We compared Symantec Endpoint Security and Microsoft Defender for Endpoint based on our users' reviews across several parameters.
Symantec Endpoint Security is praised for its robust protection, advanced threat detection, and comprehensive coverage, but users suggest improvements in integration, interface, scanning speed, and resource utilization. Microsoft Defender for Endpoint receives high ratings for its security measures, integration, interface, and customer support, but users note the need for enhancements in system performance, user interface, and threat detection capabilities. Pricing for both products is deemed justified, with positive ROI reported by users.
Features: Symantec Endpoint Security stands out for its advanced threat detection and comprehensive security functionalities. Microsoft Defender for Endpoint is valued for its seamless integration with other Microsoft products, efficient threat detection, and user-friendly interface.
Pricing and ROI: Symantec Endpoint Security's setup cost is justified by its strong features, while Microsoft Defender for Endpoint offers competitive pricing with a reasonable setup cost. Symantec's licensing is flexible, while Microsoft's process is user-friendly. Symantec Endpoint Security users praised its positive ROI, citing good value, cyber threat prevention, and time/resource savings. Microsoft Defender for Endpoint also delivers strong ROI, with users reporting valuable outcomes.
Room for Improvement: Symantec Endpoint Security has room for improvement in integration with security tools, interface usability, scanning speed, and resource utilization. Microsoft Defender for Endpoint could enhance system performance, user interface, threat detection, scanning efficiency, and advanced threat prevention.
Deployment and customer support: Users find that setting up Symantec Endpoint Security takes longer than setting up Microsoft Defender for Endpoint. Some users of Microsoft Defender reported varying durations, with some needing three months for deployment and a week for setup, while others required only a week for both. Symantec Endpoint Security offers responsive and efficient customer support, praised for prompt solutions to technical issues. Microsoft Defender for Endpoint is highly praised for its knowledgeable support team and effective assistance.
The summary above is based on 208 interviews we conducted recently with Symantec Endpoint Security and Microsoft Defender for Endpoint users. To access the review's full transcripts, download our report.
"The setup is pretty simple."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The product's initial setup phase is very easy."
"Ability to get forensics details and also memory exfiltration."
"NGAV and EDR features are outstanding."
"It is stable and scalable."
"The most valuable feature is the analysis, because of the beta structure."
"The product detects and blocks threats and is more proactive than firewalls."
"The best thing I like about it is its interaction with the other Defender products. It provides the ability to push telemetry up. It gives me endpoint visibility and allows me to take automated actions."
"Microsoft Defender for Endpoint comes pre-installed in Microsoft Windows."
"Stable endpoint manager, antivirus, and antimalware, with fast technical support and a straightforward setup."
"Defender has very little impact on the end-user and the agent works quite well with a minimal impact on the client and server."
"The visibility into threats that the solution provides is pretty awesome... This is something that makes me think, "Wow, okay. If I had my own organization, I would probably get this too." It stops the threat before an employee gets phished or something gets downloaded to their computer."
"I like the real-time protection features. Windows Defender will detect if there's a threat like a Trojan or something like that but Kaspersky lets it run normally."
"The most valuable features are that it is flexible, and it is integrated with Microsoft products."
"It is a straightforward setup."
"The administrator's console is very good and easy to manage with it. Deploying patches, definition updates and report is simple."
"What I like most about Symantec is the intrusion detection module. If you are scanning the environment, it will flag a possible intruder and tell you the IP and where the attack is coming from. Traditional antivirus solutions will never flag that. If you have a traditional SIEM, you might be able to pick that up. Symantec is a holistic endpoint security solution, so when you scan an endpoint, Symantec will let you know that something is happening to it."
"I like the malware threat control policy and USB blocker. In Symantec Manager, we use multiple available features, so we created firewall policies to prevent any malware attack from the network or device controls."
"The solution, especially in older versions, is quite stable."
"The solution's application control feature is very, very powerful."
"Symantec has cloud-based endpoint protection, so whether a user is off the network or on the network, the endpoint will be protected by the cloud."
"It's a good proxy to control the user's access to the website."
"The solutions' main features are patch management and security."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"Detections could be improved."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The only minor concern is occasional interference with desired programs."
"The solution is not stable."
"The anti-ransomware features need to be improved upon."
"They're in the process of pulling more things together. They can continue with the integrations and provide a better way of seeing the impact of security changes, especially on the endpoint side. Before we actually flip the switch, we should be able to see the impact of security changes on the business or business applications. It would prevent breaking any business applications."
"Threat intelligence has the potential for improvement, particularly by integrating more sources."
"In India at least, it seems to be a bit more expensive than other options."
"Cortex... has good investigation capabilities, out-of-the-box, in case there is an event that you'd like to investigate. It's quite convenient. Microsoft has those capabilities as well, but you need a bit more training on the product to get the basic information that you can get out-of-the-box with Cortex."
"Its user interface (UI) can be improved. Currently, in the console, you have to dig down for certain things. They've got many different layers to get to things instead of having it all on the surface. You have to go three folds lower to get to specific functionality or click a particular option. It would be good if we can manage the console through menus and instead of three clicks, we can do things in one click. They need to change the UI and work on it in terms of a better user experience."
"Monitoring can always be better, onboarding can be a little bit faster, log collection could be easier, they could streamline the dashboard. They could maybe split it up into different workspaces and have the ability to segment groups a little bit more."
"Alerts need to be sent immediately because as it is now, you see some of them without delay and others arrive perhaps 30 minutes later, and it leaves important gaps in terms of information gathering."
"There is room for improvement in the zero-day threat detection system."
"Its interface needs improvement. Its interface is very old, and it needs a new look. Other solutions, such as Sophos and BitDefender, have a better and more modern interface, whereas Symantec has had the same interface for a while. There has been no enhancement in the interface. They should update and provide a better interface in 2022 for a better user experience for their customers."
"SONAR could be improved. The false/positive rate is a little high."
"The solution is very difficult to uninstall. There isn't really a way to uninstall the product at all, which is quite a headache."
"Using the management console is a bit complex. There are many features that we cannot use and we could use some help. We need some assistance to make them work better. They need to add features to make it simpler."
"Is not a full anti-ransomware solution."
"The agent shouldn't use up so many resources at the endpoint when scanning and protecting."
"The overall quality of the product needs to be improved because with the last session we had several issues with new versions. Also, the solution needs better protections."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews while Symantec Endpoint Security is ranked 5th in Endpoint Protection Platform (EPP) with 139 reviews. Microsoft Defender for Endpoint is rated 8.0, while Symantec Endpoint Security is rated 7.6. The top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". On the other hand, the top reviewer of Symantec Endpoint Security writes "The solution has given us visibility into compliance within our whole system and helped us ensure everything is updated". Microsoft Defender for Endpoint is most compared with Intercept X Endpoint, CrowdStrike Falcon, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Fortinet FortiClient, whereas Symantec Endpoint Security is most compared with CrowdStrike Falcon, Cortex XDR by Palo Alto Networks, Trend Micro Deep Security and Kaspersky Endpoint Security for Business. See our Microsoft Defender for Endpoint vs. Symantec Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.