We just raised a $30M Series A: Read our story

Symantec Endpoint Detection and Response OverviewUNIXBusinessApplication

Symantec Endpoint Detection and Response is the #11 ranked solution in our list of EDR tools. It is most often compared to Microsoft Defender for Endpoint: Symantec Endpoint Detection and Response vs Microsoft Defender for Endpoint

What is Symantec Endpoint Detection and Response?

Quickly discover and resolve threats with deep endpoint visibility and superior detection analytics, reducing mean time to remediation.
Overcome cyber security skills shortages and streamline SOC operations with extensive automation and built-in integrations for sandboxing, SIEM, and orchestration.
Fortify security teams with the unmatched expertise and global scale of Symantec Managed Endpoint Detection and Response services.
Roll out Endpoint Detection and Response (EDR) across Windows, macOS, and Linux devices using Symantec Endpoint Protection (SEP)-integrated EDR or a dissolvable agent.

Buyer's Guide

Download the Endpoint Detection and Response (EDR) Buyer's Guide including reviews and more. Updated: October 2021

Symantec Endpoint Detection and Response Video

Pricing Advice

What users are saying about Symantec Endpoint Detection and Response pricing:
  • "The price is okay, but it really depends on the customer's requirements."
  • "The price is really high and it should be lower."
  • "We have a yearly subscription, and the pricing is fair."
  • "We are satisfied with the pricing."

Symantec Endpoint Detection and Response Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Kishan Kendre
Project Manager at a consultancy with 501-1,000 employees
Real User
Top 10
Threat protection that is priced well, easy to deploy, and allows you to use the same agent for detection and response

Pros and Cons

  • "The most valuable feature is that the same agent can act as the endpoint detection and response agent."
  • "Reporting is a major issue, as it is not user friendly."

What is our primary use case?

The primary use case of this solution is for protection.

What is most valuable?

The most valuable feature is that the same agent can act as the endpoint detection and response agent. You don't need to deploy an additional agent. As you do with other solutions.

If you try to deploy a new solution you have to replace the existing agent with a new agent, but with Symantec, you can use the same agent.

What needs improvement?

Reporting is a major issue, as it is not user friendly. It's the biggest challenge we are facing. I have raised this issue multiple times.

With virus detection, if one OEM vendor is detecting the virus at 1:10 am, within 24 hours all others will detect it. For example, Symantec will detect the virus, then McAfee will detect it then Trend Micro, all within 24 hours, everyone will have it covered.

In the next release, I would like to see the option to customize the report as per our needs, and better reporting in general.

For how long have I used the solution?

I have worked with all Symantec products. Detection and response is a new technology that they have come up with and I have been working with it for two years.

What do I think about the stability of the solution?

If the solution is updated regularly then there is no challenge with stability.

What do I think about the scalability of the solution?

This solution is definitely scalable.

How are customer service and technical support?

The technical support is very bad. It's been outsourced. The level one support does not have the expertise to support people properly, from a technical perspective. 

I'd say that the level of understanding has been reduced as a result of outsourcing to a third party.

Which solution did I use previously and why did I switch?

Previously, I was working with Trend Micro. Before the detection and response were included, I would have recommended Trend Micro. However, Symantec Endpoint has now taken the lead.

Endpoint detection and response have not been developed into Trend Micro.

How was the initial setup?

The initial setup is straightforward. It's not complex. You will have to license it, then you are good to go.

If you try to establish the replication then you should plan it properly. If you do proper planning then it manages well. As an example, with one of my customers, I updated 3,000 machines that were in remote sites in less than a month's time.

What's my experience with pricing, setup cost, and licensing?

The price is okay, but it really depends on the customer's requirements.

What other advice do I have?

I am a user of Symantec as well as an admin with the Symantec support team. I was the technical support account manager and I would support other customers.

Symantec release updates two or three times per day. If you have a low bandwidth it will never get updated, although there are options to resolve this.

First, you have to decide on your requirements and what features you are looking for, then you can consider any endpoint detection and response solution.

There are good products on the market; there is one in particular that is cloud-based, where you don't need a single investment, but you will need to have good bandwidth. 

Before looking for any solutions the planning must be done.

Overall, this is a good product but it is still in the early stages and there are some improvements that need to be made.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
VR
Security Engineer at Suraksha
Real User
IPS and user interface are great; includes deception technology component as part of SEP

Pros and Cons

  • "IPS and the user interface are good features."
  • "The network forensics feature could be improved."

What is our primary use case?

In the past, we deployed for Government organizations and right now we are dealing with a financial institution that is considering implementing Symantec. We primarily work in the Middle East and Australia. We are Symantec partners and implement the solution for our clients. I'm a security engineer. 

What is most valuable?

I like the IPS , GIN and the user interface, they are good features and simple to use. In addition to that, I believe that Symantec is the only vendor that actually includes the deception technology component as part of SEP.

What needs improvement?

I think the network forensics feature could be improved. It's not part of SEP, but it's part of the package and I think that could be improved because we need the decryptor. Without  that you can't actually decrypt the SSL traffic going in the network. If the solution could be completely software-based, it would be a formidable product.

Symantec could include that as an additional feature, it's something that other solutions provide. Secondly, instead of just making it endpoint deception, they could make it network deception as well and that would make it a complete endpoint protection solution.

For how long have I used the solution?

I've been using this solution for the last 12 months. 

What do I think about the stability of the solution?

The stability of the solution is fine. 

What do I think about the scalability of the solution?

We haven't had any issues with scalability. Three months ago we put in a bid where they initially wanted 300 users, but then decided they wanted to scale up to 7,000 users. Symantec had no problem with that. It just requires preparation by taking into account the increased number of endpoints. 

How are customer service and technical support?

Technical support is very good.

Which solution did I use previously and why did I switch?

We used McAfee and Trend-Micro previously, but we didn't get many good reviews for the product. Once we switched to Symantec, the market responded well so we switched to pushing that. We depend a lot on market feedback and after speaking to a lot of cyber experts in the information security field, they said they wanted Symantec. It's pretty much based on market feedback. 

What's my experience with pricing, setup cost, and licensing?

Deploying on-prem makes Symantec a very expensive product but if it's being deployed on cloud it's quite cheap. We lost a lot of bids when we proposed on-prem deployment because of the high cost. 

What other advice do I have?

I would definitely recommend Symantec because the company provides great support from its engineers. Whenever we've had any issues, we give them a call and 10 or 20 minutes later, they make contact. They're also very good at helping us quote for tenders and they negotiate well. 

I would rate this solution an eight out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Find out what your peers are saying about Broadcom, Microsoft, FireEye and others in Endpoint Detection and Response (EDR). Updated: October 2021.
540,694 professionals have used our research since 2012.
NV
IT Security Specialist at a tech services company with 51-200 employees
Real User
Top 5
Customizable Application and Device control, but it is expensive and there are a lot of false positives

Pros and Cons

  • "In Symantec, we have found that the most important feature is Application and Device Control."
  • "Technical support is not as good as we expect, and resolving problems should be more timely."

What is our primary use case?

We were using this product for our endpoint protection.

What is most valuable?

In Symantec, we have found that the most important feature is Application and Device Control. You can customize it to help stop attacks, and we have done that many times in our different environments.

What needs improvement?

Some fine-tuning is required because we often see false positives.

For how long have I used the solution?

I had been working with Symantec Endpoint Detection and Response for more than six years. However, we are no longer using it because we are transitioning to another product.

What do I think about the stability of the solution?

This is a stable solution in our experience. We have read in the community communications that there are some corruptions that occur, which is something that should be fixed.

What do I think about the scalability of the solution?

This product is scalable. We have approximately 3,700 users.

How are customer service and technical support?

Technical support is not as good as we expect, and resolving problems should be more timely.

Which solution did I use previously and why did I switch?

We are currently doing a PoC with Trend Micro. We are looking at Apex One and Deep Security. We are switching because we are interested in using a central management console in a cloud-based deployment.

Symantec has a cloud-based solution, but it not compatible with all of the departments in our organization.

I also have experience with the Websense solution.

How was the initial setup?

Installing on a Windows Server was straightforward.

What about the implementation team?

We have two people for maintenance.

What's my experience with pricing, setup cost, and licensing?

We are currently using the trial version of the latest release. The price is really high and it should be lower.

What other advice do I have?

I would rate this solution a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
MS
Cyber Security Engineer, Team Lead at a manufacturing company with 5,001-10,000 employees
Real User
Dashboard shows new and unknown threats in the environment but support isn't so responsive

Pros and Cons

  • "The most valuable features are that it is easy to connect and global settings are good."
  • "That's why I wouldn't recommend it for other systems. It works only with SAP clients. That's why I'm giving it a six. It would get higher if it worked on all networks without the help of SAP."

What is most valuable?

The most valuable features are that:

  • It is easy to connect
  • Global settings are good

What needs improvement?

I don't see much room for improvement. I am not an analyst for this product. I just manage this product for an analyst. I like the dashboard, it has lots of information like threats and we can see activity on the dashboard. It shows new and unknown threats in the environment. This feature is very good for EDR monitoring and management.

For how long have I used the solution?

We have been using Symantec EDR for the last year. We also have Symantec Endpoint Protection

What do I think about the stability of the solution?

We are facing our own issues that we are checking to see if it's secure. We are working on this with support but they are not able to fix that now. We haven't had any issues regarding the features. It works perfectly. 

What do I think about the scalability of the solution?

Scalability is good. 

How are customer service and technical support?

We have contacted technical support multiple times. They are good but not excellent. We had a few issues and it took them a long time to respond. 

How was the initial setup?

We did the POC within one week and the entire deployment took one month.

What other advice do I have?

It's a good product if you have a lot of SAP solutions. 

I would rate it a six out of ten. Not a 10 because it works on version 14 but SAP clients have some issues and EDR is different on SAP. That's why I wouldn't recommend it for other systems. It works only with SAP clients. That's why I'm giving it a six. It would get higher if it worked on all networks without the help of SAP.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Sergiy Skrypka
Director General at MPR "Sarmatia" sp. z o.o.
Real User
Top 10
Reliable, fast customer service, and priced fair

Pros and Cons

  • "I have had absolutely no problem with using this solution, it really works well."
  • "It is not possible to buy it from the company itself, or resellers in other countries. If it is available, I see that it is offered as part of a larger service. For me, this was not suitable."

What is our primary use case?

We are mainly using the solution to protect our computers from malware and other dangerous occurrences.

What is most valuable?

I have had absolutely no problem with using this solution, it really works well.

For how long have I used the solution?

I have been using the solution for three years.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

We are a small company and we did not branch out to know how scalable it is. We have under 10 people in the company using the solution.

How are customer service and technical support?

Once or even twice I used the technical support and I was assisted almost immediately.

Which solution did I use previously and why did I switch?

We have used McAfee and Trend Micro in the past.

How was the initial setup?

The installation was very easy, the deployment took a couple of weeks.

What's my experience with pricing, setup cost, and licensing?

We have a yearly subscription, and the pricing is fair.

What other advice do I have?

I would recommend this solution to others. However, it is not possible to use it for small companies at this moment. It is not possible to buy it from the company itself, or resellers in other countries. If it is available, I see that it is offered as part of a larger service. For me, this was not suitable.

I rate Symantec Endpoint Detection and Response a ten out of ten.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
RS
Managing Director with 1-10 employees
Real User
Easy to use and constantly updated

Pros and Cons

  • "The interface is quite easy to use."
  • "The Symantec portfolio is not big enough to cover the organization in all 360 degrees."

What is our primary use case?

We are in the healthcare industry and we use this product for our endpoint security.

It is primarily for DLP, protecting us against data leakage via malware and virus attacks.

What is most valuable?

The interface is quite easy to use.

The knowledge and signature database is continuously updated.

What needs improvement?

The Symantec portfolio is not big enough to cover the organization in all 360 degrees.

For how long have I used the solution?

We have been using Symantec Endpoint Detection and Response for almost three years.

What do I think about the stability of the solution?

We have had no issues in terms of stability.

What do I think about the scalability of the solution?

Scalability has not been a problem for us.

Which solution did I use previously and why did I switch?

We currently have multiple vendors that make up our security solution, although this is our only endpoint protection product.

What's my experience with pricing, setup cost, and licensing?

We are satisfied with the pricing.

Which other solutions did I evaluate?

We are looking for an orchestrated solution, where we can have all of the vendors operating under one umbrella. For example, Symantec is a good endpoint solution, but if we also need a perimeter solution then it is not covered.

What other advice do I have?

Overall, I think that this product runs quite smoothly and I definitely can recommend it. Anybody who implements it should not have any problem.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Endpoint Detection and Response (EDR) Report and find out what your peers are saying about Broadcom, Microsoft, FireEye, and more!