Symantec Endpoint Detection and Response Reviews

We use the solution to detect and prevent phishing emails. We use it for protection in all our institutional devices, including laptops, desktops, and phones.

The solution does its job with no issues. We do not face any problems.

The solution needs to provide better integration. We may receive things from email, network, or the machine itself. So we need a centralized system to get alerts or messages which are not available in the product. The solution must provide features to centralize the alerts received. It should provide integration with other Symantec products.

I have been using the solution since last September. My organization has been using Symantec for about ten years.

The tool is very stable.

We will get more insight into the tool’s scalability in September. However, so far, it is good. The population is stable for now. About 5000 people are using the tool in our organization. One manager and his team of three people manage the solution.

Support is okay. We don't rely much on the support team because nothing has happened yet. We contacted the team while using Endpoint Protection, and they were responsive.

Positive

We use Office 365 for emails. We also use Fortinet as a firewall. Competitors like Fortinet and Check Point are more advanced because they have other firewalls and email protection products. They can resolve the issues related to integration. However, Check Point and Fortinet are costly.

The initial setup was straightforward because we had Symantec Endpoint Protection installed already. We used it for some years and then upgraded it to Symantec Endpoint Detection and Response. The solution is deployed on the cloud. We use a local cloud provider. The deployment was completed in three to five days.

We have seen a return on investment. We have no downtime, and our business is running without issues. We had some ransomware attacks and were blocked for about three days. However, our business is not something that operates daily. We work with students. If something happens, the activities will stop for some days, but it hasn't happened.

The solution's pricing is good. It offers a licensing model for educational purposes. If the prices were not competitive, we would have changed the supplier. We were considering using Fortinet products and other alternatives. However, Symantec offers the best price compared to other products. We pay around $100,000 for 5000 licenses every year. We have a three-year contract with the product. We don't have to pay for maintenance.

Symantec is a good product. The only issue is the integration. I would love to have something that would integrate with our firewall to find out and detect and make the link between different alerts without dealing with them individually. We are partners with Symantec and Fortinet. Overall, I rate the solution an eight out of ten.

I use the solution in my company to protect the endpoints.

The most valuable features of the solution are that it is easy to use and has good support. The product provides ease of use for the end users and the group of administrators. The updates and software provided by the solution are great.

Honestly, the product needs to continue the way it is, and I feel that everything will be fine. I haven't had any reasons to complain about the product.

The product doesn’t offer MDM functionality under its current licensing model. In the future, I want the product to offer MDM. It can allow me to manage my mobile device more efficiently and effectively. Currently, there is a need for a separate license to be added to Symantec Endpoint Detection and Response to be able to use the MDM part. If both are bundled up under the same license, the administration part can be made easier.

I have been using Symantec Endpoint Detection and Response for three years. I am a user of the tool.

It is a stable solution.

Considering that the product is deployed on every endpoint system and server in my company, the tool has around 400 to 500 users.

I have experience contacting technical support. I am happy with the technical support for the solution.

The product's initial setup phase was straightforward.

The solution is deployed on the hybrid model, but it is mostly deployed on the cloud, considering that my company has a small in-house server for some of the servers connected to the internet. I do not have access, but it's mostly on a private cloud.

Compared to the tools of competitors, Symantec Endpoint Detection and Response is a cheaply priced product. CrowdStrike is far more expensive than Symantec Endpoint Detection and Response, while feature-wise, both are the same.

Compared to the other products in the market, my company chose Symantec Endpoint Detection and Response, considering the technical evaluation we did to figure out its price, ease of use, and the way it works.

Against Symantec Endpoint Detection and Response, my company had considered options like SentinelOne, Sophos, and CrowdStrike. My company had set a certain benchmark, and based on it, we found Symantec Endpoint Detection and Response to be the most suitable product for our organization.

I recommend the product to those who plan to use it.

The automated response capability in Symantec Endpoint Detection and Response has enhanced our company's security posture since it provides our organization with a good idea of what is happening within our environment.

The product offers a seamless integration with the other security tools in my company.

It is easy to learn to use the product.

The product is easy to use and offers good support while being a part of Gartner's Magic Quadrant.

I rate the tool a nine out of ten.

I use the solution for preventing attacks on the network and ransomware.

The solution is very useful. It is very simple to use, and it has good reports.

The GUI could be better. It has reports for every part of the product, but it doesn't have reports for better usage.

I've been using Symantec Endpoint Detection and Response for about three years.

I rate Symantec EDR's stability a nine out of ten. In previous versions, services crashed. That is resolved in the latest version.

I rate Symantec EDR's scalability a nine out of ten. One of my customers has 2,000 users.

The initial setup is easy. It is deployed with Symantec Endpoint Protection. Symantec Endpoint Protection is an underused feature. Symantec EDR integrates with this solution when you deploy the Symantec EDR virtual machine. You can integrate it with SEP, and the EDR part of SEP will be activated. You select groups that you want to use EDR with, and the reporting features of the EDR will be activated. Some features like quarantining will be activated on Symantec Endpoint Protection.

Symantec EDR is easy to deploy, and it's very easy when you have set up SEP. It takes one hour to deploy the solution.

Symantec Endpoint Detection and Response is expensive. You can't buy Symantec EDR individually, you have to buy the package Symantec Endpoint Security, and it has all the features you need.

I rate Symantec Endpoint Detection and Response an eight out of ten.

For people who are using SOC, it's very useful. And even if they don't have SOC, it could be useful because it has many features that allow you to go through the attacks. If you don't have very skilled security administrators, you can go through EDR and use reports, and the solution is very useful.

Different companies such as banks and local government in Poland use Symantec Endpoint Detection and Response because they need to do everything possible to comply with directive NIS2.

In Symantec Endpoint Detection and Response, the most valuable features are threat hunting and that customers can gather logs from multiple computers and servers in one place.

While the prices for technical issues in Symantec Endpoint Detection and Response are good, as a partner of Symantec, it is very difficult to sell this product because they have a challenging partner program. We must sell to big Symantec customers, though we receive some bonus from Symantec. We usually choose other solutions such as ESET or Secure because they have a more friendly program for partners.

Technically, we can give Symantec Endpoint Detection and Response ten points. However, as partners, we would give it five points because we have problems with sales.

I have been familiar with Symantec Endpoint Detection and Response for approximately five years.

We sell several solutions including Symantec, Bitdefender, ESET, and Secure.

We are a reseller, mostly dealing with multi-programs and Symantec Endpoint Detection and Response. I am not familiar with threat intelligence in Symantec Endpoint Detection and Response as I am not an engineer but rather a salesman.

On a scale of 1-10, I rate this solution an 8.

We mainly use AWS Glue for three key purposes. First, we rely on it for managing files and ensuring data integrity by tracking changes. Second, it helps us prepare data efficiently for Tableau, supporting our visual analytics. Lastly, it simplifies the process of uploading files to the Spiceworks website and aids in tasks like PowerShell detection and external file transfers, enhancing our data management and integration capabilities.

The most valuable features of this product include network isolation for machines and the ability to work with a consistent and defined set of virtual machines. This helps maintain data security and streamline processes.

One potential area for improvement in Symantec EDR is the reporting engine. It is not exactly a weakness, but rather a feature that might need enhancement in the future. The current reporting capabilities are somewhat limited, lacking extensive filtering options. Currently, our experience with Symantec EDR is generally positive. Performance and user-friendliness are satisfactory. In our regular assessments, the main area for improvement that has emerged is the reporting engine, which is somewhat limited. Enhancing this reporting functionality to reduce the need for manual data manipulation and export to tools like Power BI would be a valuable improvement for the application. In the future, it would be beneficial to have AI-driven analytics and automated workflow capabilities integrated into Symantec EDR. This would enable more efficient detection, response, and mitigation of security incidents. Specifically, having workflows that can automate incident analysis, qualification for closure, and escalation when needed within the application would be a valuable addition. This would reduce the manual effort of security analysts and streamline incident management.

I have been using Symantec Endpoint Detection and Response for over two years.

The solution has been stable and effective in reducing the number of agents on endpoints. This stability extends to the other two endpoints as well.

It is a scalable solution. In our company, a team of about seven people use the application, but the product itself is deployed on more than 25,000 endpoints.

The technical support for Symantec EDR is reliable. Support tickets are typically acknowledged within 24 hours, and a support engineer promptly contacts you for a real-time troubleshooting session to address any issues. I would rate the support as a seven out of ten.

Neutral

The initial setup of Symantec EDR was straightforward and error-free. We had the necessary expertise from our DBA and network system operators, making the process smooth and trouble-free. Deployment takes about two days. We installed Symantec EDR in under an hour using the file from the support website. For the deployment of Symantec EDR, we required the expertise of a DBA, a system administrator, and support from Symantec. Having these individuals in place ensured a smooth installation process, although we didn't encounter any significant issues that would have halted the installation.

The pricing of Symantec EDR can vary, but it is generally not considered affordable. Maintenance and support are typically included in the package unless there are specific professional services required. In most cases, support is a part of the standard offering.

The advantages of Symantec EDR over competitors, such as RSA, are subjective and depend on how organizations want to approach security. RSA is preferred by some because it offers both EDR and network capabilities, while Symantec focuses primarily on EDR. RSA also has distinct platforms for different functions, which can be seen as an advantage. It ultimately comes down to the specific needs and preferences of each organization in choosing the right solution.

My advice for those considering Symantec EDR is to start by thoroughly assessing their business requirements and needs. Engage with stakeholders to understand specific business applications and their scale. Based on this assessment, you can make an informed decision on whether Symantec EDR or another tool is the right fit. It is also important to perform POC or tool assessment to validate its suitability for your organization's unique requirements. Overall, I would rate Symantec EDR as an eight out of ten.

Symantec Endpoint Detection and Response works as a threat detection and response tool. The solution creates a response for overall malware viruses and threats so we can easily identify harmful attacks.

The most valuable features of Symantec Endpoint Detection and Response are its immediate response and investigation.

The solution’s scalability and stability could be improved. The solution's investigation feature can be further improved.

I have been working with Symantec Endpoint Detection and Response for the last year.

I rate Symantec Endpoint Detection and Response a two out of ten for stability.

We have around 10 to 20 customers for Symantec Endpoint Detection and Response. Our customers are medium and enterprise businesses.

I rate Symantec Endpoint Detection and Response a two out of ten for scalability.

Symantec Endpoint Detection and Response's technical support is fantastic.

On a scale from one to ten, where one is difficult and ten is easy, I rate the solution a nine out of ten for the ease of its initial setup.

The solution's deployment took hardly two to three days because it was a simple procedure.

We first get the requirements for this product, and then we install the product on machines created for us. We integrate Symantec Endpoint Detection and Response with Symantec Endpoint Protection, and it starts working.

Symantec Endpoint Detection and Response has fantastic features to capture things. If an organization faces an attack, the solution takes a response and investigates the source of the attack. Symantec Endpoint Detection and Response's investigation is very good.

Overall, I rate Symantec Endpoint Detection and Response a nine out of ten.

The primary use case for Symantec Endpoint Detection and Response is for endpoint detection and response (EDR). It is used for monitoring and addressing security threats and endpoint management within our organization.

Symantec Endpoint Detection and Response has run smoothly for our organization for the past three to four years. It has fulfilled our requirements without necessitating a change in solution.

The solution is generally high on scalability and provides good reliability.

There are several areas where Symantec Endpoint Detection and Response can improve, including shell features, web control, asset management, and device control. Specifically, the application control features and automation could be enhanced.

I have been using Symantec Endpoint Detection and Response for five years.

The stability of the solution is high, which has met the needs of our organization effectively.

The scalability of Symantec Endpoint Detection and Response is excellent. It is highly scalable to meet our organizational needs.

Technical support for Symantec Endpoint Detection and Response is good. The support is available every time and not just during specific proximity.

Positive

Currently, we are talking about moving to another platform in about six months.

The initial setup of Symantec Endpoint Detection and Response was easy and straightforward. There were no major issues encountered.

I am not aware of the pricing details, as that falls under the management's responsibility.

Our primary use case is for HP advanced threat protection. The product gives us an edge when it comes to antivirus. We use a cloud connector and the solution is locally deployed, taking data live from the cloud and syncing. We are customers of Symantec, but we have a global agreement when it comes to pricing. I'm function head of corporate desktop services.

We call this solution the next-generation antivirus and it provides advanced threat protection. Although it can be a little slow, the ATP is live. If there are any issues, it's immediately reported to the appliance which is connected to the cloud. The main benefit for us is that the protection occurs a lot more quickly than it used to. 

The blocking features in Endpoint Protection are good. Problematic patterns can be blocked across the 11,000 workstations we have throughout India. If you apply a blocking policy it will take effect within about 30 minutes across all machines. The console has multiple features for monitoring and seeing alerts. It's working well for us.

Their customer support has deteriorated significantly since Symantec was purchased by Broadcom. We have issues interfacing with Broadcom. eg: There is no TAM / sales team in Broadcom for Symantec products. We have faced up to 3 months delays in getting a quote to renew the license through their partners.

I've been using this solution for over two years. 

very stable

Scalability is easy, we have 92,000 users globally, 11,000 are in India.

We don't use customer support for technical issues, only for insulation configuration. After Symantec was bought by Broadcom the operating model changed. They scaled back on the account managers, who provided us with support and everything went haywire. Now we don't know where to go because Broadcom is not interested in Symantec. When I want to extend a license or purchase additional devices or training credits, I have to do all the work; the support is slow and careless. We have to chase them. 

Neutral

No

The deployment process was complex, starting with having the device shipped from somewhere in the Asia Pacific region. It was not a normal scenario because of Covid. It was a big job because we wanted to go for Quantram. Deployment took almost three months of work with the data center, network team, network security, data center security, the server team, and then project management, end-user computing, and end-user security. Over the three-month period, we had 25 people working on implementation at different times and in different areas. The solution requires annual maintenance with the monitoring, maintenance and upgrades carried out by our team. 

In-house

It's difficult to judge ROI because the last couple of years has seen a lot of companies losing data. It's impossible for us to calculate.

The solution is premium priced. I don't want to say it's expensive because the product is good and we have to pay for it, which is okay. We pay an annual fee for a support contract. 

NA

Symantec is an industry leader and I have no second thoughts about that.  The product itself is excellent.

Taking into account the entire user experience, I rate the solution a seven out of 10. 

Automation in Symantec ecosystem is very good. It's easy to maintain.

The solution could improve their service.

I have been using Symantec Endpoint Detection and Response for two years.

Stability is good.

Scalability is good. I rate the solution’s scalability a ten out of ten.

Support is good. I had a problem, but the support resolve the problem.

Positive

I evaluated WatchGuard, Palo Alto and Cisco.

The initial setup is easy.

The product is expensive.

It is a good product and functions for me. It is easy to install to the administration.

Overall, I rate the solution a nine out of ten.

I use the solution to detect threats.

The security is good.

Symantec is a dead product. The product does not have any add-on features. The interface has many issues. There is no proper KB article to fix the error.

I have been using the solution for five years.

The solution is easy to install.

The product is cheap.

We have trial licenses for Trend Micro, Sophos, and Kaspersky.

People can use the tool. There are not many options, though. We are unable to log in or work in the trial version. We are unable to learn the features. Overall, I rate the solution a one out of ten.