Sold by: SymantecÂ
Deployed on AWS
Free Trial
Symantec Protection Engine for Cloud Services is a flexible and feature rich client/server application that provides primary and advanced malware and threat detection technologies for application data protection through a single yet simple engine maximizing your AWS protection and performance
4.2
Overview
Symantec Protection Engine for Cloud Services is a flexible and feature-rich client/server application that allows customers to incorporate malware and threat detection technologies into almost any application. SPE for Cloud Services provides access to innovate security that helps to ensure the safety of your information on the web. Symantec's file reputation service puts files in context, using their age, frequency, location, and other factors to expose threats that would otherwise be missed. Advanced Machine Learning tunes the solution according to scanning behavior. Protection Engine for Cloud Services includes Symantec's proprietary URL categorization technology and industry-leading malware protection for fast, scalable, and reliable scanning services that help you protect your data and storage systems against the ever-growing malware threat landscape. Alongside native Internet Content Adaptation Protocol (ICAP) support, Protection Engine for Cloud Services provides a full client software development kit (SDK) that enables customers to fully embed malware protection in business-critical applications, services, and devices. Platform support spanning Microsoft Windows, Red Hat Enterprise Linux, Rocky Linux and CentOS ensures that you can take advantage of market-leading malware detection wherever you need it. Rich, easy-to-use centralized console is now available for managing and monitoring all instances.
Highlights
- Advanced protection - Stop known and unknown malware and advanced threats before reaching storage through intelligent file and URL security capabilities, as well as file reputation and advanced machine learning analysis.
- Wide coverage and High Performance - Secure applications effectively on-prem, virtually, and in the hybrid cloud. SDK and ICAP support enables integration with most applications. Scale easily in large cloud and hybrid deployments. Achieve consistent, high performance even in heavy load cloud scenarios.
- Centralized management and monitoring console - Rich, easy-to-use centralized console is now available for managing and monitoring all instances. Policies can be customized and applied to scanner groups consistently and instantly through the console. Events, Alerts and Dashboards keep you vigilant on the security and health posture of your environment.
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 30 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
c5.4xlarge Recommended | $4.65 |
m5.4xlarge | $2.54 |
Vendor refund policy
We do not currently support refunds, but you can cancel at any time.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Additional details
Usage instructions
- Base image OS is Rocky Linux
- To connect to the operating system, use SSH and the username rocky.
- For further instructions see the quick start guide at the following link: https://knowledge.broadcom.com/external/article/218996Â
- By default REST API is enabled with default password on port 8008. To use REST API modify the AWS security group to allow inbound http traffic on port 8008. It is recommended to change the password before allowing access to REST API service. You should also allow only authorized IP addresses to access REST API
- If you want to use new Symantec Protection Engine console then it is required to enable REST API access.
- Installer of new console is available at /home/rocky/spe-console-installer.exe. You need Windows machine to install SPE console.
- For more information about using REST API and new SPE console check product documentation at https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/symantec-protection-engine/9-3-0.htmlÂ
Resources
Vendor resources
Support
Vendor support
Symantec Technical Support for this product is available via email. For product related queries email to esg-spe-aws-admins.pdl@broadcom.comÂ
NOTE: Broadcom regularly updates this product listing with new version/fixes. Always use latest version available. Broadcom support will be available only for non End-Of-Support versions.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Bitdefender
By Cloud Storage Security
Top
10
In Centralized Risk Management, Compliance and Auditing
Top
10
In Security, Storage
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Malware Detection
Advanced machine learning-based malware and threat detection technologies for application data protection
File Reputation Analysis
Contextual file scanning using age, frequency, location, and other factors to expose hidden threats
Integration Capabilities
Native ICAP support and full client software development kit (SDK) for embedding malware protection in business-critical applications
Platform Compatibility
Support for multiple operating systems including Microsoft Windows, Red Hat Enterprise Linux, Rocky Linux, and CentOS
URL Security
Proprietary URL categorization technology for comprehensive web-based threat protection
Threat Detection Mechanism
Advanced protection using machine learning and behavioral analytics to detect and mitigate known and emerging cyber threats in real-time
Scan Optimization Technology
Proprietary scan offloading and caching technologies deployed via Security Virtual Appliances to reduce infrastructure resource overhead
Cloud Infrastructure Integration
Deep integration with AWS ecosystem, enabling synchronization with Amazon EC2 and deployment across Amazon Machine Images
Automatic Remediation Capability
Automatic threat identification and system rollback to safe state without operational disruption
Security Coverage Scope
Comprehensive protection for file systems, memory, processes, and registry with integrated risk management and device control capabilities
Malware Detection Engines
Supports multiple virus detection engines including Sophos, CSS Premium, and CSS Secure for comprehensive malware identification
Scanning Models
Offers three scanning approaches: event-based real-time scanning, retrospective scanning, and API-based pre-write scanning for flexible malware detection
File Analysis Techniques
Utilizes static, dynamic, and forensic analysis powered by SophosLabs Intelix platform for comprehensive file examination without execution
Multi-Storage Platform Support
Provides scanning capabilities across Amazon S3, Amazon EBS, Amazon EFS, and Amazon FSx storage platforms
Security Configuration Management
Enables visibility into storage bucket permission policies and configurations through a unified dashboard with security assessment capabilities
Standard contract
No
No
No
Customer reviews
Abhimanyu Das
Real-time file security has reduced incident tickets and improves threat detection accuracy
Reviewed on Dec 14, 2025
Review from a verified AWS customer
What is our primary use case?
My main use case for Symantec Protection Engine in our organization involves both scanning and protection. We have nearly 200 servers in our environment with the Symantec agent installed. I use Symantec Protection Engine daily as part of our business-as-usual activities, primarily for real-time scanning and protection across SharePoint, web applications, and servers.
Scanning is performed online during file transfers, with optional scheduled scans to catch any missed items. The incident response team at Kyndryl also leverages this tool, integrating it with other platforms to forward logs to our SOC monitoring team.
How has it helped my organization?
Symantec Protection Engine's been a game-changer for us at Kantar—blocks like 80-85% of file-based threats right at the gateway before they hit our 200 servers, cutting down endpoint incidents big time.
The main win is that real-time ICAP scans on NAS and SharePoint uploads quarantine ransomware or phishing docs instantly with ML, so instead of 20+ CrowdStrike remediations a week, we're down to 8-10. SOC shifts save 1-2 hours daily on handovers thanks to the central dashboard and syslog feeds to ServiceNow, freeing us up for phishing deep dives with Trend Micro or CySA+ studying.
Also slashed MTTR by half on server threats 90 mins vs 4 hours by auto-exporting hashes for L3 analysis.
What is most valuable?
The best features of Symantec Protection Engine include machine learning, file reputation, and real-time scanning. It efficiently handles heavy loads through ICAP and cloud-based processing, reducing the burden on endpoints compared to Trend Micro and other endpoint security solutions. Its centralized control is also noteworthy.
Through machine learning, it detects both known and unknown malware and malicious URLs, in addition to performing signature-based scans that assist SOC teams in analysis. The solution is highly effective in leveraging both machine learning and file reputation. Regarding centralized control, it offers a unified management console for policy deployment and provides real-time visibility through dashboards, helping save significant administrative time.
Symantec Protection Engine has had a positive impact on our organization by enhancing our overall security posture. It effectively blocks a high volume of file-based threats across more than 200 servers, saves SOC analysts time in endpoint remediation, and streamlines compliance processes. It further strengthens security through real-time scanning and machine learning-based quarantine, blocking phishing payloads in SharePoint uploads before they reach endpoints, thereby reducing incidents by 30–40% compared to signature-only tools.
What needs improvement?
To improve Symantec Protection Engine, I suggest simplifying its integration with other tools, as it is more complex compared to Trend Micro and CrowdStrike. Making the integration process easier would be highly beneficial.
For how long have I used the solution?
I have used Symantec Protection Engine for approximately two to three years.
What do I think about the stability of the solution?
The reduction has positively impacted our team's workload, decreasing ticket volume by approximately 30 to 40 percent. This means less work for our SOC team, as they now receive fewer tickets. From a cost and resource perspective, this change has been beneficial.
What do I think about the scalability of the solution?
In my experience, Symantec Protection Engine offers efficient scalability, allowing the easy addition of multiple servers. While the on-premises setup depends on the capacity of the installed servers, in AWS we can easily scale from 200 to 500 instances—and sometimes even to thousands daily—through ICAP load-balancing mirroring.
How are customer service and support?
I have interacted with the customer support team for Symantec Protection Engine, and it was excellent to work with them. They provided solutions that were very effective.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have previously worked with multiple tools before using Symantec Protection Engine, including Trend Micro, CrowdStrike, and Microsoft Defender. I used these tools in different projects, alongside Symantec Protection Engine.
How was the initial setup?
Straightforward
What about the implementation team?
consultant
What's my experience with pricing, setup cost, and licensing?
Pricing for Symantec Protection Engine was decent.
Which other solutions did I evaluate?
I didn’t evaluate many other options before choosing Symantec Protection Engine, as it was already part of the project when I joined, so I couldn’t change it. However, I would recommend exploring other tools when the renewal opportunity arises.
What other advice do I have?
Symantec Protection Engine scans incoming content and occasionally raises alerts if it detects anything concerning. It is currently deployed on-premises in our environment. I recommend others consider using Symantec Protection Engine because it is cost-effective.Â
However, I suggest opting for the cloud version instead of on-premises or hybrid deployments, as the cloud offers better scalability and easier troubleshooting. Overall, I would rate this product 8 out of 10.
Which deployment model are you using for this solution?
On-premises
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Thomas L.
Symantec worked well but I occasionally had issues
Reviewed on Mar 14, 2023
Review provided by G2
What do you like best about the product?
Symantec cloud had a really good mobile app so it was nice to be able to control things from my desktop or from my phone
What do you dislike about the product?
I occasionally had issues with Symantec Cloud Workload Protection. I would be unable to connect and I didn't know why
What problems is the product solving and how is that benefiting you?
Symantec Cloud Workload Protection let me access my company's information when I was remote
Non-Profit Organization Management
Secure system, pop ups are annoying
Reviewed on Nov 16, 2018
Review provided by G2
What do you like best about the product?
I like the security of the system. It is easy to use and access. I would recommend it.
What do you dislike about the product?
There are a lot of pop up boxes that continue to come up. It comes up when I restart my computer. The pop ups can be annoying but are a minor inconvenience for an overall good system.
What problems is the product solving and how is that benefiting you?
The system is secure and that is the primary benefit.
Food & Beverages
Was a reliable software
Reviewed on Sep 29, 2018
Review provided by G2
What do you like best about the product?
Symantec is a user friendly and reliable software that you don’t need to worry about. It’s there and does it’s job so you don’t to think about it which I appreciate.
What do you dislike about the product?
Can’t say I have anything negative to say about it.
What problems is the product solving and how is that benefiting you?
Security status and road mapping issues.
Broadcast Media
Good Protection
Reviewed on Sep 28, 2018
Review provided by G2
What do you like best about the product?
I enjoy the two-step verification that includes an additional device. It helps to ensure an additional step for safety
What do you dislike about the product?
The verification on mobile is not always recognized
What problems is the product solving and how is that benefiting you?
Safety of documents and working
Recommendations to others considering the product:
Ensure that all staff is up to date on procedures & how it works. Training is imperative