Both clients had on-premises installations of Symantec Endpoint Protection, having simply renewed licensing for full-blown Symantec Enterprise suites over the years. Of key importance to me was that my customers were paying for features that we just couldn't use, given the loading of the servers and the scarcity of hardware.
I saw the requirements as two key components;
- Endpoint protection (i.e. desktops, laptops, servers) and
- Email protection (antivirus and antispam)- being MS SBS sites, this means Exchange Server.
The full SEP suite gave me SMTP as well as VSAPI email protection, and Web protection in-line via a proxy daemon, as well as Mac and Linux protection. I didn't need any of those.
With expiring subscriptions for SEP 11, I approached my preferred supplier and started making enquiries about cross-grade pricing to just get the products I needed, plus some pricing for ESET's SBS suite, just for comparison.
My account rep Monique put me in touch with the local in-country distributor for Symantec products, who duly made contact and asked some pointed questions. A few days later, a quote turned up for the two relevant Symantec products (Endpoint, and Mail Security for Exchange) with a price tag around twice the cost of a simple renewal of the full SEP suite, which included these products already.
I expressed my dismay, and started plotting my revenge in the form of a carte-blanche migration to ESET Nod32. I had heard some really bad things about SEP 12, so a straight renewal of SEP wasn't high on my list of Fun Things To Do:
But a day or so later, I got a call from a Business Development Manager for Symantec Australasia, based in Sydney. We had a great chat, and he pointed me to the new (at the time) Symantec Endpoint Protection Small Business Edition 2013 (which later went through a name change).
Mind = blown.
Irrespective of anything else, I could get rid of the hugely resource-hungry SEP Management and Sybase SQL Anywhere database system, and manage the desktop AV clients from the cloud. OK, so what about the email system?
Well, email took a bit of a change of heart. For years, I have been a proponent of VSAPI scanning, letting the server take all AV load for message and attachment scanning and leaving the clients to do nothing more than filter some junk-mail. My main reason was the really good spam protection I had been receiving through the Brightmail technology built into Symantec's Mail Security for Exchange (SMSMSE). I was also relying on the ISP by using wildcard POP3 accounts, and the SBS POP3 Mail Connector. Yes, I could continue to do that (I had a quote, albeit an expensive one), but I was excited by the possibility of offloading that processing to the cloud as well. Did Symantec have something that fit? Absolutely - a mail filtering platform that provided both Antivirus and Antispam filtering during the SMTP delivery path. Symantec email.Cloud.
I received pricing. I was smitten. Things couldn't get better. Pricing was average (about the same as ESET's on-premises suite), and I could free up valuable resources on my single-server sites.
So I ordered, and life was good.
Is it perfect? No.
Is it great value for money? Well, no.
So do I regret it? No. The decision to shift to the cloud was made for the right reasons, but I probably could have (should have) chosen individual vendors for each product/layer, selecting the offering that represented the best cost/benefit proposition for each area. I didn't, but I'm now happy with what I have.
Watch out for my follow-up article on deploying and configuring the Symantec cloud-managed Small Business Edition Endpoint client. I'm also planning on a second follow-up article, specifically around the Symantec email.Cloud platform. I promise to try to bring those to you more quickly than the six months it took me to get onto this one.
Cheers,
JS