Comprehensive endpoint protection for enterprises.
Grade: B — Score: 80/100
Symantec Endpoint Protection leverages cutting-edge technology to deliver robust security against malware, ransomware, and other cyber threats. With a combination of machine learning, behavioral analysis, and threat intelligence, it ensures that endpoints are safeguarded against both known and emerging threats.
The workflow is designed for seamless integration into existing IT environments, allowing for easy deployment and management. Administrators can monitor threats in real-time, respond to incidents swiftly, and automate security processes to enhance operational efficiency.
Organizations face significant risks from cyber threats that can lead to data breaches, financial loss, and reputational damage. Symantec Endpoint Protection mitigates these risks by providing layered security measures, ensuring that endpoints remain secure and compliant with industry regulations.
Symantec Endpoint Protection (On-Premises): Custom pricing (contact Broadcom or authorized reseller)
Symantec Endpoint Security Enterprise (Cloud/Hybrid): Custom pricing (per device or per user subscription)
Symantec Endpoint Security Complete: Custom pricing (per device or per user subscription)
Consider switching to McAfee Endpoint Security: Similar features with competitive pricing and integration capabilities.
Symantec Endpoint Protection (SEP) and CrowdStrike Falcon take fundamentally different architectural approaches. SEP supports on-premises, cloud, and hybrid deployments with a centralized management server (SEPM), making it suitable for organizations with air-gapped environments or regulatory requirements for on-premises control. CrowdStrike Falcon is cloud-native — lighter on endpoints and faster to deploy, but requires constant cloud connectivity for full functionality. CrowdStrike publishes transparent per-endpoint pricing (Falcon Go at $59.99/device/year, Pro at $99.99, Enterprise at $184.99), while Broadcom requires contacting sales for custom quotes. CrowdStrike has a higher Gartner Peer Insights rating (4.7 stars, ~3,000 reviews) and stronger EDR/XDR reputation, but SEP offers Adaptive Protection against Living-Off-the-Land attacks and access to the world's largest civilian threat intelligence network. Some enterprises choose Symantec for bundled pricing when they already use other Broadcom products.
Yes. Broadcom acquired Symantec's Enterprise Security division in November 2019 for $10.7 billion and continues active development. SEP 14.4 was released in January 2026 with a new web-based management console replacing the legacy Java interface, Peer Content Distribution for bandwidth-efficient updates, and expanded Adaptive Protection capabilities. Broadcom also announced Symantec CBX (Carbon Black XDR) in March 2026, combining Symantec's prevention technology with Carbon Black's EDR capabilities into a unified cloud platform. However, Gartner reviewers note customer fatigue from frequent product direction changes, and some users report that post-acquisition support and documentation have declined.
Broadcom does not publish standard pricing for Symantec Endpoint Protection or Symantec Endpoint Security. All contracts are negotiated through Broadcom sales or authorized resellers based on the number of devices or users, deployment model (on-premises, cloud, or hybrid), and selected tier (SEP, Enterprise, or Complete). A free trial is available. For context, competitors with published pricing include CrowdStrike Falcon Go at $59.99/device/year, SentinelOne Singularity Complete at $179.99/device/year, and Microsoft Defender for Endpoint at approximately $36-60/endpoint/year via M365 E5 licensing.
The three tiers form an ascending feature stack. Symantec Endpoint Protection (SEP) is the on-premises product with anti-malware, firewall, intrusion prevention, device control, application control, Adaptive Protection, and behavioral analysis — managed via the SEPM console. Symantec Endpoint Security Enterprise adds cloud-based management, mobile device protection, and a migration path from on-premises to cloud. Symantec Endpoint Security Complete adds full EDR (endpoint detection and response), threat hunting with attacker TTP analysis, Active Directory credential theft prevention, application isolation, and dynamic sandboxing. The Complete tier is required for organizations that need investigation and response capabilities beyond prevention.
SEP supports Windows (7 through 11, Server 2012 R2 through Server 2025), macOS (10.15+ with native Apple M1/M2/M3/M4 silicon support), and Linux (Amazon Linux, CentOS, Debian, Oracle Linux, RHEL, SUSE, Ubuntu). Note that 32-bit Windows support was dropped from version 14.3 RU6 onward — 32-bit machines must stay on 14.3 RU5. The management server (SEPM) runs on Windows Server. SEP 14.4 requires a minimum of 2 GB RAM and 245 MB disk space on clients, with the Linux client requiring 7 GB. The web-based management console (new in 14.4) requires 1024x768 display resolution.
Microsoft Defender for Endpoint is included with Microsoft 365 E5 subscriptions (approximately $36-60/endpoint/year), making it the most cost-effective option for organizations already in the Microsoft ecosystem. It offers native Windows integration, Intune management, and Azure AD identity protection. However, Defender's macOS and Linux support is weaker — it logged 24 missed detections in recent MITRE ATT&CK evaluations. SEP provides stronger cross-platform consistency, Adaptive Protection against LOTL attacks, and the world's largest civilian threat intelligence network. SEP also supports on-premises management for air-gapped environments, which Defender's cloud-dependent architecture cannot serve. Organizations in regulated industries often choose SEP for its deployment flexibility and Broadcom's SOC 2, FedRAMP, and GDPR compliance posture.
Symantec CBX (Carbon Black XDR) is a cloud-based platform announced by Broadcom in March 2026 that combines Symantec's prevention, Adaptive Protection, Data Security, and Cloud SWG capabilities with Carbon Black's pioneering EDR technology. CBX is designed for organizations that face enterprise-grade threats but lack the staff for complex security implementations. Key innovations include AI-powered Incident Prediction (forecasting an attacker's next 4-5 moves), the SymantecAI Security Assistant (trained on threat intelligence to help analysts investigate incidents), and Threat Tracer (visual attack workflow tracing across endpoints, networks, and data). CBX will be available through Broadcom's Catalyst Partner Program, with a migration path for existing SEP and SES customers.
Broadcom maintains enterprise-grade compliance for its Symantec security products: SOC 2 Type II (audit reports available on Broadcom's compliance portal), GDPR compliance, FedRAMP authorization (specifically for Symantec Cloud Secure Web Gateway and Gov Cloud), and ISO 27001. Authentication supports SAML SSO with multi-factor authentication (MFA) and PIV/CAC smart card support for federal and defense environments. Broadcom publishes certification and compliance audit reports at broadcom.com/support/saas/compliance-audit-reports. Symantec was named a Leader in the 2025 Forrester Wave for endpoint security.