We performed a comparison between NetWitness XDR and Symantec Endpoint Security based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Fortinet has helped free up around 20 percent of our staff's time to help us out."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Ability to get forensics details and also memory exfiltration."
"The setup is pretty simple."
"I like FortiClient EMS. FortiEDR has a lot of great features like lockdown mode, remote wipes, and encryption. I can set malware outbreak policies and controls for detecting abnormalities. You can also simulate phishing attacks."
"The interface of this solution is very flexible and easy to use."
"It is very easy to use, and its usability is great. The use cases are also very easy. The visualizations of the use cases are magnificent. You cannot find this in any other solution. From my point of view, it is great."
"It is stable. We have been using it for some time, without any issues."
"The log correlation is good."
"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."
"Technical support is knowledgeable."
"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."
"The technical support is very good. They have an Indian support team, so there are no delays in receiving support."
"The dashboard view and reporting are valuable. It is stable and easy to integrate, and it provides custom options."
"There is no other endpoint solution that will help you in preventing lateral-movement attacks on Active Directory. And Active Directory is one of the more critical assets within an organization."
"If there is exposure, we need to investigate the source of the attack, e.g., whether it came from the network or externally. We view the firewall logs, and if there has been exposure, then we use the Application Isolation feature. When there is an attack with on-prem, that system will go into isolation mode, removing connectivity to other internal systems. We also restrict the WLAN part to avoid that system broadcasting to other networks."
"The features are very nice. We are getting updates continuously from the Symantec side regarding any attacks, such as zero-day attacks. Symantec helps us in mitigating any attacks or threats early."
"The product has been quite stable."
"I like the endpoint detection and response. That's the best feature. I also like the fact that we don't need to use a file on the computer, whereas some anti-malware solutions work with a file on the endpoint. Symantec is a very good option compared to solutions from other vendors."
"Symantec is very user-friendly, the interface and functions are very simple for everyone to understand. Additionally, it's a very robust system."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The only minor concern is occasional interference with desired programs."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"The solution should address emerging threats like SQL injection."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"It takes about two business days for initial support, which is too slow in urgent situations."
"The solution is not stable."
"Threat detection could be better."
"I would like to see Security Orchestration and Response Automation (SOAR) integration."
"The initial setup requires a high level of skill."
"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."
"When analyzing something, you have to click several times. It requires a lot of effort to find something."
"RSA NetWitness Network could improve on integration with non-native application integration."
"The support needs to be better. When we upgrade, we can run into issues, and it's hard to get the help we require."
"It is only available to use on computers with higher-end specs."
"It seems that its not working very well with VMWare."
"Maybe Symantec Endpoint Security could amend their pricing structure, but they always offer a good product."
"If the agent can be minimized so that it can work with in-memory concepts, that would be ideal. As of now, it is file-based, signature-based."
"I find the documentation on Symantec.com to be not very updated. It seems like Symantec focuses more on their product than on documentation."
"The reporting function needs to be more user friendly in general."
"The malware and ransomware protections could be improved, which was ultimately the reason why I stopped using the solution."
NetWitness XDR is ranked 40th in Endpoint Protection Platform (EPP) with 15 reviews while Symantec Endpoint Security is ranked 5th in Endpoint Protection Platform (EPP) with 139 reviews. NetWitness XDR is rated 8.0, while Symantec Endpoint Security is rated 7.6. The top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". On the other hand, the top reviewer of Symantec Endpoint Security writes "The solution has given us visibility into compliance within our whole system and helped us ensure everything is updated". NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), CrowdStrike Falcon, SentinelOne Singularity Complete and Microsoft Defender for Endpoint, whereas Symantec Endpoint Security is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Trend Micro Deep Security. See our NetWitness XDR vs. Symantec Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.