📋 Executive Summary
Broadcom acquired Symantec's Enterprise Security division in late 2019, transforming the licensing landscape for endpoint protection, DLP, web gateways, and CASB. Broadcom eliminated perpetual licensing, imposed steep price increases (2×–4× typical), slashed support for smaller customers, and consolidated contracts into multi-year portfolio agreements.
CIOs face a choice: accept Broadcom's terms, negotiate aggressively using competitive leverage, or plan a strategic transition. This playbook provides the intelligence needed for each path — product-by-product impact analysis, entitlement protection strategies, negotiation tactics, and alternative vendor options.
📑 Table of Contents
Broadcom's Licensing & Support Changes
🔴 Perpetual Licenses Eliminated
Broadcom no longer sells new perpetual licenses. Existing perpetuals are honored for usage, but without active support, they receive no updates. Customers face pressure to convert to subscription models to maintain protection updates.
🔴 Surging Prices (2×–4×+)
Renewal quotes of 200%–400%+ above prior Symantec pricing are common. SEP Small Business Edition users saw 400%+ increases. Broadcom's pricing leaves minimal room for negotiation compared to Symantec's more flexible discounting.
🔴 Reduced SMB Support
Broadcom slashed support resources for the Symantec line, focusing on top-tier Global 2000 clients. Smaller customers experience slower response times. SMB-specific offerings (SEP SBE) were discontinued entirely.
🔴 Multi-Year Contract Lock-In
Broadcom favors consolidated 3-year contracts encompassing multiple Symantec products with co-terminated renewals. While this simplifies management, it locks customers in and creates leverage for Broadcom at renewal.
🔴 Portfolio License Agreements (PLA)
Bundled subscriptions giving access to multiple Symantec solutions for a single price. Aimed at largest customers. Encourages uptake of additional tools but smaller clients find the model unaligned with focused needs.
🔴 Tiered Support Model
Standard support feels less responsive than Symantec's legacy offering. Premium support tiers available at additional cost. Broadcom sunsets older versions aggressively, requiring upgrades only available to subscribers.
Legacy Symantec vs. Broadcom Licensing
| Aspect | Symantec (Pre-Broadcom) | Broadcom (Current) |
|---|---|---|
| License Types | Perpetual with optional maintenance; Subscription available for some products | Subscription-only for all products; New perpetuals no longer sold (existing honored without updates) |
| Pricing | Tiered volume discounts; Competitive for SMB and enterprise; Negotiable via resellers | Significantly higher list prices; Minimal discounting except for very large deals; 2×–4×+ renewal costs |
| Sales Channel | Broad partner network; Resellers/distributors for all sizes including SMB | Focus on direct sales to large enterprises; Many small partners dropped; Global strategic accounts prioritized |
| Contracts | Individual product contracts; 1-year typical; Co-terming optional; Flexible terms | Consolidated multi-product contracts; 2–3+ year commitments standard; All licenses co-terminated |
| Support | Regional teams and active forums; Available for all customer sizes | Lean support organization; Premium tiers at extra cost; Smaller customers relegated to self-service |
| Product Updates | Regular features and releases; Active R&D investment | Fewer new features (maintenance mode on many products); Latest versions only with active subscription |
| Bundling | Products sold standalone or in suites; À la carte purchasing available | Portfolio License Agreements (PLA) encourage all-in-one subscriptions; Bundles aimed at increasing stickiness |
Impact Analysis by Product Category
🛡️ Endpoint Protection (SEP / SES)
Symantec Endpoint Protection has been rolled into Symantec Endpoint Security (SES) subscriptions. The Small Business Edition was discontinued entirely, forcing SMBs into enterprise contracts or alternatives. SEP is now subscription-only per endpoint per year.
Existing perpetual SEP customers can continue using their last licensed version indefinitely, but without maintenance they stop receiving signature updates — effectively untenable for security software. Feature development has slowed; Broadcom focuses on stability while upselling EDR and cloud-managed SEP separately.
Customer Example: A large retail enterprise (~10,000 endpoints) saw their SEP renewal quote jump roughly 3× under Broadcom. They evaluated CrowdStrike Falcon as leverage — Broadcom conceded to ~50% increase (vs. 200%) when faced with losing the customer.
🔒 Data Loss Prevention (DLP)
Symantec DLP remains strategically important — many Global 2000 companies rely on it for compliance. Broadcom folded DLP into its Information Security portfolio deals, often bundling with classification and cloud security. Previously available as individual modules (Network, Endpoint, Discovery), now sold primarily through subscription bundles based on users or endpoints monitored.
Support under Broadcom is mixed: core technology is mature and key engineers were retained, but smaller DLP deployments get less personalized support. Updates continue at a slower pace.
Customer Example: A financial services firm was pushed from perpetual licenses to a 3-year DLP subscription covering all modules. They negotiated to protect "historical entitlements" — ensuring data fingerprinting licenses would remain valid indefinitely for on-premises use while adopting the subscription for cloud features.
🌐 Secure Web Gateway / ProxySG
Broadcom sees the secure web gateway (SWG) as a SASE framework component, integrating Symantec's proxy capabilities with VMware's SD-WAN. Standalone proxy products are being gradually folded into bundled cloud-edge solutions.
Licensing shifted from perpetual hardware + subscription updates to user- or bandwidth-based subscriptions. Minimum license sizes and multi-year terms are now common — a mid-sized company needing 500 seats of web filtering might be quoted a 1,000-user minimum on a 3-year term.
Customer Example: A multinational manufacturer using Blue Coat ProxySG globally saw a ~150% renewal increase and a push to shift to cloud proxy. They negotiated a reduced user count commitment and secured assurance that existing appliances would be supported for the full new term.
☁️ Cloud Access Security Broker (CASB)
Symantec's CloudSOC CASB is rarely sold standalone now — it's bundled into Symantec Enterprise Cloud packages or the PLA alongside endpoint and web security. Subscription-only, licensed per user, co-terminus with other products.
Some legacy customers found CASB bundled into new agreements whether they wanted it or not — dropping CASB may not reduce the bundle price proportionally. Investment has been moderate; the CASB works well for sanctioned apps but lacks analytics finesse of standalone rivals like Netskope.
Customer Example: A tech company found their CASB renewal folded into a larger Symantec Enterprise Cloud agreement. The overall price was higher than their previous separate purchases. They evaluated Netskope as leverage — Broadcom responded with an additional 2-year price lock and roadmap enhancement commitments.
🛡️ Facing steep Broadcom renewal quotes? Our independent advisors help enterprises negotiate favorable terms and protect existing entitlements.
Broadcom Negotiation →Protecting Historical Entitlements
📋 Audit & Document Your Licenses
Inventory all Symantec licenses owned. Identify which are perpetual and which are term subscriptions. For perpetuals, locate proof of purchase, license keys, and entitlement IDs. Broadcom's systems may not have complete records from Symantec days — maintaining your own evidence is critical if any dispute arises.
Key Point: These documents are your legal assurance of usage rights. Centralize them in your SAM repository alongside support renewal records and SKU lists from past agreements.
⚖️ Understand Support Cut-offs
Perpetual licenses without active maintenance entitle you to use the last version released while maintenance was active — indefinitely, but without updates or support. Broadcom has shown willingness to end support for perpetual customers quickly.
If you need support, Broadcom may require converting to a subscription. Negotiate a "support-only" fee to retain perpetual use rights. Consider whether you can safely run the software in isolation for non-critical segments.
Leverage Tactic: "We have the right to use our existing version indefinitely. If Broadcom's offer isn't reasonable, we'll stay on current version or seek third-party support." This stance can encourage Broadcom to provide a more palatable quote.
📝 Watch for Contract Language
Scrutinize renewal terms for clauses that supersede past agreements. Avoid inadvertently voiding your perpetual rights — if a new subscription deal says it replaces all prior licenses, ensure you carve out that pre-existing perpetual licenses are retained.
Explicitly ask Broadcom how legacy licenses will be treated if you sign a new portfolio agreement. Get all terms in writing.
Critical: Document promises in the contract or a formal addendum. Verbal assurances are not enforceable. Any trade-off (staying with Broadcom despite cost) should be matched with tangible, written commitments.
Strategies for Negotiating with Broadcom
📦 Bundle for Leverage
Broadcom values big deals. If you use multiple Symantec products (Endpoint, DLP, Web Security), consolidate them into a single negotiation. Bundled deals covering more product lines give you more leverage for cross-product discounts. Use this to ask for concessions: "We'll renew DLP and add CASB, but we need at least a 20% reduction overall."
Tip: Broadcom's sales reps often have more flexibility on pricing when more revenue is at stake. The bigger the deal, the more negotiating room.
📅 Secure Multi-Year Protections
If agreeing to multi-year terms, insist on price caps and flexibility. Negotiate caps on annual increases or the ability to adjust quantities downward. Watch for clauses allowing 7% yearly uplift — strike those out or cap them. Seek true-down options at renewal anniversaries if usage drops.
Key Clause: "True-down symmetry" — if Broadcom allows true-up for more licenses, ask for the equivalent right to reduce counts at each anniversary.
⚔️ Pit Vendors Against Each Other
Solicit proposals from competitors before finalizing your Broadcom deal. Get quotes from CrowdStrike (endpoints), Zscaler (web gateway), Forcepoint (DLP), Netskope (CASB). Having concrete alternatives provides real leverage.
Some organizations sign conditional deals with alternatives (cancellable if Broadcom matches), underscoring readiness to leave. Broadcom has responded with late-stage concessions when customers demonstrate a foot out the door.
Result: In several cases, Broadcom offered significantly improved discounts or bundled additional products at no cost once the customer demonstrated readiness to switch.
🎯 Identify Minimum Viable Footprint
Evaluate what your organization truly needs before negotiating. Broadcom's quotes may include extra products or inflated seat counts. Determine the minimum licenses or modules required and start from that baseline.
If you have 1,000 seats but only use 700, push to renew for actual usage. If a component is non-critical, price out must-haves only. Broadcom prefers selling everything, but focused deals may yield better pricing.
Optimization: Use renewal time to eliminate shelfware. Newer tools may cover multiple functions, allowing you to drop redundant Symantec components and reduce costs.
Considering Alternatives & Gaining Leverage
| Symantec Product | Leading Alternatives | Key Considerations |
|---|---|---|
| Endpoint Protection (SEP/SES) | CrowdStrike Falcon, Microsoft Defender for Endpoint, Trend Micro, SentinelOne, Sophos | CrowdStrike actively courts former Symantec users. Microsoft strong if M365 E5 customer. Replacement involves deploying new agents — plan parallel operation during transition. |
| Data Loss Prevention (DLP) | Forcepoint DLP, Trellix DLP, Digital Guardian, Microsoft Information Protection | DLP is the hardest to switch (policies deeply embedded in processes). Consider phasing in alternatives for new use cases (cloud apps) while gradually retiring Symantec components. |
| Secure Web Gateway (ProxySG) | Zscaler, Cisco Umbrella, Palo Alto Prisma Access, Forcepoint SWG | Zscaler is the clear frontrunner — cloud-delivered, eliminates appliance maintenance. Often the first alternative considered when Broadcom renewals loom. Gradual migration possible. |
| CASB (CloudSOC) | Netskope, Microsoft Defender for Cloud Apps, McAfee Skyhigh Security | Netskope frequently named top competitor. Zscaler and Netskope both include CASB modules in their platforms. Ensure replacement covers your critical cloud services and deployment modes. |
| Integrated Platform | Microsoft 365 E5 Security, Palo Alto Cortex + Prisma, Trend Micro Vision One | You may not need one-for-one replacements if another vendor's suite covers multiple areas. Can simplify the switch and be more cost-effective bundled together. |
If Broadcom's renewal quote is unpalatable (2×+ increase with rigid conditions), if innovation has stagnated and you need modern capabilities, or if frequent poor support experiences indicate deprioritization — these are clear signals to seriously evaluate the market. Many IT leaders started exploring alternatives a full year before renewal once Broadcom's direction became apparent. Even if you prefer to stay, just the act of evaluating competitors improves your outcome with Broadcom.
CIO Recommendations & Action Plan
✅ 10-Step CIO Action Plan
- Conduct a licensing health check — Immediately audit all Symantec/Broadcom software in use. Determine license types, quantities, renewal dates, and contractual obligations.
- Engage early with Broadcom — Don't wait until last minute. Early dialogue reveals Broadcom's intentions and gives time to gather budget or explore alternatives.
- Prioritize critical systems & entitlements — Identify which products are truly mission-critical and ensure those are prioritized. Safeguard perpetual rights as non-negotiable.
- Benchmark and budget for increases — Assume initial pricing will be high. Communicate with peers and analysts to benchmark increases. Prepare C-suite for potential budget impact.
- Evaluate competitor offers — Even if you plan to stay, get competitive bids for equivalent solutions. Provides negotiating context and a ready Plan B.
- Right-size at renewal — Eliminate shelfware and excess licenses. If you have 1,000 seats but use 700, push to renew actual usage only. Optimize architecture to reduce redundant components.
- Stay current with Broadcom announcements — Monitor policy changes, extended support deadlines, new tiers. Subscribe to analyst commentary for shifts in Broadcom's strategy.
- Engage peers and user communities — Leverage collective knowledge from other CIOs and procurement professionals. Patterns emerge when customers compare notes on pricing and tactics.
- Involve legal early — Have legal review Broadcom contracts for auto-renewal language, audit rights, and termination provisions. It's easier to amend problematic language before signing.
- Maintain vendor-neutral posture — Approach Broadcom professionally and fact-based. Make clear you're willing to continue if it makes business sense, but have a fiduciary duty to consider alternatives.
Key Market Trends
Big Fish Focus
Broadcom concentrates on Global 2000 clients at the expense of small and mid-sized customers, pricing many out of contracts and discontinuing SMB products.
Perpetual → Subscription Shift
Industry-wide trend accelerated by Broadcom. Perpetual licenses are legacy artifacts; multi-year subscriptions are now the only path for ongoing use and support.
Competitor Ecosystems Rising
CrowdStrike, Zscaler, and Netskope are aggressively courting enterprises. Microsoft and Palo Alto offer broad platform alternatives. Trade-in programs are common.
Security as a Boardroom Topic
Higher costs plus security implications mean Symantec/Broadcom licensing issues are no longer just IT concerns — they're C-suite discussions about risk, spend, and strategic direction.
Broadcom Advisory Services
Frequently Asked Questions
Related Articles
CIO Playbook: Effective SAM for Broadcom Software (VMware, Symantec & CA)
Comprehensive SAM guidance for managing Broadcom's full portfolio including VMware, Symantec, and CA Technologies.
Broadcom Enterprise Agreements: Strategic Sourcing Guide
IT procurement guide to Broadcom enterprise agreements, negotiation tactics, and contract optimization.
Broadcom VMware Licensing Changes
Complete overview of Broadcom's VMware licensing overhaul including core-based subscriptions and SKU simplification.
VMware Licensing Cost Reduction Strategies
Practical strategies to optimize VMware costs under Broadcom's new core-based model.
Broadcom VMware Audit Defense Guide
How to prepare for and defend against Broadcom's VMware license audits.
Broadcom Symantec Licensing Optimization
Guide to optimizing Symantec endpoint and security licensing under Broadcom.
Related Broadcom/VMware Articles
Explore more articles in this topic area:
Audit Risks Under Broadcoms Vmware Licensing How to Stay Compliant
Broadcom/VMware Guide
Broadcom Enterprise Agreements Strategic Sourcing Guide for IT Procurement
Broadcom/VMware Guide
Broadcom Simplified Vmware Product Portfolio Whats Included and Whats Mi...
Broadcom/VMware Guide
Broadcom Vmware and Legacy Suite Unbundling
Broadcom/VMware Guide
Broadcome Audit
Broadcom/VMware Guide
CIO Playbook Effective SAM for Broadcom Software Vmware Symantec Ca
Broadcom/VMware Guide
Navigate Symantec Licensing Under Broadcom
Our independent advisors help enterprises negotiate Broadcom renewals, protect legacy entitlements, and optimize Symantec licensing costs.
Fredrik Filipsson
Fredrik Filipsson brings 20+ years of enterprise software licensing expertise, including experience working directly for IBM, SAP, and Oracle. He has helped hundreds of organizations — including numerous Fortune 500 companies — navigate vendor licensing changes, defend against audits, and optimize software costs across Broadcom, Oracle, Microsoft, SAP, and IBM portfolios.