Symantec Endpoint Security Reviews

We use Symantec Endpoint Security as an antivirus solution to protect our servers.

The product has valuable features for insights.

There could be definition updates installed and running for the product, similar to new EDR solutions that receive updates from the internet. We still have legacy concepts where clients have installed definitions themselves. It could be more effective. Additionally, the memory usage by the product could be reduced.

We have been using Symantec Endpoint Security for ten years.

I rate the platform’s stability an eight out of ten.

We have 13000 Symantec Endpoint Security users in our organization. I rate its scalability an eight out of ten.

The technical support team’s response time is slow.

The initial setup process is easy.

I rate the product's pricing a six out of ten.

I rate Symantec Endpoint Security a seven out of ten.

We use it for endpoint protection at the desktop level.

The antivirus and antimalware features are good. Reporting is also pretty good.

The platform itself can be improved as there's no way to track how infections get into the organization. You're just notified if there is an instance. Still, there's no way to actually determine a workflow of how it actually came in, how it was executed, and how it was distributed within the enterprise if indeed it did migrate or propagate through.

It would be really good if they had a proactive feature to isolate the node with the agent on the endpoint when it sees some type of erroneous behavior and knock it off the network. Then it can't probably get onto another node. You can usually do that with a policy setting.

It'll also help if they give us more of an explanation of what the malware tries to do once it's on the network. For example, if it's trying to call home to a specific IP or domain. We can use that information to beef up the firewall rules.

Case in point, we had an issue where we had a machine that was affected. It immediately tried to find other machines on that network segment with the same vulnerability to infect that particular node. There was no way to lock that node down immediately when you see something out of the ordinary.

I have been using Symantec Endpoint Protection for about 13 years.

Stability has been fair. There have been some issues with the CPU utilization on some of the endpoints. A little bit of a resource hog, but we've been able to work through it for the most part.

Symantec Endpoint Protection scaled very well. It's actually very easy to use.

The initial setup was very straightforward. It probably took an afternoon or maybe a day to install and deploy. 

I implemented Symantec Endpoint Protection by myself. 

We usually go on a per-seat basis, and it's usually yearly. The prices fluctuate, but this year I think it was maybe around $12,000. If you're looking at the on-prem costs for the virtual server and the licensing for the server, that would be the only extra cost.

Symantec Endpoint Protection is very straightforward to implement. The installation of the septum server on-prem is very straightforward, and you can push the radio to your endpoints almost instantly. 

On a scale from one to ten, I would give Symantec Endpoint Protection a six.

We used Symantec End-User Endpoint Security for a thin client for our servers and the full package for the user's systems.

Some of the most valuable features were antivirus, malware, and spyware. They were really good.

We had trouble with the advanced features, such as the firewall builder and all the network protection modules. We were having a lot of issues because it would sometimes block users or the printing, or it would create issues with the network access resources.

We were using the on-premise version of Symantec End-User Endpoint Security and one of the reasons to use the on-premise versions was to save the network traffic from the cloud. However, because we deployed the full package, the client's computers were really slow most of the time. End-user used to complain that their computers are running slow. It was not only the antivirus because the user had to run other applications as well, in parallel. As soon as we removed Symantec End-User Endpoint Security, the user did see a lot of improvement in their hardware performance, such as the CPU usage being lower and memory resources going down. 

The background scanning performance should be improved because it makes the computers run slow and we had the latest hardware, but it was still having issues. Their engine needs to be improved for the scanning.

I have been using Symantec End-User Endpoint Security for 10 years.

The solution is stable.

We had more than 10 users using this solution in my organization.

The installation is straightforward. The full deployment took approximately two weeks.

We did the implementation of Symantec End-User Endpoint Security ourselves.

We have one person that supports this solution.

We are phasing out the use of Symantec End-User Endpoint Security in my company and we only have a small number of systems using it at this time.

We plan to switch to Cisco Secure Endpoint.

I rate Symantec End-User Endpoint Security a seven out of ten.

Our primary use case of this product is endpoint security. We use it to secure our environment and endpoints—the basic purpose of antivirus products. 

This solution is deployed on-premises. 

One of the most valuable features is its antivirus database, which is current and updated daily. Another valuable feature is its capacity to be managed by a single server. The solution is managed by a secure server, so all the endpoints are managed from a central point. 

For me, Symantec has been working fine. I'm not dealing with security inside the company, I'm just in the network part, so I can't think of any suggestions for improvement. 

As for some features I would like to see, I'd like a retrospective action feature similar to Cisco Secure Endpoint's. Some antiviruses don't allow you to re-scan a product that was in the former scan—for example, if a file was classified as proper, but then for some reason the file was changed, we need an antivirus with retrospective capability. We need EPP and EDR products in a secured environment. 

We have been using this product for more than 10 years. 

This product is stable. We've been using it for 10 years, and I can say that it has been stable. 

Basically, once the product is installed on the server, there is no maintenance to do. Maybe there are some updates, moving from a lower to a higher version, but this is the main maintenance that people do. 

This product is easy to scale. Normally, such a product isn't easy to scale nor to manage, but this solution is user-friendly and isn't complicated to manage. In my company, this product is deployed on all the workstations—more than 1,700 PCs.

I'm not dealing with this product on the front line—it's managed by my colleagues on the security team—but I think Symantec's technical support is fine. If we ever have an issue, I think we raise a ticket to Symantec's support center, and they take care of us. 

Deploying Symantec is easy—when you install it, you click "next," "next," "next," and then you update the antivirus. When you start, it's already directly in production. For me, the initial setup was not a big deal. We deployed this solution internally. 

We implemented this solution through an in-house team. 

We are currently testing Cisco Secure Endpoint for endpoint protection, and we have been using it for one year. I prefer it because Cisco is one of the big network and security vendors, so when they sell a product, they're sure about the whole performance of the product. The product must have a good reputation because the brand itself says something. 

I rate Symantec End User Endpoint Security an eight out of ten, and would recommend it to others. 

We're a large company with half of our business in the UK and half throughout the rest of Europe. We deal with about 13 countries and I work from Serbia. Our business focuses on train and bus transport, and sometimes ferry services. We're using the solution to mitigate security risks. We were considering solutions for endpoint protection and decided to go with Symantec for our work stations and servers. It offers anti-malware plus a firewall and some other functionalities. I'm an IT manager. 

I like the antivirus and the local firewall that the solution provides. It's user friendly with a good dashboard. 

I'd like to see a full anti-ransomware solution because there are some anti-ransomware functionalities that would assist us if they were included in the solution. 

I've been using Symantec End-User Endpoint Security for about six years.

The solution is very stable. 

We're not a big business in Serbia but scalability is easy. We have around 160 workstations and about 130 users. 

We have a contract with the local Symantec partner in Serbia so we can speak to them in our language. The support is very good. 

The initial setup is rather simple. 

The license for this solution is purchased on an annual bases. The price could be cheaper but it's not too bad. We also pay for technical support which we get locally here in Serbia.

Symantec is not the only endpoint security solution that we actually have experience with but I would recommend it. I think it's one of the best solutions currently on the market.

I rate this solution an eight out of ten.

I am working as an endpoint security consultant. I'm not only working on Symantec. I also work with Kaspersky, McAfee, and all other vendors. I found Symantec is the best.

Symantec is top of all of the antivirus tools. I couldn't find any single incident that happened. Symantec was not the leader previously, McAfee and Kaspersky were. This is a new game.

In Symantec Endpoint Protection, the most valuable feature I like is the good performance.

With Symantec, I always know this tool will be reliable and with the latest protection.

The device control level and application control level should improve. I am finding a lot of issues when I block the devices, like a printer or scanner. 

In the classes of the devices for the application control, the most important issue is the hashing. Nowadays all the vendors, like Cisco firewalls, are detecting threats with the hashes. 

Symantec has this option that we can block them always by the hashes but the problem is that sometimes Symantec detects these hashes and is not consistent. These two parts should improve. The rest is always awesome. These two parts are very critical because I found a problem in application and device control.

Symantec Endpoint has a perfect agent. It's going to be how many agents you can combine in resources. In the new releases, if they create a single agent to improve the control incrementally, it would be better.

If you want to deploy ATP, you should have a separate event. You have to install separate events. With Symantec Endpoint Protection, any other protection should be installed, then configure the warnings. It does not ask for any new agent to install on the client machine. 

A single agent is enough. Symantec will get a lot of popular support from the industry because people don't like to install agents. For the ATP, you have to install separate events. For the Endpoint, you have to install separate events. If you install all the separate events, it is a huge load on a Windows machine. People start complaining.

If Symantec wants to improve, they should have a single event for all their products, like ATP, DLP, and Endpoint Protection.

I have been using Symantec since 2007. I didn't have any issues regarding even the updates and the migration to the new version. I didn't have any problems, but with the other vendors, I found a lot of problems.

On Windows, this is very fine and perfect, but for the Linux it needs improvement. Whenever I install it on Linux, I found a lot of problems. Even on the Mac as well. 

Kaspersky has Android support as well, but in Symantec, they still don't have support for Android. You should have Mac and Android device support too. 

The Endpoint solution should have support for all types of devices. Symantec has only Windows support (which is the very best), but for the Mac, I found some errors.

It should improve Mac and Android support like Windows device support. The protection of Windows level support is very tight and strong.

The technical support is also very good. Any time that I open a case with them, they have three types of support levels. If I put it on two, immediately they call me, or if nobody is online, there are the chat agents.

You can start and use the chat for support. The support is very good. But Kaspersky has 24-hour support. You cannot stop your business continuity. We can't tell the people they will come online later. Other than this case, Symantec is very good.

The initial setup is straightforward, not complex. For me, it's very easy.

In my personal experience, most people use Symantec. In my whole life, I couldn't find any problems with Symantec. In the ransomware protection, though, I found many issues. 

Many people were having infections but the virus sometimes was not detected. Even the Kaspersky software could not detect it, but if I install Symantec on any client I couldn't find the ransomware. The problem is Symantec is more expensive than other vendors. Kaspersky is in comparison very cheap.

If you are working in an organization and you have 10,000 users, if you compare Symantec with the other vendors you will find only a small difference in the price.

I always tell people if you have a budget, if you have money, if you need stability, go with Symantec. If you think that your data is sensitive, you can not worry about the money.

On a scale from one to ten, I would rate Symantec Endpoint Protection a nine.

I'm an IT consultant, so I implement Symantec Endpoint Protection for customers, from SMB up to large enterprises and federal government.

There are a number of features that all work synergistically to be able to provide the protection. Originally, anti-virus was based on definition. About 10 years ago, the bad guys figured out how to get past that. So what they've been doing for the past 10 years is adding in additional features to help mitigate any of these other attack vectors that the hackers or malicious people have. So it's just a working together of all these components that makes it special.

And then SEP itself fits into the Symantec ecosystem, and inter-operates with a number of other technologies to provide a comprehensive security portfolio.

I think the key thing for me, is interoperability, in that you can deploy it to Windows, Mac, and Linux. That's been a really important feature in the last two years. Now there's one management console to cover all three OSs.

There are two key aspects to how it has improved. One is the threats that it protects the organization from versus the amount of resource utilization; and two is that compatibility has increased.

They're just starting to get into this now, but I think they can do better - they're just starting out with I think is called the SEP Cloud Console. It has more limited functionality. It will be good once we can run SEP from the cloud. That would be good.

The big issues around stability were fixed back around 2010 or so. When the original SEP client was created, there were some challenges with the interoperability of the different components, because they took a number of different agents, put them into one agent, and then they broke things. With SEP 12 and forward, that all runs really well now.

From a scalability perspective, in Australia and New Zealand, where I'm using it, it can easily manage any workload that we've got. 

One of the challenges is people going the opposite way, that is, people trying to deploy Symantec Endpoint Protection - which is an enterprise level product - into a small business of a hundred users. It can introduce a lot of complexity that doesn't have to be there.

There are other solutions like SEP.cloud which can make it easier for small businesses to be able to use very similar technologies to Symantec Endpoint Protection.

Most times it's good, but there are instances where there are some challenges in that the people who you're working with don't know how to fix what you're doing. Then you have to ask for an escalation. Normally what I'll do is I'll work with my Symantec colleagues to help escalate any internal issues, where we see that things are getting bogged down in support.

From a Symantec technology perspective I'm very happy with it. However, the support can be wanting, for those reasons. Sometimes the time to resolution is longer than I would expect.

Based on the roles that I've had, I've been working as a Symantec consultant for 10 years, and so I've just been working with SEP. There are people who, as their consulting function would be an endpoint protection guy, would do McAfee, SEP, Trend, etc., whereas my strategy was different. I basically covered off all Symantec technologies. My intent was to be able to be specialized across the entire range of security technologies. I've only worked with SEP.

The initial setup is easy. That's one of the selling features, that you can roll it out in an hour. (They might say 15 minutes or something like that). But the initial rollout, setting up SEPM server, you can do in an hour. Then, the challenge is that you can make it as complex as you want after that. It's very, very capable, but it can get quite complex.

Symantec Endpoint Protection installation and Administration Guide is awesome. The documentation is good. They provide online training and you can also do instructor-led training. There should always be training available, or information available, to help you get where you have to go. That's one of the things I do like. 

I've been an instructor for Symantec for 10 years too, and I've taught the SEP course, and I think it covers off what you need to know.

From a simplicity perspective, it's per user. Therefore, it makes it easy to do licensing.

I'll be honest, I haven't really done licensing with Symantec for seven years. I just do professional services and we let our partners handle the licensing.

Back in the day, when I worked for a distributor, there were other products available, that were cheaper - this is more of a New Zealand example - but they didn't have the functionality. However, because of the small businesses we were working with, they were good enough. 

That is a challenge: having an enterprise product like SEP competing against a cheaper product like Sophos or ESET. The latter are cheaper, but you don't get quite the same scalability, functionality, etc.

Get competent consultants to do the implementation, because it can be complex. You have to have a consultant who is knowledgeable, to make sure they cover off all the bases, to make sure all the infrastructure is protected.

It saves time, in that a professional can get it done more quickly. And, it gets done correctly, so you don't have to do re-work. I've been in circumstances where the customers try to do the implementation themselves and then they bring us in after the fact, and we have to either redo what they've done or rebuild the infrastructure from scratch. That just doubles the cost of what it would have cost originally.

I would say this solution is a 10 out of 10. The big reason is the functionality. Personally, I've not had a breach or seen a breach. And it runs on the machine, and I can't even tell it's there.

We are a small enterprise. Our primary use case of Symantec End-User Endpoint Security is for malicious websites and malware attacks.

The solution is easy to use.

The product must be uploaded, keeping all the sites with threats and virus signatures. We have to deploy or push EXE files to the endpoints like Kaspersky.

I have been using Symantec End-User Endpoint Security for two years.

Symantec is stable.

This product is scalable.

Technical support is good.

The deployment was very easy.

Symantec End-User is not expensive.

Before choosing Symantec, I tried Apex One from Trend Micro. Symantec is better because it is more up to date with viruses and malware signatures. 

I would rate this solution a 7 out of 10. You have to follow the updates and monitor Symantec.