microsoft-defender-atp-vs-symantec-endpoint-security

Symantec Endpoint Security (SES), now from Broadcom, and Microsoft Defender Advanced Threat Protection (ATP) are endpoint security and antivirus solutions targeted at enterprise level customers. They are direct competitors. Both solutions are deployed at companies of all sizes, with greater frequency of usage at larger companies, as that is their focus. Given their enterprise focus, both products boast advanced features such as pro-active protection and EDR, and centralized endpoint security management that can be conducted from an administration console by a security or IT admin.

Features

Both Symantec Endpoint and Defender ATP show distinct advantages for different use cases.

Users favorite features of Microsoft’s endpoint security solution are that it is extremely lightweight and delicate on the system, and potentially “free.” That is, if you have Windows 10 Enterprise or Microsoft 365 Enterprise, then you have it already (individual licensing was made available in 2020, however). Beyond this, users enjoy the centralization and visibility of endpoint health it makes available. They particularly like the proactive monitoring it conducts with a very low footprint.

Users say Symantec Endpoint Security is easy to set up and maintain. Its core function of antivirus protection against known threats is said by some to be the most comprehensive option available, with frequently updated virus definitions. Besides the strength of its core function, users also praise its extended features, such as email scanning and protection against web based threats.

Limitations

There are also limitations to each  endpoint protection software.

For instance, users point out that Microsoft Defender ATP has a relatively low detection rate against competitors.Others say that Defender ATP also manages to produce more than a desirable rate of false positives. This can block legal and safe operations, particularly from third-party apps, while being oblivious to some of the more obscure threats at the same time.

The strongest criticism of Symantec Endpoint Security is that its scan takes a long time to complete. If it is scanning an endpoint that has relatively weak specs, then SES can be a resource hog, making it difficult to multitask with other activities on the machine while it is being scanned. Also, SES appears to present an unusually high rate of technical issues, such as causing driver malfunctions and conflicts with third-party software.

Pricing

Broadcom is updating Symantec Endpoint Security (SES). Editions that were available through VARs and Symantec partners and purchasable on an annual license have recently been discontinued, including Symantec Endpoint Protection (SEP) and Endpoint Protection Cloud (SEPC). Broadcom appears to be pivoting away from supporting midsize businesses. Symantec Endpoint Security Complete, and Endpoint Security Enterprise are still available, and pricing is between $15 to $19 to protect a single endpoint for a year. 

Users of Microsoft Defender ATP generally don’t buy it outright, but acquire it through a Microsoft 365 or Windows Enterprise license. Defender ATP is available standalone (since 2020) via resellers and Microsoft Gold Partners for about $5 per user for 5 machines, or $2.50 for educational institutions.