Symantec Endpoint Detection and Response Review

Threat protection that is priced well, easy to deploy, and allows you to use the same agent for detection and response

What is our primary use case?

The primary use case of this solution is for protection.

What is most valuable?

The most valuable feature is that the same agent can act as the endpoint detection and response agent. You don't need to deploy an additional agent. As you do with other solutions.

If you try to deploy a new solution you have to replace the existing agent with a new agent, but with Symantec, you can use the same agent.

What needs improvement?

Reporting is a major issue, as it is not user friendly. It's the biggest challenge we are facing. I have raised this issue multiple times.

With virus detection, if one OEM vendor is detecting the virus at 1:10 am, within 24 hours all others will detect it. For example, Symantec will detect the virus, then McAfee will detect it then Trend Micro, all within 24 hours, everyone will have it covered.

In the next release, I would like to see the option to customize the report as per our needs, and better reporting in general.

For how long have I used the solution?

I have worked with all Symantec products. Detection and response is a new technology that they have come up with and I have been working with it for two years.

What do I think about the stability of the solution?

If the solution is updated regularly then there is no challenge with stability.

What do I think about the scalability of the solution?

This solution is definitely scalable.

How are customer service and technical support?

The technical support is very bad. It's been outsourced. The level one support does not have the expertise to support people properly, from a technical perspective. 

I'd say that the level of understanding has been reduced as a result of outsourcing to a third party.

Which solution did I use previously and why did I switch?

Previously, I was working with Trend Micro. Before the detection and response were included, I would have recommended Trend Micro. However, Symantec Endpoint has now taken the lead.

Endpoint detection and response have not been developed into Trend Micro.

How was the initial setup?

The initial setup is straightforward. It's not complex. You will have to license it, then you are good to go.

If you try to establish the replication then you should plan it properly. If you do proper planning then it manages well. As an example, with one of my customers, I updated 3,000 machines that were in remote sites in less than a month's time.

What's my experience with pricing, setup cost, and licensing?

The price is okay, but it really depends on the customer's requirements.

What other advice do I have?

I am a user of Symantec as well as an admin with the Symantec support team. I was the technical support account manager and I would support other customers.

Symantec release updates two or three times per day. If you have a low bandwidth it will never get updated, although there are options to resolve this.

First, you have to decide on your requirements and what features you are looking for, then you can consider any endpoint detection and response solution.

There are good products on the market; there is one in particular that is cloud-based, where you don't need a single investment, but you will need to have good bandwidth. 

Before looking for any solutions the planning must be done.

Overall, this is a good product but it is still in the early stages and there are some improvements that need to be made.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Symantec Endpoint Detection and Response reviews from users
...who compared it with Trend Micro XDR
Add a Comment