We performed a comparison between NetWitness XDR and Symantec Endpoint Security based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Ability to get forensics details and also memory exfiltration."
"The product detects and blocks threats and is more proactive than firewalls."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"The product's initial setup phase is very easy."
"Forensics is a valuable feature of Fortinet FortiEDR."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Fortinet is very user-friendly for customers."
"The most valuable feature is the way it captures the traffic, and it contains every detail of the communication."
"It helps our security team respond more accurately when there are threats, then we get less false positives or negatives."
"We've contacted technical support several times. They've been very good. They have been able to help us resolve our issues."
"NetWitness Endpoint's most valuable features are its interoperability across many different operating systems and the ease of pivoting from network to endpoint via a single console."
"Ability to isolate the machine when there are malicious files."
"It is stable. We have been using it for some time, without any issues."
"It's a scalable solution. We have around five to eight customers using RSA NetWitness Endpoint, and we hope to increase the number of users."
"They have recently updated the features and the most valuable ones are the instant threat response, ease of use, web interface, integration, and easy access. RSA NetWitness Endpoint is very compatible with other solutions and technologies. However, they do not rely on third-party solutions and have most features built-in."
"All Symantec Endpoint Protection (SEP) features, such as anti-malware, zero-day attack protection, and IPS features, are valuable."
"The antivirus and antimalware features are good."
"I have found the central control console the most valuable feature."
"This solution has helped us because it is really useful for blocking all kinds of viruses."
"We are using it on 1,600 computers. All the systems and servers are protected with the Symantec solution. Our environment has an uptime of 99.9% because we never had any attack or issue related to viruses. There is zero downtime."
"It's a good proxy to control the user's access to the website."
"SEP, the entire suite of components, provides good endpoint protection."
"Some important features that are included are the built-in firewall and device control."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"Detections could be improved."
"We'd like to see more one-to-one product presentations for the distribution channels."
"The solution is not stable."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"It takes about two business days for initial support, which is too slow in urgent situations."
"RSA NetWitness Network could improve on integration with non-native application integration."
"Its price could be improved. It is an expensive product. Its training is also too expensive. It would be great if they can have a better pricing scheme for the training."
"The integration of the solution needs to be improved. The dashboard needs lots of updates as well. In the next release, we would like to see advanced fraud detection features."
"The threat intelligence could improve in RSA NetWitness Endpoint."
"The contamination feature could be improved."
"This solution needs an upgrade in reporting. I have heard from RSA that they are working on this, but as of yet it is not available."
"NetWitness Endpoint's blocking feature does not work properly - if there's a malicious process, it's not possible to kill it via a custom rule unless and until it's flagged as malicious."
"The deployment process is complex. I don't know why, but this solution will suddenly stop working. Logs stop coming. Often, one thing or another stops working. Most of the time, one of my team members is working with troubleshooting and working with technical support. Log passing is also one of the biggest challenge."
"The enterprise edition does not report attacks on external devices."
"It's not cheap."
"Symantec Endpoint Security can improve management because it is difficult to do. It is not a straightforward tool to use. Additionally, the dashboards and reports could be better. It is difficult to understand what exactly is your current status."
"Symantec's application security module needs some improvement. You need to create a lot of fingerprints for application security. For instance, let's say I have different brands of ATMs in my environment, like Wincor and NCR. I use GRG to deploy an application control to whitelist some applications. I have to get the exact image of the different models of ATMs. When I tested in the past, some machines would not connect to the server without that."
"Using the management console is a bit complex. There are many features that we cannot use and we could use some help. We need some assistance to make them work better. They need to add features to make it simpler."
"More control features can be added, and its performance can also be better. Sometimes, the performance is not good when we access the cloud console. Moving to each tab is slow. The dashboard can be a little bit user-friendly. For some users, it is a bit difficult. If someone is a little bit familiar with it, then it is fine. Otherwise, it is hard to find policies in Symantec."
"I would like to see fileless attack protection."
"The Centralized Management could be improved."
NetWitness XDR is ranked 42nd in Endpoint Protection Platform (EPP) with 15 reviews while Symantec Endpoint Security is ranked 5th in Endpoint Protection Platform (EPP) with 140 reviews. NetWitness XDR is rated 8.0, while Symantec Endpoint Security is rated 7.6. The top reviewer of NetWitness XDR writes "Beneficial single unified dashboard, good native application integration, and high availability". On the other hand, the top reviewer of Symantec Endpoint Security writes "The solution has given us visibility into compliance within our whole system and helped us ensure everything is updated". NetWitness XDR is most compared with Darktrace, ExtraHop Reveal(x), SentinelOne Singularity Complete, CrowdStrike Falcon and Vectra AI, whereas Symantec Endpoint Security is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Trend Micro Deep Security and Cortex XDR by Palo Alto Networks. See our NetWitness XDR vs. Symantec Endpoint Security report.
See our list of best Endpoint Protection Platform (EPP) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.