Please share with the community what you think needs improvement with Symantec End-user Endpoint Security.
What are its weaknesses? What would you like to see changed in a future version?
Managements' number one item on the "Wish List" would have to do with the real-time scan of external media inserted into any client. A secondary concern is software compatibility with other important networked tools: WSUS, Desktop Central, etc, without a large number of exception rules.
It is only available to use on computers with higher-end specs. I think the software should be compatible with all versions of all computers, even earlier models. This would allow all clients to be included, which is important for those who cannot afford to buy the latest computers.
I would really like some of the features that are available in Kaspersky Enterprise to be available in the client version of this solution. In the next release of this solution, I would like to see more to do with malware, encryption technology, and controlling mobile devices. I would like to be able to protect my wireless equipment at that level.
Reporting in this solution needs improvement. The product could be improved if it repeated data, and if it showed that data better in the analytics.
The device control level and application control level should improve. I am finding a lot of issues when I block the devices, like a printer or scanner. In the classes of the devices for the application control, the most important issue is the hashing. Nowadays all the vendors, like Cisco firewalls, are detecting threats with the hashes. Symantec has this option that we can block them always by the hashes but the problem is that sometimes Symantec detects these hashes and is not consistent. These two parts should improve. The rest is always awesome. These two parts are very critical because I found a problem in application and device control. Symantec Endpoint has a perfect agent. It's going to be how many agents you can combine in resources. In the new releases, if they create a single agent to improve the control incrementally, it would be better. If you want to deploy ATP, you should have a separate event. You have to install separate events. With Symantec Endpoint Protection, any other protection should be installed, then configure the warnings. It does not ask for any new agent to install on the client machine. A single agent is enough. Symantec will get a lot of popular support from the industry because people don't like to install agents. For the ATP, you have to install separate events. For the Endpoint, you have to install separate events. If you install all the separate events, it is a huge load on a Windows machine. People start complaining. If Symantec wants to improve, they should have a single event for all their products, like ATP, DLP, and Endpoint Protection.
The Centralized Management could be improved. The deployment is very limited. They can improve on reporting as well. If they can improve threat incident analysis, that would be great. The solution itself is pretty comprehensive at this stage, and the features that we would like to be added to these are available as separate purchases, so I wouldn't that there's anything new that I need in there, they probably covered all the bases at this stage.
The reporting function definitely has room for improvement. If Symantec can provide us with the overall API for accessing and reporting, that would be great. The reporting function needs to be more user-friendly in general. I think we have too much technical level reporting, I think it would be better to have more user and usage types of reporting. I would like to see in the next release focus more on unusual behavior so that we can know how the end results are behaving and if they are in the clear. They should also provide users with some sort of training videos, for how to use the solution.
The pricing is a little bit more expensive than other competitors, if you compare it to Kaspersky, for example, or McAfee. The detection and response can always be improved.
Sometimes the interface can be a bit cumbersome, and maybe the help features. If you're not charged with administering the product and you don't do it every day it can sometimes be difficult to remember how to do the simple basic things, so some type of help or guidance for your most regular or frequent tasks would be good. Something similar to what the product called Serviceaid has. I also think that the website itself should be improved. They have so many products that when you actually look on their website and you look for helpful guidance you just tend to get lost because they seem to have so much going on. So, basically, a bit more intuitive help and guidance features, as well as more intuitive service information. Some type of solution for mobile devices would be good. For mobile devices, it's drawing from a Windows-based client, so for many core clients for OSX and Linux machines, those OS could be integrated directly. There's no client for mobile devices except for IOS and Android devices.
The overall quality of the product needs to be improved because with the last session we had several issues with new versions. Also, the solution needs better protections.
Better communication and coordination with Microsoft would help to prevent delays that are frequent when operating system updates are released. As it is now, when a new build from Microsoft comes out, we get warnings to say that certain applications are not compatible. We sometimes just have to wait until a new version of this solution is released in order for it to work properly. One of the problems is that Microsoft releases updates often, and sometimes they don't tell anybody. This can lead to the whole configuration being corrupted. I would like to see a hybrid version of this solution that covers both in-house and cloud-based servers.
This solution needs better compatibility with services and applications.
If we install a client's software in our location, such as Microsoft Office or Adobe reader, we would like to have these endpoints protected.
This latest version upgrade/migration over the last year has been atrocious. There have been numerous support issues and calls with Sr. VPs at Symantec, who were always understanding about the problems, but the product has proven unreliable to install and manage. The protection itself seems as solid, but if devices are losing their licensing without notice for no reason, it's only a matter of time before they become compromised. The bottom line is that when it comes to management, reliability of management, reporting, alerting, installation, and licensing, if these don't work reliably you can't trust the product's security capability.
We must have complete dissolution with advance care protection but we are finding out that we need more Symantec technical specialists. We have identified a need to hire at least one more technical specialist familiar with Symantec to improve our solutions capabilities. Additionally, an endpoint detection response feature would be great but not with an additional license, it should be included as an additional feature. We have identified this as a solution that our customers are very interested in, but they don't want to purchase additional subscriptions.
We have talked to Symantec about a feature that is lacking. Any external device which is inserted into a computer should be subject to an auto-scan policy, to automatically scan it before accepting the device. Let's say I have a pen drive and there is a Trojan virus for which the signature is not updated. If the signature is not updated, then the system should automatically scan and understand that there is a foreign file and it should be blocked immediately. That is the one feature that I feel is missing. They need to make it more user-friendly, so that when anyone puts in a USB stick it will be scanned, popping up any problems before it is used. This is a feature they need to work on, in my opinion.
About four years back, Symantec's signature was very heavy and their signature patch was around 200MB or 300MB files.
The mobility solution should be improved. You need to separately purchase mobile, like a smartphone with Android and so on, you need to buy it separately with SAP, for example. It would be better for the user to use the same solution with all devices, even laptops, desktops, server and so on. They should also use the same endpoints for mobile devices. There are a few negative points. They should separate the feature for each separate solution for mobile devices. The second one is about the price, it's expensive. Finally, the third would be the complexity of implementation.
* Device encryption status and coding off of said status. * Better inherent checks against duplicate IDs.
I think the CPU dependency should be enhanced. In addition, some device control features are in need of enhancements.
* An easier management portal * Setting up and managing profiles was overly complex * An easier cloud management portal would be appreciated.
A good improvement would be altering the console in the console manager. Sometimes we need to add and improve the security to access to the console because the indicators and we can take management activities into the console, and it's, nice to have to improve the security access to the console.
In the future, I think there should be a sandboxing feature. Some of the most used endpoint protection does not include sandboxing. We cannot rely on URL filtering or IP repetition. Sometimes attacks can pass through the firewall. In addition, this product must be compatible with a VMware environment. Because most of our server has VMware. It seems that its not working very well with VMware. Finally, they need to do some effort to make it a little bit sly. They have to make some improvement in order to not make the computer slow during all of the backend scanning.
It would be nice to be able to manage the endpoints a bit further. A valuable attribute would be the management of software inventory, software deployment, and third-party software deployment. I would like to see the ability to deploy and delete unlicensed software. Many users try to install what they shouldn't, so that would be really useful. What would be really great would be to have the ability t manage those applications that you don't need to install to run. Those are a nightmare for companies, for mine as well. Applications like BitTorrent and unsupported browsers, all of those. Even with decreased user privileges, they are still able to run, so that's a big area to focus on in the future.
I would like to see even more customization, the possibility to do whitelisting. It needs to be a little bit more liberal on whitelisting, even to use the name if needed, instead of hashes.
I would like to see fileless attack protection. Also, the version could be lighter.
I would like to see improvements in the anti-virus and the device control features. Anti-Virus: I would like to see Symantec improve the ant-virus to stop and detect Ransomware and email attachments. Symantec is weak with Ransomware. I would like to see the anti-spam for Outlook improve the scanning and blocking of attachments. Device control: I would like to see an improvement in the USB control, because it sometimes creates a conflict with USB printers.