My main use case for Symantec Protection Engine in our organization involves both scanning and protection. We have nearly 200 servers in our environment with the Symantec agent installed. I use Symantec Protection Engine daily as part of our business-as-usual activities, primarily for real-time scanning and protection across SharePoint, web applications, and servers.
Scanning is performed online during file transfers, with optional scheduled scans to catch any missed items. The incident response team at Kyndryl also leverages this tool, integrating it with other platforms to forward logs to our SOC monitoring team.
External reviews
12 reviews
from
External reviews are not included in the AWS star rating for the product.
Real-time file security has reduced incident tickets and improves threat detection accuracy
What is our primary use case?
How has it helped my organization?
Symantec Protection Engine's been a game-changer for us at Kantar—blocks like 80-85% of file-based threats right at the gateway before they hit our 200 servers, cutting down endpoint incidents big time.
The main win is that real-time ICAP scans on NAS and SharePoint uploads quarantine ransomware or phishing docs instantly with ML, so instead of 20+ CrowdStrike remediations a week, we're down to 8-10. SOC shifts save 1-2 hours daily on handovers thanks to the central dashboard and syslog feeds to ServiceNow, freeing us up for phishing deep dives with Trend Micro or CySA+ studying.
Also slashed MTTR by half on server threats 90 mins vs 4 hours by auto-exporting hashes for L3 analysis.
What is most valuable?
The best features of Symantec Protection Engine include machine learning, file reputation, and real-time scanning. It efficiently handles heavy loads through ICAP and cloud-based processing, reducing the burden on endpoints compared to Trend Micro and other endpoint security solutions. Its centralized control is also noteworthy.
Through machine learning, it detects both known and unknown malware and malicious URLs, in addition to performing signature-based scans that assist SOC teams in analysis. The solution is highly effective in leveraging both machine learning and file reputation. Regarding centralized control, it offers a unified management console for policy deployment and provides real-time visibility through dashboards, helping save significant administrative time.
Symantec Protection Engine has had a positive impact on our organization by enhancing our overall security posture. It effectively blocks a high volume of file-based threats across more than 200 servers, saves SOC analysts time in endpoint remediation, and streamlines compliance processes. It further strengthens security through real-time scanning and machine learning-based quarantine, blocking phishing payloads in SharePoint uploads before they reach endpoints, thereby reducing incidents by 30–40% compared to signature-only tools.
What needs improvement?
To improve Symantec Protection Engine, I suggest simplifying its integration with other tools, as it is more complex compared to Trend Micro and CrowdStrike. Making the integration process easier would be highly beneficial.
For how long have I used the solution?
I have used Symantec Protection Engine for approximately two to three years.
What do I think about the stability of the solution?
The reduction has positively impacted our team's workload, decreasing ticket volume by approximately 30 to 40 percent. This means less work for our SOC team, as they now receive fewer tickets. From a cost and resource perspective, this change has been beneficial.
What do I think about the scalability of the solution?
In my experience, Symantec Protection Engine offers efficient scalability, allowing the easy addition of multiple servers. While the on-premises setup depends on the capacity of the installed servers, in AWS we can easily scale from 200 to 500 instances—and sometimes even to thousands daily—through ICAP load-balancing mirroring.
How are customer service and support?
I have interacted with the customer support team for Symantec Protection Engine, and it was excellent to work with them. They provided solutions that were very effective.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have previously worked with multiple tools before using Symantec Protection Engine, including Trend Micro, CrowdStrike, and Microsoft Defender. I used these tools in different projects, alongside Symantec Protection Engine.
How was the initial setup?
Straightforward
What about the implementation team?
consultant
What's my experience with pricing, setup cost, and licensing?
Pricing for Symantec Protection Engine was decent.
Which other solutions did I evaluate?
I didn’t evaluate many other options before choosing Symantec Protection Engine, as it was already part of the project when I joined, so I couldn’t change it. However, I would recommend exploring other tools when the renewal opportunity arises.
What other advice do I have?
Symantec Protection Engine scans incoming content and occasionally raises alerts if it detects anything concerning. It is currently deployed on-premises in our environment. I recommend others consider using Symantec Protection Engine because it is cost-effective.
However, I suggest opting for the cloud version instead of on-premises or hybrid deployments, as the cloud offers better scalability and easier troubleshooting. Overall, I would rate this product 8 out of 10.
Which deployment model are you using for this solution?
On-premises
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Symantec worked well but I occasionally had issues
What do you like best about the product?
Symantec cloud had a really good mobile app so it was nice to be able to control things from my desktop or from my phone
What do you dislike about the product?
I occasionally had issues with Symantec Cloud Workload Protection. I would be unable to connect and I didn't know why
What problems is the product solving and how is that benefiting you?
Symantec Cloud Workload Protection let me access my company's information when I was remote
Secure system, pop ups are annoying
What do you like best about the product?
I like the security of the system. It is easy to use and access. I would recommend it.
What do you dislike about the product?
There are a lot of pop up boxes that continue to come up. It comes up when I restart my computer. The pop ups can be annoying but are a minor inconvenience for an overall good system.
What problems is the product solving and how is that benefiting you?
The system is secure and that is the primary benefit.
Was a reliable software
What do you like best about the product?
Symantec is a user friendly and reliable software that you don’t need to worry about. It’s there and does it’s job so you don’t to think about it which I appreciate.
What do you dislike about the product?
Can’t say I have anything negative to say about it.
What problems is the product solving and how is that benefiting you?
Security status and road mapping issues.
Good Protection
What do you like best about the product?
I enjoy the two-step verification that includes an additional device. It helps to ensure an additional step for safety
What do you dislike about the product?
The verification on mobile is not always recognized
What problems is the product solving and how is that benefiting you?
Safety of documents and working
Recommendations to others considering the product:
Ensure that all staff is up to date on procedures & how it works. Training is imperative
Protecting protected information
What do you like best about the product?
The ease of using the program is what I like best.
What do you dislike about the product?
How often renewal messages show up as the date approaches.
What problems is the product solving and how is that benefiting you?
It helps keep our confidential information safe and protected.
Cost Saving
What do you like best about the product?
Symantec integrates well with our systems in the cloud and provides peace of mind and security when accessing our files.
What do you dislike about the product?
Sometimes slows down the system a bit, but not to an unbearable level.
What problems is the product solving and how is that benefiting you?
Ability to visualize in real time any changes or threats happening within our system.
One of the best cloud security programs out there!
What do you like best about the product?
With so much of the world migrating to cloud-based storage, we can no longer assume we're safe. People have been attempting to hack into data-storage centers for years, and it's only worse now that they can pretend to be the employees who need to access that information.
What do you dislike about the product?
Well, unless you are a large corporation that makes a large profit, it's very pricey.
What problems is the product solving and how is that benefiting you?
We no longer have to worry that we're being hacked from anywhere around the world, and we know that we have the best software to do it.
Recommendations to others considering the product:
Highly recommended, the best is the best for a reason, and Symantec is the best by far at cloud protection.
Awesome product
What do you like best about the product?
It works seemlessly and effectively and is easy to mange among a group of people.
What do you dislike about the product?
There are some clitches in the system but they are a quick fix and it runs smoothly.
What problems is the product solving and how is that benefiting you?
That the work of the organization is protect and that others feel secure when sending and receiving information.
Symantec is more than norton
What do you like best about the product?
This solution has seamless protection without dragging down the computer's performance. Reports are easy to view and understand
What do you dislike about the product?
the upgrading process is continually ongoing
What problems is the product solving and how is that benefiting you?
virus protection, spam checking, browser protection, firewall protection, anti-spyware
showing 1 - 10