Symantec Endpoint Protection
   HOME

TheInfoList



Click Here for Items Related To - Symantec Endpoint Protection
OR:
Symantec Endpoint Protection on:   [Wikipedia]   [Google]   [Amazon]

Symantec Endpoint Protection, developed by
Broadcom Inc. Broadcom Inc. is an American designer, developer, manufacturer and global supplier of a wide range of semiconductor and infrastructure software products. Broadcom's product offerings serve the data center, networking, software, broadband, wirel ...
, is a security software suite that consists of
anti-malware Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name. ...
, intrusion prevention and
firewall Firewall may refer to: * Firewall (computing), a technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts * Firewall (construction), a barrier inside a building, designed to limit the spr ...
features for
server Server may refer to: Computing *Server (computing), a computer program or a device that provides functionality for other programs or devices, called clients Role * Waiting staff, those who work at a restaurant or a bar attending customers and su ...
and
desktop A desktop traditionally refers to: * The surface of a desk (often to distinguish office appliances that fit on a desk, such as photocopiers and printers, from larger equipment covering its own area on the floor) Desktop may refer to various compu ...
computers. It has the largest market-share of any product for
endpoint security Endpoint security or endpoint protection is an approach to the protection of computer networks that are remotely bridged to client devices. The connection of endpoint devices such as laptops, tablets, mobile phones, Internet-of-things devices ...
.


Version history

The first release of Symantec Endpoint Protection was published in September 2007 and was called version 11.0. Endpoint Protection is the result of a merger of several security software products, including Symantec Antivirus Corporate Edition 10.0, Client Security, Network Access Control, and Sygate Enterprise Edition. Endpoint Protection also included new features. For example, it can block data transfers to unauthorized device types, such as
USB flash drive Universal Serial Bus (USB) is an industry standard that establishes specifications for cables, connectors and protocols for connection, communication and power supply ( interfacing) between computers, peripherals and other computers. A bro ...
s or
Bluetooth Bluetooth is a short-range wireless technology standard that is used for exchanging data between fixed and mobile devices over short distances and building personal area networks (PANs). In the most widely used mode, transmission power is limi ...
devices. At the time, Symantec Antivirus Corporate Edition was widely criticized as having become bloated and unwieldy. Endpoint Protection 11.0 was intended to address these criticisms. The disk footprint of Symantec Corporate Edition 10.0 was almost 100 MB, whereas Endpoint Protection's was projected to be 21 MB. In 2009, Symantec introduced a managed service, whereby Symantec staff deploy and manage Symantec Endpoint Protection installations remotely. A Small Business Edition with a faster installation process was released in 2010. In February 2011, Symantec announced version 12.0 of Endpoint Protection. Version 12 incorporated a cloud-based database of malicious files called Symantec Insight. Insight was intended to combat malware that generates mutations of its files to avoid detection by signature-based anti-malware software. In late 2012, Symantec released version 12.1.2, which supports
VMware VMware, Inc. is an American cloud computing and virtualization technology company with headquarters in Palo Alto, California. VMware was the first commercially successful company to virtualize the x86 architecture. VMware's desktop software ru ...
vShield. A cloud version of Endpoint Protection was released in September 2016. This was followed by version 14 that November. Version 14 incorporates machine learning technology to find patterns in digital data that may be indicative of the presence of a cyber-security threat. It also incorporates memory exploit mitigation and performance improvements.


Features

Symantec Endpoint Protection is a security software suite that includes intrusion prevention,
firewall Firewall may refer to: * Firewall (computing), a technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts * Firewall (construction), a barrier inside a building, designed to limit the spr ...
, and
anti-malware Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name. ...
features. According to ''SC Magazine'', Endpoint Protection also has some features typical of
data loss prevention Data loss prevention (DLP) software detects potential data breaches/data ex-filtration transmissions and prevents them by monitoring, detecting and blocking sensitive data while ''in use'' (endpoint actions), ''in motion'' (network traffic), and ' ...
software. It is typically installed on a server running
Windows Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for ser ...
,
Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, w ...
, or
macOS macOS (; previously OS X and originally Mac OS X) is a Unix operating system developed and marketed by Apple Inc. since 2001. It is the primary operating system for Apple's Mac computers. Within the market of desktop and lapt ...
. As of 2018, Version 14 is the only currently-supported release. Endpoint Protection scans computers for security threats. It is used to prevent unapproved programs from running, and to apply firewall policies that block or allow network traffic. It attempts to identify and block malicious traffic in a corporate network or coming from a
web browser A web browser is application software for accessing websites. When a user requests a web page from a particular website, the browser retrieves its files from a web server and then displays the page on the user's screen. Browsers are used o ...
. It uses aggregate information from users to identify malicious software. As of 2016, Symantec claims to use data from 175 million devices that have installed Endpoint Security in 175 countries. Endpoint Protection has an administrative console that allows the IT department to modify security policies for each department, such as which programs or files to exclude from antivirus scans. It does not manage mobile devices directly, but treats them as peripherals when connected to a computer and protects the computer from any malicious software on the mobile devices.


Vulnerabilities

In early 2012,
source code In computing, source code, or simply code, is any collection of code, with or without comments, written using a human-readable programming language, usually as plain text. The source code of a program is specially designed to facilitate the w ...
for Symantec Endpoint Protection was stolen and published online. A hacker group called " The Lords of Dharmaraja" claimed credit, alleging the source code was stolen from Indian
military intelligence Military intelligence is a military discipline that uses information collection and analysis approaches to provide guidance and direction to assist commanders in their decisions. This aim is achieved by providing an assessment of data from a ...
. The Indian government requires vendors to submit the source code of any computer program being sold to the government, to ensure that they are not being used for
espionage Espionage, spying, or intelligence gathering is the act of obtaining secret or confidential information (intelligence) from non-disclosed sources or divulging of the same without the permission of the holder of the information for a tangib ...
. In July 2012, an update to Endpoint Protection caused compatibility issues, triggering a Blue Screen of Death on
Windows XP Windows XP is a major release of Microsoft's Windows NT operating system. It was released to manufacturing on August 24, 2001, and later to retail on October 25, 2001. It is a direct upgrade to its predecessors, Windows 2000 for high-end and ...
machines running certain third-party file system drivers. In 2014, Offensive Security discovered an exploit in Symantec Endpoint Protection during a
penetration test A penetration test, colloquially known as a pen test or ethical hacking, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system; this is not to be confused with a vulnerability assessment. T ...
of a financial services organization. The exploit in the Application and Device control driver allowed a logged-in user to get system access. It was patched that August. In 2019, Ofir Moskovitch, a Security Researcher discovered a Race Condition bug which involves 2 Critical Symantec Endpoint Protection Client Core Components: Client Management & Proactive Threat Protection and directly results in Protection Mechanism Failure that can lead to a Self-Defense Bypass, aka "SEMZTPTN" - Symantec Endpoint Minimized Timed Protection.


Reception

According to
Gartner Gartner, Inc is a technological research and consulting firm based in Stamford, Connecticut that conducts research on technology and shares this research both through private consulting as well as executive programs and conferences. Its client ...
, Symantec Endpoint Protection 14 is one of the more comprehensive endpoint security products available and regularly scores well in independent tests. However, a common criticism is that customers are "fatigued" by "near constant changes" in the product and company direction. ''SC Magazine'' said Endpoint Protection 14 was the "most comprehensive tool of its type . . . with superb installation and documentation." The review said EndPoint Protection had a "no-brainer setup and administration," but it does have a "wart" that support fees are "a bit steep." Forrester said version 12.1 was the most complete endpoint security software product on the market, but the different IT security functions of the software were not well-integrated. The report speculated the lack of integration would be addressed in version 14. ''Network World'' ranked Symantec Endpoint Protection sixth in endpoint security products, based on data from NSS Labs testing.


References


External links

* {{Symantec Gen Digital software Security software Antivirus software Firewall software Proprietary software Windows security software MacOS security software Linux security software