What is most valuable?
SONAR/Auto-Protect feature and Generic Exploit Mitigation: Can detect and prevent attacks that are exploring common software vulnerabilities. It monitors suspicious files that have behavior actions on memory, network, etc. The console and admin features are the main qualities.
How has it helped my organization?
In a large environment, it is a challenge to manage what areas can have specific rights or functions enabled or disabled, considering their needs. SEP had the opportunity to integrated Microsoft Active Directory structure into the SEP Admin console. Based on that, it was easier for me to apply specific policies for different business areas with different users. For instance: Enable USB rights only for C-level users/Disable SONAR feature for marketing team considering their needs.
What needs improvement?
Reports: It would be nice to have customized reports integrated on the main console with no additional DB server or BI server. Vulnerabilities: A vulnerability scan integrated with SEP would be important for the admin to understand the risk level they are facing and how to protect themselves...
Reports: SEP has built-in, on the console, many pre-configured reports
however, in a complexed environment, customers may would need customized
reports other than already provided by the console. In this case, it´s
possible to achieve them using an external data base and server. It would
be nice have a possibility to create customized reports without an external
server and data base, on the same SEP Admin console.
Vulnerabilities: It would be nice have on the SEP Admin console a feature
to measure the environment risk level using an OS and application
vulnerability scan where the administrator can analyze the risk, mitigate
the main risks, prioritized them and, over a Path Manager, correct them if
For how long have I used the solution?
We have used this solution for six or seven years.
What was my experience with deployment of the solution?
We had some issues during deployment. When doing a 40.000 McAfee migration nodes for SEP, I have faced challenges removing specific MacAfee features where SEP has no supportability. Compared to other vendors, like Kaspersky, they have scripts to remove all anti-virus solutions in the market before installing KL AV. And it is 100% possible to automate the job over the KL console.
Another challenge was customize all best practices vs. best protection for the company vs. not creating any performance impact on the customer.
How are customer service and technical support?
Technical support is good. You can open tickets over international numbers, emails, or the website. If you open a ticket in your time-zone, you will work with a technical support representative in your local language. Otherwise, it will be in English.
Which solution did I use previously and why did I switch?
We used Kaspersky and Bitdefender. We switched due to the company reputation, negotiation terms, commercial benefits, and technical results on the PoC.
What about the implementation team?
The implementation was through a Symantec reseller. Considering the environment complexity, it is important to always plan, test, correct all errors, plan again, and attack departments with low risks, learn with the errors, adjust the plan, and move forward to next department.
What's my experience with pricing, setup cost, and licensing?
Migrating a platform for a different one, most of the time, has a higher cost. However, considering the impact, risk , downtime, and principally, the low support quality provided that the oldest solution provided, were the main reason to start look forward for a newer one. These were the main reason that I migrated to Symantec. After a year of augmenting many open tickets and find internal customer satisfaction was really low, we convinced the board that it was time to migrate before having a huge impact for the business and company reputation.
Regarding the licensing, it was important negotiate a long contract to get a more attractive price, including advanced support in case of crisis.
What other advice do I have?
Always try to include hours for the project in the budget. Always look for a specialized reseller who the vendor recognizes through a certified and approved reseller.