We performed a comparison between Elastic Security and Symantec Endpoint Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I can look at events from more than one source across multiple different locations and find patterns or anomalies. The machine learning capabilities are helpful, and I can create rules for notifications to be more proactive rather than responding after something has gone wrong."
"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
"The most valuable feature is the scalability. We are in Indonesia, more engineers understand Elastic Security here. So it is easier to scale and also develop. In features, the discovery to query all the logs is very important to us. It is very easy, especially with the query function and the feature to generate alerts and create tools. Sometimes we use the alert security dashboard to monitor our clients."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"The solution is quite stable. The performance has been good."
"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
"It's open-source and free to use."
"ELK is open-source, and it will give you the framework you need to build everything from scratch."
"It's good for large organizations. It's able to handle a lot of users."
"The solution is easy to use."
"The most amazing qualities of Symantec Endpoint Protection is that it provides a total solution to all virus problems."
"I have found the solution to be very scalable, we have 700 employees using the solution in our organization."
"Symantec is very user-friendly, the interface and functions are very simple for everyone to understand. Additionally, it's a very robust system."
"When they started they found it very easy; not easy to implement but easy to use. We started with the headquarters here and later we also implemented it for all the subsidiaries in the region, in other countries. They have a centralized solution, so they can help other countries in management."
"It's customizable, we're able to tune it to work with our products."
"All Symantec Endpoint Protection (SEP) features, such as anti-malware, zero-day attack protection, and IPS features, are valuable."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"The tool should improve its scalability."
"An area for improvement in Elastic Security is the pricing. It could be better. Right now, when you increase the volume of logs to be collected, the price also increases a lot."
"The solution does not have a UI and this is one of the reasons we are looking for another solution."
"In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts."
"This solution cannot do predictive maintenance, so we have to build our own modules for doing it."
"We set up a cron job to delete old logs so that we wouldn't hit a disk space issue. Such a feature should be available in the UI, where old logs can be deleted automatically. (Don’t know if this feature is already there)."
"The solution could also use better dashboards. They need to be more graphical, more matrix-like."
"After selling this product, what we have observed is that the system gets slower, which is a major issue."
"This latest version has proven unreliable for management and installation."
"They provide the updates of the client, and those clients need a reboot after the upgrade, which is something we don't like. We don't like to reboot the server after the upgrade because we have live applications. If we do a reboot, it can impact the business as well."
"Symantec isn't good in terms of updating customers about updates. You'd normally have to search it out. Sometimes, the update process for the administration and management console can be a bit intimidating, and it can be quite inconvenient to get the updates. That's because when you have to do the update, you have to update the management console, and then you need to update the clients. Their application that's installed on desktops and servers needs to go hand in hand with the management console. Sometimes, it's a bit unwieldy to see that process through."
"It's not cheap."
"This solution needs better compatibility with services and applications."
"The technical support could be a bit better."
"Future releases should ideally be cheaper."
Elastic Security is ranked 5th in Log Management with 58 reviews while Symantec Endpoint Security is ranked 5th in Endpoint Protection Platform (EPP) with 139 reviews. Elastic Security is rated 7.6, while Symantec Endpoint Security is rated 7.6. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Symantec Endpoint Security writes "The solution has given us visibility into compliance within our whole system and helped us ensure everything is updated". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Symantec Endpoint Security is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Cortex XDR by Palo Alto Networks, Trend Micro Deep Security and Kaspersky Endpoint Security for Business. See our Elastic Security vs. Symantec Endpoint Security report.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.