Symantec Endpoint Security Benefits

Hakeem_Abdulkareem - PeerSpot reviewer
Head, Security Technology & Engineering at a financial services firm with 10,001+ employees

Symantec centralized our intrusion detection system while creating additional layers of security at the endpoint level. We're not relying on the central intrusion detection system. It gave us more value than expected. 

The solution also helped give us visibility into compliance within our whole system and ensure everything is updated. I can tell you the number of outdated systems from the same management server. In the same console, I can remotely trigger an update on any system. Symantec offers more flexible administration than other solutions. Most other antivirus products get updates directly from their portal, install them on the management server, and all the endpoints pull the update from it. Sometimes, an endpoint may not update. The update might be on the endpoint, but the system will still not pick up.

Most other antivirus solutions can't do a workaround like Symantec, where you can download the JDB file from the portal and copy the file to a specific path on the problem system. You don't even need to install it. Once you drop the script into the system, it will run automatically. After 20 to 40 seconds, the system will be updated, and the status will turn green. 

Using distribution points is also a game changer because it has saved it. Symantec considers that you may have bandwidth issues in this part of the world. You can leverage the update and push the file through locations with inadequate bandwidth. When you push the file through, the update can pull the data file and distribute it across the other endpoints.

Having this flexibility makes the solution easy to use. You can also segment the systems according to assets. It lets you classify servers, ATMs, and workstations separately. You can have different versions because of the flexibility. You can remove some components before generating the agent you are installing on the endpoint. 

I get around 95 percent compliance, meaning that 95 percent of the systems are up to date at any time. I also want to take it a step further to achieve around 98% because I have discovered some systems are not updating.

Then there is another file called the JDB in Symantec that I download regularly and distribute across all the ATMs, which I use as my distribution points. I will run a script to pick this JDB file and copy it to a specific path on all the outdated MAA workstations to update them automatically.

Overnight, I usually copy the script to all 256 distribution points across the nation. The next day, I will run another script that goes to the specific distribution point, acquires the JDB file, distributes it to the list of data systems I have prepared by location, and copy the file to those computers. They will be updated automatically. 

That has been fully automated. I download the file every day at the close of business. It is shared through a script that is already automated across the distribution points the following day at 9:00 am because it's expected that people will resume work by 8:00 am. By 9:00 am, I expect every system to be on. The outdated systems will be targeted with the JDB and updated. 

View full review »
PedroSoares - PeerSpot reviewer
Senior Security Information Analyst at Modal Bank

The best benefit, of course, is the protection against viruses and phishing attacks. In addition, we are using fewer solutions than before for endpoint protection. Symantec is enough for us.

Symantec is important for our organization. We have confidence in it to protect our workstations. We use it for many different types of protection, such as blocking ports, like TCP and UDP. We don't need to use GPOs from Active Directory to block anything or to use Windows files. It's the only solution that we install on our workstations. If we don't have it on a workstation, that is a cause for concern.

View full review »
GE
IT Specialist at a healthcare company with 1,001-5,000 employees

This solution reduced downtime and increased productivity by reducing the sluggishness on machines when they get infected with viruses.

View full review »
Buyer's Guide
Symantec Endpoint Security
March 2024
Learn what your peers think about Symantec Endpoint Security. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
Nicolo De Jesus - PeerSpot reviewer
Security Operations Manager at a energy/utilities company with 1,001-5,000 employees

Symantec detects malicious software in our environment and provides intrusion prevention. We see the benefits immediately after deployment. Our whole platform benefited from Endpoint Security.

View full review »
Prateek Agarwal - PeerSpot reviewer
Manager at Indian Institute of Management Visakhapatnam

We use the solution's pre-built apps for SIEM, orchestration, and ticketing systems for our workstations and servers, which has significantly helped our SOC operations. Data security is a top priority because we have millions using our apps, and email security is critical. The product provides excellent email scanning and a clear, analytical view of what happens in our application environment.    

Regarding the product's ability to fully expose the extent of advanced attacks, especially when attackers use stealthy techniques to avoid detection, it has powerful and intelligent features. These can easily recognize security threats, including potential threats. The solution also receives virus updates to its threat intelligence to keep up-to-date with new and emerging threats.  

The solution helped to contain attackers attempting to gain control of our Active Directory, primarily through observing our existing users and groups. Any unauthorized third-party additions or atypical users are recognized, and the solution notifies us. If users don't match existing groups or domains, they are highlighted, and we can respond accordingly. This is a vital function for any organization because the security of users and groups is a top priority; we cannot accept false information and users in our system. The solution provides transparency and flexibility among users and groups for us to identify anomalies and respond as required.  

The solution improved our security posture, and it's perfect for any enterprise to protect against threats, malware, and ransomware. Symantec features the best security against all kinds of threats.    

The solution saved our employees' time in responding to threats in the region of 25-30%. It can scan all our application system files and hard drive files, providing transparency into our systems and great flexibility in dealing with security threats.     

View full review »
AA
Desktop Support Engineer at Dixit Infotech Services Pvt Ltd

Endpoint Security has helped us manage threats and malware. We saw the benefits immediately. It made our threat response faster and more secure. We find the hash value and create an immediate run policy. We send the policy to all machines, so the virus attack values are not allowed to create more damage or progress further.  

In the event of an attack, we immediately call our backend support team, and they give our backend team agents some steps or guidelines. We implemented a procedure throughout our organization to recover affected files. We create the hash value for the affected side to stop the damage and prevent the attack from affecting every machine.

We verify the hash value and signature updates from Symantec and we search for multiple global virus updates. We have articles from Symantec on use cases for reference, and we create a hash value based on that to protect our environment. 

We collect the logs from Symantec Manager weekly, including the malware, IPS, and device control logs. On the basic level, we can do some fine-tuning to ensure Windows and all the security patches are up to date. Then, we have to protect against any files unnecessarily accessing websites. All sites are restricted. Finally, we observe if any endpoints are still receiving malware attacks in the blocked log and locked resources from that particular machine. 

View full review »
SS
Cyber Security Manager at a tech services company with 10,001+ employees

Policies are very important and valuable for us. We have to ensure the security of the client environment. We have to ensure that there is no tampering, and restrictions are applied to the devices when one uses third-party devices such as storage and pen drives. It has the flexibility to integrate with other devices.

It is helpful in identifying the rogue devices in the environment where we don't have any agents deployed. We can identify them through Symantec. We have also heard that with cloud Symantec, we can do remote deployment through the console itself.

View full review »
Muhammad Ejaz ul Hassan - PeerSpot reviewer
CEO at RISE Technologies

With its behavior forensic, advanced threat hunting, integrated response, and Threat Hunter capabilities, it provides good control over security and improves the security posture.

Symantec is a known name in the market for endpoint and server security. The baseline of their products would always be the same, and with the evolving threats, they are also changing the technology. For example, with ransomware or zero-day threats, you don't have any already-known bad files. So, you don't have a signature for those files. They need to be identified based on behavior. If any file is misbehaving, Symantec Endpoint Security can handle it. This proactive approach or IPS is a part of it. Another example would be that you download a PDF file, and this PDF file has a built-in script. When you open the PDF file, in the background, the script starts, but nobody knows that. If you install Symantec, it will see the behavior of the file. If any file other than the required file is being executed, it will detect that and protect the system from that. Recently, a bank had a breach. There was an attempt to copy a file, which was blocked. With threat analysis, we could see that the system was protected but the bad guy had already passed through or gotten inside the network. 

Their Threat Hunter team helps out to know what exactly happened and the type of breach. For example, you clicked on a link that copied malware on a system. Your system is infected but nobody knows how many systems are affected after you. The Threat Hunter team is very good and professional. They would check its footprint on every system. If you have a breach in your environment, you have to contact them to find out what exactly is happening.

Nowadays, people bring their own devices. Most of the time, you don't know what's installed on these devices, which is the biggest threat to the environment. Symantec provides protection based on the analysis of your application, its behavior, and the type of data being sent and received. Sometimes, when you connect your mobile to any other wifi, such as free wifi or hotspot, if there is anything malicious, it can stop the traffic.

It allows you to choose the policies that you want to implement. There are around 7,000 SCSC policies, and of course, you are not going to enable all of them. You can choose the policies that you want. 

It has various components that help you at various stages: pre-attack, attack, breach, and post-breach. It reduces the attack surface. There is a component for breach assessment, device control, application control, behavior analysis, and isolation. All these are a part of its attack prevention capabilities. It also protects Active Directory. There is a tool called Active Directory Defense to stop an attacker from taking control of a user. It detects credential theft and stops intrusion, which is something no other vendor is currently providing. It also allows you to auto-manage policies, and IPS and IDS are also already there. 

View full review »
KF
Senior IT Security Officer at Lion International Bank

The stability of this product has improved the way our organization functions. There is little maintenance, and it doesn't take long to install or uninstall. Once it is configured correctly, there is little chance of it failing.

This means that we have more of our technical staff available to work on other problems that occur.

View full review »
Arvind Tiwari - PeerSpot reviewer
Deputy General Manager at CMS

It has helped me in providing authentication mechanisms, restricting devices, and blocking global threats. There is about 10% to 15% improvement.

View full review »
LD
Country Director at SOCITECH S.A.

We had a bank that we were working with and they had a challenge in which they needed to protect against vulnerability. They had previously used Kaspersky, we discussed and told them that Symantec is capable and is able to address their specific challenges. We gave them a trial version. When they started they found it very easy; not easy to implement but easy to use. We started with the headquarters here and later we also implemented it for all the subsidiaries in the region, in other countries. They have a centralized solution, so they can help other countries in management. 

View full review »
AT
Director at Tandon Electronics

Endpoint Security provides the school with fundamental protection against viruses and other malware. It only covers traditional endpoints, not mobile devices, but we've never had any outbreaks. 

View full review »
EA
Senior Desktop Engineer

Symantec provides a lot of security for the end user. For example, if I'm going to a website that is not trusted, Symantec will alert me that it's not trusted or it will even block it. It's endpoint security that always gives you alerts about the dos and don'ts before you even get into danger. Some antiviruses will only alert you once you are in danger. With Symantec, you get the alert before you even click on or visit a dangerous site. The detection processes are very good and they have a good notification process to tell you if whatever you are opening or working on is not good for the PC.

I have the solution on my phone and that makes it quite secure. It blocks all ads and malware. Before Symantec, I used to get a lot of ads, especially if I was doing research on the internet. Since I started using Symantec on my phone, it has blocked all of them. And it is connected to my main account on the PC, so it gives me a combined report on whatever I'm doing and whichever sites I've visited.

For us, as an MSP, Symantec is the best for breach prevention. We have been using it for almost two years now and we haven't had any major attacks or ransomware. We are always protected. Previously, before we got to Symantec, one of our clients was attacked by ransomware, but since we deployed Symantec on all our users' endpoints, we haven't had any issues.

In the long run, it has made the security side of our company more solid. Now, we don't battle with viruses and malware. It has helped with our company's growth. Symantec has given us a great sense of assurance and protection. We know that all the devices and endpoints are well secured and that there won't be any major attacks or any damage to them.

View full review »
SS
Security Consultant at InfySec

The very comprehensive machine learning platform has been very helpful and we have been able to prevent most attacks and detect and respond to those threats within minutes.

The reaction time for any incident has been reduced drastically. When there is an incident, the EDR engine is based on AI/ML behavioral analytics. It takes direct action and remediates the infected file, isolating the endpoint, and establishing communication between the endpoint and Symantec's threat-hunting SOC. It submits the file automatically, meaning that no manual intervention is required. If there is an attack on a weekend, we can completely rely on Symantec, rather than needing someone to manually upload these things.

Most of our incidents, no matter what has occurred, are automatically addressed. This has reduced our efforts and the time we spend on incidents. That has a direct impact on our business operations. It has improved the efficiency of our operations.

The major benefit of having Symantec's API is that you get access to all the methodologies and mechanisms, and it's accessed in a single dashboard. That makes it a one-stop solution, where you can have everything integrated. It also helps us in orchestrating and correlating our security incidents.

An added benefit is that if you have it integrated with your ticketing system, tickets will also be triggered. You get an SMS alert or an email notification, but that's a secondary thing.

The solution has helped organizations enhance their security posture considerably. We haven't faced any breaches so far, meaning we have been protected adequately. We actively perform quality assessments, penetration testing, and we do forensic analysis. In addition, we have third-party SIEM software monitoring all our assets on a day-to-day basis and they haven't identified any anomalies. That means that Symantec is protecting us well, and we have implemented it and been running it for the last three-plus years for multiple clients.

View full review »
SA
Information Technology Specialist at Wonderla Holidays Ltd

It lets us control users and their actions when browsing.

Every month, we do an analysis. This allows our systems to be the most effective with all the changes that need to be done. It gives us a dashboard where we can view four or five key components, like malware protection, exploit protection, network intrusion, behavior analysis, and additions to the firewall. We also do daily, weekly, or monthly analyses based on events. This helps us have a clearer picture of our organization, what is wrong with a security event, and where you need to really focus to prioritize events. For example, if you have a network intrusion on the firewall, this gives a detailed view of your network where you can focus on the right solution, and prioritizing events.

We are using the solution to mitigate security breaches. We are constantly monitoring the endpoint interface dashboard. If there is a breach, it gets isolated. We see those on the report and event logs. We then apply the Application Control feature to take remedial actions.

If there is exposure, we need to investigate the source of the attack, e.g., whether it came from the network or externally. We view the firewall logs, and if there has been exposure, then we use the Application Isolation feature. When there is an attack with on-prem, that system will go into isolation mode, removing connectivity to other internal systems. We also restrict the WLAN part to avoid that system broadcasting to other networks.

It gives us a big picture of our response and remediation processes with one product, which is very good.

View full review »
Olajide Olusegun - PeerSpot reviewer
Network Team Lead at Atlas Security

It's very good. Most of the clients are using this solution. It's able to protect workstations from threats, malicious files, and malicious USB drives. It's able to protect business-related files on the workstations. If you have an environment where you need to protect critical files from threats, it's a good solution.

It also defends us against the latest sophisticated attacks, such as key-finding attacks and spyware. It provides protection against threats, spyware, ransomware, malware, etc. It's pretty good at that.

It provides a single pane of glass. You can see everything through the dashboard. It's pretty good.

It has improved our security posture. It protects us from attacks outside, and it protects our files. It also prevents the corruption of files and secures our critical business-related files.

View full review »
SB
Computer Systems Administrator at a university with 10,001+ employees

The solution probably caught some malware a certain percentage of the time and that helped the organization. By the time we abandoned it, it was actually less effective, at least on Windows 10 machines, than the built-in antivirus that you get with the Windows 10 Defender Antivirus. It became, in the end, sort-of a liability.

It also became a liability when the company was sold to Broadcom. The name is actually different now. I don't think it's called Symantec Endpoint Protection. It's called Broadcom Endpoint Protection. We had a very difficult time even getting in touch with the technical support from that company, especially after Symantec was sold. It wasn't a very robust solution.

View full review »
CP
Owner at ONE2ONE Tech Solutions

Initially, it provided easy centralized management of policies and devices. Threat protection has always worked well.

View full review »
GS
Solutions Specialist Security at COMPAREX India Pvt. Ltd.

Symantec has cloud-based endpoint protection, so whether a user is off the network or on the network, the endpoint will be protected by the cloud.

View full review »
Saurabh Patel - PeerSpot reviewer
Technical Support Executive at Adit Microsys Pvt Ltd

We are using it on 1,600 computers. All the systems and servers are protected with the Symantec solution. Our environment has an uptime of 99.9% because we never had any attack or issue related to viruses. There is zero downtime.

It works very smoothly. There is no high utilization of the hardware.

View full review »
VK
Administrator at a real estate/law firm with 5,001-10,000 employees

It is a good product. It has saved us from external attacks and viruses.

View full review »
NM
Technical Manager at Mignet Technologies

I recently checked with a customer, and the feedback that we have got from this customer is that it is catching almost all pirated applications. They are very happy with it. The customer was using a few pirated applications, and it blocked all those applications. The IT person was able to convince them to go for genuine applications.

View full review »
LA
IT Security Lead at a tech services company with 10,001+ employees

It keeps our machines up-to-date with the definitions of the current zero day attacks, which happens in real-time scenarios. It protects our data and the clients' data, which can be secured by using this product.

View full review »
AC
Head of IT Department at a pharma/biotech company with 10,001+ employees

For me, the end point is almost a commodity. So, an advantage with Symantec is the integration. The integration with our two directories for taking control to administrate people, and then follow up with the segmentation to different people. To be able to manage a subset of the endpoint registering the solution, the distribution is in geographical sounds. The dashboard can be emailed, and I can receive the solution.

View full review »
BW
IT Admin at a manufacturing company with 51-200 employees

It has reduced our attack surface and that's why we keep using the solution. It helps prevent cyber attacks and spam. Symantec Endpoint Security is an important element for maintaining security in our company.

View full review »
Heritier Daya - PeerSpot reviewer
Network Administrator at a financial services firm with 1,001-5,000 employees

The Symantec product helps us protect ourselves against the Trojan horse. It reduces risk. As a financial institution, we are constantly at risk of attack.

View full review »
Mostafa  - PeerSpot reviewer
System Administrator at Suez Canal Insurance

It helps me with the security policies that I make. I can change policies quickly and easily.

View full review »
IH
Endpoint Specialist at a computer software company with 201-500 employees

Symantec is top of all of the antivirus tools. I couldn't find any single incident that happened. Symantec was not the leader previously, McAfee and Kaspersky were. This is a new game.

View full review »
ES
Group Brand Manager at a comms service provider with 51-200 employees

Endpoint Protection has improved our operations by protecting our servers from potential cyber threats.

View full review »
BL
Information Technology at a non-profit with 201-500 employees

This solution is just another antivirus. Whether it actually works, nobody knows. If it finds something then it's great but if it misses something then we just don't know about it.

View full review »
LC
Systems Engineer at a tech services company with 51-200 employees

The biggest benefit right now is that we have a lot of people who know it well. Based on what we've seen, we don't think it's the best solution out there. But it catches basic things.

View full review »
it_user847761 - PeerSpot reviewer
Consultant at TNPL

This solution has helped us because it is really useful for blocking all kinds of viruses.

View full review »
MR
CEO at Tech Valley Networks Limited

It has improved our productivity and, from a security point of view, we feel safe from spam. For endpoint protection, we are not facing problems now.

View full review »
JC
Director of Technology Operations at International City/county Management Association

It protected well enough, but we ran Malwarebytes in conjunction to help protect against zero-day exploits/malware issues that occasionally slipped through.

View full review »
AN
Systems Administrator at a pharma/biotech company with 51-200 employees

Centralized & localized control of client machines ,  using the SEPM dashboard.

View full review »
it_user381717 - PeerSpot reviewer
Information Security Senior Engineer at a tech vendor with 10,001+ employees

It's made the work environment more secure, and reduced the number of malicious malware attacks.

View full review »
it_user805980 - PeerSpot reviewer
Consultant at Godimo IT

Symantec, as an antivirus solution, makes things far better on the management and the vulnerability scanning sides. From a management point of view, it is good.

View full review »
Lead System Engineer at a tech vendor with 1,001-5,000 employees

It blocks malware, as it is supposed to.

View full review »
it_user676365 - PeerSpot reviewer
Senior Security Administrator at a tech services company with 10,001+ employees

As a service-centric company, we have advised Symantec endpoint solution to various clients. They have been satisfied with the quality Symantec offers. It is easy on maintenance, has brilliant support. What else would a business need? It has helped to protect the endpoint infra in an efficient manner.

View full review »
it_user676353 - PeerSpot reviewer
Systems Project Manager at a retailer with 1,001-5,000 employees

After the initial setup, you don’t have to worry about the AV clients. It simply works.

View full review »
VN
Service Manager with 51-200 employees

It is very easy to use and keeps us secure.

View full review »
it_user1280532 - PeerSpot reviewer
Network Server Analyst at Everport Terminal Services

The firewall, malware, and anti-virus protection have earned its keep in times past by catching the unexpected. At the same time, illustrating in real-time the status of managed clients within the array. 

View full review »
GR
Enterprise Architect Manager at Accenture

A secure stable product, and good customer service of this product from the vendor. Waiting to see how the cloud version pans out.

View full review »
JM
Director for Cybersecurity Solutions at a tech services company with 11-50 employees

We no longer have to deal with day-to-day threats, and we can focus more on work. Whenever there are some problems, our operations don't stop. So, we can continue our work knowing that there is a good security solution protecting us.

View full review »
PM
Accounting Assistant with 1,001-5,000 employees
  1. Ever since we started using the app, we no longer have problem computers being constantly frozen-up because of viruses.
  2. We had spent a long time fighting the Shortcut virus that was spreading around the campus but it was eliminated after we started using this solution.
View full review »
DH
Chief Executive Officer at a tech services company with 1-10 employees

This product provides complete laptop and desktop protection from cyber attacks.

View full review »
HH
IT Director at Al Akhawayn University

SEP was very useful for protecting devices that belonged to students, faculty, and staff. However, it was a source of problems for some users, as some services/apps in their devices were blocked/frozen.

View full review »
it_user814116 - PeerSpot reviewer
Consultant

Great solution for a company like mine. 

I like Symantec Endpoint Solution quite a lot. I hope it continues improving over time.

View full review »
SA
Director at a tech services company with 11-50 employees

No overhead of troubleshooting after installation makes it my favourite.

View full review »
JH
IT System and Storage Administrator at a financial services firm with 51-200 employees

For protection use only.

View full review »
Pablo Dewes - PeerSpot reviewer
Senior Technical Consultant (SE and Strategic Project Manager) - Email Fraud Protection - LATAM at a tech vendor with 201-500 employees

In a large environment, it is a challenge to manage what areas can have specific rights or functions enabled or disabled, considering their needs. SEP had the opportunity to integrated Microsoft Active Directory structure into the SEP Admin console. Based on that, it was easier for me to apply specific policies for different business areas with different users. For instance: Enable USB rights only for C-level users/Disable SONAR feature for marketing team considering their needs.

View full review »
it_user693255 - PeerSpot reviewer
Information Security Manager at a energy/utilities company with 201-500 employees

It has been a time saver for operational and reporting tasks related to key security controls.

SEP provided visibility on threats and security incidents.

View full review »
it_user819690 - PeerSpot reviewer
IT Systemadministrator at a construction company
  • Rather simple management
  • Easy to deploy with medium maintenance.
  • I believe to get the full benefits of Symantec Endpoint Protection, Symantec ATP is required. It provides quite a good overview of how threats have spread within the company.
View full review »
it_user900123 - PeerSpot reviewer
Partner at a consultancy with 1-10 employees

It has made anti-virus and security management much easier. Also, it has really lowered the time required to manage all of the endpoints, resulting in higher efficiency, and a better efficiency/cost ratio. It has a really good cost-benefit.

View full review »
it_user765246 - PeerSpot reviewer
Senior Consultant - Infrastrute at a tech services company
  • Reduced burden of responding to alerts.
  • Granular security lets lower level techs triage issues as they come in.
View full review »
it_user294141 - PeerSpot reviewer
Information Security Manager at a logistics company with 1,001-5,000 employees

It has been a time saver for operational and reporting tasks related to Key Security Controls.

SEP provides visibility into threats and security incidents.

View full review »
it_user377553 - PeerSpot reviewer
IT Security Engineer at Biztronz

Not applicable.

View full review »
it_user701514 - PeerSpot reviewer
Responsable de Infraestructura at a tech services company with 201-500 employees

It has been very useful against the day-to-day viruses and security threats.

View full review »
it_user200313 - PeerSpot reviewer
Security Consultant at Accenture

Managing SEP is very easy, and also troubleshooting part is easily managed. New Version is good with new features. 

View full review »
it_user760161 - PeerSpot reviewer
Consultant with 51-200 employees

Previously scans were taking a long time, hours or even a day. But nowadays, when the product scans, the time taken is only 15 to 20 minutes for a full scan. This is the main improvement, because it no longer affects the day-to-day work of users.

View full review »
Buyer's Guide
Symantec Endpoint Security
March 2024
Learn what your peers think about Symantec Endpoint Security. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.