We just raised a $30M Series A: Read our story

ESET Endpoint Antivirus Competitors and Alternatives

Get our free report covering ESET, GoSecure, WatchGuard, and other competitors of ESET Endpoint Antivirus. Updated: November 2021.
553,954 professionals have used our research since 2012.

Read reviews of ESET Endpoint Antivirus competitors and alternatives

MD
Azure Engineer at a tech services company with 51-200 employees
Real User
Integrates well with Microsoft technologies, but needs direct integration for USB control

Pros and Cons

  • "It depends on the licensing. Most of the customers have got at least a 365 E3 license, and they can use most of the features of Windows 10 Defender. So, anyone who has got an enterprise license can start using those features. Some of the customers have got E5 licenses, and they can use all advanced features. Customers with E5 licenses use the advanced site protection (ATP) features and web content filtering without going via a proxy, which gives the benefit of replacing the proxy. They can get the benefit of MCAS and integration with Intune and the endpoint manager. It is a kind of single platform for all 365 technologies. It helps customers in managing everything through a unified portal."
  • "I would like Microsoft to have some kind of direct integration for USB controls. They have GPO and other controls to control the access of the USB drives on devices, but if there is something that can be directly implemented into the portal, it would be good. There should be a way to control via a cloud portal or something like that in a dynamic way. USB control for data exfiltration would be a good feature to implement. Currently, there are ways to do it, but it involves too many different things. You have to implement it via GPOs and other stuff, and then you move or copy those big files via Defender ATP. If there is a simple way of implementing those features, it would be great."

What is our primary use case?

Our clients use it for antivirus and anti-malware purposes.

What is most valuable?

It depends on the licensing. Most of the customers have got at least a 365 E3 license, and they can use most of the features of Windows 10 Defender. So, anyone who has got an enterprise license can start using those features. Some of the customers have got E5 licenses, and they can use all advanced features. Customers with E5 licenses use the advanced site protection (ATP) features and web content filtering without going via a proxy, which gives the benefit of replacing the proxy. They can get the benefit of MCAS and integration with Intune and the endpoint manager. It is a kind of single platform for all 365 technologies. It helps customers in managing everything through a unified portal.

Normally, we implement the attack surface reduction (ASR) rules and exploit protections. We also use Microsoft Defender Application Guard and ad blocker. Instead of using the application control list, we use the ad blocker at most of the places.

What needs improvement?

What I've heard from the customers is that the anti-malware engine is not up to date. So, sometimes, it may not detect such threats. I, however, haven't got any data to show for this.

Its licensing can be better. Currently, customers with the E3 license cannot use many features, and they would like those features to be available. With Windows 10 E5, Microsoft is phasing out all the functionality. They have also made a lot of changes recently where you can also buy add-ons for Defender ATP, but for Office 365, ADT, and other stuff, you still require E5 licensing. If they can improve its licensing, it would definitely be helpful in implementing the features from the security point of view. E5 definitely has more features from the security point of view.

I would like Microsoft to have some kind of direct integration for USB controls. They have GPO and other controls to control the access of the USB drives on devices, but if there is something that can be directly implemented into the portal, it would be good. There should be a way to control via a cloud portal or something like that in a dynamic way. USB control for data exfiltration would be a good feature to implement. Currently, there are ways to do it, but it involves too many different things. You have to implement it via GPOs and other stuff, and then you move or copy those big files via Defender ATP. If there is a simple way of implementing those features, it would be great.

For how long have I used the solution?

We have been recommending Defender to customers for Windows 10 and helping them in implementing it for two years.

What do I think about the stability of the solution?

It is okay in terms of stability. I haven't seen any issues. Even if you go for a third-party vendor as your primary anti-malware software, you can get the benefit of Defender in a passive mode. 

I am an Azure engineer, and I work with an architect to design the solutions. I'm not a security person, and I don't know whether it catches all the new malware that comes into the IT world, and how quickly it gets updated because it is not my area of work as I'm not an SEC OP admin. I have read a few articles mentioning that the engine might only be 80% or 90% up to date. Obviously, no engine is 100% up to date, but it is still a little bit behind some of the third-party vendors. 

How are customer service and technical support?

We haven't used their support much, but one of my colleagues has had some problems, and I think he didn't get good support from Microsoft. So, obviously, it depends on what kind of support engineer you have been assigned. Sometimes, it can be difficult. It is not only applicable to Defender; it could be with any of the products.

How was the initial setup?

While implementing the ASR rules and other things, if you don't put it in the audit mode and don't do proper discovery, then it can definitely break lots of applications. You need to adhere to the implementation guidelines for ASR rules. So, proper analysis definitely needs to be done before implementing those rules because it can affect the business functionality.

Its deployment can take from few weeks to months depending on the size of the organization. In terms of the implementation strategy, we start with the pilot key users, and we deploy those policies. We also deploy ASR rules and other exploit protection rules in the audit mode, instead of directly enabling them. We then monitor the resources in terms of what can be blocked or what can get impacted by those rules. After that, we work with the users to implement it and see whether it breaks anything. If it breaks, then we look at the solutions. After we are happy with all those solutions and we know that enabling it won't break anything on a business side, we just roll it out.

What was our ROI?

Our clients are definitely seeing an ROI. Some of the clients have already got the licenses, and they can use lots of features of their Defender ATP. They are basically saving the cost of not going with a third-party solution.

Some of the clients who already had another third-party solution are also moving to Defender ATP because they already have the licenses, and they can save the cost on those. One of our clients is using ESET. They have the ESET standard version, so they are not getting any of the other features. They already have an E5 license to use all Defender ATP features. So, obviously, it would be beneficial for them to go with Defender ATP.

Which other solutions did I evaluate?

We did a little bit of comparison with Sophos. Sophos also offers cloud and network protection, but it would be an extra cost to buy it if you already have a license of Defender ATP. With Sophos, the USB features are a part of the cloud solution. So, you can configure USB restrictions and other things in the Sophos portal. With Defender, you will have to implement the USB security features via GPO or something else.

What other advice do I have?

I would definitely recommend others to go with Defender ATP if they have got the licenses because it can give them a wide range of security controls. It is integrated with Office portals and Microsoft monitoring systems, so they get the sensors from different places. We haven't come across any security threats yet. From the point of view of its theory, implementation, and architecture, Defender ATP and other ATP integrations would definitely help customers in controlling their organization and implementing the best security rules and policies.

It hasn't affected the user experience much for our customers. Customers only see the notification pop up saying that Defender hasn't found anything and things like that.

I would rate Microsoft Defender for Endpoint a seven out of 10.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
LK
Systems Administrator at Dairibord
Real User
The performance is good and it's very stable

What is our primary use case?

Our primary use case of this solution—we've got what they call McAfee ePO—is for a centralized system that we use to manage all the other endpoints from the central point. It's for endpoint protection, but there are some other options that you can use, such as Web Control, Firewall, etc. This solution is deployed on-premise. 

What is most valuable?

One of the most valuable features is the performance. It's very stable. 

What needs improvement?

The installation process could be improved. It's a bit difficult, but once you get it right, it's fine. 

For how long have I used the solution?

I have been using McAfee for the past 10 years. 

What do I think about the stability of the solution?

This solution is very stable. We have a team of three…

What is our primary use case?

Our primary use case of this solution—we've got what they call McAfee ePO—is for a centralized system that we use to manage all the other endpoints from the central point. It's for endpoint protection, but there are some other options that you can use, such as Web Control, Firewall, etc. This solution is deployed on-premise. 

What is most valuable?

One of the most valuable features is the performance. It's very stable. 

What needs improvement?

The installation process could be improved. It's a bit difficult, but once you get it right, it's fine. 

For how long have I used the solution?

I have been using McAfee for the past 10 years. 

What do I think about the stability of the solution?

This solution is very stable. We have a team of three admins for maintenance. 

What do I think about the scalability of the solution?

This solution is scalable. There are approximately 250 users in my organization who are using McAfee. 

How was the initial setup?

The installation is a bit difficult, but once you get it right, it's fine. Installation took about three to four days and we had a team of three admins. 

What about the implementation team?

We implemented through an in-house team, with outside support. 

What's my experience with pricing, setup cost, and licensing?

There is a yearly subscription cost for this solution. 

Which other solutions did I evaluate?

We also looked at ESET and Sophos, but settled on McAfee. When we visited other sites that were using McAfee, we were quite impressed. 

What other advice do I have?

I rate McAfee a nine out of ten. I can definitely recommend this solution to others considering implementation. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Get our free report covering ESET, GoSecure, WatchGuard, and other competitors of ESET Endpoint Antivirus. Updated: November 2021.
553,954 professionals have used our research since 2012.