Symantec Endpoint Security Reviews

The primary reason we use the solution is to protect the device and to be sure there isn't any kind of malware. The device is protected from any kind of malware is the basic level of the solution. We use the control applications to blacklist applications that we don't need to use, and that we have blocked on the Microsoft group policy. We use the antivirus to do the same thing. That way, if the final user tries to install any non-approved software, the antivirus removes or blocks the application.

The protection against any kind of malware is the most important feature of this product. It really helps to keep the operations system clean.

The product has been quite stable.

We've found the scalability to be very good.

Today, it's just a question of understanding the update package of the operating system as the antivirus software in and of itself is not enough.

This is due to the fact that if I have not updated Windows, I have a huge breach of security. The idea for us, from our point of view, is that the antivirus needs to understand how if Windows is safe. If the operating system is safe, the antiviral has less work to do. From a security point of view, both of them need to work together. It's not just the task of the antivirus to keep all the computers safe. The operating system needs to be updated too.

The operating system and the antivirus need to communicate better with each other and exchange information so that I know everything is secure. It needs to be more clear when things aren't aligned and need to be repaired, in order to avoid the risk of a security breach.

The technical support could be a bit better.

We've been using the solution for just about a year or so. I'm quite new to the company. That said, it's my understanding that the company has been using the solution for about six years or so.

The stability is very good. It's reliable. It doesn't crash or freeze. There are no bugs or glitches. It's quite good.

We have no problem with scalability so far. We are a growing team and company and so far it's been growing with us. It scales well. 

As of today, we have around 4,000 users, however, we are still growing.

Technical support is a bit of an issue. In Brazil, when we need technical support we use a partner. Every time that we contact Symantec, it will take a long time to get the answer. The primary contact is the partner who implements the software here. It's a local company from Brazil that handles all the support information and services for us. We just needed to make contact with Symantec one time however, the answer was so long that the partner got the answer to us first and therefore we really stopped trying to directly reach out.

We don't have too much trouble with deploying the solution. 

We have a policy software that controls all the policies and deploys with the software. I really don't know too much beyond that, however, as we have a security team that handled the installation, deployment, and maintenance. I haven't heard anything negative, however, which makes me assume everything is very straightforward.

We pay a yearly licensing fee. The fee was paid last year, however, I don't have access to the exact costs. It may have been renewed before I started working with the company.

Today, we are looking at Kaspersky. We want to see if it can handle dealing with Windows updates in a better way than Symantec. They have some interesting features that take a pretty deep look inside the Windows system in order to protect it. We feel the antivirus needs to go farther into the Windows system and down to the endpoints themselves and really take a look around in order to effectively protect it from attacks. We're currently searching for more information to see how Kaspersky stacks up.

The pricing is also quite different between the two solutions and this may affect our decision as well.

We're just a customer and end-user.

I'm finding that, in Brazil, Symantec's services need to be closer to the customer and the antivirus itself is not enough for an IT department to keep the company safe. It can't just protect user data. It needs to go further and protect all of the company's devices and software. 

I can have the best antivirus software, however, we find that if our Windows disk is not updated or has a security branch, something can attack the security branch in the Windows and sometimes it's a virus software. That's why Windows needs to work more closely with this product - or any antivirus.

In general, I would rate the solution at an eight out of ten.

Symantec Endpoint Security's function is to protect our assets.

The most valuable feature of Symantec Endpoint Security is the protection of our systems.

Symantec Endpoint Security can improve management because it is difficult to do. It is not a straightforward tool to use. Additionally, the dashboards and reports could be better. It is difficult to understand what exactly is your current status.

I have been using Symantec Endpoint Security for approximately one year.

Symantec Endpoint Security is stable.

The scalability of Symantec Endpoint Security is good, and easy to do.

We have approximately 10,000 users using this solution.

The support from Symantec Endpoint Security is very good.

The initial setup of Symantec Endpoint Security is complex. However, not as complicated as other solutions, Symantec VIP.

I rate the initial setup of Symantec Endpoint Security a three out of five.

The most important aspect of a security solution is having good reports, to help understand what's going on. This is one of the main points that a security team should have. Good visibility from the reports and an easy understanding of what's going on.

I rate Symantec Endpoint Security a seven out of ten.

The use case for the solution was basically this: any computer or anything used for any sort of official business needed to have endpoint protection and needed to have some sort of antivirus protection. The thing was somewhat more than just an antivirus, it also included a firewall that operated in addition to the Windows or Mac firewall.

The university policy basically required that all endpoint devices used for official business have to meet certain requirements and one of them was to have an antivirus.

The solution probably caught some malware a certain percentage of the time and that helped the organization. By the time we abandoned it, it was actually less effective, at least on Windows 10 machines, than the built-in antivirus that you get with the Windows 10 Defender Antivirus. It became, in the end, sort-of a liability.

It also became a liability when the company was sold to Broadcom. The name is actually different now. I don't think it's called Symantec Endpoint Protection. It's called Broadcom Endpoint Protection. We had a very difficult time even getting in touch with the technical support from that company, especially after Symantec was sold. It wasn't a very robust solution.

The solution detects malware very well.

It wasn't a very good solution overall, which is why we ended up replacing it.

Most organizations are choosing a next-gen antivirus, one that's based on artificial intelligence. Symantec Endpoint Protection was one of those legacy products that have been around forever. Symantec was a spinoff from Norton. Norton Antivirus was one of the very first antiviruses to come out in the 1980s. Symantec was very highly rated at one point in its life. It never really caught on to the new trends and antivirus protection. And so it still relied on things like a database of virus signatures that would need to get downloaded and then files would be checked for those signatures.

Modern antiviruses don't do that. They're based on behavior. They're based on intelligence algorithms. They're honed by artificial intelligence and machine learning from data collected all over the world. And so for that reason, the next-gen antiviruses are much more efficient at detecting viruses. They also take up a lighter load on the computer.

Next-generation is behavior-based detection rather than signature-based detection. Symantec tried to be a hybrid between the two. It had a behavior-based component called SONAR, however, it was still mostly a signature-based software antivirus application. For that reason, you can never keep up with all the mutations and viruses, and you can't keep up with malicious behavior that isn't based on viruses. Things like downloaded PowerShell scripts, things that computers can do with the components that they already have without needing to put any virus on the computer. A lot of malicious attacks, government-backed attacks, don't use any kind of foreign software. They take advantage of vulnerabilities within existing operating systems like Microsoft Windows or the various versions of Linux or the Mac operating system. They don't need to put additional software on the computer to compromise them.

That, in a nutshell, is why we switched to a next-gen antivirus. Next-gen antiviruses have probably been around for about five or six years. Some of the old companies made the transition to them seamlessly. Symantec didn't. It remained wedded to the old technology and that made it, you could say, a has-been.

I've been using the solution for many years. It's probably been about ten years at this point, at least a decade.

The stability was not the best. There were times when antivirus updates broke it. It wasn't necessarily self-updating - at least, not in terms of the virus signatures. It updated in terms of the executable files. Therefore, when Windows updates would come out, they often couldn't be installed, or the computer would hang due to the fact that the updates weren't compatible with the antivirus. I give it pretty poor score for robustness.

It was scalable just due to the fact that had to be installed individually on individual computers. For the unmanaged workstations, it was as scalable as you wanted it to be. There was a new download and a new install on a new computer. There are no limits on that. I'm not sure, however, how true that is, as it wasn't within my area of responsibility. I'm not sure if the managed work points overloaded the servers that were meant to monitor them. I don't think that was the case. The scalability was probably pretty good there too. I never heard any complaints about it not being scalable.

We likely had between 10,000 and 20,000 users on it. The roles would include, since it's a university, students, faculty, staff, and researchers. That pretty much covered the type of people that work at a university.

We don't plan to increase usage as we've completely phased out the solution.

Once Symantec was sold to Broadcom, it became very difficult to reach out to technical support, and they just stopped being responsive. By the end, we were very unhappy with their level of support.

I've been at the organization for 21, 22 years. Originally, before we had Symantec, it was McAfee antivirus. We had that up until maybe about 2010 or so. Now, we are using CrowdStrike Falcon.

The initial setup was not complex. It was simple.

The deployment was always ongoing due to the fact that, as a university with something like 16,000 employees, computers were getting bought and repurposed all the time. The initial rollout was in fact not a managed version of the antivirus. It was just a standalone version that users could download from a website when they provided their credentials. After that, they would just double click on a downloaded file and run the installer and they'd have the antivirus.

However, it was completely unmonitored. The antivirus program on their computer was not sending its data anywhere. It couldn't be helped by anyone remotely to do its job of protecting the computer.

Therefore, almost all organizations now want to have a managed antivirus solution where there's software installed on the computer, but it communicates with the cloud, and IT administrators at the organization can control this behavior and learn from it.

In terms of the staff required to handle the deployment and maintenance, there was probably the equivalent of maybe two to three full-time staff that were dedicated to antivirus endpoint protection issues. 

We handled everything ourselves in-house. We didn't need the help of a consultant or integrator.

We pay on a yearly basis. However, I'm unsure of the exact amount.

We did evaluate a number of other vendors. We entertained some RFPs and we did testing on four other competing products. There was one other competitor that was close. The main factor that tilted us toward CrowdStrike is that they did make a last-minute significant cut in price to their offer. I think they reduced it by something like 30% or 40%.

CrowdStrike has been in the business longer and is a bigger company than the runner up as well. To us, that mattered. If there is winnowing out of competitors, if the market actually shrinks and there are a few big players in five years, we want to be sure that we're with one of the big players that are going to make it.

The solution is a kind of a mix between an on-premise managed server that managing some machines, and other machines just had an unmanaged client that was distributed to students. It's not actually a cloud, it's a server. It's an on-premises server. It's not a cloud-based server that is being used. The antiviruses report to the server and policies can be set on the server.

I'd advise users to be aware that there are better solutions out there than this. I've learned that technology can change and your solution may be great now, but in a few years, it may drop to the bottom of the barrel. That's what happened here.

I'd rate the solution one out of ten. In order to get any sort of higher rating, they would need to start it over again from scratch. Instead of trying to make a legacy product better, they should abandon it and invent a new product.

We're a large company with half of our business in the UK and half throughout the rest of Europe. We deal with about 13 countries and I work from Serbia. Our business focuses on train and bus transport, and sometimes ferry services. We're using the solution to mitigate security risks. We were considering solutions for endpoint protection and decided to go with Symantec for our work stations and servers. It offers anti-malware plus a firewall and some other functionalities. I'm an IT manager. 

I like the antivirus and the local firewall that the solution provides. It's user friendly with a good dashboard. 

I'd like to see a full anti-ransomware solution because there are some anti-ransomware functionalities that would assist us if they were included in the solution. 

I've been using Symantec End-User Endpoint Security for about six years.

The solution is very stable. 

We're not a big business in Serbia but scalability is easy. We have around 160 workstations and about 130 users. 

We have a contract with the local Symantec partner in Serbia so we can speak to them in our language. The support is very good. 

The initial setup is rather simple. 

The license for this solution is purchased on an annual bases. The price could be cheaper but it's not too bad. We also pay for technical support which we get locally here in Serbia.

Symantec is not the only endpoint security solution that we actually have experience with but I would recommend it. I think it's one of the best solutions currently on the market.

I rate this solution an eight out of ten.

We use Symantec Endpoint Security as an antivirus solution to protect our servers.

The product has valuable features for insights.

There could be definition updates installed and running for the product, similar to new EDR solutions that receive updates from the internet. We still have legacy concepts where clients have installed definitions themselves. It could be more effective. Additionally, the memory usage by the product could be reduced.

We have been using Symantec Endpoint Security for ten years.

I rate the platform’s stability an eight out of ten.

We have 13000 Symantec Endpoint Security users in our organization. I rate its scalability an eight out of ten.

The technical support team’s response time is slow.

The initial setup process is easy.

I rate the product's pricing a six out of ten.

I rate Symantec Endpoint Security a seven out of ten.

We are service providers. We use this solution for endpoint response and detections.

We use this in the banking sector regularly.

We also use it for automatic threat protection and for DLP (Data Loss Protection).

After selling this product, what we have observed is that the system gets slower, which is a major issue.

We would also like to see better pricing. It's almost double when compared to other products.

I have been using this solution for more than seven years.

We are using the latest version.

It's a stable solution.

It is scalable. If you get the proper licenses then it scales well. There are no issues with scalability.

We are service providers with many different clients. Some of our customers have 100 users, whereas others have 200, and even as many as 300.

We have completed several installations but have never contacted technical support.

We do a direct installation. It is cloud-based and we can create a diary on the Symantec site.

We create the ID and download the client package.

It can take five to seven minutes to install per node.

If it is in the same network, we don't require much manpower to maintain it. All of the usernames and passwords are in the system. We can deploy remote deployment and installation.

Symantec is expensive. 

When compared with Trend Micro and Sophos, it is expensive.

Customers are required to purchase a license.

We recommend this solution to others who are interested in using it. In some organizations, it is compulsory to use Symantec.

I would rate this solution an eight out of ten.

The primary use cases of this solution are for antivirus protection, anti-malware protection, and personal firewall protection.

The most valuable feature is the automated updating. They send out updates on a regular basis. All that we have to do is to set it up on our server to download it, then it is distributed to the individual endpoints. 

Individual machines could do the same thing but it would only be on that one machine.

It seems to block things fairly well.

This solution is resource-heavy. It uses up a lot of memory and a lot of disk space. It demands a lot of resources. There have been improvements with Windows 10 and it's not as problematic.

The firewall capabilities did not seem to do what the documentation claimed it should do.

Port control is one of the things that this solution does do, but it does it on a higher level. When I say port control, it's things like USB ports that can be used to plug things in. For example, if you plug in a wired mouse or a wireless mouse then you want the flexibility to be able to do that. It should be able to identify that it is a mouse and let you use it. 

By the same token, if you plug in a 1 TB external hard drive, that should be shut down unless it is one of your hard drives. The only way to detect that would be to have units with their own serial number and the system programmed in such a way that it would recognize it.

Seagate for example has many external drives. They have serial numbers on those drives, and we don't want to just set it up for use by any Seagate drive. We want our external drives to be used, only. We don't want to have to go purchase Seagate drives to have it work. We want them to get it from us, that we know works, and have them return it to us.

I would like to see a check-in system where you can log which specific drives your staff can access and what they cannot access.

I have been using this solution for approximately six to eight years.

With Windows 7 there were some stability issues. The environment handled resources differently. You could have a fairly resource-heavy solution that would make the system unusable.

Windows 10 improved stability quite a bit.

Technical support is good, but when they sold to Broadcom, even though people were paying for the support they were not getting it.

This product is more reasonably priced than some competing solutions.

We spoke with some vendors who recommended Sophos and Crowdstrike. While Crowdstrike has some incredible features, it's four times the cost.

Sophos is supposed to handle our needs.

Crowdstrike could handle our needs and then some, but we couldn't justify the cost.

Within the last three or four months, we decided to drop Symantec on its own because of some issues we have with the company. We will be using Sophos.

Symantec sold off their enterprise solutions, which this product falls into. When they sold it. they sold it to a company that has purchased software packages in the past and not done very well with it. They are a hardware company trying to expand into the software realm. This is another example of a hardware company that thinks that they can do software and they can't.

We were told that Broadcom was ignoring all of their customers that were below a certain level of license purchases. Some of the customers were calling wanting to renew their product and they were having to wait a month or six weeks just to get a quote.

We did our own research and confirmed that what we were told was true and decided that we were not going to renew and went to Sophos.

If you are going with Symantec, definitely purchase the 24/7 tech support. They will help you with just about everything, or at least they used to. I am not sure if that still applies to Broadcom.

They now offer the option to put it into the cloud for the management capabilities. That way the endpoints, the individual laptops, and desktop computers are actually going to a website to get the management, the new definitions, and new configurations. This option should seriously be considered. 

I am not recommending that they do that but they should at least seriously consider it, because, while having that one server to do that one thing is fairly important, it would be nice to not have to deal with it.

For what we were using this product for it was pretty good, but there were some things that we didn't like, and some things that we would have like to take advantage of.

I would rate this solution an eight out of ten.

My primary use case is endpoint antivirus/antimalware security on Windows computers, on and off my office network.

Initially, it provided easy centralized management of policies and devices. Threat protection has always worked well.

I originally posted the most valuable feature is centralized management - after consideration, I realized this is not accurate. I've used the on-premise and cloud versions of SEP.  I prefer cloud versions as it is centralized and easy to manage, but every cloud-managed solution does this. I have many cloud managed solutions I use, but I've found SEP to be quirky and inefficient at best. My personal experience is the protection works well. I haven't had an infected computer in years (managing 300 devices now, more over the years). The problem with the protection is I've encountered far too many computers where the licensing fails at some point after installation without warning or notice. You have to check each computer routinely to verify the license is good and the agent is updating. This directly impacts the core reliability of the product since license "expiration" (failure) prevents the agent from updating.

This latest version upgrade/migration over the last year has been atrocious.

There have been numerous support issues and calls with Sr. VPs at Symantec, who were always understanding about the problems, but the product has proven unreliable to install and manage. The protection itself seems as solid, but if devices are losing their licensing without notice for no reason, it's only a matter of time before they become compromised.

The bottom line is that when it comes to management, reliability of management, reporting, alerting, installation, and licensing, if these don't work reliably you can't trust the product's security capability.

I've seen way too many outages and "maintenance" events in the last year on the new platform to consider it stable.

This latest version has proven unreliable for management and installation.

I would no longer recommend this product as a viable security solution.