Head-To-Head: Symantec Vs. McAfee In Endpoint Protection

By Robert Westervelt, CRN 12:00 PM EST Mon. May. 13, 2013

Endpoint security platforms have become commonplace on end-user devices and Internet-facing systems. In addition to malware and spyware protection, an enterprise-grade endpoint security platform typically provides some kind of device firewalling, intrusion prevention and data loss prevention capabilities. Symantec is the worldwide leader in enterprise protection market share for enterprises and consumers, according to Gartner. McAfee’s enterprise protection platform ranks second in market share worldwide, Gartner said. Security experts say both firms have grown through extensive acquisitions over the years. CRN pits the two competitors head-to-head.

McAfee and Symantec each say their endpoint protection platforms support Windows, Mac and Linux systems. The products are designed to provide security defenses against spyware, Trojans, worms and other malicious programs. McAfee SiteAdvisor Enterprise Plus can be configured by administrators to block access to certain websites. McAfee provides behavioral protection to prevent buffer overflow and zero-day attacks. The company also is working closely with parent company Intel on new hardware-based security defenses. Symantec Protection Suite Enterprise Edition uses a Web gateway security strategy to protect against malware, spyware, botnets and viruses. Symantec provides behavioral protection through its SONAR technology for stopping zero-day attacks.

Winner: Draw Both vendors have demonstrated a desire to grow beyond traditional signature-based technologies to detect advanced threats and thwart malware evasion tactics.

Symantec provides the Symantec Protection Center (SPC), which provides data collection and analytics capabilities. It integrates with the endpoint protection suite, data loss prevention and Symantec DeepSight data feeds for automated threat intelligence information. It  also can connect to third-party vulnerability management solutions, including those from Qualys and Rapid7. McAfee’s core management console is the ePolicy Orchestrator (ePO), which provides policy management and reporting capabilities to support all McAfee products. The ePO also integrates with third-party solutions and has more than 150 technology partners that can connect to the centralized console.

Winner: McAfee The ePolicy Orchestrator has matured to incorporate the integration with a large number of third-party technology vendors. McAfee solution providers have praised the centralized console for reducing complexity and increasing visibility.

Symantec sells mobile device management capabilities through its 2012 acquisition of Odyssey Software. Industry analysts also have praised the company’s acquisition of Nukona, a security technology that can wrap certain applications into a sandbox to support corporate policies. Odyssey requires the installation of an agent. Gartner calls Symantec’s mobile device management capabilities “solid” and rates it a challenger in its mobile device management software Magic Quadrant. Gartner describes McAfee as offering “basic” mobile device management capabilities. The foundation of McAfee’s offering is from its 2010 acquisition of Trust Digital. McAfee also rolled out Secure Container, which supports Android devices and separates corporate and personal data.

Winner: McAfee Partners interviewed by CRN said McAfee’s program was more profitable. Changes to Symantec’s sales model remain unclear.