We compared Symantec Endpoint Security and Microsoft Defender for Endpoint based on our users' reviews across several parameters.
Symantec Endpoint Security is praised for its robust protection, advanced threat detection, and comprehensive coverage, but users suggest improvements in integration, interface, scanning speed, and resource utilization. Microsoft Defender for Endpoint receives high ratings for its security measures, integration, interface, and customer support, but users note the need for enhancements in system performance, user interface, and threat detection capabilities. Pricing for both products is deemed justified, with positive ROI reported by users.
Features: Symantec Endpoint Security stands out for its advanced threat detection and comprehensive security functionalities. Microsoft Defender for Endpoint is valued for its seamless integration with other Microsoft products, efficient threat detection, and user-friendly interface.
Pricing and ROI: Symantec Endpoint Security's setup cost is justified by its strong features, while Microsoft Defender for Endpoint offers competitive pricing with a reasonable setup cost. Symantec's licensing is flexible, while Microsoft's process is user-friendly. Symantec Endpoint Security users praised its positive ROI, citing good value, cyber threat prevention, and time/resource savings. Microsoft Defender for Endpoint also delivers strong ROI, with users reporting valuable outcomes.
Room for Improvement: Symantec Endpoint Security has room for improvement in integration with security tools, interface usability, scanning speed, and resource utilization. Microsoft Defender for Endpoint could enhance system performance, user interface, threat detection, scanning efficiency, and advanced threat prevention.
Deployment and customer support: Users find that setting up Symantec Endpoint Security takes longer than setting up Microsoft Defender for Endpoint. Some users of Microsoft Defender reported varying durations, with some needing three months for deployment and a week for setup, while others required only a week for both. Symantec Endpoint Security offers responsive and efficient customer support, praised for prompt solutions to technical issues. Microsoft Defender for Endpoint is highly praised for its knowledgeable support team and effective assistance.
The summary above is based on 208 interviews we conducted recently with Symantec Endpoint Security and Microsoft Defender for Endpoint users. To access the review's full transcripts, download our report.
"The price is low and quite competitive with others."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The stability is very good."
"Forensics is a valuable feature of Fortinet FortiEDR."
"Its simplicity is the most valuable. It also has very good integration. We like it."
"Microsoft Defender for Endpoint is easy to load and it runs quietly in the background, unlike other solutions."
"I like that it's easy to deploy because it already comes with Windows 10. Overall, it has all the features that we need. Easy to deploy, comes with updates, and comes with Windows updates. You don't have to really manage or update the signature."
"It comes included with the Windows license."
"The most valuable feature is that we can use the solution right out of the box without too much configuration."
"The most valuable features are that it is flexible, and it is integrated with Microsoft products."
"We apply the DLP policies across a range of endpoints and it is very accurate when reporting vulnerabilities, including those in email attachments."
"It's a Microsoft product; it's easier to deploy this product than other options."
"Symantec's detection capabilities are strong. It involves run protection and behavioral analysis."
"The fact that it has centralized management is the most valuable feature."
"The solution's application control feature is very, very powerful."
"I like the firewall and the intrusion prevention features, and just the basic anti-malware and anti-virus seems to be pretty effective as well."
"With a single console, you get control over Mac, Windows, iOS, and Android. This control is most valuable."
"It's a good proxy to control the user's access to the website."
"The pricing is pretty good."
"Symantec has cloud-based endpoint protection, so whether a user is off the network or on the network, the endpoint will be protected by the cloud."
"The dashboard isn't easy to access and manage."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"Detections could be improved."
"We'd like to see more one-to-one product presentations for the distribution channels."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"I haven't seen the use of AI in the solution."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"We find the solution to be a bit expensive."
"I would like Microsoft to have some kind of direct integration for USB controls. They have GPO and other controls to control the access of the USB drives on devices, but if there is something that can be directly implemented into the portal, it would be good. There should be a way to control via a cloud portal or something like that in a dynamic way. USB control for data exfiltration would be a good feature to implement. Currently, there are ways to do it, but it involves too many different things. You have to implement it via GPOs and other stuff, and then you move or copy those big files via Defender ATP. If there is a simple way of implementing those features, it would be great."
"The time it takes to implement policies has room for improvement."
"The dashboard customization could be improved."
"This solution needs to move beyond relying on virus definitions alone and protect the system using behavioral analysis of the processes that are running."
"Windows Firewall is integrated with Windows Defender. Over the last few days, I have had a problem with defining a wildcard on Windows Firewall. For example, I wanted to pull out the connection of my program and install a software package with a lot of executable files. I wanted to prevent it from accessing the internet. I could not select executables by using a wildcard. I had to select a single executable with its full name."
"It would be helpful if they offered video tutorial guides."
"I would like to see improvement from a management perspective. We have had to depend on Intune for certain tasks."
"It can get a bit laggy sometimes. Other than that, we don't have any issues. They constantly tweak it and fix it up based on users' feedback. It has improved a lot over the past four years. Defender for Endpoint never really used to be a good endpoint security solution, but over the past couple of years, Microsoft has invested heavily in it. So, it has come a long way in all aspects of endpoint security. If they want to make it better, they should just continue investing in the current path of what they've been doing over the past couple of years."
"In the next release of this solution, I would like to see more to do with malware, encryption technology, and controlling mobile devices."
"It can maybe send notifications when there is an update and everything is successful."
"We had an issue with the Broadcom migration. We had some problems with product support, and the deployment is tricky because it's an on-premises technology. Deploying any on-premises security solution is hard because you have to distribute the software."
"The agent shouldn't use up so many resources at the endpoint when scanning and protecting."
"Any external device which is inserted into a computer should be subject to an auto-scan policy, to automatically scan it before accepting the device... They need to make it more user-friendly, so that when anyone puts in a USB stick it will be scanned, popping up any problems before it is used."
"There could be definition updates installed and running for the product, similar to new EDR solutions that receive updates from the internet."
"Every time an OS comes out, I have to upgrade the Symantec product. They don't know how to patch it. If they would produce a patch instead of uninstalling or installing over the current version and rebooting I'd be a lot happier with the product."
"The monitoring capabilities could be further developed."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews while Symantec Endpoint Security is ranked 5th in Endpoint Protection Platform (EPP) with 139 reviews. Microsoft Defender for Endpoint is rated 8.0, while Symantec Endpoint Security is rated 7.6. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Symantec Endpoint Security writes "The solution has given us visibility into compliance within our whole system and helped us ensure everything is updated". Microsoft Defender for Endpoint is most compared with Intercept X Endpoint, CrowdStrike Falcon, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Fortinet FortiClient, whereas Symantec Endpoint Security is most compared with CrowdStrike Falcon, Cortex XDR by Palo Alto Networks, Trend Micro Deep Security and Kaspersky Endpoint Security for Business. See our Microsoft Defender for Endpoint vs. Symantec Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.