Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
The tool combines traditional scanning, behavioral analysis, intrusion prevention and community intelligence into its security system.
Endpoint Protection is most commonly installed on a Windows Server class system, with a 32-bit or 64-bit processor using either the embedded database or SQL Server database. MS SQL 2000 and above are supported. The Symantec Endpoint Protection client is most commonly installed on Windows XP, Windows 7 32-bit or Windows 7 64-bit systems, Mac OX 10.5 or higher and Linux systems. Our copy was installed on our Windows 2003 Server and SQL 2005 database.
The implementation is straightforward. Admins launch the installer and the deployment is fully automated and menu driven. The binaries are fairly large, around 1.5G, but the software load went pretty fast. The Symantec Endpoint Protection Manager is loaded along with the database. We had an SQL server running on our server so it deployed using that resource. The software load took about 20 minutes. Once loaded, we were able to access the user interface for configuring our protection. The console was accessed as an application from the start menu.
The user interface (UI) is dashboard driven and attractively laid out. We had protection for anti-virus, firewall, intrusion prevention, and application and device control. Policies for each of these functional areas can be set from the UI menu. Admins can add to or edit the basic policies and can get very granular as to what is to be scanned. Application control was done well. It comes with basic rules sets that users can employ, customize or add to. The device control gave granular control of setting policies. The firewall comes with a number of built-in rules and was simple to configure. The firewall had a stealth mode feature to block websites from fingerprinting endpoints. Dashboard reports were great.
Leveraging, Insight and SONAR technologies, Symantec Endpoint Protection 12 blocks new and unknown threats missed by traditional signature, heuristic, behavioral and HIPS-based security solutions. We did not test catch rates or performance claims, but the documentation does state that the technology is optimized to eliminate up to 70 percent of scan overhead, reducing load on the endpoint. For virtual environments, Endpoint Protection can whitelist images and maintain a local cache of scanned files shared across VMs reducing load on the disk farm and increasing virtual instance density.
Symantec offers basic maintenance that includes telephone support between 8 a.m. and 6 p.m. with Symantec Endpoint Protection 12. Essential support is available as an upgrade and fees vary. Documentation was sufficient to get through the install process.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.