Carbon Black App Control is an application control product, used to lock down servers and critical systems, prevent unwanted changes and ensure continuous compliance with regulatory mandates.
N/A
Symantec Endpoint Security
Score 8.9 out of 10
N/A
Symantec Endpoint Protection is the company's flagship antivirus / endpoint security product.
$29.99
1 year 100-249 devices
Pricing
Carbon Black App Control
Symantec Endpoint Security
Editions & Modules
No answers on this topic
Endpoint Security, Initial Hybrid Subscription License With Support
$29.99
1 year 100-249 devices
Symantec Endpoint Security Enterprise, Initial Hybrid Subscription License with Support
$34.99
1 year 1-99 devices
Endpoint Security, Initial Hybrid Subscription License With Support
$90.99
3 years 100-249 devices
Symantec Endpoint Security Enterprise, Initial Hybrid Subscription License with Support
$99.99
3 years 1-99 devices
Symantec Endpoint Security Complete, Initial Hybrid Subscription License with Support
$200
3 years 1-99 devices
Offerings
Pricing Offerings
Carbon Black App Control
Symantec Endpoint Security
Free Trial
No
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
—
—
More Pricing Information
Community Pulse
Carbon Black App Control
Symantec Endpoint Security
Considered Both Products
Carbon Black App Control
Verified User
Anonymous
Chose Carbon Black App Control
VMware Carbon Black EDR and VMware Carbon Black Endpoint
VMware Carbon Black App Control [(formerly Cb Protection)] is just much more advanced and gives administrators much more insight into the security framework. The cost is higher but at the same time the features are much more advanced. It is also easy to move throughout the …
The big difference between Protect and Barkly/AMP is how exactly it goes about what it's doing. Protect is application whitelisting and program reputation. So the way it's protecting you is using a proprietary reputation service, and hash values to identify applications, and …
Symantec Endpoint Security seems to be a more mature solution compared with CrowdStrike, particularly when CS was just recently getting their USB blocking functionality rolled out for macOS endpoints this year. Another differentiator with CrowdStrike is that Symantec ES still …
Symantec Endpoint Security offers very similar features to the above products, they all do the same thing in terms of protecting your endpoints against cybersecurity threats. Installation wise the products all install from a central management system and report back to this for …
Symantec Endpoint Security stacks up very well against the competition. One thing that is very different about Symantec compared to the competitors is that Symantec will not steal all your PC resources and will run fine with most applications. Some other AV products are …
We've completed a POV on Crowdstrike Falcom Endpoint Protect and are very excited to move over to that platform and away from the Symantec protect suite. Crowdstrike has behavior based analysis and scanning, vulnerability detection, and best of bread support and managed …
In comparison with Microsoft Defender for Endpoint Symantec Endpoint Security has, in my opinion, more scalable file inspection/spyware/antivirus settings. Plus it is more stable in a multi-OS user environment. But it also has numerous issues with itself and related Symantec …
Cylance: (Active Engage) (Cost 4x Symantec [Endpoint Security]) Cylance is a good product but we have it through an MSSP and only have read-only. The certification and training for the entry [are] like 3 hours of videos but a smart person can just go in and look as the system …
We have evaluated McAfee, it degrades the performance of computers and also the feature set were not properly working, it also lacked the key features that we require, the cost is also higher, on other hand we also evaluated Microsoft system center endpoint protection it has …
Symantec Endpoint Production is hands down my least favorite endpoint projection software on the market today. It's a difficult endpoint to deploy, manage and remove. It's a heavy client so once you get it installed it consumes a large amount of resources on the endpoint. …
I have used competing software from different vendors such as McAfee, Eset, and Trend Micro. I found that Symantec Endpoint Security distributes its updates flawlessly and sends a very clear and comprehensive daily report. I also find the customer service very helpful once it …
Systems Administrator, Core Infrastructure & Microsoft Systems
Chose Symantec Endpoint Security
Symantec Endpoint Protection really shines against its competitors when it comes to centralized management. It falls a little short when it comes to cloud deployments.
More robust options and protections than Malware Bytes. Better overall detection and alerting to security issues. The overall ROI was better for us and we felt would also give us a stronger line of defense in our overall security strategy. We chose Symantec Endpoint because it …
Symantec Endpoint Protection outperformed all other competitor front-line antivirus products with more accurate signature detections and less false positives. We ultimately chose to pair SEP with Malwarebytes Anti-Malware to provide a more comprehensive security solution that …
I have used Symantec Endpoint Protection for many years successfully. I truthfully have not compared it to any of the other major alternatives out there, as Symantec Endpoint Protection has continued to get the job done.
Eset is better for on-premises integration. You install the administration console on a local machine, unlike Symantec Endpoint Protection, which is entirely cloud-based, and you can scan your network and perform silent installs. They seem to have a reasonable level when it …
We did use a mix of Symantec and ClamWin AV and after that a mix of Symantec and AVG for our store locations. We also tested Comodo and McAfee at one point. McAfee was too expensive for our budget and Comodo I believe just didn't deploy to our store locations easily. We did …
Our company has used both the Norton and Symantec systems for years. Therefore, I have never used any other system. We are so pleased with Symantec and have never seen a need to use any other programs.
The company decided to opt for Symantec Endpoint Protection because of efficiency and what it promises to do. Besides being an investment which has been used for more than 10 years. For any and all problems, the software presents a solution at the time, in addition to sending …
Symantec Endpoint Protection stacks up well against its competitors. It's priced very competitively. It's easy to install. Most important of all it catches viruses and prevents them from attacking one's computer.
It is more suited to lock down critical systems and servers to prevent unwanted changes, although you can use it on daily basis on laptops and desktops, it needs constant attention and events analysis. For some scenarios i.e. financial institutions it is a must-have solution, as App Control now is a requirement 5 of PCI DSS.
We have found that Symantec Endpoint Security is better suited to newer systems running faster processors and more than 8GB RAM otherwise the client agent takes up too many resources and slows the system down. However, if you have a reasonably modern fleet of systems it does everything you would expect from an Endpoint Protection solution and works well as part of a multi-layered cybersecurity policy.
Device Control - you can view and allow/disallow the ability for certain devices to be used in your environment. Specifically we used this with USB drives. If you have one you want to use - whitelist the serial number. The rest can't be used. Simple and easy.
Software blocking. If you have an extremely dynamic software base (I doubt this is likely) this could get a bit annoying, but for most organizations like ours where we have specific applications that are required, and then the rest are a bit of an afterthought, it's easy to whitelist the correct applications that you want to be able to run in your environment. The rest can't run (in high enforcement). Users are able to easily request new applications, and you can set certain groups to be able to approve it on their own.
Solid platform - with few exceptions setting up new software was very easy (Dragon Medical was a bit tricky, but worked through it with support). Once you have your rules set up and the initial setup done, you tend not to have to do much of anything except to update on occasion and deal with a few requests for applications to be unblocked, or publishes approved.
Removing dead clients from the console. This is nearly impossible to do, and makes keeping the console clean a very difficult task.
Poorly tested versions are sometimes released that cause serious issues for users. This ranges from browsers malfunctioning to BSOD errors.
Malware detection is good but not great. We are not confident in SEP by itself to neutralize malware threats. It's detection rate just isn't high enough for next generation and zero day threats.
Continued satisfied support. The saying "if it ain't broke, don't fix it..." comes to mind. It works, and we'll continue to use it and support Symantec.
The rating reflects Symantec Endpoint Security's ability to balance enterprise grade security with user-friendly workflows or advanced configurations require extra effort. For most organizations, the streamlined management and robust automation justify the high score. Management GUI is old fashined and need to be improve. Older devices may experience slowdowns during full scans without careful configuration.
We've used it for years and the software is easy to use. The dashboard is easy to read, and you can easily figure out where to go to troubleshoot or deploy software. Symantec is there for emergencies like backup restoration or file retrieval. It's pretty low maintenance. Symantec is there when your IT infrastructure needs it
Support is completely awful! You can never get anyone to help if you can even find a number to call. The support web portal is a joke and their response time if you're even able to submit a ticket is ridiculously slow.
The big difference between Protect and Barkly/AMP is how exactly it goes about what it's doing. Protect is application whitelisting and program reputation. So the way it's protecting you is using a proprietary reputation service, and hash values to identify applications, and then hitting a list of whitelisted programs to decide if you are able to run that or not, based on the policy you are in. There is a LOT of value in that. We actually are working on transitioning to Cisco Advanced Malware Protection (AMP). The main reason is cost (about the same cost as Cb Protect, but with (most of) the featureset of all 3 Carbon Black products for less than 1/3 of the total spend. AMP works differently, looking at a reputation service powered by Cisco's Talos cloud. You don't really have application whitelisting, but that also reduces how many "requests" you get for applications. So I'll have to find a different way to do whitelisting and USB blocking and the like, but I'm getting more visibility across my network and also built in antivirus (TETRA engine - ClamAV with some work). Barkly is an add that we are looking to put in as it looks at behavior of programs. So specifically it watches for privilege elevation and the like. Thus far all the big name problem children (WannaCry, other ransomware problems) have been caught natively in Barkly day 0.
Symantec Endpoint Security seems to be a more mature solution compared with CrowdStrike, particularly when CS was just recently getting their USB blocking functionality rolled out for macOS endpoints this year. Another differentiator with CrowdStrike is that Symantec ES still provides both on-demand scanning & real-time signature-based detection in addition to solely real-time machine learning detection whereas on-demand scanning and signatures are not available on CrowdStrike. This means there is a doubt as to whether we can use CS to comply with some of our PCI DSS obligations which specifically require the use of signature-based antivirus solutions.