Microsoft Windows Defender vs. Symantec Endpoint Protection

Microsoft Windows Defender is ranked 9th in Endpoint Protection vs Symantec Endpoint Protection which is ranked 1st in Endpoint Protection with 30 reviews. The top reviewer of Symantec Endpoint Protection writes "You can deploy it to Windows, Mac, and Linux with one console to cover all three". Microsoft Windows Defender is most compared with Symantec Endpoint Protection, ESET Endpoint Security and Norton Security Premium. Symantec Endpoint Protection is most compared with Microsoft Windows Defender, McAfee Complete Endpoint Protection and ESET Endpoint Security.
You must select at least 2 products to compare!
Most Helpful Review
Use Microsoft Windows Defender? Share your opinion.
Find out what your peers are saying about Symantec, IBM, Carbon Black and others in Endpoint Protection.
310,623 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pricing and Cost Advice
Information Not Available
Pricing and licensing are important to us when choosing a product.It's not cheap.It is the better product, even if it is a little on the higher side.Licensing is per user. Therefore, it makes it easy to do licensing.What we have paid for this product is good value for the work and the services that they are providing to us.Regarding the licensing, it was important negotiate a long contract to get a more attractive price, including advanced support in case of crisis.I’d say SEP deserves the money.

Read more »

Use our free recommendation engine to learn which Endpoint Protection solutions are best for your needs.
310,623 professionals have used our research since 2012.
Answers from the Community
Rhea Rapps
Bruce BadingUser

Symantec Endpoint Protection and Windows Defender both have their strong points. Microsoft has made great progress in its free edition of Windows Defender in Windows 7 and improved version in Windows 10. Its no cost feature is its strong point. Symantec Endpoint Protection is a purchased product, but the cost is worth the price. SEP is always near or at the top of Gartner’s Magic Quadrant both in execution and completeness of vision. In my 25 years as an IBM lead security engineer, I observed that SEP was chosen by IBM to protect its mobile workforce and also was the leader in Endpoint Protection chosen by the world’s largest banks, retailers and organizations. Powered by Sonar and now a Machine Learning Cloud interface in SEP 14.1, it is in most expert’s options the leader in Endpoint Protection.

My current experiences have also show that Symantec detects a far greater number of the zero-day threats than Windows Defender. However, the number of zero-day threats that can bypass the total of all anti-virus solutions has risen in recent years and the problem is that even though solutions such as SEP 14.1 are moving to machine learning detection engines, the number of data breaches continues to increase exponentially as the malicious actors are beginning to use AI to create and distribute Advanced Persistent Threats and it is a lucrative industry being run by organizations with a corporate structure mimicking the actual corporate structures of legitimate business.

Today only a holistic approach toward a foundational implantation of fundamental security controls at all levels will decrease the growing number of data breaches, reputational damage and monetary losses. Threat Hunting is the new norm and every organization should look beyond Endpoint Protection to an early detection and reduction in infection time by implementing an advanced Threat Hunting posture. Beyond that, Governance, Risk Management, Compliance and an increase in security awareness from the boardroom to the ground floor is making the more mature organizations leaner, agiler and less likely to suffer a data breach.

13 February 18
Martin CarnegieConsultant

Between Symantec and Defender, the best of the two is Symantec for detections and false/positive rates.

Couple sites to check

One thing you will notice is that the first site does not even consider Defender as a corporate solution, so take that for what it is.

One thing I will say about Symantec is the horrendous support. I find that every ticket I work on is pure frustration. Tickets are closed without actually solving the problem, constant debating around what the issue is and what the solution is. It has been driving me nuts!

But that being said, the product is fairly easy to manage and has kept us pretty clean. Our worst issue is spear-phishing attacks, but these cannot be prevented by malware software that well.

Symantec does offer a cloud connection for the agents now. My big issue right now is that you cannot have an internally managed server connect to the cloud (or reverse) to provide information in a consolidated view. I am told that this is coming though. I could move everything to the cloud I guess, but that is something for the future.

13 February 18
Gadepally EeswarUser

I do recommend Symantec,

Reason like it has granular protection capabilities
Integrity with other advance solution also available to achieve maximum level protection.

Antivirus and antispyware
Application control and hardware control
Mitigation on memory exploring
Online reputation and signature-based solution
Behavior analysis and machine learning
Hist firewall and Hist IPS integrity with ATP/apt
Global reputation signature synchronization
Compliance validator,
Host/application hardening or lockdown
Integrity with web proxy

Symantec is not any path for the threat comprising,

Faster response to 0day attack
And three tiar integrity with Yara.

14 February 18
Fausto AlvarezUser

Symantec Endpoint Protection (SEP) 12 has an extensive set of layered defense capabilities, such as Symantec Online Network for Advanced Response (SONAR), Symantec Insight and its network protect technologies, which go beyond traditional signatures for protection from advanced targeted attacks. Most recent improvements were in components of SONAR. Symantec also integrated an advanced repair tool, Norton Power Eraser, into the Symantec Endpoint Protection client.Symantec continues to be listed as the top overall competitive threat by vendors reviewed in this Magic Quadrant.Symantec's Security Technology and Response (STAR) technology allows evidence of compromise (EOC) scanning on the endpoint via SEP and is used by Symantec Managed Security Services and Symantec ATP.Cynic is a cloud-based sandboxing platform that provides bare-metal hardware and network sandboxing analysis of objects submitted by Advanced Threat Protection (ATP), Endpoint Protection and email. Results are passed to ATP for remediation.Application control offers one-click lockdown via a whitelist or blacklist of applications.Synapse integrates, correlates and prioritizes SEP, email security, cloud and ATP information.Symantec Data Center Security leverages VMware's vShield APIs and NSX to offer "agentless" antivirus and reputation security features on a VMware ESX hypervisor. On other platforms, such as Hyper-V or Kernel-based Virtual Machine (KVM), SEP provides input/output (I/O)-sensitive scan, virtual image exception and file cache, offline image scanner, and randomized scanning.Symantec's new Advanced Threat Protection will combine network-based object and traffic scanning with existing SEP clients to provide EDR functionality without the need for existing customers to deploy new client agents. Microsoft SCEP continues to rely heavily on signature-based detection methods. Test results (such as AV-Test and AV-Comparatives) of the effectiveness of SCEP remain very low when compared with industry averages. Microsoft is focused on reducing the impact of prevalent malware in the Windows installed base, with very low false-positive rates. It does not focus exclusively on rare or targeted threats, the impact of which minimal to the entire Microsoft ecosystem.SCEP still lacks numerous capabilities that are common in other security solutions, including advanced device control, network-based sandbox and application control. Windows features such as Firewall, BitLocker, and AppLocker are not as full-featured as comparable solutions from leading vendors, and the management of these components is not integrated into a single policy and reporting interface.While Microsoft supports anti-malware product updates independently, it delivers its most important security improvements in the OS. While every Microsoft customer benefits when the OS is more secure, including those that use alternative EPP solutions, most enterprises cannot upgrade OSs as fast as EPP versions.Despite the integration with system and configuration management, SCEP does not provide a security state assessment that combines the various security indicators into a single prioritized task list or score. SCEP also does not provide preconfigured forensic investigation or malware detection capabilities.SCEP provides support for virtual environments by enabling the randomization of signature updates and scans, and by offline scanning. It does not integrate with VMware's vShield or provide similar agentless solutions for Microsoft's Hyper-V environments.Intune EMM comes at an additional cost.

14 February 18
Richard BenfattoUser

Good afternoon and thanks for allowing me to put a grain of salt.

In summary, Symantec Endpoint Protection is the only of the two products that will protect more. The MS solution is useless. Believe me, I had many customers infected by relying on this. Symantec product is a conglomerate of protections together, including the firewall and application control (inheritance when they purchased Sygate, a highly respected firewall for the enterprise market, in those days).
Symantec, (not to be confused with the Norton product they have, which is a dog) with its Endpoint Protection enables protection against DNS
poisoning, MAC address spoofing, and many other features. It can also be centrally controlled and would cut off any machines in a network that
might get infected.

The choice is easy, Symantec.

14 February 18
out of 53 in Endpoint Protection
Avg. Rating
out of 53 in Endpoint Protection
Avg. Rating
Top Comparisons
Also Known As
Windows Defender, Microsoft System Center Endpoint ProtectionSymantec AntiVirus
Windows Defender Pro is your first line of defense against spyware and other unwanted software. And in Windows 7, it's easier to use, with simpler notifications, more scanning options, and less impact on your computer's performance.

Symantec Endpoint Protection is a powerful endpoint antivirus software solution, which provides multiple layers of protection against all types of known and unknown threats. Powered by SONAR and Symantec Insight, Symantec Endpoint Protection combines all the security tools that you could require into one proactive solution.

It integrates antivirus, firewall, antispyware, intrusion prevention, application control and device control, and allows you to manage all of these tools centrally from one agent. Upgrades happen automatically, and the software offers seamless migration from previous versions.

This solution maximizes the security and performance of physical and virtual systems, and is compatible with multiple operating systems, such as Windows, Mac and Linux. Symantec Endpoint Protection is recommended for environments with more than 250 users.

Learn more about Microsoft Windows Defender
Learn more about Symantec Endpoint Protection
Sample Customers
Al-Imam Mohammad Ibn Saud Islamic University, Auckland Transport, Erste Bank Group, Urban Software Institute, NJVC, Sheraton Hotels and Resorts Audio Visual Dynamics, Red Deer Advocate, Asia Pacific Telecom Co. Ltd., Kibbutz Ein Gedi, and AMETEK, Inc.
Top Industries
No Data Available
Financial Services Firm13%
Local Government13%
Non Profit6%
Insurance Company23%
Financial Services Firm16%
Security Firm10%
Transportation Company6%
Company Size
No Data Available
Small Business41%
Midsize Enterprise16%
Large Enterprise43%
Small Business50%
Midsize Enterprise18%
Large Enterprise32%
Find out what your peers are saying about Symantec, IBM, Carbon Black and others in Endpoint Protection.
310,623 professionals have used our research since 2012.
We monitor all Endpoint Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

Sign Up with Email