"The visibility and insight this solution gives you into threats is pretty granular. It has constant monitoring. You can get onto the device trajectory to look at a threat, but you can also see what happened prior to the threat. You can see what happened after the threat. You can see what other applications were incorporated into the execution of the threat. For example, you have the event, but you see that the event was launched by Google Chrome, which was launched by something else. Then, after the event, something else was launched by whatever the threat was. Therefore, it gives you great detail, a timeline, and continuity of events leading up to whatever the incident is, and then, after. This helps you understand and nail down what the threat is and how to fix it."
"It is extensive in terms of providing visibility and insights into threats. It allows for research into a threat, and you can chart your progress on how you're resolving it."
"One of the best features of AMP is its cloud feature. It doesn't matter where the device is in regards to whether it's inside or outside of your network environment, especially right now when everybody's remote and taken their laptops home. You don't have to be VPNed into the environment for AMP to work. AMP will work anywhere in the world, as long as it has an Internet connection. You get protection and reporting with it. No matter where the device is, AMP has still got coverage on it and is protecting it. You still have the ability to manage and remediate things. The cloud feature is the magic bullet. This is what makes the solution a valuable tool as far as I'm concerned."
"The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."
"It doesn't impact the devices. It is an agent-based solution, and we see no performance knock on cell phones. That was a big thing for us, especially in the mobile world. We don't see battery degradation like you do with other solutions which really drain the battery, as they're constantly doing things. That can shorten the useful life of a device."
"The solution's integration capabilities are excellent. It's one of the best features."
"The entirety of our network infrastructure is Cisco and the most valuable feature is the integration."
"Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP."
"Being able to carry out a full scan on your system."
"The protection is really good with Malwarebytes. It's also user friendly and quite easy to set up."
"Being able to cloud manage it from just a cloud login is valuable. We can get to it from anywhere, which is really helpful. The fact that we can remediate from the cloud console is one of our favorite features."
"I like the solution's ability to detect potentially unwanted programs. For some reason, it seems superior to other solutions, or at least in comparison to McAfee."
"The endpoint protection and response that allows us to restore a machine back to a pre-infected state are the most valuable features."
"When it comes to frontend protections, it has some of the best definitions. In addition, they do traditional signature and heuristic detection a lot better than Microsoft and some other players in that space."
"It is intuitive and easy to use. For the most part, it does a good job of catching things. It is good at stopping stuff. I did a couple of tests with a password cracker. I tried to load that on, and Malwarebytes didn't let me do that, which was pretty good. It has a rollback feature that I haven't seen with any other company. If one of your endpoints are hit with mass ransomware, you could actually roll it back. I watched a demo of them do that, and it was pretty sweet."
"The installation process is very easy, especially since it is on the cloud."
"Some important features that are included are the built-in firewall and device control."
"I like the additional features that come with it. The firewall feature and the encryption feature that they throw in are good as well. Another thing that I like about Symantec is that it runs on different platforms, not just on Windows."
"This solution helps in that I can control quite a few computers from our central location, with ease."
"Some of the most valuable features were antivirus, malware, and spyware. They were really good."
"I have found the central control console the most valuable feature."
"Symantec End-user Endpoint Security is a very powerful solution."
"The solution can scale."
"The antivirus and antimalware features are good."
"In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through."
"I would recommend that the solution offer more availability in terms of the product portfolio and integration with third-party products."
"We had a lot of noise at the beginning, and we had to turn it down based on exclusions, application whitelisting, and excluding unknown benign applications. Cisco should understand the need for continuous updates on the custom Cisco exclusions and the custom applications that come out-of-the-box with the AMP for Endpoints."
"I would like to see integration with Cisco Analytics."
"...the greatest value of all, would be to make the security into a single pane of glass. Whilst these products are largely integrated from a Talos perspective, they're not integrated from a portal perspective. For example, we have to look at an Umbrella portal and a separate AMP portal. We also have to look at a separate portal for the firewalls. If I could wave a magic wand and have one thing, I would put all the Cisco products into one, simple management portal."
"The connector updates are very easily done now, and that's improving. Previously, the connector had an issue, where almost every time it needed to be updated, it required a machine reboot. This was always a bit of an inconvenience and a bug. Because with a lot of software now, you don't need to do that and shouldn't need to be rebooting all the time."
"The GUI needs improvement, it's not good."
"The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. Instead of paying a license for one computer, I have to license two computers until I manually go in, search for all the duplicate entries, and clean them out myself."
"They could come up with better reporting capabilities."
"The online reporting needs to be improved. Currently, we have to look at it online, and if we want to download a report, it just downloads as an Excel file. It's just raw information. There needs to be some way to better display it when it's downloaded."
"Overall, I haven't found any ways the solution lacks in features or usability."
"We have noticed that when the solution is doing the scanning, all the scanning activities make the device heavier. It slows down your machine."
"The interface could be improved. Currently, you need to really dig around to find the elements you need."
"I would like to see a little more detail in the log. So, when an event occurs, I'd like to know not just when it happened and on what device, but what activity was taking place on the machine at the time so that we can drill down. If we get a false positive, we have to do a lot of research and go back and forth with our end-users to know why it was a false positive. So, having a little more detail around detections and events would probably be my most asked feature."
"Requires increased efficiency in terms of detecting false positives."
"Malwarebytes is too simplistic. From a SOC IR perspective, it doesn't give you very much data around it. It doesn't tie things or provide SHA-1 and SHA-256 detection information, which makes it hard to do an additional investigation."
"The stability was not the best. There were times when antivirus updates broke it. It wasn't necessarily self-updating - at least, not in terms of the virus signatures. It updated in terms of the executable files. Therefore, when Windows updates would come out, they often couldn't be installed, or the computer would hang due to the fact that the updates weren't compatible with the antivirus."
"Since the division of the company, we have experienced a lack of support."
"There is no local support for Symantec products in Hong Kong."
"The technical support could be a bit better."
"Symantec isn't good in terms of updating customers about updates. You'd normally have to search it out. Sometimes, the update process for the administration and management console can be a bit intimidating, and it can be quite inconvenient to get the updates. That's because when you have to do the update, you have to update the management console, and then you need to update the clients. Their application that's installed on desktops and servers needs to go hand in hand with the management console. Sometimes, it's a bit unwieldy to see that process through."
"Future releases should ideally be cheaper."
"Since the acquisition by Broadcom, we are no longer receiving the proper support."
"The solution could improve by having a better graphical interface."
More Symantec End-User Endpoint Security Pricing and Cost Advice →
Malwarebytes is ranked 21st in Endpoint Protection for Business (EPP) with 13 reviews while Symantec End-User Endpoint Security is ranked 6th in Endpoint Protection for Business (EPP) with 59 reviews. Malwarebytes is rated 8.0, while Symantec End-User Endpoint Security is rated 7.2. The top reviewer of Malwarebytes writes "I can access it from anywhere and remediate quickly from the cloud console, but there should be a little more detail around detections and events and better pricing". On the other hand, the top reviewer of Symantec End-User Endpoint Security writes "Lacks next-generation behaviour-based detection, offers terrible technical support, and not as robust as competitors". Malwarebytes is most compared with Microsoft Defender for Endpoint, SentinelOne, CrowdStrike Falcon, Sophos Intercept X and ESET Endpoint Security, whereas Symantec End-User Endpoint Security is most compared with Microsoft Defender for Endpoint, Cortex XDR by Palo Alto Networks, Trend Micro Deep Security, CrowdStrike Falcon and Cybereason Endpoint Detection & Response. See our Malwarebytes vs. Symantec End-User Endpoint Security report.
See our list of best Endpoint Protection for Business (EPP) vendors.
We monitor all Endpoint Protection for Business (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
