Symantec Endpoint Encryption Review

Has good messaging features but the hard drive encryption needs to be improved


What is our primary use case?

We are using three of the product's modules. We are using encryption for messaging, we are using encryption for shared folders and we are using encryption for our hard drives.

How has it helped my organization?

The product has helped our organization by providing encryption options. For example, it is better to have encrypted messages because it is more secure. With the module for the shared folders, we can decide to use it as an addition to our active directory. So we can give users different rights within the active directory. The different set of rules we create in PGP is like an add-on to our active directory and again provides more secure access and restriction of access to some information.

What is most valuable?

The most valuable features are the messaging features and shared folders.

What needs improvement?

The hard drive encryption needs to be improved. There is an issue, for example, where we cannot easily do Microsoft updates. The updates stop before the PGP reboot is complete. So when PGP encryption from the hard drive is active, we can't update Microsoft Windows. As a work-around, we have to decrypt the encrypted hard drive, which takes an hour every time, and then do the updates and then encrypt again. It is time-consuming and there must be a better solution.

One other improvement I would like to see is the ability to get support directly from the seller. There should be a better way to open tickets directly from the seller to eliminate delays and have a better way that we can contact them and get help when we need it. Technical support is a problem.

For how long have I used the solution?

We have been using Symantec Endpoint Encryption since 2013, or about six years.

What do I think about the stability of the solution?

It is not a very stable product based on our experience with how we use it. It is mostly the disk encryption issues and how long it takes to do Microsoft updates. So we actually open some tickets at technical support and also with the integrator who initially installed the system for us. So currently we are dissatisfied and we are looking at BitLocker instead of the PGP only for drive encryption. As it is a Microsoft product, it makes sense that it will work better with Microsoft updates.

What do I think about the scalability of the solution?

The scalability of the product is fine. With PGP servers we can link the Windows account, active directory account with PGP so when I do an installation on a computer, all I have to do is open the profile of the new employee's machine and it is linked to a server. It doesn't matter how many people I link in. We currently have 40 people and the product is installed on all our computers. Most people in our company are consultants who work on the premises of our clients. They are not located within our offices.

How are customer service and technical support?

We have contacted technical support in the past with specific issues but we haven't received any answer yet. So my impression is naturally that the technical support is not great.

Which solution did I use previously and why did I switch?

We are currently looking at Kaspersky Endpoint Encryption for Business Events. I am actually doing testing with a free license that we have access to for 30 days. We are doing this in order to look at the value of the solution, functionalities of the software and if it can apply to our architecture.

Right now we are using Kaspersky but on individual bases. It's not centralized, so each computer has its own Kaspersky security model, but what we want is to be able to manage all the computers in our infrastructure from a central point entry. So that's why we are looking at that specific software. Symantec is not solving all our issues sufficiently.

We are also considering looking into BitLocker to perhaps replace the disk encryption module in Symantec Endpoint Encryption because it is not easy to use.

How was the initial setup?

I wasn't with the company when the product was installed, but I presume the initial setup was complex. The deployment of the product usually takes very little time. I installed the software for new computers and I encrypt the disks. That is all that has to be done so the installation of the product is very quick. It is the encryption of the disk that takes time.

What about the implementation team?

The installation was done by a consultant in 2013.

What's my experience with pricing, setup cost, and licensing?

I am not sure of the licensing fees. I presume there are packages based on what you use. We have three modules (for messaging, disk encryption and shared folders). I believe there are five modules, but we have three out of five. The price scales depending on the number of modules that we use.

What other advice do I have?

My advice to others who are considering this solution is to make sure that they do some testing if they are using disk encryption as we have had problems with updates. Our problem may depend on the version of Windows. So it may be different for other people. I didn't choose to use encryption before, so I learned a lot about the performance and the principle of encryption when it comes to messaging and share folders. So that part is good.

On a scale from one to ten where one is the worst and ten is the best, I would rate Symantec Endpoint Encryption as a six currently. The main problem for us is working with Microsoft updates within PGP. This should be possible because BitLocker is currently doing that which might be a reason we would switch. Updates for Microsoft OS are very complicated for us right now.

Which deployment model are you using for this solution?

On-premises
**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest