Editorial photograph of a security operations center reviewing endpoint coverage
Broadcom Symantec / Security

Broadcom Symantec licensing. Enterprise security.

Broadcom moved Symantec enterprise security into the same playbook it used for CA and VMware. Bundles, account tiers, and steep renewals follow. Read how the licensing changed before you renew.

Contact Us Broadcom VMware Practice
500+Enterprise clients
$2B+Under advisory
Talk to the Broadcom VMware practice · Symantec endpoint and data protection bundles, account tier thresholds, renewal spikes, and the buyer side moves across the Broadcom security estate. Talk to us →
Industry Recognized
500+ Enterprise Clients
$2B+ Under Advisory
11 Vendor Practices
100% Buyer Side Independent
Home Broadcom VMware Hub Symantec Security Licensing Broadcom VMware PracticeBroadcom VMware HubVendor Shield
Portrait placeholder for Morten Andersen, Co Founder
Written by Morten Andersen Co Founder · ex IBM, ex Oracle
PublishedMarch 20, 2024
Last updatedSeptember 25, 2025

Broadcom runs Symantec enterprise security through bundles, account tiers, and concentrated renewals, so the structure of the deal sets the cost more than the per seat rate.

Key takeaways

  • Symantec is now Broadcom. Broadcom acquired Symantec enterprise security in 2019 and applies its enterprise account model.
  • Bundles replace point SKUs. Endpoint, data, and web protection are sold as suites, so unused modules inflate the count.
  • Account tiers gate attention. Broadcom focuses on its largest accounts, which shapes how smaller buyers are served.
  • Renewals concentrate cost. Multi year deals can carry steep uplifts at the next renewal point.
  • Term and cap are the levers. The uplift cap and the exit clause matter more than the headline per seat price.
  • Alternatives create leverage. A credible endpoint or data protection alternative changes the renewal.

What changed when Broadcom acquired Symantec enterprise security?

Broadcom acquired the Symantec enterprise security business in 2019 and moved it into the same account model it uses across its software group. The product is the same. The commercial posture is not.

Conclusions first. Expect bundling, account tiering, and concentrated renewals, the pattern Broadcom applied to CA and later VMware. Broadcom describes the security portfolio on its cybersecurity product pages.

Why does the account model matter?

  • Tiered attention: the largest accounts get the most commercial flexibility.
  • Bundle first: suites replace the older point product catalog.
  • Renewal driven: value is captured at the renewal, not the first sale.

How are Symantec security products bundled now?

Endpoint protection, data loss prevention, and web and email security are sold as suites rather than standalone SKUs. You buy the bundle, so modules you do not deploy still sit in the count.

The buyer side move is to price the modules you actually run and treat the rest as a discount lever. Broadcom positions the endpoint line on its endpoint security page.

Illustrative Symantec security bundle exposure

ModuleCommon useBuyer side risk
Endpoint protectionWidely deployedCore, justify the seats
Data loss preventionSelectiveOften partly used
Web and email securityVariableFrequent shelfware

How do you find the bundle waste?

Reconcile seats licensed to seats deployed, module by module. The gap between the bundle count and real use is your negotiation target and usually larger than buyers expect.

How do Broadcom account tiers affect smaller buyers?

Broadcom concentrates commercial attention on its largest accounts. Smaller security buyers often see less flexibility, longer response times, and first quotes well above their prior run rate.

That is a structural reality, not a failing of your team. Broadcom reports its account and segment strategy to investors through investor relations.

  • Know your tier: it shapes the flexibility you can expect.
  • Consolidate spend: a single larger deal can lift your standing.
  • Time the talks: Broadcom quarter ends still create movement.

Where the common advice on Broadcom Symantec renewals is wrong

The standard advice is to accept the security bundle because separating modules is not worth the effort. We disagree. In the Broadcom Symantec renewals we benchmarked across 2024 and 2025, the bundle carried 15 to 30 percent of modules that buyers never deployed, and that waste compounded at every renewal uplift. The buyer side move is to reconcile licensed seats to deployed seats module by module, then push to price only what runs and use the rest as a discount lever or a drop. Paying for a security module you do not operate adds cost without adding protection.

Editorial photograph of a security analyst reviewing endpoint coverage on multiple monitors
Bundle waste hides in modules that are licensed but never deployed. Reconciling licensed seats to deployed seats is where the recoverable cost appears.
24%
Median bundle overcount removed
2.1x
Median first quote vs prior run rate
0 to 5%
Target renewal uplift cap

Source: Redress Compliance advisory engagement file, 2024 to 2025.

Broadcom did not change what Symantec security does. It changed how it sells it. The cost now lives in the bundle and the renewal, where a buyer who only checks the per seat rate will never find it.

What renewal posture holds Broadcom Symantec cost?

Prepare early and price an alternative. A credible endpoint or data protection option, even a partial one, is the single strongest lever in a Broadcom renewal.

Cap the uplift, bind any true up to your discount, and keep an exit. These clauses matter more than the headline rate because they govern the next three years.

The three highest value moves

  • Right size the bundle: license the modules you run.
  • Cap the uplift: target 0 to 5 percent, never uncapped.
  • Hold an alternative: a costed option changes the talks.

How do you value the data protection modules?

Data loss prevention is the module buyers most often under use. Map real policy coverage against the licensed seats on the Symantec data loss prevention line before you renew it.

What to do next

  1. Reconcile licensed seats to deployed seats for every Symantec module.
  2. Isolate the bundle modules you do not run and target them for drop.
  3. Confirm your Broadcom account tier and the flexibility it implies.
  4. Base the renewal on current deployment, not the prior peak seat count.
  5. Cap the renewal uplift in writing at 0 to 5 percent and keep an exit.
  6. Bind any true up to your negotiated discount, not list price.
  7. Price a credible endpoint or data protection alternative to anchor the talks.
  8. Engage independent buyer side review before signature.
Cover of the Symantec Enterprise Licensing Guide white paper from Redress Compliance

White Paper · Broadcom / VMware

Symantec Enterprise Licensing Guide

Read it free.

Read the white paper

Frequently asked questions

When did Broadcom acquire Symantec enterprise security?

Broadcom acquired the Symantec enterprise security business in 2019 and folded it into its software group. The products continued, but the commercial model shifted to Broadcom's bundle and account tier approach.

How does Broadcom bundle Symantec security products?

Endpoint protection, data loss prevention, and web and email security are sold as suites rather than standalone SKUs. Because you buy the bundle, modules you do not deploy still sit in the count and inflate cost.

Why are first quotes so high under Broadcom?

Broadcom captures value at renewal and concentrates flexibility on its largest accounts. Smaller buyers often see first quotes 20 to 40 percent above prior run rate, which is a structural posture rather than a one off.

How do account tiers affect my Symantec deal?

Account tiers shape the commercial flexibility you can expect. Larger accounts receive more attention and movement, so understanding your tier and, where possible, consolidating spend improves your standing in the negotiation.

Should we accept the security bundle as offered?

Not without reconciling use. The bundle often carries 15 to 30 percent of modules that are never deployed. Pricing only what you run and using the rest as a discount lever is the stronger buyer side position.

How do we cap a Broadcom Symantec renewal?

Negotiate a written uplift cap, target 0 to 5 percent, and bind any true up to your discount rather than list. An uncapped renewal lets Broadcom reclaim the value you negotiated at the first deal.

Do alternatives give leverage in a Symantec renewal?

Yes. A credible endpoint or data protection alternative, even a partial migration, is the strongest single lever. Buyers who can show a costed option consistently hold better terms than those with none.

When should we engage independent advisory?

Before the renewal, while the bundle and term are open. Independent buyer side review of seat counts, module use, and clauses routinely finds avoidable cost that the renewal would otherwise lock in.

Broadcom Security Advisory

Talk to the Broadcom Symantec practice.

We map your real Symantec consumption, test the bundle and tier, and build the buyer side counter before the renewal spikes.

Used across more than five hundred enterprise engagements. Independent. Buyer side. Built for procurement leaders running the next renewal cycle.

No spam. We will only email you about this enquiry. Privacy.
Run the software spend health check against your Symantec estate in under five minutes.
Open the Tool →
Related analysis
LicensingBroadcom Carbon Black licensingAgreementsBroadcom ELA agreementsNegotiationBroadcom VMware contract red linesPracticeBroadcom VMware advisory practice