We performed a comparison between Elastic Security and Symantec Endpoint Security based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I can look at events from more than one source across multiple different locations and find patterns or anomalies. The machine learning capabilities are helpful, and I can create rules for notifications to be more proactive rather than responding after something has gone wrong."
"It is scalable."
"It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"The most valuable features of the solution are the prevention methods and the incident alerts."
"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
"The product has huge integration varieties available."
"The most valuable features are the speed, detail, and visualization. It has the latest standards."
"The most valuable features of this solution are that it is really easy to use, and it is secure."
"The antivirus and antimalware features are good."
"The product has valuable features for insights."
"Protection from viruses, malware, Trojans, and malicious files is most valuable. It is also good in terms of application control. I can control the type of external media that can be connected with endpoint devices and protect them from malicious files and devices such as USB."
"This product is valuable for ransomware protection, general malware protection, and network exploitation protection."
"I have found the central control console the most valuable feature."
"The features are very nice. We are getting updates continuously from the Symantec side regarding any attacks, such as zero-day attacks. Symantec helps us in mitigating any attacks or threats early."
"Symantec is very user-friendly, the interface and functions are very simple for everyone to understand. Additionally, it's a very robust system."
"I would like more ways to manage permissions and restrict access to certain users."
"The training that is offered for Elastic is in need of improvement because there is no depth to it."
"This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage."
"The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"We had issues with scalability. Logstash was not scaling and aggregation was getting delayed. We moved to Fluentd making our stack from ELK to EFK."
"Upgrades currently released as stacks when it should be a plugin or an extension to save removal and reinstallation."
"Its documentation should be a bit better. I have to spend at least a couple of hours to find the solution for a simple thing. When we buy Elastic, training is not included for free with Elastic. We have to pay extra for the training. They should include training in the price."
"I would like to be able to migrate to the cloud so that the end-users outside the company offices don't need a VPN to connect to the Symantec server to update the policies. They should be able to connect to the admin center directly through the internet to get updated policies. There is some integration issue with the other security appliances or tools. Other hardware, firewall, or Network Detection and Response (NDR) solution vendors are not willing to integrate with Symantec. They only mention products from other vendors such as CrowdStrike and Carbon Black. Symantec is not there. Symantec should work on integration with products from other security vendors."
"If a machine is infected by ransomware, it's hard to recover the data. We don't have any data on the client, so we're not overly concerned about that. Still, it would be nice to have this feature if there are any future problems."
"We had trouble with the advanced features, such as the firewall builder and all the network protection modules. We were having a lot of issues because it would sometimes block users or the printing, or it would create issues with the network access resources."
"Symantec isn't good in terms of updating customers about updates. You'd normally have to search it out. Sometimes, the update process for the administration and management console can be a bit intimidating, and it can be quite inconvenient to get the updates. That's because when you have to do the update, you have to update the management console, and then you need to update the clients. Their application that's installed on desktops and servers needs to go hand in hand with the management console. Sometimes, it's a bit unwieldy to see that process through."
"Symantec's application security module needs some improvement. You need to create a lot of fingerprints for application security. For instance, let's say I have different brands of ATMs in my environment, like Wincor and NCR. I use GRG to deploy an application control to whitelist some applications. I have to get the exact image of the different models of ATMs. When I tested in the past, some machines would not connect to the server without that."
"Using the management console is a bit complex. There are many features that we cannot use and we could use some help. We need some assistance to make them work better. They need to add features to make it simpler."
"The support can be wanting. Sometimes the time to resolution is longer than I would expect."
"This solution is resource-heavy."
Elastic Security is ranked 5th in Log Management with 58 reviews while Symantec Endpoint Security is ranked 5th in Endpoint Protection Platform (EPP) with 139 reviews. Elastic Security is rated 7.6, while Symantec Endpoint Security is rated 7.6. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Symantec Endpoint Security writes "The solution has given us visibility into compliance within our whole system and helped us ensure everything is updated". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Symantec Endpoint Security is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Cortex XDR by Palo Alto Networks, Trend Micro Deep Security and Kaspersky Endpoint Security for Business. See our Elastic Security vs. Symantec Endpoint Security report.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.