Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.
$2.50
per user/per month
Symantec Client Management Suite
Score 3.5 out of 10
N/A
Symantec Client Management Suite is designed to automate time-consuming and redundant tasks for deploying, managing, patching, and securing desktops and laptops so organizations can reduce the cost and effort of managing Windows, Mac, Linux, and virtual desktop environments.
I can definitely tell you where it’s more suited, because we haven’t come across any less appropriate scenarios. But definitely in regard to how we centrally manage our user space and our endpoints, it’s been beneficial from an API perspective and is really transferable, with strong collaboration with our Azure stack. It works very well.
Whenever you have computers that aren't easily accessible or you have a big site to cover (or multi location), Symantec Client Management Suite (CMS) is really great to manage all your computers, if it's for installation, software, licenses or even status. Setting up all you need from CMS can take some time, especially when you're in a multi-location site. We had to ask the Symantec engineers to help us a couple of times and set things up because even if we followed the documentation, it wasn't an easy task. But at least, the Symantec engineers are people that know what they do and they're really efficient at it.
Definitely on the threat action and response. We didn't have a stress-response option before, but the dependent brand point provided it instantly. Also, it's doing UVA and machine learning, which we didn't have before. So it's definitely providing more sophisticated threat-detection capabilities than we had before.
Patch Management: We are able to easily deploy patches to all our workstations and accurately report on compliance.
Software Delivery: We do a lot of software deployments to our end users and with CMS we can quickly create policies or tasks to perform these deliveries and get quick results on our success or failures.
Inventory: Ease of use to get reports of what workstations have what software installed, patch levels, or hardware specifications.
The only thing is sometimes, because Microsoft has so many platforms, it gets a little confusing, like am I in the security platform? Am I in Purview? Where am I at right now? Because there's so many sites that are kind of doing a lot of the same thing, and so that does get a little confusing from time to time, but outside of that, it's a pretty good product.
More transparency with the roadmap would be a welcome change. New and upcoming features are usually a surprise until a major Symantec Event takes place but little is heard about those features before and even after, in some cases, leading up to a release.
Documentation for some items is poor. Especially around the Workflow product. It was intended that the documentation for the elements in a workflow would be crowd-sourced, which is a good idea, but in order for that to happen, more people need to be using it and taking the time to draw up the documents.
Cost. Its always a big topic, especially in higher-ed, but Symantec could do more to lower its costs for some product lines in order to gain more acceptance and support. If that was done and more institutions could get their student workers to use the product, once they leave college and go into the "real-world" there is a possibility that they would start recommending Symantec products because of their use in College.
Cost add-ons for Security features is nickel and diming the process to keep pace with cybercrime. Limited Education budgets require us to be more pro-active in finding cost-effective measures to protect our devices, staff and students. Defender is a strong, well-featured product that is pricing itself out of the education market
Microsoft Defender for Endpoint is a great EDR to have that works quickly and silently in the background and it integrates well with other Microsoft services. As an IT manager, I can appreciate that I do not get bombarded by alerts for every small detail. On the flipside, the management site can use some work in being more clear and should be more streamlined so I'm not clicking through multiple pages to figure out what happened
Microsoft Defender for Endpoint chugs along just fine no matter what we throw at it and what systems it's running on. It doesn't take up a lot of resources either, so that's welcomed.
The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session
Support at Symantec isn't that great. Client Management Suite isn't even listed on the Support Portal when trying to open a ticket. Your best bet for support is actually the user groups that Symantec hosts. The members of the groups are usually very responsive. With Broadcom buying Symantec, I've seen a huge jump in personnel leaving Symantec, so I'm assuming the support is just going to get worse. Recently for a simple question, I reached out to 5 people just to find out 4 of the 5 had left the company.
Deployment was handled by our team here and everything went pretty smoothly. We did have a few hiccups in our test group, but that only took a bit to get ironed out.
Previously, we've used Sophos. We've used, way back when, McAfee, Norton, Symantec, all those. And we finally settled on Microsoft Defender for Endpoint. We're a Microsoft technology stack shop. So obviously it was natural. It's built into Windows, so we're not adding additional agents. Some of the other vendors and their agents, for a while, would compete with CPU usage. And so it actually slowed down the machines. Because Microsoft Defender for Endpoint is built into the Windows product, Microsoft is going to ensure that it does not affect the other productivity tools that a user may use.
Although there are other tools that can be utilized I don't believe those tools are as robust as Symantec Management Platform. The Symantec Management Platform was chosen because of the value it returns internally and for our customers. You can pull just about any data element from an endpoint and provide detailed reports or great graphs for the C-Level
