Try our new research platform with insights from 80,000+ expert users
Country Director at SOCITECH S.A.
Reseller
Addresses almost all of the security challenges for endpoint messaging
Pros and Cons
  • "When they started they found it very easy; not easy to implement but easy to use. We started with the headquarters here and later we also implemented it for all the subsidiaries in the region, in other countries. They have a centralized solution, so they can help other countries in management."
  • "There are a few negative points. They should separate the feature for each separate solution for mobile devices. The second one is about the price, it's expensive. Finally, the third would be the complexity of implementation."

What is our primary use case?

We are a solution provider for end customers like Telco, banks, etc. We are also a Symantec partner and reseller. Not only do we use it but we also position this solution for customers.

We have a telecom company that was using Kaspersky and they still had some vulnerabilities and attacks and we discussed with them and succeeded in presenting this solution. The one we proposed was Symantec Protection Suite, SPS Enterprise Edition, for about more 1,100 endpoints, exactly 1,100 users. We also implemented the mailer for Symantec Messaging Gateway for spam protection. Until now they used the solution and they are very satisfied with it. We started with SEP 12.1 but later they upgraded to SEP 14.

How has it helped my organization?

We had a bank that we were working with and they had a challenge in which they needed to protect against vulnerability. They had previously used Kaspersky, we discussed and told them that Symantec is capable and is able to address their specific challenges. We gave them a trial version. When they started they found it very easy; not easy to implement but easy to use. We started with the headquarters here and later we also implemented it for all the subsidiaries in the region, in other countries. They have a centralized solution, so they can help other countries in management. 

What is most valuable?

We had to position Symantec in big companies like Telco and several banks. With this solution, you also get the Protection Suite, endpoint protection, SEP, and you also have the Mail Security and Messaging Gateway. It's really integrative and our customers find it very valuable. It addresses almost all of the challenges on security for endpoint messaging. Symantec is going to be used much more because of its features.

What needs improvement?

The mobility solution should be improved. You need to separately purchase mobile, like a smartphone with Android and so on, you need to buy it separately with SAP, for example. It would be better for the user to use the same solution with all devices, even laptops, desktops, server and so on. They should also use the same endpoints for mobile devices. 

There are a few negative points. They should separate the feature for each separate solution for mobile devices. The second one is about the price, it's expensive. Finally, the third would be the complexity of implementation.

Buyer's Guide
Symantec Endpoint Security
October 2024
Learn what your peers think about Symantec Endpoint Security. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

It is very stable. Even the customers don't really complain compared to other solutions. 

What do I think about the scalability of the solution?

It is very scalable.  

How are customer service and support?

Their technical support is reactive. When you have an issue, you just log a service request and you can find an engineer to help you. I would rate their technical support a nine out of ten. We're very confident that whenever we have an issue we can find the solution. It also depends on the support you choose. We have 24-hour support.

Which solution did I use previously and why did I switch?

We also use McAfee because of the scalability. It had the issue that it consumed too many resources and for vulnerabilities, sometimes there are some direct varieties you cannot delete.

How was the initial setup?

The initial setup is a little bit complex. You need to have a certain level of training before being able to set up it. What is nice is that you can remotely install the set up on all of the infrastructures from the server, the SAPM, that is the Symantec Endpoint Protection Manager, you can manage all the endpoints but it's not really easy to set up or to configure the policies. Sometimes customers find it a little bit difficult to implement for the configuration because you need some knowledge to implement the feature.

The setup depends on the issues of the network. The bottom line is if the network is really mastered, the policies on the network are really mastered in around three to four days for the new companies.

We only need one person who is well trained to manage and support this solution. 

Which other solutions did I evaluate?

It's not planned yet to switch to another product but we can potentially implement Cisco as we are also a Cisco partner and we find it sometime interesting when requested by the customer. But we push and we recommend Symantec.

What other advice do I have?

This solution is very effective. It can really address the challenges but you need to have training in order to be able to effectively implement it. If you don't fully know how to implement it you can't use the features very usefully.

I would rate it a nine out of ten because of its ability to address challenges and because of the completeness of the solution.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
PeerSpot user
Director at Tandon Electronics
Reseller
Top 20
You can manage the antivirus definitions, upgrades, remote scanning, etc., from one console
Pros and Cons
  • "The best thing about Symantec is its ability to control our endpoints from a single point. You can manage the antivirus definitions, upgrades, remote scanning, etc., from one console."
  • "If a machine is infected by ransomware, it's hard to recover the data. We don't have any data on the client, so we're not overly concerned about that. Still, it would be nice to have this feature if there are any future problems."

What is our primary use case?

Our client uses Endpoint Security at a school for antivirus protection. For example, if someone plugs in a USB on a classroom computer, Endpoint Security protects the network from infection. We have around 35 classrooms and eight teachers per class, so that's about 280 people.

The school does not use Endpoint Security to its full potential. The use case is basic. For example, it isn't being used to block stealth techniques. Sophos Firewall handles those kinds of attacks. Active Directory isn't used in the classroom, so the ability to block an AD takeover isn't being used. 

We haven't eliminated any other security solutions by adopting Endpoint Security, but we are trying to consolidate our solutions by installing a new FortiGate firewall and client licenses of FortiClient.

How has it helped my organization?

Endpoint Security provides the school with fundamental protection against viruses and other malware. It only covers traditional endpoints, not mobile devices, but we've never had any outbreaks. 

What is most valuable?

The best thing about Symantec is its ability to control our endpoints from a single point. You can manage the antivirus definitions, upgrades, remote scanning, etc., from one console. 

What needs improvement?

In four years, we had no reason to switch solutions, but lately, we've found that Symantec is slowing down the machines. They are looking to change solutions. I would like to stop the Endpoint Security Client's scan when the device boots. It slows the machine a lot. The scan should only run when the machine is idle. The scan often happens when the machine is at its peak load. 

I would also like Symantec to add ransomware protection. If a machine is infected by ransomware, it's hard to recover the data. We don't have any data on the client, so we're not overly concerned about that. Still, it would be nice to have this feature if there are any future problems. 

For how long have I used the solution?

My client has been using Endpoint Security for two or three years.

What do I think about the stability of the solution?

Endpoint Security is stable. 

What do I think about the scalability of the solution?

Endpoint Security is a scalable tool. 

How are customer service and support?

I rate Symantec support a nine out of ten. I only had to contact them once in ten years, and the support was excellent. They solved the problem in ten minutes.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We're looking at other solutions. We mainly want something that doesn't experience performance degradation during scans or updates. 

How was the initial setup?

I started to work with this client two years after implementation. I have been managing the solution for a year and a half. I provide them with renewals and updates when necessary. It doesn't require much maintenance. I didn't have to visit the premises this year.

What's my experience with pricing, setup cost, and licensing?

The price of Symantec is on the higher end. They face some competition from a company called Quick Heal, which is much cheaper than Endpoint Security. They offer three years of protection at just 900 rupees.

What other advice do I have?

I rate Symantec Endpoint Security an eight out of ten. My first piece of advice is not to deploy Endpoint Security on traditional machines because it'll slow it down. India is a price-sensitive market. Many companies won't pay attention to the speed of a hard drive. They'll only look at the size. They would rather go for a 500 GB hard drive, even if it is not required, rather than a 256 GB SSD. 

If you want to deploy something over and above your operating system's capabilities, you need to have a powerful machine to handle that. Performance is mainly an issue on devices using traditional drives. The performance doesn't deteriorate by more than two percent on an SSD drive, whereas it is more than 15 to 20 percent on an average drive.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
Buyer's Guide
Symantec Endpoint Security
October 2024
Learn what your peers think about Symantec Endpoint Security. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
Senior IT Security Officer at Lion International Bank
Real User
Lightweight, requires little maintenance, and scans for malware proactively
Pros and Cons
  • "The application and device control functionality is good. We are able to see which applications are installed using the product management dashboard."
  • "It would be helpful if this product provided patch management functionality."

What is our primary use case?

My primary use case is malware protection. I also use it for device control, application control, and more. We are a financial institution.

How has it helped my organization?

The stability of this product has improved the way our organization functions. There is little maintenance, and it doesn't take long to install or uninstall. Once it is configured correctly, there is little chance of it failing.

This means that we have more of our technical staff available to work on other problems that occur.

What is most valuable?

The most valuable feature is the proactive malware scanning capability.

When you are performing simple tasks, it is not as demanding on resources as compared to other security products. This is an aspect that I like.

The application and device control functionality is good. We are able to see which applications are installed using the product management dashboard. This gives us the ability to monitor workstations, including which applications they have in which tabs.

There are extensions available, such as the Browser extension, to deal with specific types of attacks. This helps to protect against hackers. I have tested it with samples and it protects the system well.

The interface is simple to use.

What needs improvement?

One issue that comes to mind is that there is no way of specifying categories that the firewall should block. It is able to block specific URLs but other solutions, such as Kaspersky, allow you to block access by specifying a category.

It would be helpful if this product provided patch management functionality.

Compared to Kaspersky, the reporting features are not rich. Overall, the reporting capability needs to be improved.

For how long have I used the solution?

I have been working with Symantec Endpoint Security for between 12 and 18 months.

What do I think about the stability of the solution?

This is a very stable product. It is the feature that I like most about the product because when we were using other ones, we had failures. With this solution, there is no frequent failure of the components.

For example, in other products that we've used, the virus definitions didn't update and systems were compromised because of it.

What do I think about the scalability of the solution?

We have approximately 3,000 users that are protected by this solution. We add branches and more computers weekly, and we don't have problems doing so.

We were able to easily integrate with Active Directory using the Symantec Manager, so I would say it's very scalable.

As we add more branches, our usage of the product will continue to increase.

How are customer service and support?

We have not been in direct contact with Symantec technical support.

The training and documentation that they provide are helpful. There is a good amount of documentation that helped to provide us with a complete picture of the product. It's nice, neat, and easy to understand.

Which solution did I use previously and why did I switch?

Prior to Symantec, we used a solution by Kaspersky.

We use other anti-virus products and this one is less resource intensive and more stable than the others. It is also simpler to use.

Symantec Web Security Service (WSS) has some good features that I wish were in this product. Unfortunately, it is another subscription.

How was the initial setup?

It does not take long to install this solution.

Unfortunately, the order that we followed was not recommended. We just deployed and then obtained subscriptions after that. This is not a recommended approach for deployment. However, we have a good partner and a good support team.

Due to our limited bandwidth, we had to install manually rather than use the web-based deployment. This meant that it took us longer because we had to visit each of the physical workstations. In total, it took approximately two months to deploy.

What about the implementation team?

We deployed the solution ourselves. There were seven or eight people io the team and different staff members were given different duties. All of them are system administrators.

We have three people that handle the maintenance. They monitor the dashboard for possible compromises, and our specialists have to use the device protection and application controls.

There are also tasks related to reporting issues that arise during monitoring, including those concerning possible attacks or infections. One of the managers in our IT staff is responsible for updating the definitions that we get from Symantec.

There was an incident where we had problems with a password and we had difficulty recovering it. We contacted our local partner and I think they contacted Symantec. After that, we recovered the password. That was the only maintenance-related problem that we had.

What's my experience with pricing, setup cost, and licensing?

The pricing was one of the factors that led us to choose this product.

That said, I was not the decision maker. I simply proposed it to our manager.

Which other solutions did I evaluate?

When our subscription to Kaspersky ended, we were tasked with comparing features between different solutions. The three options we considered were Symantec, Kaspersky, and Sophos.

One of the things that we liked about Symantec is the low resource utilization. I am not the person who completed the analysis but I know that the fact it is lightweight was one factor.

We liked the functionality that Sophos provided but the deployment scenario functionality was not useful for the workstations in our environment. It involved deploying the dashboard to workstations in the cloud, which is not our preferred approach.

Kaspersky has richer reporting capabilities. This is an area that could be enhanced in our Symantec solution.

What other advice do I have?

We deployed the product one and a half years ago, and we received training to configure and maintain it. It was recommended that we complete our training in terms of policies, which is something that we also did. Once that was finished, we experienced the stability and good features that the product provides.

This is a product that I have recommended for use in another company. I have been told that after they adopted it, they were pleased with the fact it consumes fewer resources than their previous solutions. They manage it from the cloud.

Currently, I am referring another company to this product and my understanding is that they're going to implement it.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Manager Network Design at MEEZA, Managed IT Services Provider
Real User
Top 5Leaderboard
Centralized management, product intelligence and is very easy to deploy
Pros and Cons
  • "Symantec have everything – documentation, videos, data sheets."
  • "When it was directly with Symantec, the technical support was perfect. After Broadcom acquired Symantec, the level of technical support dropped."

What is our primary use case?

The use case is end-user laptop protection.

How has it helped my organization?

Customers can use it to protect endpoints, both laptops on the network and off the network. This is the beauty of the tool. Symantec installs an agent on the laptop itself, ensuring protection even when users are offline.

Moreover, the threat detection capabilities of Symantec have evolved to meet emerging security challenges. Symantec has a huge database of threat intelligence solutions. We receive very regular updates. It seems like they're very consistent. This means once an event happens somewhere (from the web or dark web), it's included immediately in its threat intelligence, and every other user will benefit from this update.

What is most valuable?

It has centralized management, product intelligence, is very easy to deploy, regularly updated with the latest virus and threat definitions, and has very good technical support.

Symantec have everything – documentation, videos, data sheets. That should be on the list of positive things.

What needs improvement?

Symantec could improve the learning resources to make the initial deployment smoother. It could become more popular with training because the initial deployment requires some experience. Sometimes, we don't find the necessary experience. They need to make their model more popular.

For how long have I used the solution?

We provide it as a service. For more than five years now, since 2019.

What do I think about the stability of the solution?

Overall, I would rate the stability a ten out of ten. It remains stable once deployed. We never touch the setup again. 

What do I think about the scalability of the solution?

It is very scalable. We once deployed it for a client of 5,000 end users. 

How are customer service and support?

When it was directly with Symantec, the technical support was perfect. After Broadcom acquired Symantec, the level of technical support dropped. It wasn't the same as before.

It could be more responsive. They should go back to having responsive and highly knowledgeable teams. They were almost like that, but after the Broadcom acquisition, there were noticeable changes.

How was the initial setup?

It's very straightforward because it uses centralized management. You don't need a very complex infrastructure.

Depending on the environment, it takes us at least five days and, at most, fifteen days.  

It can be deployed both on cloud and on-premises. 

What was our ROI?

The ROI is very good. Once deployed, you don't need a lot of skilled administrators to manage it. It's alert-based, so if you don't have an alert, you don't need to do anything. You don't need someone monitoring the screen 24/7.

What's my experience with pricing, setup cost, and licensing?

The licensing is okay.  Symantec has a very granular licensing model, so you only buy what you need.

It's similar to other competitors. I don't see them as being higher or lower than others in terms of pricing.

Which other solutions did I evaluate?

There are other options, but we haven't fully evaluated them due to our large deployment. We have more than 5,000 users, so we would need a very good reason to change.

What other advice do I have?

First, define your use cases perfectly. Symantec is a license-based product, and if you don't know exactly what your requirements are, you might purchase unnecessary licenses.

Overall, I would rate the solution a nine out of ten. 

Symantec adds a huge security layer to the company. We can protect any endpoint, on or off the network. If someone's working from a coffee shop, for example, they're still protected. It is a huge feature. This reduces risk and improves the company's security posture.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
PeerSpot user
Senior Desktop Engineer
Real User
Secures PCs and mobile devices, and alerts you when a site is not trusted or blocked
Pros and Cons
  • "The mobile application is valuable. You are able to see the reports of intrusions and the like on mobile devices. That is one of the coolest aspects."
  • "We communicate with our local partners and they give us the license key. Then, we have to go to the portal and apply it, but sometimes it doesn't work. We then have to create a new administrative account and migrate all our endpoints. That is the only major issue we have been battling with."

What is our primary use case?

I'm an admin in an IT consulting company and we have different companies that use Symantec Endpoint Security Enterprise.

How has it helped my organization?

Symantec provides a lot of security for the end user. For example, if I'm going to a website that is not trusted, Symantec will alert me that it's not trusted or it will even block it. It's endpoint security that always gives you alerts about the dos and don'ts before you even get into danger. Some antiviruses will only alert you once you are in danger. With Symantec, you get the alert before you even click on or visit a dangerous site. The detection processes are very good and they have a good notification process to tell you if whatever you are opening or working on is not good for the PC.

I have the solution on my phone and that makes it quite secure. It blocks all ads and malware. Before Symantec, I used to get a lot of ads, especially if I was doing research on the internet. Since I started using Symantec on my phone, it has blocked all of them. And it is connected to my main account on the PC, so it gives me a combined report on whatever I'm doing and whichever sites I've visited.

For us, as an MSP, Symantec is the best for breach prevention. We have been using it for almost two years now and we haven't had any major attacks or ransomware. We are always protected. Previously, before we got to Symantec, one of our clients was attacked by ransomware, but since we deployed Symantec on all our users' endpoints, we haven't had any issues.

In the long run, it has made the security side of our company more solid. Now, we don't battle with viruses and malware. It has helped with our company's growth. Symantec has given us a great sense of assurance and protection. We know that all the devices and endpoints are well secured and that there won't be any major attacks or any damage to them.

What is most valuable?

The mobile application is valuable. You are able to see the reports of intrusions and the like on mobile devices. That is one of the coolest aspects.

Also, they recently upgraded the solution to provide a graphical interface that gives you an overview of the detections and whatever has been blocked. It gives you a pie chart with a breakdown of whoever is trying to access things.

In addition, it's always running and it doesn't consume a lot of memory, which would slow a PC down.

For how long have I used the solution?

I have been using Symantec for almost two years. I do the admin part of it for Windows and mobile phones, including installations and reports.

What do I think about the stability of the solution?

It's very reliable. It's very steady and doesn't give us issues.

What do I think about the scalability of the solution?

The scalability is also 100 percent. Its ability to grow with the organization is positive. It's something that our company wants to use in the long term.

How are customer service and support?

We have used their technical support a few times because we have had challenges with licensing issues. 

You have to go to the support site and log a ticket. They will assign it to an agent and then the agent will call and assist you with the issue. They have always been helpful whenever we have contacted them.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We were using Trend Micro. We switched to Symantec because the intrusion level is very low and the alerting system is very good. Symantec gives you an alert whenever you are doing something that is not right. You don't even need a techie to tell you not to do this or that.

How was the initial setup?

The setup is very easy, especially when done by email. You just add the end-users information on Symantec and they get an invite via email. Once they get the link they click on it. That downloads the installation file and installs it for them. Our IT team of four people work on it together.

We get the key from a local partner and we apply it on our portal. From there we push the installation files to the users and install them. Then we do the reporting system.

In terms of maintenance, it's mostly cloud-based. Updates are done automatically.

What about the implementation team?

We do it ourselves.

What was our ROI?

We have seen ROI. It has saved us a lot of money.

What's my experience with pricing, setup cost, and licensing?

The pricing is good, very moderate, and the licensing is also good. It gives you more room to install a lot of endpoints and it even gives you the opportunity to install it on your mobile phone without any extra cost.

The one issue we have is that whenever we buy a license, it takes us to a new tenant. We communicate with our local partners and they give us the license key. Then, we have to go to the portal and apply it, but sometimes it doesn't work. We then have to create a new administrative account and migrate all our endpoints. That is the only major issue we have been battling with. Apart from that, it's fine.

Which other solutions did I evaluate?

We already had our eyes set on Symantec because it was something that some of our clients had been using.

I always tell my colleagues in the IT space that Symantec is one of the best antivirus solutions that we have used. Most of our clients, before we approach them, use different solutions so we do a test. We put a virus on their PC to see if their antivirus is able to detect it, and we find that it does not detect that there is a virus or an intrusion on the device. Once we install Symantec, it blocks everything and immediately detects that there is malware or an intrusion on the PC that needs attention.

Symantec is the best when it comes to other antiviruses and endpoint solutions in the global market.

What other advice do I have?

Symantec Endpoint Protection is something I would recommend. It's one of the best.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Security Consultant at InfySec
Real User
Remediates infected file, isolates endpoint, and communicates between endpoint and SOC, all automatically
Pros and Cons
  • "There is no other endpoint solution that will help you in preventing lateral-movement attacks on Active Directory. And Active Directory is one of the more critical assets within an organization."
  • "In a few cases, when we enable the IPS/IDS feature, there are performance-related issues on the end devices. If we run quite a few features of Symantec, especially the IPS/IDF, it consumes a lot of processing and memory capacity."

What is our primary use case?

In one of our client's environments, they need securing of their Active Directory. The solution is the only product with a separate feature to secure Active Directory as part of Symantec Endpoint Security Complete. The client was also looking for an automated endpoint detection solution. That's why we went ahead with it.

How has it helped my organization?

The very comprehensive machine learning platform has been very helpful and we have been able to prevent most attacks and detect and respond to those threats within minutes.

The reaction time for any incident has been reduced drastically. When there is an incident, the EDR engine is based on AI/ML behavioral analytics. It takes direct action and remediates the infected file, isolating the endpoint, and establishing communication between the endpoint and Symantec's threat-hunting SOC. It submits the file automatically, meaning that no manual intervention is required. If there is an attack on a weekend, we can completely rely on Symantec, rather than needing someone to manually upload these things.

Most of our incidents, no matter what has occurred, are automatically addressed. This has reduced our efforts and the time we spend on incidents. That has a direct impact on our business operations. It has improved the efficiency of our operations.

The major benefit of having Symantec's API is that you get access to all the methodologies and mechanisms, and it's accessed in a single dashboard. That makes it a one-stop solution, where you can have everything integrated. It also helps us in orchestrating and correlating our security incidents.

An added benefit is that if you have it integrated with your ticketing system, tickets will also be triggered. You get an SMS alert or an email notification, but that's a secondary thing.

The solution has helped organizations enhance their security posture considerably. We haven't faced any breaches so far, meaning we have been protected adequately. We actively perform quality assessments, penetration testing, and we do forensic analysis. In addition, we have third-party SIEM software monitoring all our assets on a day-to-day basis and they haven't identified any anomalies. That means that Symantec is protecting us well, and we have implemented it and been running it for the last three-plus years for multiple clients.

What is most valuable?

The most valuable features include the

  • Active Directory security
  • application controls
  • endpoint detection and response.

Whenever there is an issue with respect to Active Directory, Symantec identifies the issues and tries to create a signature to mimic the Active Directory-related attacks in their backend labs. They obfuscate the request going to Active Directory. Even though there may be an issue with patches still not being updated by Microsoft, we have compensating control to prevent those kinds of attacks from happening. Once Microsoft releases patches, we immediately implement them. But until then, Symantec will prevent Active Directory compromises.

And, in some cases, the architecture itself is an important feature because Symantec is one of the very few endpoint services that provides an on-premises management system. Currently, most antivirus and protection providers operate entirely from the cloud. That's a differentiating factor with Symantec. This is very critical in an instance where you should not have access to the internet, or you wanted to have it on-premises. In those situations, Symantec is the go-to product.

In addition, for threat hunting, the API is integrated so that we get real-time updates. The threat-hunting is excellent. They're one of the largest civilian cyber intelligence networks. Symantec was an early starter with respect to threat hunting. They have a global SIEM and a global threat-hunting team. They have custom, built-in tools, and their own threat-hunting intelligence mechanism. We completely depend on Symantec's threat-hunting methodology. We have no complaints so far, and it has been an excellent experience working with their threat-hunting team.

Most incidents come through machine learning. In one or two cases we might need the experts, but most of our issues are known. They have a very good AI/ML engine. Based on the signature or the anomaly, when something is detected, the object that is compromised is isolated and we get an immediate response. A link is then initiated between the infected device and Symantec's threat-hunting team.

Symantec is one of a very limited number of products that supports the entire gamut of devices. It is not only Windows devices that it covers but also mobile devices, Mac, Android, iOS, et cetera.

What needs improvement?

In a few cases, when we enable the IPS/IDS feature, there are performance-related issues on the end devices. If we run quite a few features of Symantec, especially the IPS/IDF, it consumes a lot of processing and memory capacity. We would like to enable all the features, but doing so should not have a direct impact on the performance of the system. If they can come up with an agent that consumes less memory, that would be a great enhancement.

Also, Symantec is not being promoted from a marketing standpoint. I don't see any promotions for it. There are no road shows, marketing efforts, training, or anything organized by Symantec these days, at least in my region. The product is good, but if you're not marketing it people think "Okay, we haven't gotten any updates about the product." We need to have more road shows and promotions, and we need to have people trained in the technical aspects to gain market share.

For how long have I used the solution?

I have been using Symantec Endpoint Security for about four years.

What do I think about the stability of the solution?

We don't have any issues with respect to its performance, in general. I rate the stability at nine out of 10.

What do I think about the scalability of the solution?

It is on the cloud so scaling up is not that difficult. I would rate it a 10 out of 10. It's been helping us for the last three years. We have definitely been growing and Symantec has grown along with us.

How are customer service and support?

Because the threat hunting is done by AI/ML, we have only had to reach out to support when there is an issue. If we write them an email, we get responses promptly.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We are actively using other solutions aside from Symantec because we cater to different clients. We have used CrowdStrike, Sophos, and Palo Alto XDR to name a few.

How was the initial setup?

We have multiple architectures in place. A few of our clients use it on the cloud and a few have a hybrid with on-prem. The cloud-based setup is very straightforward. Once we create the account, it doesn't take more than 30  to 45 minutes for us to get the setup done.

The steps involved for a cloud instance are that an account is created, the agent is downloaded, and you probably have to push the agent to different systems. That can be done via different means and depends on the number of client machines. We can push it via SCCM or other modules or can push it manually from the central drive by having end-users download it. The process is seamless and we have been able to install Symantec on at least 150 machines within three hours. We had three resources deploying the agents on those machines in parallel.

We do regular preventive maintenance as part of our managed services, but with the cloud instance, we have never had any issues. It is on autopilot. What we do is that we regularly check for threats and whether the threats have been quarantined. We download the daily and weekly reports. The maintenance is done by one person.

What was our ROI?

We have definitely seen a return on investment. In our clients' environments, we haven't faced any downtime because of ransomware or malware attacks. That itself is a good 30 percent return on investment.

And when it comes to employees' time for detecting and responding to threats it has saved them about 50 percent. They never spend days off or weekends working. There is no need to have anyone attend to this set of problems. If the system is up and we have EDR running, it takes care of everything, from isolating the devices to quarantining the file and uploading the file back to the Symantec backend SOC. Everything is automated and it's seamless.

What's my experience with pricing, setup cost, and licensing?

The pricing is pretty much at the market standard. I don't see any issues with it. It depends on case to case. Symantec is not that cheap and it's not that expensive compared to CrowdStrike. I would put them in the "middle block."

Which other solutions did I evaluate?

When compared to other solutions, I would give Symantec Endpoint Protection 4.5 out of five. It has interesting features, starting with Active Directory Security. There is no other endpoint solution that will help you in preventing lateral-movement attacks on Active Directory. And Active Directory is one of the more critical assets within an organization. Nine out of 10 organizations use Active Directory, and it is so often a targeted asset. Symantec is the only product that has Active Directory security.

Also, it enables us to have a hybrid architecture in which we can have Symantec Endpoint Security on-prem and integrated with the cloud. We can also have the API integrated into our SIEM and SOAR.

We have been using other endpoint security products as well. The advantage of Symantec is that you don't need a separate product to protect your assets such as Linux or Android. It's equivalent to Intune where we can have a single dashboard and have all devices onboarded. 

On top of that, with Symantec, we have application control and DLP to a certain extent. It means we don't have to have multiple products running in the ecosystem. It acts as a consolidated solution with multiple features and functionalities. This reduces the costs and resources that you would need to manage different products. When you have different products, it leads to cumbersome processes and it is very complex to manage infrastructure. Having Symantec on the cloud makes endpoint protection seamless. We can download the agent, run it, and we are up and running within 30 minutes.

What other advice do I have?

I would recommend it, but you should do a PoC. Every use case is different, so I would definitely recommend seeing whether it blocks legitimate traffic or a legitimate application or process.

There is a famous saying that only 40 percent of organizations know they are being hacked. The other 60 percent are not aware that they are being compromised. A product like Symantec would certainly enhance the security posture of an organization. It gives senior management pretty decent confidence they have a robust and scalable product with a purpose. We are approaching mitigating 99 to 99.5 percent of attacks from happening. Having said that, other threat-hunting and endpoint detection and response platforms will enhance the overall security posture and drastically bring down the risk level of the ecosystem.

Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
PeerSpot user
Arvind Tiwari - PeerSpot reviewer
Deputy General Manager at CMS
Real User
Helpful for preventing global threats, easy to deploy, and reliable
Pros and Cons
  • "All Symantec Endpoint Protection (SEP) features, such as anti-malware, zero-day attack protection, and IPS features, are valuable."
  • "It should support the next-generation IPS. Currently, it supports only IPS."

What is our primary use case?

It is used for detecting and blocking web attacks. 

How has it helped my organization?

It has helped me in providing authentication mechanisms, restricting devices, and blocking global threats. There is about 10% to 15% improvement.

What is most valuable?

All Symantec Endpoint Protection (SEP) features, such as anti-malware, zero-day attack protection, and IPS features, are valuable.

What needs improvement?

Zero-day threat and device management or device control can be better. The patch implementation or patch management can also be better because sometimes, they are issuing or deploying patches in old versions.

It should support the next-generation IPS. Currently, it supports only IPS.

For how long have I used the solution?

I have been using this solution since 2010.

What do I think about the stability of the solution?

We haven't had any issues with SEP. We have been using it for quite a long time, and it has been stable. It is reliable. We are getting upgrade patches. 

We are also using other Symantec solutions, such as Blue Coat, and we have had issues with them but not with SEP.

What do I think about the scalability of the solution?

It can be scaled up with EDR and XDR extensions. We have deployed it at multiple locations, and we have plans to increase its usage.

How are customer service and support?

Their technical support is fine. I didn't find any issues with that. I would rate them a nine out of ten.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I used to use Trend Micro Quick Scan. I switched because we were getting some attacks, and Trend Micro was not able to detect them.

How was the initial setup?

It was straightforward. We had around 500 systems, and it took about a week. About three to four people were involved in its deployment. Their roles were engineer, team lead, and admin.

What about the implementation team?

We had a consultant from Symantec for its implementation. In terms of maintenance, it doesn’t require that much maintenance, but it requires patch updates on a regular basis. I take care of its maintenance.

What's my experience with pricing, setup cost, and licensing?

The pricing is as per the environment. If all the features are there, there will be a cost for them. There were no additional costs for me. Support and other things were included in the pricing.

Which other solutions did I evaluate?

We did a PoC of McAfee, Trend Micro, and other solutions in our environment. Symantec was better. So, we went for it.

What other advice do I have?

I would advise using all of its features, such as IPS. These features are very good. I'm using a lot of solutions from Symantec. I am using SEP, and I am also using Blue Coat devices. They provided us with the entire solution design.

I would rate Symantec Endpoint Security a nine out of ten. It is a nice product.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Project Manager at Dreams Technology
Real User
Top 20
A stable solution that can be used for endpoint protection, antivirus, firewall, and policy creation
Pros and Cons
  • "The most valuable features of Symantec Endpoint Security are endpoint protection, antivirus, firewall, and policy creation."
  • "The one thing I don't like about Symantec Endpoint Security is the amount of resources it uses."

What is most valuable?

Symantec Endpoint Security is a comprehensive solution that provides all the packages in one product. The most valuable features of Symantec Endpoint Security are endpoint protection, antivirus, firewall, and policy creation.

What needs improvement?

The one thing I don't like about Symantec Endpoint Security is the amount of resources it uses.

For how long have I used the solution?

I have been using Symantec Endpoint Security for ten years.

What do I think about the stability of the solution?

I rate Symantec Endpoint Security an eight out of ten for stability.

What do I think about the scalability of the solution?

More than 500 users are using this solution in our organization.

I rate Symantec Endpoint Security an eight out of ten for scalability.

How was the initial setup?

I rate Symantec Endpoint Security seven to eight out of ten for the ease of its initial setup.

What about the implementation team?

We implemented the solution through an in-house team. Two to three people can deploy Symantec Endpoint Security in a couple of minutes.

What was our ROI?

We have seen a return on investment with Symantec Endpoint Security.

What's my experience with pricing, setup cost, and licensing?

Symantec Endpoint Security is a moderately priced solution. On a scale from one to ten, where one is cheap, and ten is expensive, I rate the solution's pricing a five out of ten.

What other advice do I have?

I am working with the latest version of Symantec Endpoint Security. One person is enough for the solution’s maintenance.

Overall, I rate Symantec Endpoint Security an eight out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Symantec Endpoint Security Report and get advice and tips from experienced pros sharing their opinions.
Updated: October 2024
Buyer's Guide
Download our free Symantec Endpoint Security Report and get advice and tips from experienced pros sharing their opinions.