Symantec Endpoint Protection
Encyclopedia
Symantec Endpoint Protection, developed by Symantec Corporation, is an antivirus and personal firewall
Personal firewall
A personal firewall is an application which controls network traffic to and from a computer, permitting or denying communications based on a security policy. Typically it works as an application layer firewall....
product leveled at centrally managed corporate environments security for servers
Server (computing)
In the context of client-server architecture, a server is a computer program running to serve the requests of other programs, the "clients". Thus, the "server" performs some computational task on behalf of "clients"...
and workstations.
Version history
Endpoint Protection 11 was the successor to Symantec AntiVirus Corporate Edition. Endpoint 11 added handling of spyware and support for endpoint security health verification, among other features.The final version of Symantec AntiVirus was version 10.2.4 (10.2 MP1).
In September 2007, Symantec Endpoint Protection was released as version 11. New versions have since been released.
In April 2009, Symantec Endpoint Protection Small Business Edition was released, catering towards businesses smaller than the enterprise, but featuring the same underlying protection technologies.
In July 2011 Symantec Endpoint Protection 12.1 was made available. This version is also included the package for Small Business Protection Suite 4. [need more info in a topic to be linked from Product line for Small Business Protection Suite]
System requirements
Endpoint 11 supports Windows 7, Windows Server 2008, Windows Server 2003Windows Server 2003
Windows Server 2003 is a server operating system produced by Microsoft, introduced on 24 April 2003. An updated version, Windows Server 2003 R2, was released to manufacturing on 6 December 2005...
, Windows Vista
Windows Vista
Windows Vista is an operating system released in several variations developed by Microsoft for use on personal computers, including home and business desktops, laptops, tablet PCs, and media center PCs...
, Windows XP
Windows XP
Windows XP is an operating system produced by Microsoft for use on personal computers, including home and business desktops, laptops and media centers. First released to computer manufacturers on August 24, 2001, it is the second most popular version of Windows, based on installed user base...
SP1 or higher, and Windows 2000
Windows 2000
Windows 2000 is a line of operating systems produced by Microsoft for use on personal computers, business desktops, laptops, and servers. Windows 2000 was released to manufacturing on 15 December 1999 and launched to retail on 17 February 2000. It is the successor to Windows NT 4.0, and is the...
. Windows 7 and Windows Server 2008 R2 are officially supported from the 11.0.5 release
64-bit versions of Windows XP, Vista and Windows 7 are supported but application and device control, along with shell integration, do not extend to the 64-bit version of SEP.
There is an antivirus client
Client (computing)
A client is an application or system that accesses a service made available by a server. The server is often on another computer system, in which case the client accesses the service by way of a network....
for various distributions of Linux
Linux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...
as well.
Endpoint Security 11 no longer supports Itanium
Itanium
Itanium is a family of 64-bit Intel microprocessors that implement the Intel Itanium architecture . Intel markets the processors for enterprise servers and high-performance computing systems...
processors.
Client Computers
- 256 MBMegabyteThe megabyte is a multiple of the unit byte for digital information storage or transmission with two different values depending on context: bytes generally for computer memory; and one million bytes generally for computer storage. The IEEE Standards Board has decided that "Mega will mean 1 000...
RAM for Windows XPWindows XPWindows XP is an operating system produced by Microsoft for use on personal computers, including home and business desktops, laptops and media centers. First released to computer manufacturers on August 24, 2001, it is the second most popular version of Windows, based on installed user base...
, Windows XP Embedded, and Windows Fundamentals for Legacy PCsWindows Fundamentals for Legacy PCsWindows Fundamentals for Legacy PCs is a thin client operating system from Microsoft, based on Windows XP Embedded, but optimized for older, less powerful hardware. It was released on 8 July 2006...
. (1 GB recommended) - 1 GB RAM for Windows VistaWindows VistaWindows Vista is an operating system released in several variations developed by Microsoft for use on personal computers, including home and business desktops, laptops, tablet PCs, and media center PCs...
, Windows 7, Windows Server 2003Windows Server 2003Windows Server 2003 is a server operating system produced by Microsoft, introduced on 24 April 2003. An updated version, Windows Server 2003 R2, was released to manufacturing on 6 December 2005...
(all editions), and Windows Server 2008 (all editions) (2-4 GB recommended) - 600 MB on the hard disk.
Computers running Management Console
- IA-32IA-32IA-32 , also known as x86-32, i386 or x86, is the CISC instruction-set architecture of Intel's most commercially successful microprocessors, and was first implemented in the Intel 80386 as a 32-bit extension of x86 architecture...
systems: 1 GB RAMRam-Animals:*Ram, an uncastrated male sheep*Ram cichlid, a species of freshwater fish endemic to Colombia and Venezuela-Military:*Battering ram*Ramming, a military tactic in which one vehicle runs into another...
(2-4 GB recommended). - x86-64X86-64x86-64 is an extension of the x86 instruction set. It supports vastly larger virtual and physical address spaces than are possible on x86, thereby allowing programmers to conveniently work with much larger data sets. x86-64 also provides 64-bit general purpose registers and numerous other...
systems: 1 GBGigabyteThe gigabyte is a multiple of the unit byte for digital information storage. The prefix giga means 109 in the International System of Units , therefore 1 gigabyte is...
RAM (2-4 GB recommended); 4 GB RAM minimum for all editions of Windows Small Business Server 2008 and Windows Essential Business Server 2008. - 15 MB on the hard disk.
Management Server
- IA-32 systems: 1 GB RAM (2-4 GB recommended), 4 GB on the hard disk for the server, plus 4 GB for the databaseDatabaseA database is an organized collection of data for one or more purposes, usually in digital form. The data are typically organized to model relevant aspects of reality , in a way that supports processes requiring this information...
. - x86-64 systems: 1GB RAM (2-4 GB recommended); 4 GB RAM minimum for all editions of Windows Small Business Server 2008 and Windows Essential Business Server 2008.
- 4 GB on the hard disk for the server, plus 4 GB for the database; Small Business Server 2008: 60 GB for the server; Essential Business Server 2008: 45 GB for the server.
The console also installs an Apache Tomcat
Apache Tomcat
Apache Tomcat is an open source web server and servlet container developed by the Apache Software Foundation...
4.x HTTPS service, listening on port 8443, requiring special consideration when simultaneously installed with products such as VMware
VMware
VMware, Inc. is a company providing virtualization software founded in 1998 and based in Palo Alto, California, USA. The company was acquired by EMC Corporation in 2004, and operates as a separate software subsidiary ....
.
Features
FirewallFirewall (computing)
A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass....
: Endpoint 11 incorporates a rules-based firewall, as well as an anti-malware technique that Symantec calls "generic exploit blocking". The firewall is based on technology developed by Sygate Technologies
Sygate Technologies
Sygate Technologies was an endpoint-security software company in the United States. Their main products were enterprise server and end user firewalls, automated enterprise network discovery, network security enforcement, and security monitoring software. It was acquired by Symantec on August 16, 2005...
, who were purchased by Symantec. Generic exploit blocking is a technique that proactively blocks malware
Malware
Malware, short for malicious software, consists of programming that is designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, or gain unauthorized access to system resources, or that otherwise exhibits abusive behavior...
from exploiting unpatched vulnerabilities
Vulnerability (computing)
In computer security, a vulnerability is a weakness which allows an attacker to reduce a system's information assurance.Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw...
.
Proactive protection: Endpoint 11 uses Symantec's TruScan technologies to facilitate detection of unknown malware. It analyzes both "safe" and "negative" behaviors of unknown applications. It also integrates Symantec's Deepsight honeypot
Honeypot (computing)
In computer terminology, a honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems...
sensors to warn of emerging threats and provide threat advisories. Proactive Threat Protection feature is currently unsupported on server operating systems.
Intrusion prevention: Endpoint 11 is able to create and enforce rules on client computers. For example, it can prevent clients from writing files to a USB flash drive
USB flash drive
A flash drive is a data storage device that consists of flash memory with an integrated Universal Serial Bus interface. flash drives are typically removable and rewritable, and physically much smaller than a floppy disk. Most weigh less than 30 g...
. Intrusion prevention also work as IDS. Policies are enforced by TruScan. The IPS functionality acts as a first line of defence against network based attacks.