Symantec Endpoint Detection and Response Reviews

It is mostly used for malware detection and antivirus purposes.

The unpredictability of the pricing is a cause of concern.

It would be good if it can anticipate zero-day attacks. I don't know how it can be done and if it is even a feature of this product.

I have been working with this solution for more than three years. 

It is stable.

We haven't had any issue with scaling the product. Its scalability has not been an issue.

I have used Sophos in another company, but that was almost 10 years ago.

I was not a part of the installation team. When I arrived, it was already there.

Of late, because of the Broadcom purchase, its price has been increasing.

I would rate it a seven out of 10.

The primary use case of this solution is for protection.

The most valuable feature is that the same agent can act as the endpoint detection and response agent. You don't need to deploy an additional agent. As you do with other solutions.

If you try to deploy a new solution you have to replace the existing agent with a new agent, but with Symantec, you can use the same agent.

Reporting is a major issue, as it is not user friendly. It's the biggest challenge we are facing. I have raised this issue multiple times.

With virus detection, if one OEM vendor is detecting the virus at 1:10 am, within 24 hours all others will detect it. For example, Symantec will detect the virus, then McAfee will detect it then Trend Micro, all within 24 hours, everyone will have it covered.

In the next release, I would like to see the option to customize the report as per our needs, and better reporting in general.

I have worked with all Symantec products. Detection and response is a new technology that they have come up with and I have been working with it for two years.

If the solution is updated regularly then there is no challenge with stability.

This solution is definitely scalable.

The technical support is very bad. It's been outsourced. The level one support does not have the expertise to support people properly, from a technical perspective. 

I'd say that the level of understanding has been reduced as a result of outsourcing to a third party.

Previously, I was working with Trend Micro. Before the detection and response were included, I would have recommended Trend Micro. However, Symantec Endpoint has now taken the lead.

Endpoint detection and response have not been developed into Trend Micro.

The initial setup is straightforward. It's not complex. You will have to license it, then you are good to go.

If you try to establish the replication then you should plan it properly. If you do proper planning then it manages well. As an example, with one of my customers, I updated 3,000 machines that were in remote sites in less than a month's time.

The price is okay, but it really depends on the customer's requirements.

I am a user of Symantec as well as an admin with the Symantec support team. I was the technical support account manager and I would support other customers.

Symantec release updates two or three times per day. If you have a low bandwidth it will never get updated, although there are options to resolve this.

First, you have to decide on your requirements and what features you are looking for, then you can consider any endpoint detection and response solution.

There are good products on the market; there is one in particular that is cloud-based, where you don't need a single investment, but you will need to have good bandwidth. 

Before looking for any solutions the planning must be done.

Overall, this is a good product but it is still in the early stages and there are some improvements that need to be made.

I would rate this solution an eight out of ten.

In the past, we deployed for Government organizations and right now we are dealing with a financial institution that is considering implementing Symantec. We primarily work in the Middle East and Australia. We are Symantec partners and implement the solution for our clients. I'm a security engineer. 

I like the IPS , GIN and the user interface, they are good features and simple to use. In addition to that, I believe that Symantec is the only vendor that actually includes the deception technology component as part of SEP.

I think the network forensics feature could be improved. It's not part of SEP, but it's part of the package and I think that could be improved because we need the decryptor. Without  that you can't actually decrypt the SSL traffic going in the network. If the solution could be completely software-based, it would be a formidable product.

Symantec could include that as an additional feature, it's something that other solutions provide. Secondly, instead of just making it endpoint deception, they could make it network deception as well and that would make it a complete endpoint protection solution.

I've been using this solution for the last 12 months. 

The stability of the solution is fine. 

We haven't had any issues with scalability. Three months ago we put in a bid where they initially wanted 300 users, but then decided they wanted to scale up to 7,000 users. Symantec had no problem with that. It just requires preparation by taking into account the increased number of endpoints. 

Technical support is very good.

We used McAfee and Trend-Micro previously, but we didn't get many good reviews for the product. Once we switched to Symantec, the market responded well so we switched to pushing that. We depend a lot on market feedback and after speaking to a lot of cyber experts in the information security field, they said they wanted Symantec. It's pretty much based on market feedback. 

Deploying on-prem makes Symantec a very expensive product but if it's being deployed on cloud it's quite cheap. We lost a lot of bids when we proposed on-prem deployment because of the high cost. 

I would definitely recommend Symantec because the company provides great support from its engineers. Whenever we've had any issues, we give them a call and 10 or 20 minutes later, they make contact. They're also very good at helping us quote for tenders and they negotiate well. 

I would rate this solution an eight out of 10. 

The most valuable features are that:

• It is easy to connect
• Global settings are good

I don't see much room for improvement. I am not an analyst for this product. I just manage this product for an analyst. I like the dashboard, it has lots of information like threats and we can see activity on the dashboard. It shows new and unknown threats in the environment. This feature is very good for EDR monitoring and management.

We have been using Symantec EDR for the last year. We also have Symantec Endpoint Protection

We are facing our own issues that we are checking to see if it's secure. We are working on this with support but they are not able to fix that now. We haven't had any issues regarding the features. It works perfectly. 

Scalability is good. 

We have contacted technical support multiple times. They are good but not excellent. We had a few issues and it took them a long time to respond. 

We did the POC within one week and the entire deployment took one month.

It's a good product if you have a lot of SAP solutions. 

I would rate it a six out of ten. Not a 10 because it works on version 14 but SAP clients have some issues and EDR is different on SAP. That's why I wouldn't recommend it for other systems. It works only with SAP clients. That's why I'm giving it a six. It would get higher if it worked on all networks without the help of SAP.

The solution is mainly used for antivirus. When clients don't want a heavy agent on their system, they like to use a solution like this. This isn't a signature-based approach which isn't very effective.

Symantec has been a leader in the space. The threat intel they gather is very good. 

They have a wide presence across the globe. They often are the first to pick up on threats and malware. 

They have the capability to address zero-day vulnerabilities. 

They do have managed service offerings.

It is easy to set up.

The solution can scale well.

It is stable.

The pricing is reasonable. 

They need to improve their cloud presence. They need to keep developing prevention. Many OEMs are focusing on the detection part only.  They need to address the challenge of gathering false positives.

We do not need any extra features. 

I've been using the solution for two years now. 

The stability and performance are great. It is very stable. I'd rate it nine out of ten in terms of reliability. 

The solution is very scalable. I'd rate it nine out of ten. It extends easily.

They are leaders in this entire segment, and they have a good understanding of malware and antiviruses is very strong and their presence across the globe is very robust.

We tend to work with medium-sized organizations.

I've used CrowdStrike and they have done a good job in terms of using AI and ML behavior-based analysis. No signature is required on endpoint devices. When you scan devices, it does not decrease user performance. 

The initial setup is very easy to set up. I'd rate the initial setup eight out of ten in terms of ease of the process. 

Most customers are on-premises, although they do now have a cloud option.

The deployment generally takes a few days. 

The pricing is pretty reasonable. I'd rate it nine out of ten. 

I am a reseller. 

I'd rate the solution nine out of ten. Depending on the use case and the problem you are trying to solve, this is a decent solution. 

A great feature of this solution is that it is very well-integrated with antivirus software. Other ADR solutions are implemented as single technologies and are not integrated with the provider, but Symantec offers AV plus ADR.

I think we have experienced some technical issues because the company focuses mainly on bigger clients. They should treat every client equally instead of only targeting high-profile or high-revenue-generation clients. The focus should be client-centric, not only revenue-centric. 

Also, sometimes the solution fails to detect zero-day attacks, so that feature needs some enhancement because it is lacking compared to other solutions.

I have been implementing this solution for almost four years.

The stability of the solution is good. 

The scalability of the solution is quite good.

The turnaround time of the technical support team is quite good. 

The initial setup is a little bit complex because the solution gets integrated with the existing antivirus software.

The licensing costs depend on the number of endpoints that are involved. 

To anyone looking into Symantec Endpoint Detection and Response, I would say that it's the best solution that can be integrated with AV, thus providing better security posture.

I would rate this solution as an eight out of ten.

Symantec Endpoint Detection and Response is primarily applied to endpoints in the banking and telecom sectors.

If you want to protect yourself from zero-day threats, one option is to have Endpoint and the EDP, and if you don't want to have that combination, EDR is the best way to detect any exfiltration into the network, and then to respond accordingly.

The Detection vulnerability is very effective. It distinguishes Symantec Endpoint Detection and Response from its competitors.

It would be beneficial to have more integration and compatibility with other platforms.

I have been working with Symantec Endpoint Detection and Response since 2018.

We have two customers who are using this solution.

I am very comfortable with technical support. It is good for whatever product they have.

To deploy this solution, you will definitely require technical knowledge. It is not as straightforward and simple as other endpoints, but it is not difficult to deploy as long as you are aware of the technical aspects of it.

We need three sales engineers and backroom support to maintain this solution.

It's a yearly subscription.

I would recommend this solution to others.

I would rate Symantec Endpoint Detection and Response a seven out of ten.

We employ the latest version. 

Our clients make general use of the solution for endpoint detection. They are interested in its EDR capabilities. 

There is no need to do an additional installation for the EDR, as the one belonging to Symantec is pretty much dependent on the endpoint agent, which is already deployed. This is my favorite feature, as it saves a person from the complexity involved in the deployment of additional EDR agents. 

The solution should offer more features, such as ones which are forensic and timeline. 

The tech support was very bad in the immediate aftermath of the merger, although it is now slightly better. The problem came down to the ownership of the case. Support was horrible when the Broadcom entered the picture, but they have done much work in this area and things are mostly better. 

It would be nice to see more granular timeline analysis. 

We have been using Symantec Endpoint Detection and Response for ten years. 

While the earlier version had many bugs, the current version is relatively quite stable.

The solution is easy to scale and its methods of deployment are totally up to the needs of one's organization, be them on-cloud, on-premises or hybrid. 

Just following the merger, the tech support was very bad, although it has since slightly improved. Ownership of the case was the real issue. At the time when the Broadcom came into the picture, the support was terrible, yet much work in this area has since been undertaken and things are, for the most part, better.   

The setup is quite easy. 

I do not deal with the pricing. As such, I cannot comment on it. 

The method of deployment varies with the client. 

Rather than handling the implementation on one's own, it is important to engage a good system integrator. Although a person's expertise may make the process seem straightforward, the experience a good system integrator brings to bear can benefit one beyond what is written in the documentation. Such a person can evaluate one's infrastructure and advise on the best approach. 

I rate Symantec Endpoint Detection and Response as a seven out of ten. 

We are mainly using the solution to protect our computers from malware and other dangerous occurrences.

I have had absolutely no problem with using this solution, it really works well.

I have been using the solution for three years.

The solution is stable.

We are a small company and we did not branch out to know how scalable it is. We have under 10 people in the company using the solution.

Once or even twice I used the technical support and I was assisted almost immediately.

We have used McAfee and Trend Micro in the past.

The installation was very easy, the deployment took a couple of weeks.

We have a yearly subscription, and the pricing is fair.

I would recommend this solution to others. However, it is not possible to use it for small companies at this moment. It is not possible to buy it from the company itself, or resellers in other countries. If it is available, I see that it is offered as part of a larger service. For me, this was not suitable.

I rate Symantec Endpoint Detection and Response a ten out of ten.

We were using this product for our endpoint protection.

In Symantec, we have found that the most important feature is Application and Device Control. You can customize it to help stop attacks, and we have done that many times in our different environments.

Some fine-tuning is required because we often see false positives.

I had been working with Symantec Endpoint Detection and Response for more than six years. However, we are no longer using it because we are transitioning to another product.

This is a stable solution in our experience. We have read in the community communications that there are some corruptions that occur, which is something that should be fixed.

This product is scalable. We have approximately 3,700 users.

Technical support is not as good as we expect, and resolving problems should be more timely.

We are currently doing a PoC with Trend Micro. We are looking at Apex One and Deep Security. We are switching because we are interested in using a central management console in a cloud-based deployment.

Symantec has a cloud-based solution, but it not compatible with all of the departments in our organization.

I also have experience with the Websense solution.

Installing on a Windows Server was straightforward.

We have two people for maintenance.

We are currently using the trial version of the latest release. The price is really high and it should be lower.

I would rate this solution a seven out of ten.