Microsoft Windows Defender vs. Symantec Endpoint Protection (SEP)

As of June 2019, Microsoft Windows Defender is ranked 4th in Endpoint Protection for Business with 1 review vs Symantec Endpoint Protection (SEP) which is ranked 1st in Endpoint Protection for Business with 35 reviews. The top reviewer of Microsoft Windows Defender writes "Has good detection rates, is low on system resources, doesn't interfere or hamper workflows, and it's easy to use". The top reviewer of Symantec Endpoint Protection (SEP) writes "You can deploy it to Windows, Mac, and Linux with one console to cover all three". Microsoft Windows Defender is most compared with Symantec Endpoint Protection (SEP), ESET Endpoint Security and Norton Security Premium. Symantec Endpoint Protection (SEP) is most compared with Microsoft Windows Defender, McAfee Complete Endpoint Protection and ESET Endpoint Security.
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about Symantec, IBM, Carbon Black and others in Endpoint Protection for Business. Updated: June 2019.
346,972 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Ensures that I'm working with a product that gets updated regularly without me having to remember to do it. Since it's a Microsoft product, I'm confident that it requires a low use of system resources. The benefit of that being that my computer isn't constantly being drained.

Read more »

The most valuable feature is the virus and malware detection capability.This solution has helped us because it is really useful for blocking all kinds of viruses.Threat protection has always worked well.Endpoint protection has improved our operations by protecting our servers from potential cyber threats.Endpoint Protection is the next generation. It covers antivirus, spamware, ransomware...The fact that it has centralized management is the most valuable feature.The technical support is very good. They have an Indian support team, so there are no delays in receiving support.Symantec has cloud-based endpoint protection, so whether a user is off the network or on the network, the endpoint will be protected by the cloud.

Read more »

It would be nice to have a paid upgrade that would provide additional screening of the day-to-day activities.

Read more »

This solution needs better compatibility with services and applications.Sometimes, when we are creating a new policy, some of the clients are not being updated with the latest policy.This latest version has proven unreliable for management and installation.We must have complete dissolution with advance care protection but we are finding out that we need more Symantec technical specialists. We have identified a need to hire at least one more technical specialist familiar with Symantec to improve our solutions capabilities.Any external device which is inserted into a computer should be subject to an auto-scan policy, to automatically scan it before accepting the device... They need to make it more user-friendly, so that when anyone puts in a USB stick it will be scanned, popping up any problems before it is used.About four years back, Symantec's signature was very heavy and their signature patch was around 200MB or 300MB files.There are a few negative points. They should separate the feature for each separate solution for mobile devices. The second one is about the price, it's expensive. Finally, the third would be the complexity of implementation.I think the CPU dependence should be enhanced.

Read more »

Pricing and Cost Advice
Information Not Available
Compared to other products and brands here in Mexico, the price is okay, somewhere in the middle. Our solution is unique in that it can adapt to a variety of pricing and licensing constraints considering we have the corporate, government, and academic mandates. ThePricing and licensing for our country is very good. It's not that expensive and the endpoint security is very good. It's not as cheap as some others, but they are not as good.We pay on a yearly basis...Zero-day threat or advanced attacks should be part of the endpoint. The product should not require you to buy a separate license.Each annual client license is around 1200 or 1600 INR.Pricing and licensing are important to us when choosing a product.It's not cheap.It is the better product, even if it is a little on the higher side.

Read more »

Use our free recommendation engine to learn which Endpoint Protection for Business solutions are best for your needs.
346,972 professionals have used our research since 2012.
Answers from the Community
Rhea Rapps
Andre B.Vendor

If you have to choose between Symantec or MS, It would have to be Symantec. That is as long as you are willing to adopt more of their eco-system of solutions. I is more heavily geared torwards file protection (can be good or bad, pending the use case) but not dynamic enough in its policy creation capability. However the same can be said for MS Defender. MS Defender has one major shortcoming as it has tunnel vision on the windows platform. It leaves exposures with other operating systems. Also policy capabilities are not quite as effective and granular as one would think given the proximity to the Active Directory / Azure origin. I believe CarbonBlack is a superior solution. The breadth of its detection and response capabilities reside within the context of its primary solution. That said if you are looking for a heavier AV solution, Symantec is the way to go.

13 February 18
Bruce BadingUser

Symantec Endpoint Protection and Windows Defender both have their strong points. Microsoft has made great progress in its free edition of Windows Defender in Windows 7 and improved version in Windows 10. Its no cost feature is its strong point. Symantec Endpoint Protection is a purchased product, but the cost is worth the price. SEP is always near or at the top of Gartner’s Magic Quadrant both in execution and completeness of vision. In my 25 years as an IBM lead security engineer, I observed that SEP was chosen by IBM to protect its mobile workforce and also was the leader in Endpoint Protection chosen by the world’s largest banks, retailers and organizations. Powered by Sonar and now a Machine Learning Cloud interface in SEP 14.1, it is in most expert’s options the leader in Endpoint Protection.

My current experiences have also show that Symantec detects a far greater number of the zero-day threats than Windows Defender. However, the number of zero-day threats that can bypass the total of all anti-virus solutions has risen in recent years and the problem is that even though solutions such as SEP 14.1 are moving to machine learning detection engines, the number of data breaches continues to increase exponentially as the malicious actors are beginning to use AI to create and distribute Advanced Persistent Threats and it is a lucrative industry being run by organizations with a corporate structure mimicking the actual corporate structures of legitimate business.

Today only a holistic approach toward a foundational implantation of fundamental security controls at all levels will decrease the growing number of data breaches, reputational damage and monetary losses. Threat Hunting is the new norm and every organization should look beyond Endpoint Protection to an early detection and reduction in infection time by implementing an advanced Threat Hunting posture. Beyond that, Governance, Risk Management, Compliance and an increase in security awareness from the boardroom to the ground floor is making the more mature organizations leaner, agiler and less likely to suffer a data breach.

13 February 18
Martin CarnegieConsultant

Between Symantec and Defender, the best of the two is Symantec for detections and false/positive rates.

Couple sites to check

One thing you will notice is that the first site does not even consider Defender as a corporate solution, so take that for what it is.

One thing I will say about Symantec is the horrendous support. I find that every ticket I work on is pure frustration. Tickets are closed without actually solving the problem, constant debating around what the issue is and what the solution is. It has been driving me nuts!

But that being said, the product is fairly easy to manage and has kept us pretty clean. Our worst issue is spear-phishing attacks, but these cannot be prevented by malware software that well.

Symantec does offer a cloud connection for the agents now. My big issue right now is that you cannot have an internally managed server connect to the cloud (or reverse) to provide information in a consolidated view. I am told that this is coming though. I could move everything to the cloud I guess, but that is something for the future.

13 February 18
Richard BenfattoUser

SId, you just hit the nail in the head. Sadly, I see here one comment from someone that appears to have CISSP certification........................saying MS is good for home user..............that is ultra fantastic, so just for being a home user nothing will ever happen to them, even if they have a roku box for IPTV ( I am being ultra sarcastic, here). Interesting, common guys.................................

22 April 19
Robin Saikat ChatterjeeConsultant

Symantec is an Enterprise Solution. It help you provide the enterprise reports that are a critical aspect of endpoint protection. It can also help you get an overall view of the state of your organization as a whole. Such is not possible with Windows defender which is an isolated solution . Windows defender is also comparatively simplistic in its detection capabilities compared to symantec. Symantec is the one of the leading companies in this space , others may be forcepoint

05 March 18
Gadepally EeswarUser

I do recommend Symantec,

Reason like it has granular protection capabilities
Integrity with other advance solution also available to achieve maximum level protection.

Antivirus and antispyware
Application control and hardware control
Mitigation on memory exploring
Online reputation and signature-based solution
Behavior analysis and machine learning
Hist firewall and Hist IPS integrity with ATP/apt
Global reputation signature synchronization
Compliance validator,
Host/application hardening or lockdown
Integrity with web proxy

Symantec is not any path for the threat comprising,

Faster response to 0day attack
And three tiar integrity with Yara.

14 February 18
Vinod ShankarConsultant

By pure market rankings Symantec is a much better product and has a higher
detection rate than MS Defender. However, if your environment is
development heavy or file usage heavy, the impact on performance will be
high when using Symantec EP and going to Defender is a better option.

14 February 18
Fausto AlvarezUser

Symantec Endpoint Protection (SEP) 12 has an extensive set of layered defense capabilities, such as Symantec Online Network for Advanced Response (SONAR), Symantec Insight and its network protect technologies, which go beyond traditional signatures for protection from advanced targeted attacks. Most recent improvements were in components of SONAR. Symantec also integrated an advanced repair tool, Norton Power Eraser, into the Symantec Endpoint Protection client.Symantec continues to be listed as the top overall competitive threat by vendors reviewed in this Magic Quadrant.Symantec's Security Technology and Response (STAR) technology allows evidence of compromise (EOC) scanning on the endpoint via SEP and is used by Symantec Managed Security Services and Symantec ATP.Cynic is a cloud-based sandboxing platform that provides bare-metal hardware and network sandboxing analysis of objects submitted by Advanced Threat Protection (ATP), Endpoint Protection and email. Results are passed to ATP for remediation.Application control offers one-click lockdown via a whitelist or blacklist of applications.Synapse integrates, correlates and prioritizes SEP, email security, cloud and ATP information.Symantec Data Center Security leverages VMware's vShield APIs and NSX to offer "agentless" antivirus and reputation security features on a VMware ESX hypervisor. On other platforms, such as Hyper-V or Kernel-based Virtual Machine (KVM), SEP provides input/output (I/O)-sensitive scan, virtual image exception and file cache, offline image scanner, and randomized scanning.Symantec's new Advanced Threat Protection will combine network-based object and traffic scanning with existing SEP clients to provide EDR functionality without the need for existing customers to deploy new client agents. Microsoft SCEP continues to rely heavily on signature-based detection methods. Test results (such as AV-Test and AV-Comparatives) of the effectiveness of SCEP remain very low when compared with industry averages. Microsoft is focused on reducing the impact of prevalent malware in the Windows installed base, with very low false-positive rates. It does not focus exclusively on rare or targeted threats, the impact of which minimal to the entire Microsoft ecosystem.SCEP still lacks numerous capabilities that are common in other security solutions, including advanced device control, network-based sandbox and application control. Windows features such as Firewall, BitLocker, and AppLocker are not as full-featured as comparable solutions from leading vendors, and the management of these components is not integrated into a single policy and reporting interface.While Microsoft supports anti-malware product updates independently, it delivers its most important security improvements in the OS. While every Microsoft customer benefits when the OS is more secure, including those that use alternative EPP solutions, most enterprises cannot upgrade OSs as fast as EPP versions.Despite the integration with system and configuration management, SCEP does not provide a security state assessment that combines the various security indicators into a single prioritized task list or score. SCEP also does not provide preconfigured forensic investigation or malware detection capabilities.SCEP provides support for virtual environments by enabling the randomization of signature updates and scans, and by offline scanning. It does not integrate with VMware's vShield or provide similar agentless solutions for Microsoft's Hyper-V environments.Intune EMM comes at an additional cost.

14 February 18
Average Words per Review
Avg. Rating
Average Words per Review
Avg. Rating
Top Comparisons
Also Known As
Windows Defender, Microsoft System Center Endpoint ProtectionSymantec EPP
Windows Defender Pro is your first line of defense against spyware and other unwanted software. And in Windows 7, it's easier to use, with simpler notifications, more scanning options, and less impact on your computer's performance.

Symantec Endpoint Protection is a powerful endpoint antivirus software solution, which provides multiple layers of protection against all types of known and unknown threats. Powered by SONAR and Symantec Insight, Symantec Endpoint Protection combines all the security tools that you could require into one proactive solution.

It integrates antivirus, firewall, antispyware, intrusion prevention, application control and device control, and allows you to manage all of these tools centrally from one agent. Upgrades happen automatically, and the software offers seamless migration from previous versions.

This solution maximizes the security and performance of physical and virtual systems, and is compatible with multiple operating systems, such as Windows, Mac and Linux. Symantec Endpoint Protection is recommended for environments with more than 250 users.

Learn more about Microsoft Windows Defender
Learn more about Symantec Endpoint Protection (SEP)
Sample Customers
Al-Imam Mohammad Ibn Saud Islamic University, Auckland Transport, Erste Bank Group, Urban Software Institute, NJVC, Sheraton Hotels and Resorts Audio Visual Dynamics, Red Deer Advocate, Asia Pacific Telecom Co. Ltd., Kibbutz Ein Gedi, and AMETEK, Inc.
Top Industries
No Data Available
Financial Services Firm11%
Local Government11%
Financial Services Firm31%
Insurance Company11%
Comms Service Provider10%
Manufacturing Company9%
Company Size
No Data Available
Small Business45%
Midsize Enterprise15%
Large Enterprise40%
Small Business40%
Midsize Enterprise22%
Large Enterprise38%
Find out what your peers are saying about Symantec, IBM, Carbon Black and others in Endpoint Protection for Business. Updated: June 2019.
346,972 professionals have used our research since 2012.
We monitor all Endpoint Protection for Business reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.

Sign Up with Email