Coming October 25: PeerSpot Awards will be announced! Learn more

Symantec Endpoint Encryption OverviewUNIXBusinessApplication

Symantec Endpoint Encryption is #4 ranked solution in top Endpoint Encryption tools. PeerSpot users give Symantec Endpoint Encryption an average rating of 7.8 out of 10. Symantec Endpoint Encryption is most commonly compared to Microsoft BitLocker: Symantec Endpoint Encryption vs Microsoft BitLocker. Symantec Endpoint Encryption is popular among the large enterprise segment, accounting for 59% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 21% of all views.
Buyer's Guide

Download the Endpoint Encryption Buyer's Guide including reviews and more. Updated: August 2022

What is Symantec Endpoint Encryption?
Symantec Drive Encryption, powered by PGP technology provides organizations with strong full-disk and removable media encryption and the ability to integrate with Symantec Data Loss Prevention. Intuitive management enables enterprise scale deployments and features compliance-based, out-of-the-box reporting plus customizable reports. Management capabilities include support for native OS encryption (FileVault2) and Opal compliant self-encrypting drives.

Symantec Endpoint Encryption was previously known as Symantec Drive Encryption.

Symantec Endpoint Encryption Customers
Citrix Systems Inc., City of Lansing, Commercial & Industrial Property, France T_l_visions, Fujian Mobile Co. Ltd., Group Lotus plc, Hall Booth Smith & Slover, P.C. (HBSS), Portugal Telecom, PostFinance, Public Pension Agency
Symantec Endpoint Encryption Video

Archived Symantec Endpoint Encryption Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
CTO at a tech vendor with 51-200 employees
Real User
Great protection, perfect for large scale deployments, and low maintenance
Pros and Cons
  • "The solution is great for large-scale deployments."
  • "The solution does slow down the device a little bit, once it's installed."

What is our primary use case?

We primarily use the solution for endpoint security.

What is most valuable?

Symantec Endpoint is good. We have been using it for more than five years and haven't had any trouble with it. It protects us without any issues.

In India, I am based out of Bangalore and my corporate office is in Lucknow, and we never had any compromises on the security site. Our firewall is very strong and all the devices are protected by Symantec. It does a really great job.

The solution is great for large-scale deployments.

The solution is pretty low maintenance and you rarely need the assistance of technical support.

What needs improvement?

The solution does slow down the device a little bit, once it's installed.

The Windows 10 comes with Defender. It has its own security layer. It's supposed to protect desktops and laptops running Windows 10. Right now, our question is, what is the additional protection we get from using any other antivirus or other packages on these machines? Symantec isn't really making it clear how they add to or enhance the level of protection we'd get from them if we kept them with Defender already on Windows 10.

For how long have I used the solution?

We've been using the solution for five years.

Buyer's Guide
Endpoint Encryption
August 2022
Find out what your peers are saying about Broadcom, Microsoft, McAfee and others in Endpoint Encryption. Updated: August 2022.
632,779 professionals have used our research since 2012.

What do I think about the stability of the solution?

The stability is good in the sense that we've never been compromised. It just runs in the background and is scanning. However, when scans do happen, it can slow down the machine. That's typical, and it only does it a little bit.

What do I think about the scalability of the solution?

The solution is deployed on a large scale as we operate 1,000 locations in India and it's at all of them. You can't just protect the branch office, you need to protect every device in every office.

How are customer service and support?

I've never needed to contact technical support.

The corporate office is in Lucknow, and I'm the technical director of a corporate group. I operate from Bangalore. I don't actually deal with the vendors or with the technical support team. My corporate team in Lucknow may be talking to some technical person at Symantec, however, I'm not aware of that. My responsibility is to advise someone on the technology side, so I heavily depend upon the reports and all that's available in public domain. 

Which other solutions did I evaluate?

I'm not sure what was evaluated beforehand. However, we are evaluating other options currently.

In September, our Symantec license is expiring, so we are looking at if there's anything else in Symantec's product library that we should try or if there are any better options than we should consider. Currently, I'm trying to download some reports to compare Symantec with other solutions as part of some initial research.

We've looked at a few different solutions. We hear that end devices like laptops or desktops are a bit slow when you have Norton installed. AVG looks to have fewer resources although it looks to be a little bit quicker than Norton and doesn't bring your system speed down. Windows 10 also already comes with Defender, so protection would be built right in.

What other advice do I have?

We only use the solution on our own endpoints for our own company and don't necessarily deploy it for clients.

There are a lot of companies in India who are promoting these types of products. They may have quite a good idea about the packages and so on, what you can do, what you can't do and so on. Everyone seems well educated on it. It is not a very complicated solution. It's basically solid. 

You don't need that much technical support. Whether it's Symantec or TrendMicro or AVG or any other package it's all pretty self-sustaining. You'll simply notice it when you have a compromise, at which point you get alerted and then you look at what went wrong. Until you are compromised, you're happy with the product.

I approve of Symantec Endpoint. I've been happy with the solution for the last four or five years. There have been no issues and we have not been compromised until now. I'd definitely recommend Symantec.

I'd rate the solution eight out of ten. It does tend to slow down a machine when it does the scan. However, I've noticed the same slow down on competition like Norton or AVG and it doesn't slow anything down near as much as Norton.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Assistant System Engineer at a tech services company with 51-200 employees
Real User
Enables us to easily get updates and other encrypted files
Pros and Cons
  • "You get updates and other encrypted files easily."
  • "More features need to be included in the encryption software."

What is our primary use case?

We are currently working with companies in the financial sector which is why we are using this on-premises solution, because their compliance policies do not allow for cloud-based servers. Our clients are using the full encryptions. They're using Symantec Endpoint Encryption to secure their data. If someone loses their laptop, for example, they can wipe their disk and save their data from ending up with a third party.

What is most valuable?

I like all the features in Symantec Endpoint because they provide four or five features for end-users. They have three consoles for managing the data. Symantec also provides the licensing with the software. There is no need to enter the licensing or install files manually because it's bundled with the software. This is a good feature. Also, you get updates and other encrypted files easily. I also like the manage keys.

There is no need to add any features, because they are developing their own encryption methods.

What needs improvement?

Currently, all the software has been managed by BitLocker, but Windows does not suit every encryption management software. 

There are many apps that do that kind of thing. All the features are there so I don't think that needs to be on encryption software. I'm working with some end point management software and they are managing the software and connections, what can be installed and what is restricted, etc... But more features need to be included in the encryption software.

For how long have I used the solution?

I have been using Symantec Endpoint Encryption for one year.

What do I think about the scalability of the solution?

Their scalability is good. They are using three consoles and have full-consoling end point users for our solutions.

What other advice do I have?

On a scale of one to ten I would rate Symantec Endpoint an eight.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
PeerSpot user
Buyer's Guide
Endpoint Encryption
August 2022
Find out what your peers are saying about Broadcom, Microsoft, McAfee and others in Endpoint Encryption. Updated: August 2022.
632,779 professionals have used our research since 2012.
TitleGeneral Manager at a tech services company with 501-1,000 employees
Real User
Top 20
Works transparently in the background, but it is not user-friendly and technical support needs improvement
Pros and Cons
  • "The most valuable feature is that it works in the background so that the end-users are not aware of what is happening on the laptop."
  • "I do not find the environment to be very user-friendly."

What is our primary use case?

This solution is used predominately for data protection. We want to protect our data in case it is lost, or if we are replacing or upgrading hardware.

What is most valuable?

The most valuable feature is that it works in the background so that the end-users are not aware of what is happening on the laptop.

What needs improvement?

I do not find the environment to be very user-friendly.

The technical support is not very good, especially for issues involving the encryption.

If the user loses their encryption key then the process for recovering it is complicated and should be made simpler.

During the last upgrade, I experienced some data corruption on my laptop. I was unable to view the data, nor get support from Symantec.

For how long have I used the solution?

I have been using Symantec Endpoint Encryption for about ten years.

What do I think about the stability of the solution?

I would rate the stability as good. We use this solution on an occasional basis.

What do I think about the scalability of the solution?

With respect to scalability, we have had some hardware compatibility issues.

We have more than 1,000 users.

How are customer service and technical support?

My team is in regular contact with technical support, although I have had no direct involvement with them. I do not find them to be very good.

How was the initial setup?

The initial setup is of medium difficulty. It is neither simple nor complex.

What's my experience with pricing, setup cost, and licensing?

The cost of this solution is a little on the higher side.

Which other solutions did I evaluate?

After implementing Symantec Endpoint Encryption we have been exploring alternate vendors to look at additional features like application protection. One of these solutions is the native Windows 10 BitLocker, and I am also evaluating a product by Dell.

What other advice do I have?

I do not recommend Symantec Endpoint Encryption. The support needs to be improved.

I would rate this solution a six out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Mohamed-Hashem - PeerSpot reviewer
Project Manager at Target IS
Real User
Versatile, all-in-one, centralized enterprise solution that understands and has a good sense of enterprise requirements
Pros and Cons
  • "This product is a solid, all-in-one solution for enterprise data management."
  • "The instability of the company and lack of presence in the Middle East is affecting product use."

What is our primary use case?

Our primary use is implementing the solution for our clients. We are an official partner for Symantec and implement it for clients but we are also using that same solution. Most of the clients are on-premises installations although we do have some clients using cloud and hybrid-cloud deployments.  

So between our clients and their usage, we have experience with representatives who are using all the server deployment types. But the vast majority still stay with the on-premises deployment. This is especially true for banking customers who have stricter requirements for regulatory compliance.  

What is most valuable?

From the commercial side when I'm talking with our customers about Symantec, I talk about how it is a true enterprise-wide solution. Symantec Endpoint Encryption is an all-in-one solution that is completely expandable. With this product, Symantec addresses enterprise concepts. They developed an enterprise solution, they understand and have a good sense of enterprise requirements, they help you manage a huge number of users, they made solutions for the user to sync their enterprise databases and assign data policies, and they have features for blocking access. All the solutions for this Symantec product are integrated into one place. All of these features make it easier to help convince the customer about the quality and utility of this Symantec solution.  

What needs improvement?

From the technical side, I am fine with the features as they are, I am not sure where they might have the need for improvement, and I don't have a solid opinion about it. For the Symantec company and products, they need to engage in more marketing activities in the Middle East because they are not focusing on our needs.  

They need some stability in their own business structure because they have been buying a lot of companies that go out of the market. There are so many changes that Symantec makes that the ordering systems become affected. Sometimes it has been nightmarish to just finish transactions on Symantec systems because of all the product fluctuation. They need to review the channel procedures, their internal procedures from the distributor and have some activities with their consumers to be more aware of the market.  

I think in general that they need to be more conscious of the potential in the Middle East and have a better presence, but I don't know what else they can provide as far as functionality. From my standpoint, all that I need, I found in their solution. The product itself is very good but they have organizational issues.  

For how long have I used the solution?

I've been working with Symantec Endpoint Encryption for longer than 10 years.  

What do I think about the stability of the solution?

There is no problem with product stability. The company stability is another issue. The parent company needs better organization. It does have some effect on the end-user, but that is not the stability of the product itself.  

What's my experience with pricing, setup cost, and licensing?

I personally think that the pricing is fair. On the other hand, and I think it is because the company is not stable from the division perspective that there are some issues in the price list and with the distributor in Egypt. They have some workarounds for this to mitigate the issue. But in the past, the company and the pricing were more stable than nowadays.  

What other advice do I have?

On a scale from one to ten where one is the worst and ten is the best, I would rate Symantec Endpoint Encryption as an eight out of ten. There is room for improvement and I think they need to make more effort here, but I would still totally recommend Symantec products and I'm a fan of Endpoint Encryption as a mature solution.  

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
it_user1243704 - PeerSpot reviewer
System Administraor at a tech services company with 11-50 employees
Real User
Has good messaging features but the hard drive encryption needs to be improved
Pros and Cons
  • "The most valuable features are the messaging features and shared folders."
  • "The program's disk encryption is not very friendly with Microsoft OS updates. We have a problem with updates failing unless we use a time-consuming work-around."

What is our primary use case?

We are using three of the product's modules. We are using encryption for messaging, we are using encryption for shared folders and we are using encryption for our hard drives.

How has it helped my organization?

The product has helped our organization by providing encryption options. For example, it is better to have encrypted messages because it is more secure. With the module for the shared folders, we can decide to use it as an addition to our active directory. So we can give users different rights within the active directory. The different set of rules we create in PGP is like an add-on to our active directory and again provides more secure access and restriction of access to some information.

What is most valuable?

The most valuable features are the messaging features and shared folders.

What needs improvement?

The hard drive encryption needs to be improved. There is an issue, for example, where we cannot easily do Microsoft updates. The updates stop before the PGP reboot is complete. So when PGP encryption from the hard drive is active, we can't update Microsoft Windows. As a work-around, we have to decrypt the encrypted hard drive, which takes an hour every time, and then do the updates and then encrypt again. It is time-consuming and there must be a better solution.

One other improvement I would like to see is the ability to get support directly from the seller. There should be a better way to open tickets directly from the seller to eliminate delays and have a better way that we can contact them and get help when we need it. Technical support is a problem.

For how long have I used the solution?

We have been using Symantec Endpoint Encryption since 2013, or about six years.

What do I think about the stability of the solution?

It is not a very stable product based on our experience with how we use it. It is mostly the disk encryption issues and how long it takes to do Microsoft updates. So we actually open some tickets at technical support and also with the integrator who initially installed the system for us. So currently we are dissatisfied and we are looking at BitLocker instead of the PGP only for drive encryption. As it is a Microsoft product, it makes sense that it will work better with Microsoft updates.

What do I think about the scalability of the solution?

The scalability of the product is fine. With PGP servers we can link the Windows account, active directory account with PGP so when I do an installation on a computer, all I have to do is open the profile of the new employee's machine and it is linked to a server. It doesn't matter how many people I link in. We currently have 40 people and the product is installed on all our computers. Most people in our company are consultants who work on the premises of our clients. They are not located within our offices.

How are customer service and technical support?

We have contacted technical support in the past with specific issues but we haven't received any answer yet. So my impression is naturally that the technical support is not great.

Which solution did I use previously and why did I switch?

We are currently looking at Kaspersky Endpoint Encryption for Business Events. I am actually doing testing with a free license that we have access to for 30 days. We are doing this in order to look at the value of the solution, functionalities of the software and if it can apply to our architecture.

Right now we are using Kaspersky but on individual bases. It's not centralized, so each computer has its own Kaspersky security model, but what we want is to be able to manage all the computers in our infrastructure from a central point entry. So that's why we are looking at that specific software. Symantec is not solving all our issues sufficiently.

We are also considering looking into BitLocker to perhaps replace the disk encryption module in Symantec Endpoint Encryption because it is not easy to use.

How was the initial setup?

I wasn't with the company when the product was installed, but I presume the initial setup was complex. The deployment of the product usually takes very little time. I installed the software for new computers and I encrypt the disks. That is all that has to be done so the installation of the product is very quick. It is the encryption of the disk that takes time.

What about the implementation team?

The installation was done by a consultant in 2013.

What's my experience with pricing, setup cost, and licensing?

I am not sure of the licensing fees. I presume there are packages based on what you use. We have three modules (for messaging, disk encryption and shared folders). I believe there are five modules, but we have three out of five. The price scales depending on the number of modules that we use.

What other advice do I have?

My advice to others who are considering this solution is to make sure that they do some testing if they are using disk encryption as we have had problems with updates. Our problem may depend on the version of Windows. So it may be different for other people. I didn't choose to use encryption before, so I learned a lot about the performance and the principle of encryption when it comes to messaging and share folders. So that part is good.

On a scale from one to ten where one is the worst and ten is the best, I would rate Symantec Endpoint Encryption as a six currently. The main problem for us is working with Microsoft updates within PGP. This should be possible because BitLocker is currently doing that which might be a reason we would switch. Updates for Microsoft OS are very complicated for us right now.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user1152534 - PeerSpot reviewer
Information Security Senior Expert (Founding member, African Cybersecurity Center) at a financial services firm with 10,001+ employees
Real User
Good performance for encryption that keeps your data secure and confidential
Pros and Cons
  • "We can extend it to all of the critical endpoints and the servers, and we can ensure the confidentiality of the data."
  • "If for example, a user forgets the endpoint key, they cannot access their data. We need a support team that is a single point of contact for the IT entity to be trained and to have documentation for troubleshooting and managing the solution."

What is our primary use case?

We are using this solution to be compliant with CSP.

After the cyberattacks, that impacted the Swift platform of the Bangladesh Bank, the Central Bank, and another bank in Africa. They created a custom security program that contains twenty-seven controls. One of those controls is to encrypt the infrastructure in the Swift platform.

For the Swift operation, we acquired this solution for the servers and the Endpoints.

We can extend it to all of the critical endpoints and the servers, and we can ensure the confidentiality of the data.

This is a pilot project, deployed to be tested. After all of the testing is complete, we can cover the infrastructure.

What is most valuable?

The most valuable feature of this solution is encryption.

The reporting is very important for us. 

It's a well-known solution and the PGP Solution is a good solution with good performance.

Symantec has SONAR for the antivirus and ransomware behavioral analysis in the endpoints.

What needs improvement?

We need to develop a process for this solution. We can't deploy the solution without being assisted by or followed by a process. Also, we need to define the process for administrative responsibilities, and the help desk to be notified for every issue with the solution by the users.

If for example, a user forgets the endpoint key, they cannot access their data. We need a support team that is a single point of contact for the IT entity to be trained and to have documentation for troubleshooting and managing the solution.

We would like the editors or solution providers to present us with a roadmap of the new features and their functionalities. If we were to have this roadmap, we could define our roadmap to integrate the new features.

For how long have I used the solution?

I have been using this solution for one year.

What do I think about the stability of the solution?

This solution is stable.

What do I think about the scalability of the solution?

This solution is scalable.

It's efficient and we discovered that we can extend the perimeters to cover the entire infrastructure.

We have ten people, but we need three more for the succession plan, and a back up for someone who is not available so that there is continuity when managing the solution.

How are customer service and technical support?

We haven't had to contact technical support. The solution is very good for us and it responds to our needs.

Which solution did I use previously and why did I switch?

I used Check Point while I was in Citibank, which was in 2009 and 2010.

How was the initial setup?

The initial setup is not complex, it's easy.

The deployment is easy. You enroll the users and the server, then go to the user and deploy it, reboot the system, then clarify that it is running. From there, you will have an operator to access it.

When the system is rebooted you will be asked for an encryption key. Everyone in the organization has to enter an encryption key.

We have five operators for this platform with four servers.

It is an obligation to deploy it. The scope of compliance, with the goal being to cover all of the infrastructures.

Currently, we outsource the managing of our infrastructure to another company, and we have a dedicated team for our bank. We have the help desk, all of the infrastructure, the networking, the security, and the systems.

What about the implementation team?

We had an integrator to assist us with the implementation and deployment.

Data protect, a Moroccan company that was created in 2009, are also data service providers in all of Africa. 

The created subsidiaries in France, Asia, and other countries. They're a good team that is very helpful and efficient.

What's my experience with pricing, setup cost, and licensing?

The price is very good.

They have two solutions for encryption including Symantec Endpoint Encryption and PGP Endpoint Encryption. With one PGP license, you can deploy the two solutions. The PGP license gives you two options.

What other advice do I have?

Checkpoint has better support. With Symantec, we have subsidiaries involved.

The performance is good and it's efficient.

I would rate this solution a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Mayur Jadhav - PeerSpot reviewer
Senior Security Consultant at a tech services company with 201-500 employees
Real User
Top 10
Effective cloud ransomware and malware protection
Pros and Cons
  • "Their cloud features such as Cloud Endpoint security, ransomware modules, malware, and other modules are very effective."
  • "I think that they should improve the on-premises version to include the manageability and simplicity that is available on the cloud."

What is our primary use case?

The primary use case of this solution is for endpoint Security for the Government of the Ministries that we are employed in.

What is most valuable?

Their cloud features such as Cloud Endpoint security, ransomware modules, malware, and other modules are very effective.

What needs improvement?

The main concentration has been on upgrading the cloud version with new features and cloud security. 

They are mostly providing the cloud version and stopping with the on-premises version. I think that they should improve the on-premises version to include the manageability and simplicity that is available on the cloud. This should all be included in the on-premises version.

Currently, the on-premises version is tricky and difficult. 

They should be looking at the on-premises deployment and simplifying it.

In the next release, I would like to see the uninstall feature be more advanced.

For how long have I used the solution?

I have been using this solution for more than two years.

What do I think about the stability of the solution?

This is a stable solution. It is more stable than most solutions.

Even with other solutions, the PC slows down. All those things are there, but it needs to be worked out on a combination. The Endpoint security system always slows down the PC. For the most part, it has been good.

What do I think about the scalability of the solution?

I can't comment on the scalability because I have not deployed on more than one thousand endpoints per customer.

We have five to six customers with each having six to seven hundred endpoints. Our customers' IT supporters have outsourced us.

How are customer service and technical support?

The technical support is good. When you submit a tag, the support you receive is very good.

Which solution did I use previously and why did I switch?

Previously were using Trend Micro Endpoint. We chose Symantec Endpoint because it is better.

How was the initial setup?

Compared to cloud the initial setup is complex.

The cloud version is easy to set up. It's one gateway and you connect it and it's pretty much a configured service on the cloud.

Generally, the deployment takes a month for seven hundred endpoints per customer. This includes installing endpoints for customers.

To frame the policy and set up on-premises, it's approximately a week.

What about the implementation team?

The cloud implementation is straightforward. We were able to implement it ourselves, but for the on-premises version, we needed support.

What other advice do I have?

I would recommend cloud implementation, rather than on-premises if it is possible.

The on-premises deployment model will lead you to have errors.

I would rate this solution an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Imtiaz Hussain - PeerSpot reviewer
Malware Hunter and Incident Responder at Computer Network Systems
Real User
A solution that offers good encryption, good stability and an easy setup
Pros and Cons
  • "The encryption feature is very good."
  • "The agent can be improved on the solution. Right now, we have an Endpoint Protection agent as well as an encryption agent and another for the DLVs and other services. We would prefer a single agent for the entire product."

What is most valuable?

The encryption feature is very good.

As we're just in the testing phase, we haven't explored many other features in-depth yet.

What needs improvement?

When we started at that time, the engineers configured the solution only for our roaming users. Now, we have to reconfigure to SQL because we have almost 10,000 clients. We have to do this through SQL because we cannot keep a record of each client.

The agent can be improved on the solution. Right now, we have an Endpoint Protection agent as well as an encryption agent and another for the DLVs and other services. We would prefer a single agent for the entire product.

Endpoint Encryption should be the same as Endpoint Protection. However, for security purposes, we don't want to show to the client the hard drive encryption and all of those related features. If the solution could remove this visibility on the client level and keep it on the control level of the server, that would be better. We don't want to show to the user the security policies.

For how long have I used the solution?

I've been using the solution for 3 months.

What do I think about the stability of the solution?

We haven't had any issues with the stability of the solution.

What do I think about the scalability of the solution?

The scalability of the solution is fine.

How are customer service and technical support?

We haven't had any issues with the solution yet, so we've never had to contact technical support.

How was the initial setup?

The initial setup is not complex. It's very easy. Deployment time depends on the client and on the machine. Some machines take 24 hours, some machines take three days. Some machines even take up to a half-day. It depends on the hardware.

What about the implementation team?

We had assistance with the integration.

What other advice do I have?

We're using the on-premises deployment model.

I would rate the solution eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
IT Operations Manager at a tech services company with 10,001+ employees
Real User
The stability and scalability are good

What is our primary use case?

The primary use case is for protecting accounts.

What is most valuable?

Protecting accounts.

What needs improvement?

We would like some advanced security protection features.

What do I think about the stability of the solution?

The stability has been good, so far.

What do I think about the scalability of the solution?

The scalability is good.

How are customer service and technical support?

The technical support is good.

How was the initial setup?

The initial support was straightforward.

What was our ROI?

The solution has helped to increase staff productivity.

What other advice do I have?

It is a good product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Security Subdirector at a government with 11-50 employees
Real User
It has reduced the number of incidents related to the loss of information
Pros and Cons
  • "It has reduced the number of incidents related to the loss of information."
  • "It's a bit difficult to get good support. Their response times are really bad."

What is our primary use case?

The primary use case is to protect from data loss prevention in my company.

How has it helped my organization?

It has reduced the number of incidents related to the loss of information.

What is most valuable?

The precision that it has to identify all my assets.

What needs improvement?

I would like them to improve their support.

What do I think about the stability of the solution?

The stability is really good and nice. We don't have any issues with the stability, in particular. 

What do I think about the scalability of the solution?

You can get any size or use it in any size organization. So, scalability is not a problem.

How are customer service and technical support?

It's a bit difficult to get good support. Their response times are really bad. I don't like it.

How was the initial setup?

The initial setup was straightforward. It was fast, easy, and not intrusive on my company.

What about the implementation team?

Symantec did the deployment.

What was our ROI?

This solution has helped to increase staff productivity.

What's my experience with pricing, setup cost, and licensing?

The licensing costs yearly are $5000.

Which other solutions did I evaluate?

We had three vendors on our shortlist. I choose this vendor because it was a leader at that time, and it still is the leader right now. 

I am happy with it and not looking to change vendors.

What other advice do I have?

Try to look at many vendors. There are a lot of papers about solutions, especially this one. So, it's really nice. 

I started my security program four years ago, and we now have a mature security program. We added this solution as the last part of our security program.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Information System Security Manager at a aerospace/defense firm with 10,001+ employees
Real User
Helps us put antivirus solutions in place and prevent malware from infecting our machines
Pros and Cons
  • "It helps us put antivirus solutions in place and prevent malware from getting to our machines."
  • "I can only patch monthly. I don't know what the solution is there, besides being vulnerable for three weeks out of four. But there's got to be an option somehow."

What is our primary use case?

We use it to patch information systems.

What is most valuable?

It helps us put antivirus solutions in place and prevent malware from getting to our machines. It's a pretty clear-cut solution.

What needs improvement?

Semantic is out there doing the work, identifying viruses and malware that come out weekly. That's the real-world landscape and they're pushing that stuff out as quickly as they can. But I can only patch monthly. I don't know what the solution is there, besides being vulnerable for three weeks out of four. But there's got to be an option somehow.

What do I think about the stability of the solution?

The stability is 100 percent. We've never had a problem with downloading it or accessing it. It works as advertised. It's an extremely good product.

What do I think about the scalability of the solution?

I can put it on anything I want. It's 100 percent scalable.

How are customer service and technical support?

I've never had to use technical support.

Which solution did I use previously and why did I switch?

The government requirement was to be using McAfee, and we're using Semantic and we just pushed back on it. I told them I have a solution, it's deployed, it's working. It's 100 percent. Why is the government specifying a solution for one particular vendor in an environment where there are many solutions out there? It actually got quite heated and they backed off on the requirement. I was really surprised at that. It's an argument I went into expecting to lose and they came back and said, "Okay, maybe you have a point." But it is a DoD requirement to use McAfee as the antivirus solution.

How was the initial setup?

The initial setup was straightforward. We downloaded the software, put it on a disk, sneakernetted it over to an isolated network, dropped it in the drive, initialized it, and enabled it. It was pretty easy.

What was our ROI?

It's satisfying our requirements at a very high level. That's a return on investment. I don't have a metric, but the results are very good.

Which other solutions did I evaluate?

This solution was chosen for me. I didn't make the decision.

Last year at RSA, Malwarebytes had a booth. I was talking to the vendor and he had some very interesting research. I won't go into too much here, but he had a graph on how many threats McAfee misses, how many Symantec misses, and how good Malwarebytes is, of course. He was trying to sell their software. He said Malwarebytes is a stopgap between the two. We could use it as he suggested. The problem with that is that when you have multiple antivirus engines installed on a machine, they identify each other's threats and cancel out each other's work. It doesn't really work that way. 

But I have to look at the results. We haven't had a malware incident as a result of the Semantic solution that we have on 95 percent of our machines. We actually have McAfee on two machines because they are for a different customer and it was easier to do that.

What other advice do I have?

If you make the investment in tech, in updated hardware and software, there are other tools - here we are at RSA 2019, those tools are all over the place. There are other tools that are not single-point solutions. You can solve a whole lot of problems for a lot less money if you're using updated hardware and software rather than old stuff, end-of-life, where you just have one other thing that you have to take care of it. You can put an umbrella over everything with a bigger, newer, better product. But you have to have your hardware and software up to date, rather than the situation that my organization is in.

Semantic an excellent product. It's really just the timing that I mentioned earlier that doesn't work well for us.

On the other hand, we haven't had a breach. We haven't had any issues. We haven't had any incidences of malware popping up. But that's more due to the isolated aspect of our networks. We're not touching the outside, so it's really hard for anything to get in. But disks can be sneakernetted in, hard drives can be brought in, USBs can be brought in, mistakes can be made. Not everything is malicious. Sometimes there is just incompetence involved where somebody hooks up something that they're not supposed to and you have exposure. But we haven't seen any threats related to any of that kind of behavior. I can't really say that we have had a case where anything has gone bad.

In terms of security maturity, we're "mature" in the sense that we're ancient, using old equipment that has reached end-of-life. It's really from the old-age home, it's so mature. We're in dire need of tech refresh and I don't have the budget to support that. But if you unwrap that and look at it from the other side, what would we do without it? 

But the real mitigator, the thing that's actually protecting us, is our isolation. We have isolated systems so nothing can get at us. If I get audited, I'd better have antivirus definitions loaded up, current ones. But it really has not affected our security maturity.

If it wasn't for the exception that I mentioned, Symantec Endpoint Encryption, would have been 100 percent successful and I would have to have given it a ten out of ten. With that exception, I have to knock it back to 90 percent, a nine out of ten because, as I said, we're exposed.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Security Analyst at a tech vendor with 11-50 employees
Real User
We can handle remote people very easily with it
Pros and Cons
  • "The management console gives us the ability to quickly control who sees what, ensures we are on the latest version, and up-to-date."
  • "I would like them to have integration with a wider range of non-Symantec products."

What is our primary use case?

The primary use case is just endpoint protection. It is the basis of our whole infrastructure for security staff.

How has it helped my organization?

It ensures that we are kept on the same page of the latest version, as updates are being rolled out.

We can automate the solution. It is very simple, and we can handle remote people very easily.

What is most valuable?

The management console: Being able to quickly control who sees what, ensures we are on the latest version, and up-to-date.

We now have visibility on our metrics.

What needs improvement?

I would like them to have integration with a wider range of non-Symantec products.

It is the industry standard product with the common set of features, but we would like extra features added on.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

It is pretty stable.

What do I think about the scalability of the solution?

We are a small company. We have had no issues with the scalability nor do we anticipate issues as we grow.

The product works best with large companies, but if you will be opening multiple branches (scaling up), the product may be a fit for you.

How are customer service and technical support?

The technical support is very good and responsive.

Which solution did I use previously and why did I switch?

I don't know what they had before because I am new to this role.

How was the initial setup?

At first, the initial setup was a little complex. Once I understood what I needed to do, it became straightforward. So, initially, there was a bit of a learning curve. For example, I needed to understand that I wasn't overpaying for the number of seats that we needed based on how we expected to scale up for that number of employees that we had.

We upgraded to the latest version within the last six months.

What's my experience with pricing, setup cost, and licensing?

It can be expensive. However, if you plan to scale or are at a large enterprise company, this product could be what you need.

Which other solutions did I evaluate?

I used to work at Symantec, so the team chose the solution based on that. There wasn't a rigorous evaluation process. Though, I am sure that we also looked at Palo Alto Networks.

What other advice do I have?

Give it a serious look.

Our security team is more on the immature side rather than the mature side, as we build thing out. This automated solution puts us at the base level where we can get better. We went from not being happy with what we had to this product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user8682 - PeerSpot reviewer
Consultant at a tech company with 10,001+ employees
MSP
Master Boot Record (MBR) Corruption and PGP Whole Disk Encryption (WDE)

Today is a big deadline in work. The point when weeks of work move from development to production (via numerous sprints/releases to UAT). The culmination of the development team and my efforts over the last two months. As with most IT projects the last two weeks have been a bit fraught, testing us as we prepare to launch a new suite of Cognos reports.

Today is also the day my Thinkpad has decided to corrupt its master boot record (MBR). Preventing my laptop from loading its operating system. Thankfully Microsoft (and third parties) provide bootable utilities to repair MBRs. However…………

Master Boot Record Corruption / Failure
Master Boot Record Corrupt. FAIL!

My MBR failure is complicated by IBM (sensibly) requiring us to use Symantec’s PGP Whole Disk Encryption (WDE). PGP’s WDE protects our laptops, and any sensitive data on them, in the event laptops are lost or stolen. As a mobile worker, and someone regularly on the move, WDE is a nice saftey blanket. Yes, I know it has venerablities and yes, if someone really wants the data on my laptop they will get it. But for additional security and if the laptop is lost it provides some reassurance. It’s also company policy, there is no point in fighting it.

Update: I was wrong about PGP being crackable. Support are able to sort a forgotten password because we run a support server and since 9.7 there are backups in place to recover a forgotten password. But there is still no known published way to crack PGP WDE. E.g. If you can’t decrypt the hdd, the data is lost. On one hand this makes me feel safer about the loss of a laptop and on the other it makes me glad I have most of my data/files backup up. A reminder that I also need a better backup solution for a hdd failure.

With the entire hard disk drive (hdd) encrypted I can’t use a utility program to fix the MBR. The utilities require you to boot from them and in so doing they skip PGP’s BootGuard. BootGuard lets the OS use the encrypted hdd.  Until the hdd is decrypted the utilties can’t access the MBR, it’s encrypted and the booting hdd doesn’t even appear. Thankfully, I keep my PGP up to date and the right recover CD handy. Recovery Images can be downloaded here:

https://www.symantec.com/business/support/index?page=content&id=TECH149679

Key to know which version of PGP you have. If you can boot into PGP’s BootGuard screen it’s easy to find out: Selecting ‘advance’ instead of ‘continue’ from the options will display the version and other options to assist in recovery. Since a similar failure in 2009 I keep a note of the PGP version I’ve installed (including any service packs). Just incase PGP’s BootGuard also fails to load. It’s not unheard of for both MBR and PGP BootGuard to be corrupted at the same time. Not knowing which version of PGP 9 I’d installed, combined with the bad sectors that caused the HDD to fail, resulted in my old drive being scrap.

Symantec provide a guide for how to recover from this situation here:

https://www.symantec.com/business/support/index?page=content&id=TECH149345

With the matching version of the recovery disk in place I booted off the recovery CD and tried to let Windows boot itself. In rare cases it’s possible that using the Recovery CD instead of the BootGuard installed on the machine will let Windows boot. Sadly this wasn’t the case, I still had an MBR issue. Back to the drawing board, the next step is a longer one: Rebooting off the Recovery CD, entering my password and then pressing ‘D’ to decrypt the entire hdd. We’re now at 90% having started at 9am this morning.

The laptop hdd is 250gig capacity, of which 80gig was in use. I’m hoping the first 80gig takes the longest to decrypt. Ideally the final170gig will be a lot quicker, as it’s empty disk space. I’ll leave it over night and then all being well use MS’s MBR fixer tomorrow. If anything goes wrong or the laptop gets disrupted during the decrypt, all data is lost. Not the most relaxing situation to be in but I have 90% of my data backed up. All my work is stored on IBM’s cloud and I only stand to lose several recently archived locally emails. The main loss will be time in having to rebuild my Thinkpad. As a worst case this isn’t too bad, but fingers crossed I can full decrypt the hdd and recover my current MBR.

Update: Sadly my 80gig and free space decrypting quicker theory has been proved wrong. It’s now at 38% left to go and hopefully will be sorted in the early hours of Tuesday morning (3.5 days to decrypt 250gig). Keeping everything crossed it keeps going and finishes, allowing me to fix the MBR and recover all my data / Laptop. Decryption takes a fraction of the time if the hdd is mounted as a slave on another system. Lesson learnt! From now on I’ll run two hdd and regularly clone (more on this to come in another post).

BootGuard, PGP's Recovery Disk93% – Not going anywhere for a while…………..

Before starting a decrypt via the recovery CD I googled alternative options. If you have a second machine with the same version of PGP installed you can plug the hdd in as a slave (via a USB caddy) and use PGP on the local machine to decrypt the hdd. This is the fastest way, sadly I don’t have another machine with PGP installed.

Update: Plugging the hdd in via a USB caddy / as a slave in a second machine is a lot faster because the Recovery CD is limited to 16 bit processing. If in Windows / Linux or OSX the decryption process can be run at 32bit and takes a fraction of the time. With hind sight waiting for SC to get home and pinching her work laptop would have been a better bet. It’s at 83% now with a very slim chance of being finished by Sunday. At least it’s still going. No physical hdd errors, yet!

I used to backup an image of my machine but Windows 7 made this harder and since upgrading I’ve taken to using IBM’s could to backup all of my work and accepting that if I had a failure I’d need to get an additional machine from IBM and rebuild it. Having now tested this theory it doesn’t work!

The new plan
The Plan comes in two flavours: Get a smart phone and improve laptop & return to weekly disk cloning.

1. Smart Phone: 99% of my work calls are handled by VOIP but I’ve been toying with getting a smart phone for work as a backup access to my work email, calendar, instant messaging and terminal services. Four key components of my day job that I’m currently without due to my laptop decrypting (and being corrupt). As a result I’ve bitten the bullet and ordered the Asus Fonepad. It’s not the best spec but a Galaxy Note II is out of the question at the moment. I hardly make calls on my work phone thanks to VOIP. If I did have to make a call I always have my iPhone5 with free minutes to make an emergency work call while out and about. The concept of a 7inch tablet that doubles as an emergency phone (and can be used with my headset) for £180 delivered was too good to get hung up on the negatives (slower processor and you’d look like a sketch from Trigger Happy TV if you tried to make a call in public on it!). I’ll post more on this when it arrives.

2. SSD and Weekly Cloning: My boss has an SSD drive and the boot times + smoothness of operation have always appealed. I’ve been waiting since I had a reason to rebuild the laptop to get one and this is it. I’ve ordered a Kingston Value 120gig drive after reading this review:

https://www.hardocp.com/article/2013/01/28/kingston_ssdnow_v300_120gb_ssd_review/#.Uc1wrj7F1SU

The time it takes to boot my Thinkpad always frustrates me. Even since upgrading from 4 to 8 gig of RAM it’s still sometimes hangs while paging and under heavy loads. Hoping the SSD will also prove more reliable. My Thinkpads travel a lot, the one before clocked over 100k miles. Combined with being on 5 days a week, most weeks of a year, it’s no wonder hdd fails / issues like this occur. With no moving parts an SSD should prove more reliable. It also means I can keep my current drive as a spare (if it’s not beyond repair) and regularly clone the SSD as a backup. More on this to come after the SSD swap and hopeful recovery. A new backup strategy is required (feel free to suggest any ideas in comments, or to laugh at my expense).

For now the Thinkpad is slowly chugging away decrypting and I’m off out to recover and watch Knee High Perform: https://www.kneehigh.co.uk/show/tristan_yseult.php

Thanks to my teams’ efforts and with lots of phone calls the release has gone to UAT and we’ll go live first thing Monday morning. Wish me luck and for a working Thinkpad asap :) .

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user8535 - PeerSpot reviewer
Architect at a tech company with 10,001+ employees
MSP
Quick comparison of disk performance before and after full disk encryption

The following measurements were taken with a Lenovo Thinkpad W500 with 8Gb ram & running Windows 7 SP1+fixes. The CPU is a 2.5 Ghz core duo.

Whilst not intending to do a thorough controlled test, I thought it would be interesting to see what the effect of Symantec PGP encryption might be on I/O performance

Here’s my SSD before encryption

And here’s the same afterwards

Write speed has roughly been quartered whilst read speed is a little over half

Given this is an SSD the overall throughput is still decent, though this came with a significant increase in CPU – in fact this is now the limiting factor it seems, with the “System” (ie kernel) showing maxed out CPU whilst previously this CPU wasn’t noticeably high

With the hard drive the before measurements were :

Pretty consistent and average for a hard drive. Now adding encryption

Nowhere near such a bad effect – less consistency, but due to the lower data rates the cpu load was lower, and not so close to being maxed out.

This was all done on an idle machine – so the biggest impact will be heavy UI when the system is busy. I expect bootup to be quite a bit slower for this reason

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Endpoint Encryption Report and find out what your peers are saying about Broadcom, Microsoft, McAfee, and more!
Updated: August 2022
Product Categories
Endpoint Encryption
Buyer's Guide
Download our free Endpoint Encryption Report and find out what your peers are saying about Broadcom, Microsoft, McAfee, and more!