Symantec Endpoint Protection v12.1.2
Strengths: Experience and contributions from more than 210 million systems
Weaknesses: Cost is a little high
Verdict: Symantec has put together a solid product
Symantec Endpoint Protection is a client-server solution that protects laptops, desktops, Windows, Macs and servers. It protects against malware (such as viruses, worms, Trojans, spyware and adware), and provides protection against sophisticated attacks that evade traditional security measures (such as rootkits, zero-day attacks and spyware that mutates). Providing low maintenance and high power, it communicates over a network to automatically safeguard both physical and virtual systems against attacks.
The major components include: Symantec Endpoint Protection Manager (this is a server that manages computers connected to a company's network); Database (stores security policies and events); Symantec Endpoint Protection Client (protects computers with virus and spyware scans); a firewall; an intrusion prevention system; and other protection technologies.
The solution runs on the servers, desktops and portable computers that one wants to protect. For example, the Symantec Endpoint Protection Mac client protects computers with virus and spyware scans. The optional Symantec Protection Center integrates management consoles from multiple supported Symantec security products and optional LiveUpdate Administrator downloads definitions, signatures and product updates from a Symantec server and distributes the updates to client computers.
Symantec Endpoint Protection currently protects millions of endpoints. The Sonor engine monitors nearly 1,400 file behaviours to mitigate risk and defend against zero-day and previously unknown threats. Symantec Insight uses its resources and experience to track files on the internet to separate those that are known from those at risk. It also provides organisations with the advanced context to determine if a file is trusted.
This improves VMware's vShield endpoint performance by reducing scan overhead by up to 70 per cent while preserving 90 per cent of disk input/output.
To prepare for our installation, Symantec provided a clean set of documents that guided our installation and configuration efforts. Symantec Endpoint Protection Manager is most commonly installed on a Windows Server, 32-bit processor (Intel Pentium 4 or equivalent recommended) or 64-bit processor (2GHz Pentium 4 with x86-64 support) with 4GB memory (2GB minimum for 64-bit) using either the embedded database or SQL Server database.
Operating the system was very intuitive. The dashboard was simple and uncluttered. Everything from monitors, reports, policies, clients and administration was located on the left toolbar, while a set of status graphs and reports provided a quick security status.
Symantec offers basic and essential support. Basic is a no-cost option offering eight-hours-a-day/five-days-a-week telephone access to engineers during business hours. Essential provides 24/7/365 connectivity. The company also offers website access to resources, a knowledgebase and FAQs.
We found that the value for money spent is good.