Item: Symantec Endpoint Security
Rating: 6
Author: Kurt Ferguson

Use Cases and Deployment Scope

We use Symantec Endpoint protection on all Desktops, Laptops, and Servers. This is across all departments of the organization. It addresses the need for anti virus software within our organization. We use Microsoft Windows exclusively, so this pertains to Windows Server 2008, Windows Server 2008 R2, Windows Server 2012 R2 for server operating systems. We have it deployed on Windows 7, Windows 8, and Windows 10 for endpoints.

Pros and Cons

It's easy to manage. Installation of a premade package is very straight forward and generally goes without incident.
It's fairly reliable at detecting malware and viruses in Windows.
It's updated frequently, so new threats are updated at least daily.

Removing dead clients from the console. This is nearly impossible to do, and makes keeping the console clean a very difficult task.
Poorly tested versions are sometimes released that cause serious issues for users. This ranges from browsers malfunctioning to BSOD errors.
Malware detection is good but not great. We are not confident in SEP by itself to neutralize malware threats. It's detection rate just isn't high enough for next generation and zero day threats.

Return on Investment

It has forced us to deploy secondary software to handle malware threats, as far too many of them slip by SEP unnoticed. We'd prefer not to have such an approach, but with SEP we aren't fully protected without such additional software.
The CPU footprint vs other similar products wastes extra CPU cycles on scanning, causing us to need larger ESX hosts for a given number of VM's, due to the overhead from the SEP client.
On more than one occasion, a bad update has caused significant business impact, causing us to heavily consider a different product when our next renewal period is up.

Alternatives Considered

Sophos Endpoint Protection, Kaspersky Endpoint Security and Malwarebytes

I actually didn't make the decision to go with Symantec at all. It was already in place when I started working at my current employer, and we have not yet had the opportunity to replace it. I replaced it at my two previous employers with Sophos Endpoint Protection, which was overall a much better choice for a variety of reasons: 1) They never released updates that broke Windows; 2) They had a higher detection rate for Malware than Symantec; 3) Cost was substantially lower, 4) Support was much better and more thorough; 5) The Management Console was much cleaner and easier to manage
I consider Symantec to be an average product that will be sufficient for some companies, but overall I think there are better options available. Some of those options are cheaper (Sophos), and some are more expensive (Kaspersky). If you are heavily invested in Symantec already, it may make financial sense to use it, but I'd highly recommend accompanying it either with dedicated Anti Malware Software (Malwarebytes), or Next Generation AV (Carbon Black).

Other Software Used

GoToAssist, RealVNC, Skype for Business

Likelihood to Recommend

Symantec Endpoint protection is, in my opinion, a somewhat mediocre product. It does a decent job of detecting traditional viruses, and an OK job of detecting malware threats. The hybrid approach they employ for virtualized environments leaves a lot to be desired compared to options for other products which allow you to install a VM on the ESX host to do scanning of VM's. It is annoying to have to install the SEP client on every single machine that you want to have protected. The Symantec hybrid approach means that the same exact version of a file won't be repeatedly scanned, but it doesn't really make up for having to have the client installed on every single VM you want to protect. This consumes a lot of extra resources, especially during daily/weekly scans.

Symantec Endpoint Protection...it's not for me, and possibly not for you, either.

Overall Satisfaction with Symantec Endpoint Protection