Video Screencast Help

Do NOT buy Symantec Endpoint protection

Created: 10 Mar 2008 • Updated: 21 May 2010 | 22 comments

 
My company did recently buy the Symantec endpoint protection v11, to replace Trend Micro as the antivirus solution on all servers and workstations.

 
The setup worked  in a small test environment, but the problems started as soon as we were about to install the protection manager on a server and roll out the very first clients on our network.

The manager was installed on the same server that hosts VMware Virtual Center, BackupExec and Spiceworks.

Bad, bad idea…. 

We experienced issues that the management software never connects to the database (cant login) even if the ODBC is fine (connection OK) and all the procedures to describe in manual and by helping people with the same issues is done properly. But the big problems didn’t start until we decided to uninstall the management software….

The symatec installer/uninstaller messes up the VMware Virtual server service and installation, and now we have to reinstall all hosts and the virtual center/backupexec/spiceworks server from backup.

 
Thanks a lot Symantec, this costs our company lots of money to fix, lots of time, and puts us off schedule.

 
I have ordered personell to revoke the purchase, and you can be 100% sure that we will never buy anything from you again. And I will be sure to tell everyone in my IT network to steer away from this product.

 
Well done Symantec, fantastic job!

Comments 22 CommentsJump to latest comment

Dwayne Gibson's picture

Sorry Symantec but I have to agree with the poster above. I wish I had never upgraded to Endpoint even though it was a free upgrade.

I could go into the many, many, issues I am having with Endpoint, but I honestly do not have that much time. Just trust me when I say wait at least a few more months before changing from Symantec AntiVirus. I was told today there was an upgrade coming March 24th and hopefully we'll see improvements from there onward.

Dayron's picture
Ditto.
 
CA eTrust thanks Symantec for a job well done in increasing the CA client base.
 
Symantec... a name I have stopped hating... and just laugh at now.
JasonDS's picture

 I am SOOOO confused by posts like this!!! I have been rolling out SEP now since Feb 1st, to a global enviroment with over 60,000 clients and I have had minimal problems! Maybe I am not in the same boat as some of you as I have dedicated servers for client managment (they run SMS 2003, WSUS 3.0 and SEP11) but aside from a few small issue this is a GREAT product .

Uc3matt's picture
Looks like im going to have to agree as well. There is no reason to require IIS, Java, and a SQL database to run a managment interface. Sure its pretty, but its also a resource hog. We are having to upgrade servers just to be able to run this along with other vital network software. In some cases we have had to use dedicated servers just for this bloatware. The learning curve over SAVCE 10 is ridiculous. There are tons of new options and what is the same from SAVCE has been complicated. Here are a couple examples.
One of our larger customers had a deployment of 50 Clients and 1 server. This site did not recieve live updates for over 2 months. It took many man hours to correct the issue that should not have been an issue in the first place.
Another client cannot access the internet on any computer without SEP installed.... baffles us still.
Our own network is unusable when the server is downloading updates or distributing packages.
I have just un installed SEP from my notebook as it was using anywhere from 4-45% of the CPU at idle thus reducing my battery life.
In every "fix" for an issue it seems that Symantec releases another version to address the issue. The problem here is that it does not update automatically. You are usually required to manually update at least the server. We have now reconfigured 3 servers, at diffrent sites 3 times each. Everytime another set of issues comes up.
Symantec-- Please fix your software! We are currently looking at using another vendor to provide security
TTassos's picture
I have to agree with JasonDS.  We have deployed to several clients sucessfully in a variety of different environments. Yes, we survived the original issues, found the answers to the occasional small issues (because that what we do in this business) and the product is working well for us.
PeterTWJ's picture
Although Symantec Endpoint Protection caused moderate to heavy performance problem and other sorts of problem, but the only one good thing is, fast virus scan.
 
I tried other antivirus software from other vendors like McAfee, AVG, Trend Micro or others. When
Joe_T's picture
I too had an unbelievable amount of issues, some of them went undetected until recently.  I installed Endpoint Protection on our network workstations approximately 4 months ago.  On machines with decent CPU and memory, it didn't seem too bad.  However, several of our workstations which previously worked flawlessly with 256MB of RAM (these are internet workstations used for looking up parts) ran horribly.  As well, on most workstations, at least 2 to 3 times a week, we started experiencing "WINLOGON" issues, with the computers crashing.  Unfortunately, I never tied the issue to SEP until I started uninstalling it.  What prompted my uninstallation on our network (a fairly large one), was users who's machines typically run 95% free space on the hard drive, started to contact me, complaining that their computer was reporting their hard drive was "critically low on hard disk space".  After checking into it, I realized the SEP was filling the hard drives on most of our workstations with aborted Virus definition installs.  Some of the aborted virus defs totalled over 40GB in size!  I also noticed a huge difference after taking down our SEPM VM on our server.  I gained back a ton of memory, and the server CPU utilization dropped an average of 20%.
 
Since spending the over a week uninstalling SEP (on some workstations that took some considerable work), I've received several comments from users say "wow, what did you do to my computer, it's like brand new again!".
 
While normally a staunch Symantec supporter, this AV software (not so sure about the "A" part...) has really given me pause to ever upgrade my AV software again through Symantec.  Personally, I think Symantec should be contacting any of their SEP customers to find out about their experience with the product, and offering them a subscription extension (providing MR2 really does solve the issues) to cover at the very least the amount of time it's taken them to get from SEP to SEP MR2.  I can not count how many hundreds of hours I have had to spend correcting all of the issues we've encountered with this product.  When I first looked at it, I thought it was a potentionally wonderful solution.  Centralized AV, Firewall, etc. management looked awesome, but now, after experiencing 4 months of constant issues with performance degredation, having to upgrade over 20 workstations just to make them usable again, filled hard disks (which is going to take me the next month to clean up...), and the crashes we've expereinced, I truly wish I never would have strayed from Symantec Antivirus Corp. Ed.
 
 
 
 
PeterTWJ's picture
I don't really agree, this software also has it good point.
 
Although Symantec Endpoint Protection caused moderate to heavy performance problem and other sorts of problem, but the only one good thing is, fast virus scan.
 
I tried other antivirus software from other vendors like McAfee, AVG, Trend Micro or others. They aren't any better, I installed McAfee VirusScan 8.5 Enterprise on my friends computer, his computer hanged and were restarted few times before his computer starts to work and the computer starts to be very lagged while updating. AVG and Trend Micro has slow virus-scanning and heavy performance degradation sometimes.
 
I also hope Symantec will make their software works with lower requirement and take more time to test out their own software before releasing to manufacture.
 
So far, I am still using Symantec Endpoint Protection and hope that next update will fix those problem.
cmartinjr's picture
Did any of you test this first?  Although I chose to stay on 10.1, but I tested on a couple of VM's first.  I had the server on a vm and the client on a vm.  Yeah, I ran into problems with it, but it only affected my vm's and not production.  VMware Server is free...
 
I'm not a Symantec basher, but I'm not going to install SEP until it's had time to mature through Symantec fixing issues.  I'm not a fan of going through left field to get a product to work so I'm sticking with 10.1.7.7000 for now.
 
I just find it hard to believe that after so many of these kinds of posts in this forum so many will push SEP out before fully testing it.  It's to your advantage to fully test it...
 
 
boe's picture
I've been using symantec antivirus for many many many years - always finding it a bit better than mcaffee or trend micro but Symantec Endpoint protection is GARBAGE.   If I wanted to slow down a good computer I'd put Vista on it - why would I want my Antivirus software to slow down my computer too?   I switched from McAffee many years ago when Symantec didn't slow down my workstations nearly as much as McAffee did.   Now I'm going to have to get the latest version of McAffee to find out if it is time to switch back?  
 
I tried endpoint several months ago and figured it was just released so maybe they have some bugs to deal with.  I just downloaded it - it is nearly the end of March and it is still DREADFUL!   Isn't anyone at Symantec even remotely concerned?   Why isn't the previous version availabe on the file connect until Symantec gets their $#!+ in order?
 
I don't mean to sound rude but I actually did beta testing for Symantec a while back and when I pointed out the issues to them - they ignored me and released the product within a month with those same bugs - why is it companies do beta testing and then ignore those who point out the issues - are they shorting their stock?
SKlassen's picture
I've experienced many of the same issues that you have with SEP/SEPM with rollout and I understand the frustrations that your experiencing, as I went through them too.  I don't think anyone would dispute that SEP had and continues to have problems.
 
This is probably not the best place to vent those frustration though.  This is for the most part a user-to-user help forum.  There are some Symantec employees who give of their own time to help here, but I don't think that any of them were the people who gave the green light to release SEP back in September before it was ready for prime time.  That decision came from "The Suits", who I wouldn't expect to hang out here.  The Symantec employees who are on this forum, the Support Engineers when you file a support case, and the developers are the ones who really do care a ton and found their workload vastly increased by the release of SEP.  I know that every Symantec Employee that I've had cummunication with, either here or with the several dozen support cases I've files have wanted to get my issues fixed just as much as I have.
 
I see so much vitriol here where it does nothing but demoralize those customers like me who are trying to help everyone else.  Posting these sort of things here is like cussing out the gas-station attendant for the high price of petrol.  I'm certain that whatever Armani suit wearing persons who said to start shipping SEP have learned the folly of their ways, but if we as customers want to let them know, I can think another more appropriate way of doing so that has a much better chance of getting to the responsible individuals.  Write a professional letter expressing your displeasure to a Symantec executive.
 
As an early adopter of SEP, I feel it to be my responsibility to share the fixes I've found for my issues with the community of other SEP customers, so that others can be spared some frustration.  That's just me, but I would encourage others to do so as well until all the problems are gone.  2 cents given.  
Maggots's picture

I'm sorry but I can't do anything else than agree with the original poster. I understand that it may not be appropriate to express its frustration but I think we all agree that this product is far from mature. It's a good idea to discourage people from moving to SEP 11 yet. In fact, I think it would be good for everyone including Symantec to let them the time to ajust and fix the major bugs. I have high hope in Symantec since the vast majority of our enterprise’s software are Symantec (Backup Exec, Ghost, Enterprise Vault, Mail Security) but seriously Endpoint is a total failure in its current form. I know that a lot of the fix are coming in the next major patch MR2 but still.. I don't think that people like me that work their *** hard to give a good service to their enterprise like to be answer like Symantec does right now with Endpoint. It's our job as customers to express our feeling about a product we all have bad time with and I don't see any other place else to do this.

 

Every call I do to Symantec ends that I hang up because I’m waiting for hour to have someone answering me. Our network is currently crawling under the heaviness of Endpoint and we're having new problem everyday on our servers and clients computers with Endpoint. We had to do massive memory upgrade in a short period of time after deploying it because all the computer were taking more than 12 minutes to boot !!!!! If this alone wasn’t enough, we had to uninstall SEP on 20 of our laboratory computer because the network communication was so slow that the machines were unable to communicate with the controllers. We've lost thousand of medical samples because of this. Symantec told us is that they're not responsable for this and they suggest us to uninstall SEP on these computer and finished by saying they're working on multiple fix...humm...humm...hummm....... 

 

I'm extremely angry at Symantec and I really hope that someday they will realize that their Antivirus are way too heavy and resources consuming on the system. Every version seems to be bigger and heavier. I should have learnt… And to publish a totally unfinished product like that without being able to fully support when needed is an insult to your loyal customers.

 

One thing though, I really appreciate the help of the people here and I don't think the original poster have something against the moderator here or the people that tried to help... His frustrations are directed directly at Symantec staff that are responsible for the misery they are in now not the people here.

 

Symantec have enough years and products under his belly and I never though that they would one day gives us something that isn’t ready and even worst, that they are not ready to support. The biggest software company on earth after Microsoft that is unable to help his clients because they don’t known the problem of half of the bug the clients have. I think you guys should have test a little more eh... instead you're asking us to do it.

 

And finally, for all the people that think their product is running fine, my problem did not appear the first day either. It start the first time you try do do something with it, exemple, maintenance on the server or on the client. At first I was happy because I was seeing running very good, but when the first problem appear, it was the beginning of a nightmare and it collapsed. Take a closer look at your environement and you will realize it's not that clear (content growing on the server, computer network connection 90% slower with SEP, a product that is taking more that 1 GO on every client and more than 20go on the server and still growing, a product that corrupt itself when you try to update your version (happened 2 times here), client computer that are constantly scanning, rtvscan taking more than 70mb of ram when idle (and it supposed to be lighter than 10.2). You won't digg  far to see that.

 

Me, my boss and IT department are all very inpatient to see what MR2 will do because as we speak, we have 300 users screaming everyday that their computers are dying because of SEP.

 

If I have ONE advice for the people that are planning to upgrade on an old/semi-old computers environnement, DON'T do that mistake or at least wait till MR2.

 

Sadly, another very angry customer in charge of Endpoint Security

 

tekwerker's picture
 
Of course it's a solid product to YOU. 60,000 installs? You obviously had more to do with choosing this product than actually installing and supporting it. Do you even actually talk to the end users? The techs doing the support?
 
I know how organizations that large actually work, having worked in IT in the US Military. You are too far removed to even be making an opinion.
 
If you went to your 'boss' and told him the 60k install was a failure, it'd be your head.
TX.Parrot.Head's picture

60K installs?  Of this product?  And think it is a GREAT product???

Hah,
Heh,heh,
bwah, hah, hah,
hee, hee, ho, ho, ho, HO, HO, HEE, HEE, I don't, hee, think so.

Must have been all Vista machines. 

Ho, Hee.  Wipe my eyes...

Sorry...funny..

Knottyropes's picture
I was disappointed that on file connect it was listed as version 11.0.750.xx thought it was higer than the 11.0.1 they said was major release. But now i know after looking at this forum.
 
So far its ok, lucky i had a nice new DC with 25 gig free space on it. But a few things were not fun. Bass ackwards in a few ways. leaks were fun to figure out too.
 
 
Before rolling out with MR1 I am waiting for MR2 so it can be done once.
 
minus side it did nothing on a vundo virus and after 2 hours I gave up and nuked it.
TSorensen's picture

I'm personally not sure how old of a topic this is but all I can say is those of you switching to CA and increasing their user base, you will be back. I know because I was a Symantec CE user that switched to CA because the price was "right" and now that those 3 years are up we just jumped back to Symantec. Realistically all AV products are having their woes these days, but the one _ONE_ AV product I will _NEVER_ touch again is CA.

 

We had an organization of 5000 machines at the time shut down dead in the water because of a variant of a 5 year old virus. 36 hours for eTrust (worst word to put in their name ever) to get us back up. Our old ver of Symantec without updated virus defs caught it no problem. Trojans go virtually undetected by CA as of being on 8.0 right this second. I hope you don't want a quick status of what's going on with your machines because eTrust doesn't do that. You have to SCHEDULE a report to run if you want stistics so real-time is non-existent.

 

The client doesn't install cleanly and their idea of Management is like going back to Exchange 5.5 from Exchange 2003.  I'm doing a very gradual and slow rollout of the latest SEP right now and really haven't had any problems with either XP or Vista machines. I'm sure woes will be right around the corner at some point, but just seeing the stuff that SEP is catching that has been likely sitting idle and free on our systems for the past 3 years that we were "protected" by eTrust has already convinced me we made the right decision.

 

To those of you actually contemplating moving to eTrust I would highly highly highly (you get the idea about how i feel about that product) recommend anything other than it.

 

Knottyropes's picture

I have finally migrated all users to MR3

Installed new file/print/DC/DNS server with MR3 and backup EXEC and switched half of the data over.

No issues yet.

Upgraded most of my other servers to MR3.

 

 

 

Leonid Kanareykin's picture

I'am agree, Do NOT buy SEP11, is a half-finished deep frozen product, i'am work with Symantec Antivirus more than 5 years. Perfomance problem and other bugs ... shocked me ... . If MR3 (with many new bugs!) or MR4 dont resolve a problems a'am go to Trend Micro or Kaspersky KAM7.0.

MoPep's picture

It's good to finally read a good review of the product.  I noticed you are using SMS.  I have a question, did you run into issues getting the client to install without a re-boot?  We initially started with MR2 in our pilot and was able to modify the SETAID.INI file to make the re-boot option be (3).  Know that we have upgraded to MR3, I can't get the client to install without a server re-boot.

mysticcobra's picture

I've installed SEP at several of my customer sites and the problems I've encountered have been very minimal. I will continue to deploy this product for my customers. Huge fan of Symantec products.

APIPA's picture

Same here mate. I guess, and this is from my perspective - Symantec actually sets some really good benchmarks in terms of AV software, yeh, not like the product is always good, coz bugs are there, there is no software without any bugs ever !!!!!

 

I concur, and affirm my fan-ning to symantec products ;)