Symantec Endpoint Security Reviews

We haven't had problems with the product recently.

The solution does the job.

It seems to be user-friendly. Our users seem to like it for the most part. 

Every time an OS comes out, I have to upgrade the Symantec product. They don't know how to patch it. If they would produce a patch instead of uninstalling or installing over the current version and rebooting I'd be a lot happier with the product. 

As far as what it attacks and how good it is and its job I don't really care. It drives me nuts because every time I have to do a feature update it requires a new version of SAP. Then, I have to go through the silly process of putting it into the configuration manager, running tests and upgrading it, and making customers reboot their machines. It should make a pass and be done with it.

We've had Symantec for many years. It's likely been 10 plus years.

We haven't been too happy with technical support, We'd like them to be more helpful and responsive. 

We deploy the solution ourselves. 

I don't have any insights into the pricing or licensing aspects of the product.

We were looking at Microsoft Defender Antivirus due to the fact that we were looking at switching away from Symantec.

We're a customer and an end-user.

I'm a client guy, I'm not the security team that inspects the end product. My team deploys it and we have a configuration manager that makes sure it's deployed correctly. We have staging processes around Windows 10 and policies, et cetera, however, as far as inspecting it, that's not up to us. It's not our mandate. It's the security team that makes the decisions about the products we use. 

While our current version is on-prem, everything's going to the cloud. If we stay with it, maybe that is something we're looking at, however, we have a lot of different security products on our machine and we have applications that our customers use. Hopefully, they're going to decide to get something that combines the five or six other apps that we have that are doing various things beyond slowing our machine down.

I'm not sure if we are on the latest version of the solution. 

My main issue with the product is that I just can't stand the way they force you to upgrade the product instead of putting a simple patch on it.

I'd rate the solution at a seven out of ten.

We use the solution for our endpoint security. It's our compliance requirement to prevent virus attacks and ransomware attacks. However, it's unmanaged and not like a top competitor to CrowdStrike.

The solution's reporting could be improved. The solution could have better integration with other services.

I have been using Symantec Endpoint Security for one and a half years.

I rate the solution’s stability an eight out of ten.

More than 5,000 users were using the solution in our organization.

We were using the signature deployment, which is not easy.

Symantec Endpoint Security is an expensive solution.

Given the number of alerts and the variety of attacks we get, we will require AI capabilities for threat detection. Around six to seven members were involved with the solution's deployment and maintenance. I wouldn't recommend the solution to other users unless it is updated.

Overall, I rate the solution a five out of ten.

The solution's application control feature is very, very powerful. The solution will automatically check the host integrity and quarantine if something is not compliant.

Users mostly complain that the solution slows down the system whenever something is scanned. Sometimes, Symantec gets blocked with legitimate applications, and we add the application in the exceptions. Users always complain that agents, which are very heavy for the system, slow down the PC's performance.

I have been using Symantec Endpoint Security for seven years.

Around 1,300 to 1,400 users were using the solution in my previous organization.

I am happy with the solution's technical support team.

The solution’s initial setup is easy.

We started with a very old version and eventually upgraded to RU6. Since we had some Windows 7 clients in our organization, we couldn't upgrade to the next versions, RU7 and RU8, because Windows 7 support is not available in those versions. Meanwhile, we started working on upgrading some systems which have specific applications running on them.

My previous organization compared different products and decided to use Symantec Endpoint Security because it was very good back then. Symantec was the first one to highlight the 2021 cyber threat. Back then, not many people were familiar with the concept of EDR.

After comparing different products, we decided to go with Symantec Endpoint Security because our major concern was application control. We didn't want any user to come, use a USB to copy the data, and leave the organization. Since users don't give us time to upgrade the system, we put the host integrity. If a service pack is not installed on the system, the system will get quarantined.

Overall, I rate Symantec Endpoint Security an eight out of ten.

We use it for endpoint protection for desktops and server computers.

Some of the administrative features are very good. I like the way it allows you to automate things when you're using it with Active Directory. 

I like the additional features that come with it. The firewall feature and the encryption feature that they throw in are good as well. Another thing that I like about Symantec is that it runs on different platforms, not just on Windows.

Getting it up and running can be a bit overcomplicated. 

Symantec isn't good in terms of updating customers about updates. You'd normally have to search it out. Sometimes, the update process for the administration and management console can be a bit intimidating, and it can be quite inconvenient to get the updates. That's because when you have to do the update, you have to update the management console, and then you need to update the clients. Their application that's installed on desktops and servers needs to go hand in hand with the management console. Sometimes, it's a bit unwieldy to see that process through. 

The ransomware protection on Symantec doesn't match its competitors at the moment. Defender is doing a better job in terms of ransomware protection.

Their support can be improved. It's difficult to know who to call, and their online knowledge base is quite difficult to navigate.

I have been using this solution for about 14 years.

Its stability is excellent. It is very stable.

It is very scalable. This is one of the things I like about it.

Their support isn't always very easy. It is difficult to know who to call. 

The online knowledge base is quite difficult to navigate because they seem to have so many products, and there are so many different versions of all of those products. It is hard to find an article that relates to the problem you are trying to solve.

It could be a bit overcomplicated to get it up and running.

Its updates are also not easy. We only have a small team. Usually, wherever I've worked, the IT team is pretty small and you don't normally have an engineer who is dedicated to Symantec. They do various other jobs, and they look at the application infrequently. So, when a major task comes along, because of the complexity, it is sometimes quite difficult for them to achieve what they need to do. It takes them a little while to do it because they have to re-learn the application and find the correct article in the knowledge base for the right version. The instructions can sometimes be quite complicated.

I am not sure of the initial cost, but the yearly renewals are quite affordable, which is a good thing. The price seems to have come down in recent years, and with the alternatives that are out there, such as Microsoft Defender, it needs to maintain that affordability to make it attractive.

It seems to be a fairly robust antivirus tool. It doesn't catch all viruses and protect you from everything, but it seems to protect you from a good number of variations of viruses and malware. It doesn't catch all malware, but it does catch quite a lot. Microsoft Defender is better at detecting malware at the moment. Microsoft Defender is doing a really good job in terms of matching and probably even beating Symantec in terms of malware and ransomware protection.

A lot of people who are using Windows normally use Microsoft Defender, but I normally use Symantec on Windows Desktops. Symantec runs on different platforms. It is not just for Windows.

I would rate it a seven out of 10.

We use the solution in order to protect all the computers and servers that we are using on the premises to have some controls against some threats. We are using it as anti-malware protection on the Endpoint Security side, and for encryptions for the high-risk drives on the encryption side.

Symantec has similar functionality and characteristics compared to other solutions in the market. However, we found it was easier for us to upgrade Endpoint Encryption. The main characteristic and the main advantage that we saw was that it could handle all the settings through a central point.

The solution, especially in older versions, is quite stable.

The scalability is good.

We have many issues with the way that Symantec is a data entity in our active directory. 

We need to protect all personal devices such as mobile phones. We can't do it at the moment via this product. It is a very important aspect that is missing at this moment. If they could add mobile detection, that would be ideal. Currently, we are using a lot of mobiles as we work from our home. 

The support needs to be better. When we upgrade, we can run into issues, and it's hard to get the help we require.

Newer versions can be a bit less stable.

We've been using the solution for the last eight years, more or less.

The solution is mostly stable, however, when we need to upgrade, at this moment we need help due to the fact that we don't have good technical support locally. 

We have been using older versions, as they are stable versions for us and we don't know how to upgrade completely to the latest version. That is the issue that we have at this moment. We need to be trained, however, we don't have any access to training, especially from Symantec. For the last two years, and it is hard.

The scalability is pretty good. We can increase the number of computers managed by the solution, and we can increase the passes. We have been using these solutions for the last eight years due to the fact that we don't have any kind of problems. 

That said, when we tried to upgrade, when we got the newest features, the newest protections, we had a lot of problems as we don't have any Symantec specialists available for us to help us, to train us, and to give the appropriate support. That is the main issue that we have right now.

Technical support needs to be better. We don't have any specialists available for us. We are located in Latin America. We are located in El Salvador, in Central America. We don't have any specialists available for us in order to help us or to teach us how to solve our problems. We are looking online mostly at this point for some advice in blogs and forums. That's not what our expectations were when we signed up. We open tickets through the webpage and nobody happens. We are a little disappointed in that sense.

We have not moved to another security solution due to the pandemic, as we have been working irregularly. We have been closed for around one and a half years. Then we have been working some days in the office, some days from home. It has not been a good moment for us to change the solutions, however, we are thinking about it, not due to its scalability or stability, or even due to licensing. We have been talking about changing because of the lack of good technical support.

It's easy to set up all the devices that are managed by the active directory, however, many devices that we are using right now to work are not managed by the active directory. For example, cell phones or any other intelligent devices. We can't protect them through Symantec Endpoint Protection, Endpoint Security.

For laptops and desktops managed by the active directory, it's relatively easy to deploy. It's not a problem as we only set a policy when a laptop or server or desktop is added to the active directory so that it's transparent. It's added immediately to the Symantec console in a transparent way. 

The deployment is immediate. With the equipment managed by the active directory, it's five minutes or less.

We are a reseller.

We are using Symantec Endpoint Security and we're using Symantec Endpoint Encryption.

We have it implemented on-premises.

I'd advise other companies to consider the solution. It's necessary. If you have a good team of specialists around you, it's a good option.

The most important thing is to have someone to help you, especially if all of your users are working regularly from different places, with different issues, with different connections through your infrastructure. If you don't have the skills, or you don't have good advisers or good technicians to help you, you are lost. 

I'd rate the solution at a seven out of ten.

The use case for the solution was basically this: any computer or anything used for any sort of official business needed to have endpoint protection and needed to have some sort of antivirus protection. The thing was somewhat more than just an antivirus, it also included a firewall that operated in addition to the Windows or Mac firewall.

The university policy basically required that all endpoint devices used for official business have to meet certain requirements and one of them was to have an antivirus.

The solution probably caught some malware a certain percentage of the time and that helped the organization. By the time we abandoned it, it was actually less effective, at least on Windows 10 machines, than the built-in antivirus that you get with the Windows 10 Defender Antivirus. It became, in the end, sort-of a liability.

It also became a liability when the company was sold to Broadcom. The name is actually different now. I don't think it's called Symantec Endpoint Protection. It's called Broadcom Endpoint Protection. We had a very difficult time even getting in touch with the technical support from that company, especially after Symantec was sold. It wasn't a very robust solution.

The solution detects malware very well.

It wasn't a very good solution overall, which is why we ended up replacing it.

Most organizations are choosing a next-gen antivirus, one that's based on artificial intelligence. Symantec Endpoint Protection was one of those legacy products that have been around forever. Symantec was a spinoff from Norton. Norton Antivirus was one of the very first antiviruses to come out in the 1980s. Symantec was very highly rated at one point in its life. It never really caught on to the new trends and antivirus protection. And so it still relied on things like a database of virus signatures that would need to get downloaded and then files would be checked for those signatures.

Modern antiviruses don't do that. They're based on behavior. They're based on intelligence algorithms. They're honed by artificial intelligence and machine learning from data collected all over the world. And so for that reason, the next-gen antiviruses are much more efficient at detecting viruses. They also take up a lighter load on the computer.

Next-generation is behavior-based detection rather than signature-based detection. Symantec tried to be a hybrid between the two. It had a behavior-based component called SONAR, however, it was still mostly a signature-based software antivirus application. For that reason, you can never keep up with all the mutations and viruses, and you can't keep up with malicious behavior that isn't based on viruses. Things like downloaded PowerShell scripts, things that computers can do with the components that they already have without needing to put any virus on the computer. A lot of malicious attacks, government-backed attacks, don't use any kind of foreign software. They take advantage of vulnerabilities within existing operating systems like Microsoft Windows or the various versions of Linux or the Mac operating system. They don't need to put additional software on the computer to compromise them.

That, in a nutshell, is why we switched to a next-gen antivirus. Next-gen antiviruses have probably been around for about five or six years. Some of the old companies made the transition to them seamlessly. Symantec didn't. It remained wedded to the old technology and that made it, you could say, a has-been.

I've been using the solution for many years. It's probably been about ten years at this point, at least a decade.

The stability was not the best. There were times when antivirus updates broke it. It wasn't necessarily self-updating - at least, not in terms of the virus signatures. It updated in terms of the executable files. Therefore, when Windows updates would come out, they often couldn't be installed, or the computer would hang due to the fact that the updates weren't compatible with the antivirus. I give it pretty poor score for robustness.

It was scalable just due to the fact that had to be installed individually on individual computers. For the unmanaged workstations, it was as scalable as you wanted it to be. There was a new download and a new install on a new computer. There are no limits on that. I'm not sure, however, how true that is, as it wasn't within my area of responsibility. I'm not sure if the managed work points overloaded the servers that were meant to monitor them. I don't think that was the case. The scalability was probably pretty good there too. I never heard any complaints about it not being scalable.

We likely had between 10,000 and 20,000 users on it. The roles would include, since it's a university, students, faculty, staff, and researchers. That pretty much covered the type of people that work at a university.

We don't plan to increase usage as we've completely phased out the solution.

Once Symantec was sold to Broadcom, it became very difficult to reach out to technical support, and they just stopped being responsive. By the end, we were very unhappy with their level of support.

I've been at the organization for 21, 22 years. Originally, before we had Symantec, it was McAfee antivirus. We had that up until maybe about 2010 or so. Now, we are using CrowdStrike Falcon.

The initial setup was not complex. It was simple.

The deployment was always ongoing due to the fact that, as a university with something like 16,000 employees, computers were getting bought and repurposed all the time. The initial rollout was in fact not a managed version of the antivirus. It was just a standalone version that users could download from a website when they provided their credentials. After that, they would just double click on a downloaded file and run the installer and they'd have the antivirus.

However, it was completely unmonitored. The antivirus program on their computer was not sending its data anywhere. It couldn't be helped by anyone remotely to do its job of protecting the computer.

Therefore, almost all organizations now want to have a managed antivirus solution where there's software installed on the computer, but it communicates with the cloud, and IT administrators at the organization can control this behavior and learn from it.

In terms of the staff required to handle the deployment and maintenance, there was probably the equivalent of maybe two to three full-time staff that were dedicated to antivirus endpoint protection issues. 

We handled everything ourselves in-house. We didn't need the help of a consultant or integrator.

We pay on a yearly basis. However, I'm unsure of the exact amount.

We did evaluate a number of other vendors. We entertained some RFPs and we did testing on four other competing products. There was one other competitor that was close. The main factor that tilted us toward CrowdStrike is that they did make a last-minute significant cut in price to their offer. I think they reduced it by something like 30% or 40%.

CrowdStrike has been in the business longer and is a bigger company than the runner up as well. To us, that mattered. If there is winnowing out of competitors, if the market actually shrinks and there are a few big players in five years, we want to be sure that we're with one of the big players that are going to make it.

The solution is a kind of a mix between an on-premise managed server that managing some machines, and other machines just had an unmanaged client that was distributed to students. It's not actually a cloud, it's a server. It's an on-premises server. It's not a cloud-based server that is being used. The antiviruses report to the server and policies can be set on the server.

I'd advise users to be aware that there are better solutions out there than this. I've learned that technology can change and your solution may be great now, but in a few years, it may drop to the bottom of the barrel. That's what happened here.

I'd rate the solution one out of ten. In order to get any sort of higher rating, they would need to start it over again from scratch. Instead of trying to make a legacy product better, they should abandon it and invent a new product.

We use it to secure our endpoint, especially with employees working from home.

Our company provides amusement park guest hospitality. This solution helps us with our daily operations, managing the amount of traffic in the network coming from the Internet as well as application updates and passwords. 

It lets us control users and their actions when browsing.

Every month, we do an analysis. This allows our systems to be the most effective with all the changes that need to be done. It gives us a dashboard where we can view four or five key components, like malware protection, exploit protection, network intrusion, behavior analysis, and additions to the firewall. We also do daily, weekly, or monthly analyses based on events. This helps us have a clearer picture of our organization, what is wrong with a security event, and where you need to really focus to prioritize events. For example, if you have a network intrusion on the firewall, this gives a detailed view of your network where you can focus on the right solution, and prioritizing events.

We are using the solution to mitigate security breaches. We are constantly monitoring the endpoint interface dashboard. If there is a breach, it gets isolated. We see those on the report and event logs. We then apply the Application Control feature to take remedial actions.

If there is exposure, we need to investigate the source of the attack, e.g., whether it came from the network or externally. We view the firewall logs, and if there has been exposure, then we use the Application Isolation feature. When there is an attack with on-prem, that system will go into isolation mode, removing connectivity to other internal systems. We also restrict the WLAN part to avoid that system broadcasting to other networks.

It gives us a big picture of our response and remediation processes with one product, which is very good.

The detection and response are quite good. We have a few templated policies that we have created for our entire organization. We have added groups to ensure that if an attack or breach happens, then it can be isolated from our network.

We use Application Control, Application Isolation, Web Traffic Redirection (WTR), and Network Integrity. These ensure that traffic is flowing. 

The device can be outdated. More enhancement of network and discovery would help already great features.

The company has been using it for almost five years.

We haven't had any issues when updating it.

The scalability meets our company's requirements of on-prem and cloud. Therefore, I would rate its scalability as nine out of 10.

We have not yet used the Threat Hunter Team.

I would rate the technical support as nine out of 10. Most things are resolved within a day. Some things have taken a week because they needed to assess the system and what went wrong. Critical assessment of root causes takes about two to three days.

Positive

We have around four to five applications. For example, we are using Oracle Fusion Middleware and ERP in-house for our operations. 

We have also used Sophos, where it took a little time to put policies in place. It is quite complicated and not that user-friendly. We had a bad experience with them.

Symantec Endpoint Security is better because it has other features, like Application Control and Application Isolation, that can be utilized. It gives us complete control of the endpoint, so we can customize our workflow to control security.

We have used Symantec Professional Services for updates and helping to get services properly installed.

Protecting the company data is key. This solution gives a clearer picture of your endpoint, security, and network. These three things are very important for us, which is why using Symantec Endpoint Security is a win-win for us. 

Our detection and response times are very high. Whenever something happens, such as an attack, we are immediately prioritizing it via the dashboard. 

When we go for a product review, we normally do a PoC to understand how the application will scale our innovation before adding it into our pipeline. 

Other solutions have the detection and response feature.

We are currently doing an assessment for VPN parameters, making it more secure. We are checking out that enhancement right now.

We have not integrated our Active Directory (AD) with this solution. We are still evaluating this. Our AD is currently not centralized. Once it is centralized, we will connect it to Endpoint Security.

We do a PoC whenever a new feature is released. They provide training, which helps us to be on the same page.

I would rate them as 10 out of 10.

We used Symantec End-User Endpoint Security for a thin client for our servers and the full package for the user's systems.

Some of the most valuable features were antivirus, malware, and spyware. They were really good.

We had trouble with the advanced features, such as the firewall builder and all the network protection modules. We were having a lot of issues because it would sometimes block users or the printing, or it would create issues with the network access resources.

We were using the on-premise version of Symantec End-User Endpoint Security and one of the reasons to use the on-premise versions was to save the network traffic from the cloud. However, because we deployed the full package, the client's computers were really slow most of the time. End-user used to complain that their computers are running slow. It was not only the antivirus because the user had to run other applications as well, in parallel. As soon as we removed Symantec End-User Endpoint Security, the user did see a lot of improvement in their hardware performance, such as the CPU usage being lower and memory resources going down. 

The background scanning performance should be improved because it makes the computers run slow and we had the latest hardware, but it was still having issues. Their engine needs to be improved for the scanning.

I have been using Symantec End-User Endpoint Security for 10 years.

The solution is stable.

We had more than 10 users using this solution in my organization.

The installation is straightforward. The full deployment took approximately two weeks.

We did the implementation of Symantec End-User Endpoint Security ourselves.

We have one person that supports this solution.

We are phasing out the use of Symantec End-User Endpoint Security in my company and we only have a small number of systems using it at this time.

We plan to switch to Cisco Secure Endpoint.

I rate Symantec End-User Endpoint Security a seven out of ten.