cheaper - this is more of a New Zealand example - but they didn't have the functionality. However, because of the small businesses we were working with, they were good enough.
That is a challenge: having an enterprise product like SEP competing against a cheaper product like Sophos or ESET. The latter are cheaper, but you don't get quite the same scalability, functionality, etc.
What other advice do I have?
Get competent consultants to do the implementation, because it can be complex. You have to have a consultant who is knowledgeable, to make sure they cover off all the bases, to make sure all the infrastructure is protected.
It saves time, in that a professional can get it done more quickly. And, it gets done correctly, so you don't have to do re-work. I've been in circumstances where the customers try to do the implementation themselves and then they bring us in after the fact, and we have to either redo what they've done or rebuild the infrastructure from scratch. That just doubles the cost of what it would have cost originally.
I would say this solution is a 10 out of 10. The big reason is the functionality. Personally, I've not had a breach or seen a breach. And it runs on the machine, and I can't even tell it's there.
Disclosure: My company has a business relationship with this vendor other than being a customer: Former Symantec consultant.
Industrial Automation Analyst at a mining and metals company with 1,001-5,000 employees
Highly scalable and virus signatures are frequently updated
Pros and Cons
- "One of the features is the ability to frequently get virus signature updates."
- "The solution could improve by having a better graphical interface."
What is our primary use case?
We use this solution for threat protection in our automation control systems.
What is most valuable?
One of the features is the ability to frequently get virus signature updates.
What needs improvement?
The solution could improve by having a better graphical interface.
For how long have I used the solution?
We have been using this solution within the past 12 months.
What do I think about the scalability of the solution?
The solution is scalable, we have approximately 1400 systems using this solution.
How are customer service and technical support?
The solution was bought by Broadcom and since the change, the support has not been good.
What other advice do I have?
I rate Symantec End-User Endpoint Security an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Fast, easy to set up, and scalable
Pros and Cons
- "The initial setup is very simple and straightforward."
- "They need to develop a multi-language interface."
What is our primary use case?
We primarily use the solution as active protection for our endpoints. We also use it for its upgrade frequency.
What is most valuable?
The solution runs very quickly.
The solution is stable.
It's quite a scalable product.
The initial setup is very simple and straightforward.
What needs improvement?
The localization could be better. It could be more friendly for local users.
It's a solution that's only in English. It makes it difficult if you, for example, speak a different language. If that's the case, and you don't understand English well, you might struggle to understand aspects of the product. They need to develop a multi-language interface.
For how long have I used the solution?
I've been dealing with the solution for about five years at this point. It's been a while.
What do I think about the stability of the solution?
The solution is stable. There are no bugs or glitches. It doesn't crash or freeze. The performance is reliable.
What do I think about the scalability of the solution?
We've found the scalability to be good. If we need to expand it, we can do so.
We have one customer who currently uses the product.
How was the initial setup?
The initial setup is not difficult or complex. It's quite straightforward and fairly simple to implement.
I cannot recall, however, exactly how long the deployment process took.
You only need one engineer to handle the deployment and maintenance aspects. You do not need a large team.
What about the implementation team?
We are integrators. We are able to handle implementations for our clients.
What's my experience with pricing, setup cost, and licensing?
I cannot speak to the exact licensing costs. We recommend the solution to our clients, however, they buy the license from the vendor directly.
What other advice do I have?
We are Symantec integrators.
I'd rate the solution at an eight out of ten. So far, we've been pleased with its capabilities for the most part.
I'd recommend the solution to other users and companies. We already recommend it to our clients.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
Accounting Assistant with 1,001-5,000 employees
Secures the desktops and laptops at our university
Pros and Cons
- "The most amazing qualities of Symantec Endpoint Protection is that it provides a total solution to all virus problems."
- "It is only available to use on computers with higher-end specs."
What is our primary use case?
I have used various types of anti-virus software but I have fallen in love Symantec Endpoint Protection as it eliminated all the problems I used to have.
At the University of Zimbabwe, it is now the only antivirus that is used by both students and staff after careful consideration by the University IT department. It provides end-to-end protection for computers and laptops.
How has it helped my organization?
- Ever since we started using the app, we no longer have problem computers being constantly frozen-up because of viruses.
- We had spent a long time fighting the Shortcut virus that was spreading around the campus but it was eliminated after we started using this solution.
What is most valuable?
The most amazing qualities of Symantec Endpoint Protection is that it provides a total solution to all virus problems. I am an accounts person but ever since I started using this software I no longer have any problems with viruses.
What needs improvement?
It is only available to use on computers with higher-end specs.
I think the software should be compatible with all versions of all computers, even earlier models. This would allow all clients to be included, which is important for those who cannot afford to buy the latest computers.
For how long have I used the solution?
I have been using this solution for three years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Chief Executive Officer at a tech services company with 1-10 employees
Scanning and reporting are good, but the initial setup was complex
Pros and Cons
- "The solution is very stable."
- "The reporting function needs to be more user friendly in general."
What is our primary use case?
I primarily use the solution for endpoint protection.
How has it helped my organization?
This product provides complete laptop and desktop protection from cyber attacks.
What is most valuable?
The features I've found the most valuable are the scanning and the reporting.
What needs improvement?
The reporting function definitely has room for improvement. If Symantec can provide us with the overall API for accessing and reporting, that would be great. The reporting function needs to be more user-friendly in general. I think we have too much technical level reporting, I think it would be better to have more user and usage types of reporting.
I would like to see in the next release focus more on unusual behavior so that we can know how the end results are behaving and if they are in the clear.
They should also provide users with some sort of training videos, for how to use the solution.
For how long have I used the solution?
I've been using the solution for one year.
What do I think about the stability of the solution?
The solution is very stable. The majority of the users are end users. Other than that we have IT staff that use it, so we have approximately three thousand users.
What do I think about the scalability of the solution?
The scalability is good.
How are customer service and technical support?
I'd rate technical support as average.
Which solution did I use previously and why did I switch?
Previously we used Trend Micro. The features were not as good as Symantec, so we switched.
How was the initial setup?
The initial setup was complex. There are too many moving parts. You have to install one bit, then install the reporting function, then install the dashboard, and so on. Then you have to open the manual and check it. If it is not correct the system will restart itself and cause so many complications, every part is pretty complex.
What about the implementation team?
We did not use an integrator, we did it ourselves.
What other advice do I have?
I would rate this solution four and a half out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
Engineer at a healthcare company with 10,001+ employees
Symantec Endpoint Protection and VDI
A few months ago we started getting storage latency alarms coming from vCenter. This would happen every day around 6am, and as we scaled our production environment this became worse and worse. I think the record latency was 19,000ms (no joke…. 19 seconds of storage latency). Now one would immediately think, “Well that’s what you get for using scheduled scanning”…. Hold your horses partner, this has nothing to do with scanning.
We soon learned that SEPM was pushing virus definition updates to our linked clones all at the same time. Obviously, the disk could not keep up with the demand. Many could argue that we should be looking at vShield with TrendMicro. However, when you’re part of an organization with 70,000+ endpoints (non-VDI), changing your antivirus vendor is not a decision you should take lightly. We took the position of, “Hey, Symantec is an industry leader in endpoint protection, they ‘have’ to have a solution!”.
They are “getting there”… Last March, they officially announced that Symantec Endpoint Protection adds vShield Integration & Increases Security Effectiveness. However, this does nothing for your environment in regards to virus definition updates. As a matter of fact, as far as I can tell, the only thing this version does is offload your active scanning from the VM. What about organizations that do not use active scanning, rather use real-time scanning?
If you’re rolling out VDI and you’re seeing extra storage demand due to definition updates, here’s a solution that I believe works well.
- On your parent image, clean off the client identifiers by running ClientSideClonePrep.exe
- Exclude your base image from scanning by executing “vietool.exe c: –generate”
- In conjunction with running vietool.exe, you need to have the “Enable Virtual Image Exception for Auto-Protect” and “Enable Virtual Image Exception for Administrator-Defined Scans” enabled on the SEPM server (see image 1).
- You should consider placing your linked clones into a different collection on the SEPM console and change the randomization interval. An interval that seems to work well in VDI is 12 hours (see image 2). This setting of course is something that you need to adjust for your environment. Smaller environments may be able to get away with six hours. I personally think that it’s best to be safe and keep this setting at 12 hours.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Symantec Endpoint Security Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Endpoint Protection Platform (EPP)Popular Comparisons
CrowdStrike Falcon
Microsoft Defender for Endpoint
Cisco Secure Endpoint
SentinelOne Singularity Complete
Fortinet FortiClient
Cortex XDR by Palo Alto Networks
Intercept X Endpoint
Trend Vision One Endpoint Security
Trellix Endpoint Security
Kaspersky Endpoint Security for Business
ESET Endpoint Protection Platform
Check Point Harmony Endpoint
VMware Carbon Black Endpoint
Buyer's Guide
Download our free Symantec Endpoint Security Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Symantec Endpoint vs. McAfee Complete Endpoint Protection: Technical Comparison Between Data Loss Protection Solutions
- Sophos Intercept X or Symantec End-User Endpoint Security - which is the better solution?
- What is the biggest difference between ESET Endpoint Security and Symantec Endpoint Protection?
- Which is better - Cortex XDR or Symantec End-User Endpoint Security?
- Which offers better endpoint security - Symantec or Microsoft Defender?
- What are the pros and cons of Bitdefender GravityZone Ultra vs Symantec End-User Endpoint Security?
- Have you been experiencing any pain points with Symantec recently?
- What is the biggest difference between EPP and EDR products?
- Can Cylance be used with Symantec or Kaspersky endpoint solutions without conflict?
- When evaluating Endpoint Security, what aspect do you think is the most important to look for?