Symantec Content Analysis alternatives and competitors

We are using Microsoft Defender for Endpoint with advanced threat production. Microsoft's enterprise mobility and security suite fulfills a large number of security strategy requirements for our organization. We are going to use this solution for identity production and for endpoint security.

It's a hybrid setup. The advanced threat protection only comes from the cloud intelligence engine. That's something of a new experience for us, but the rest of the components will be on-prem. We are using Microsoft's cloud. 

The whole suite of security enhancement doesn't just include Microsoft Defender. It also covers many of the features that come with the Windows Enterprise version. With this option, we are actually upgrading to the Enterprise version as well and unlocking those security features which are not available in Windows Professional. Microsoft Defender is a whole suite, which is simply not comparable with a usual anti-virus, anti-malware product.

In terms of the architecture of the management infrastructure, we found that other technologies are more simple. Microsoft Defender could be simpler too. Plus, Microsoft's philosophy is that they leverage the technology they have already built in Windows or any other services within Windows. So, it is good from that standpoint, but it also becomes a bit cumbersome when it comes to the dependency. Having dependency on many things can be a weakness sometimes because you add up more points of failure to the services. Whereas the other vendors are doing the limited thing, and that's why they're not comparable in prices, but their solutions basically aren't dependent on Microsoft's other services or anything else. They're more dependent on their agent. With Microsoft, it is not just the agent. It is the operating systems that aren't working well. The technology won't give you the desired output.

So, that's something that Microsoft may need to improve: making services more independent wherever possible. That's something of their philosophy. When they build something on their OS layer, they add on technologies, and then there's something for the ISV. That's their strategy, but we keep arguing with them that they have to compare the dependence as other vendors are doing.

From the Microsoft end, the design working depends on the health of other services and other components of the operating system. Whereas if you compare it with the Symantec technology, just the agent health has to be there. That's the case with McAfee as well. They build up their products on developed agents only.

We did the POC around 18 months ago, and then we consolidated our findings. As per the organization procedure, we proposed to the committee and then got the recommendation to move on with the pilot and decide the future roadmap.

Microsoft Defender is just one part of the advanced risk protection and advanced malware protection functionality that comes with the Microsoft product. It came with a lot of security, advisories, reviews, and consultancy during the last couple of years. There was a stack of 15-20 requirements that we had to fulfill, like mobile device management and identity protection. We found that Windows Defender meets most of our requirements.

We have had good experience with tech support so far.

We have a direct support agreement with Microsoft. One of the major reasons for moving from the current endpoint security is the support. The quality is not up to the mark. That's something incomparable with the kind of support Microsoft provides.

I would give Microsoft's support a 5 out of 5.

In terms of the technical aspect, I'm the lead of the area, which actually takes care of endpoint management, and we have been using Symantec products for that purpose. We have evaluated Microsoft Defender and Microsoft security products, and we are going to switch over to that product. We found that  because the endpoint devices are based on Microsoft Windows devices and Windows Defender is integrated with the foundation and the core layer, it makes it more integrated and more agile in terms of responding to any security threats or changes or development, whereas compared to the other vendors who develop anything on top of that platform, they're always lagging behind.

Symantec support is very pathetic. They are very methodical. They're very slow. We seldom find them providing solutions to any incident or issue in a reasonable time. It can take from days to weeks. In the case of Microsoft, their resolution time is reasonably faster than Symantec. Even in the case of VMware and Redhead, Microsoft stands on top of all those vendors.

I wouldn't say the setup is easier than other solutions but it's not bad. It's almost equivalent to what we have been using currently, but the strength comes in what it does and how it secures that part. The setup is similar to the other competitors. For Symantec, we use their endpoint manager deployment and then a deployment across the sites and branches.

We are doing deployment with Microsoft's tech support. But for the implementations and rollout of technologies, we have seldom used Microsoft. We have our own technical team who are trained and who keep on updating on their skills, and we continue to inject new resources to the team as well. When a new technology comes in, then we do a combo, whereby the in-house team actually learns with the local authorized partner.

Microsoft Defender is not comparable to a single endpoint security product, like Trend Micro, Symantec, or McAfee. Because of that, the price is higher than others because it is doing more than what the others are doing.

I would rate this solution 7 out of 10.

It does the job. Even when our clients have a very high rate of emails per second, there has been no problem.

ScanMail was one of the best solutions a few years ago, but it is no longer the best solution because of its old-fashioned management console. Customers associate it with something that is old because there is no change in the management console. It has old icons, and it is not fresh enough. It is also not easy to use or play with. The report engine is also old-fashioned. Customers want something easier, quicker, and cleaner. 

It should communicate with other products. For example, any information about spam or ransomware coming from one IP should be sent to perhaps a firewall or antivirus of a client to indicate that a particular source IP has to be excluded to avoid any ransomware problem.

I have been using this solution for perhaps 10 years.

It has been designed to be your main entrance for spam and emails. It has been able to manage a big volume of spam or emails and filter them. We don't have a big issue right now.

It is scalable. You could separate the engine on several servers and manage everything from one management console. It is not a problem. The problem is just of cost because the license is associated with the appliance.

Five or six years ago, every customer had this product. Now, we see that some customers have chosen to test something else or have replaced this solution with something from Cisco, McAfee, or a full cloud solution such as MessageLabs (now a Symantec solution). There are other cloud solutions that are better than ScanMail.

It is very easy. You just put this kind of appliance or virtual appliance directly on the screen corresponding to SMTP. You do a few settings, and it works.

Its price is okay. It is not too high.

At the moment, 99% of the mail exchange on the internet is spam. If you address this problem of spam locally on your DMZ inside your data center, you have transferred all of your bad emails or spam onto your network before killing them. When your messaging server is on the cloud, you get a better way to deal with spam. Cloud solutions from Symantec, Sophos, and Trend Micro are better than having an appliance. You don't have to deal with cleaning spam in your data center.

I would rate Trend Micro ScanMail a six out of 10. Everything works fine, and it does the job, but it has to be changed to something that is new and modern.

The Insight feature is one we found the most useful. It does behavior-based analysis and gives us the most appropriate information.

The initial setup was easy.

It's pretty stable.

The scalability is good.

Most organizations are currently looking for a scheduled scan to meet their compliance needs. Other players like Symantec and Trend Micro, FireEye, et cetera, are still providing the signature-based regular scheduled scans also, which is not available in CrowdStrike. That is one parameter that we feel should be there in CrowdStrike. CrowdStrike is only working on the dynamic or the files under execution. CrowdStrike is not scanning the static files.

The product could be more accurate in terms of performance.

We'd like to have a single-click recovery option. With some machines getting corrupted by malware, we need an easy way to start with a blank slate if things happen. That one feature should be there in the EDR.

I've been working with the solution for three years. 

With CrowdStrike, we have found that there are a few missed detections. We would not say it is completely reliable or 100% reliable, however, the ratio of missed detection is more in CrowdStrike. In SentinelOne, we found that it was more accurate. We are seeing it act more efficiently.

We haven't had any issues with scalability. Being a cloud solution, it can scale well. 

Technical support is average. We are not seeing any extraordinary service and not many issues also. It's average, it is as expected.

I'm also familiar with Symantec, Trend Micro, SentinelOne, and FireEye.

The initial setup was pretty straightforward. It's not overly complex. You still need expertise, however, it's pretty reasonable. 

We did not need any outside assistance. 

The pricing of the solution is average. 

We are a managed security service provider.

We are using a SaaS offering and therefore, in terms of the version, we are not bothering so much on worrying which we are on. It is automatically getting updated. We are running on the latest version at all times.

While I would recommend the solution, CrowdStrike, when it first came into the market, it was sort of a single choice for many customers. Now, we can see there are many other competitors also. Those are providing pretty good functionalities in a more efficient way. We could see that other solutions are better than CrowdStrike.

I'd rate the solution seven out of ten.

When I was still in Cameroon, I was working for an insurance company called Activa and then we were looking for something different than our current security solution Symantec. We were looking around for a solution and someone contacted us who was proposing ESET Endpoint Antivirus. They gave us a trial version for three months, and during the three months, we put in place a type of proof of concept with some servers, virtual machines, and desktops.  

After that three-month trial period was extended, but unfortunately, the company was not convinced by the product, and the managers decided to use another solution called SentinelOne.

There are some great features in ESET Endpoint Antivirus when you are browsing on the internet. For example, they have a notification if within your LAN network something is suspected to be a threat. Additionally, the malware features are very good.

When you are using your bank account and your bank card, to do some transaction you will be informed that you are then running under some risk, and then they will then suggest you open a secure page and then use that card inside that secure page. There are some other good website features, such as parental controls. You can prevent your kids from going from one site to another.

When we did the proof of concept on our company we realized that the performance of that server was improved. Users were having access to that server faster than while using the previous security solution. The workload on that server was not enough maybe, but it was a great difference which using ESET Endpoint Antivirus.

ESET Endpoint Antivirus could improve the mobile device experience by having more coverage.

I have used ESET Endpoint Antivirus within the late 12 months.

The support we received was very good during our trial experience. We were contacted regularly about our experience. We were asked if we faced any difficulties and the agent was nice. We were satisfied with the support.

We have used Symantec, SentinelOne, Trend Micro Apex One, and Trend Micro Office Scan.

The feature I saw on Symantec was not available on the version we were using in our proof of concept of ESET Endpoint Antivirus. However, I would have liked to have tested the EDR solution from ESET.

ESET Endpoint Antivirus is not difficult to implement.

If I can separate the home product from corporate products. The home product is better than the corporate solution. The ESET Endpoint Antivirus home solution has a bit of an advantage.

I rate ESET Endpoint Antivirus a seven out of ten.

We primarily use this solution for the server.

This is an antivirus and network protection software. It mostly can protect our VMs and keeps our organizations safer.

The solution is very easy to deploy.

You can manage the solution easily. I can get a lot of people on the central management console.

The pricing is okay.

It's very straightforward to use the product.

The solution doesn't have high memory usage.

I can't think of any features that are missing. It's quite a complete solution.

We haven't looked too hard at the solution itself. I'm not sure of any aspects that are lacking. It provides all the functionality we need.

In terms of management accounts, there's a lot of manuals that seem to be mixed up. Sometimes, it's a little bit confusing.

At this point, I have been using the solution for a number of years.

The solution is quite stable. We haven't really dealt with bugs or glitches. It doesn't crash or freeze. It's quite reliable.

The solution can scale quite well. If a company needs to expand the solution, it can do so easily.

Currently, we have 100 servers that are benefiting from this product.

We're partners and therefore have a good relationship with technical support. They are responsive and knowledgeable. We're satisfied with the level of service the solution provides. I'd rate them ten out of ten.

We previously used Symantec. We switched due to the fact that it was too expensive. This product has similar features to Symantec, however, it costs much less.

The initial setup is pretty straightforward. I would not describe it as complex.

We're both a customer and a partner.

I am not sure of which version of the solution our organization is using at this time.

We use just the antivirus software. We don't need to pay a lot of attention to it.

Overall, I would rate the solution nine out of ten. It does everything we need it to do and it's easy to use.