June 25, 2019
Score 7 out of 10
Overall Satisfaction with Symantec Endpoint Protection
We have several deployments of SEP in our network, we use most of its endpoint protection features besides AV: device control, IPS, host-based firewall, and application control. We have another environment where we also use SEP for the deployment of WSS(Symantec Proxy), we use it on Windows(servers+workstations) machines as well as MAC.
- The AV has several detection mechanisms: signature based, reputation based and heuristic based.
- There is an option to turn an on-prem deployment into a hybrid deployment, so you can manage SEP in the cloud.
- Symantec really invested on integrating SEP with other Symantec solutions, so no need additional agents on endpoints.
- The device control feature was not changed in past product versions, it's still not the most convenient way to manage, the preconfigured hardware groups are not good enough. For example, no group for mobile phones.
- Application control and device control are managed in the same policy, so if you have a common app control policy but a different device control policy you'll need to manage 2 policies.
- The app control policy is very strong, still, the out of the box policies are basic, I'd expect Symantec to provide more of these out of the box.
- The reports are not the most elegant and sometimes it takes time to find the report you need. Graphics need to be improved.
- Depending on your network size, you may need a dedicated person to manage this product. SEP has many features and it takes time to learn them all and be able to implement on the network.
- The combination of features, and with the right configuration, you can block viruses, malware, and ransomware from damaging your network.
Today with the hybrid model, you can manage SEP in the cloud. Mobile/remote employees will still be able to sync logs and get policies without a VPN connection to the office. Symantec Ecosystem is very good if you seek for other security solution such as web proxy, DLP, EDR, etc. The products integrate with each other and you can achieve better policy management and also better visibility on your network. SEP is an agent-based solution, if you need an agentless solution this is not the product for you.