We compared Symantec Endpoint Security and Microsoft Defender for Endpoint based on our users' reviews across several parameters.
Symantec Endpoint Security is praised for its robust protection, advanced threat detection, and comprehensive coverage, but users suggest improvements in integration, interface, scanning speed, and resource utilization. Microsoft Defender for Endpoint receives high ratings for its security measures, integration, interface, and customer support, but users note the need for enhancements in system performance, user interface, and threat detection capabilities. Pricing for both products is deemed justified, with positive ROI reported by users.
Features: Symantec Endpoint Security stands out for its advanced threat detection and comprehensive security functionalities. Microsoft Defender for Endpoint is valued for its seamless integration with other Microsoft products, efficient threat detection, and user-friendly interface.
Pricing and ROI: Symantec Endpoint Security's setup cost is justified by its strong features, while Microsoft Defender for Endpoint offers competitive pricing with a reasonable setup cost. Symantec's licensing is flexible, while Microsoft's process is user-friendly. Symantec Endpoint Security users praised its positive ROI, citing good value, cyber threat prevention, and time/resource savings. Microsoft Defender for Endpoint also delivers strong ROI, with users reporting valuable outcomes.
Room for Improvement: Symantec Endpoint Security has room for improvement in integration with security tools, interface usability, scanning speed, and resource utilization. Microsoft Defender for Endpoint could enhance system performance, user interface, threat detection, scanning efficiency, and advanced threat prevention.
Deployment and customer support: Users find that setting up Symantec Endpoint Security takes longer than setting up Microsoft Defender for Endpoint. Some users of Microsoft Defender reported varying durations, with some needing three months for deployment and a week for setup, while others required only a week for both. Symantec Endpoint Security offers responsive and efficient customer support, praised for prompt solutions to technical issues. Microsoft Defender for Endpoint is highly praised for its knowledgeable support team and effective assistance.
The summary above is based on 208 interviews we conducted recently with Symantec Endpoint Security and Microsoft Defender for Endpoint users. To access the review's full transcripts, download our report.
"We have FortiEDR installed on all our systems. This protects them from any threats."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"This is stable and scalable."
"The stability is very good."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"NGAV and EDR features are outstanding."
"It is stable and scalable."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"It is easy to install and use requiring little maintenance but applying updates."
"The solution integrates very well with Windows applications and Microsoft endpoint products."
"The detection features are valuable, as is the fact that it is easier to port these logs into Sentinel. That is also useful for us. It is more comprehensive."
"For threat-hunting, I'll put some threats in a test scenario. I've downloaded known viruses that are out in the public for testing. They're not really a virus but they've got a signature. Defender for Endpoint will automatically find those, quarantine them for me, and alert me to what it did. It gives me "automated eyes.""
"Microsoft Defender for Endpoint is free and part of the licensing stack of other Microsoft products."
"The solution can scale as needed."
"The comprehensiveness of Microsoft threat-protection products is great... Today, Microsoft Sentinel by itself is a leading Gartner SIEM tool. It has advantages over competitors because of the ability to integrate with Microsoft solutions and automate continuous monitoring of Microsoft AD and Office 365 data."
"Defender works in the background monitoring the traffic for viruses."
"Endpoint Protection is the next generation. It covers antivirus, spamware, ransomware..."
"Symantec has cloud-based endpoint protection, so whether a user is off the network or on the network, the endpoint will be protected by the cloud."
"The application and device control functionality is good. We are able to see which applications are installed using the product management dashboard."
"Some important features that are included are the built-in firewall and device control."
"The most valuable features of Symantec Endpoint Security are endpoint protection, antivirus, firewall, and policy creation."
"Symantec End-User Endpoint Security is easy to use."
"It's a single-agent installation with many features including wireless protection."
"I like the endpoint detection and response. That's the best feature. I also like the fact that we don't need to use a file on the computer, whereas some anti-malware solutions work with a file on the endpoint. Symantec is a very good option compared to solutions from other vendors."
"The SIEM could be improved."
"It takes about two business days for initial support, which is too slow in urgent situations."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"The only minor concern is occasional interference with desired programs."
"The support needs improvement."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"We find the solution to be a bit expensive."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"They're in the process of pulling more things together. They can continue with the integrations and provide a better way of seeing the impact of security changes, especially on the endpoint side. Before we actually flip the switch, we should be able to see the impact of security changes on the business or business applications. It would prevent breaking any business applications."
"There's a lot of manual effort involved to configure what we need."
"With the XDR dashboard, when you're doing an investigation and you're drilling down to obtain further details it tends to open many different tabs that take you away from your main tabs. You can end up having 10 tabs open for one investigation. This is another area for improvement because you can end up getting lost in the multiple tabs. Therefore, the central console can be improved so that it does not take you to several different pages for each investigation."
"There is room to improve the security of the solution."
"Microsoft Defender for Endpoint is secure but when it comes to security all solutions could improve security."
"They should bring back the feature of a dedicated proxy device for communication to the cloud. As of now, all the agents are required to send the logs directly to the cloud. There should be a solution where you can put a proxy and all the logs are consolidated, like a forwarder."
"In India at least, it seems to be a bit more expensive than other options."
"Microsoft Defender for Endpoint can improve by making the reporting faster. It takes some time to reflect back to the administration portal of what has been updated. For example, out of 100 Computers, approximately 90 computers received updates, but when you check the administration portal over one or two days, you will only see 75, even though 90 were updated."
"Any external device which is inserted into a computer should be subject to an auto-scan policy, to automatically scan it before accepting the device... They need to make it more user-friendly, so that when anyone puts in a USB stick it will be scanned, popping up any problems before it is used."
"The one thing I don't like about Symantec Endpoint Security is the amount of resources it uses."
"They provide the updates of the client, and those clients need a reboot after the upgrade, which is something we don't like. We don't like to reboot the server after the upgrade because we have live applications. If we do a reboot, it can impact the business as well."
"The detection and response can always be improved."
"Multi-domain policy options for exceptions and global blocks."
"More control features can be added, and its performance can also be better. Sometimes, the performance is not good when we access the cloud console. Moving to each tab is slow. The dashboard can be a little bit user-friendly. For some users, it is a bit difficult. If someone is a little bit familiar with it, then it is fine. Otherwise, it is hard to find policies in Symantec."
"The biggest thing I would like to see is malware remediation, if there is some kind of outbreak. We'd like to see better remediation and better detection and response. It's pretty good at capturing things, but it doesn't stop everything, so better machine learning would be helpful."
"We are not satisfied with this solution. It needs a lot of improvements. It doesn't detect the most recent malware and unknown threats. With most of the users working from home these days, there is also a need for some extra security layer. That's why we are thinking of going for a better solution that will take care of all of our endpoints and work from home situation. Symantec also has to work on EDI technology. Vendors like Palo Alto and Cisco are coming with their own intelligence and cloud infrastructure in which unknown threats are regularly watched and monitored, and they are reported to the admin."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews while Symantec Endpoint Security is ranked 5th in Endpoint Protection Platform (EPP) with 139 reviews. Microsoft Defender for Endpoint is rated 8.0, while Symantec Endpoint Security is rated 7.6. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Symantec Endpoint Security writes "The solution has given us visibility into compliance within our whole system and helped us ensure everything is updated". Microsoft Defender for Endpoint is most compared with Intercept X Endpoint, CrowdStrike Falcon, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Fortinet FortiClient, whereas Symantec Endpoint Security is most compared with CrowdStrike Falcon, Cortex XDR by Palo Alto Networks, Trend Micro Deep Security and Kaspersky Endpoint Security for Business. See our Microsoft Defender for Endpoint vs. Symantec Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.