Symantec Endpoint Protection
Strengths: Protection across the endpoint spectrum. Easy to use and manage. Very attractive price. HA capabilities
Weaknesses: Does not support IPv6
Verdict: Full protection, good reporting and alerting, easy to use - all for what most would pay for anti-virus
Symantec Endpoint Protection delivers a centrally managed, web-based, easy-to-use, integrated management interface that delivers a full suite of protection to endpoints. This is delivered as a single agent and includes a personal firewall, anti-virus, anti-spyware, intrusion prevention system, application control and device control.
We installed the software with the embedded database, which is rated for up to 5,000 clients. For larger environments, both MSDE and SQL databases are supported. A high availability configuration is also supported for enterprise deployments. The install went well, the script was fully automated. Once loaded, we were provided a deployment wizard for setting up the client software distribution packages. Both Windows and Linux client types are supported. All of the signatures are updated on the server and pushed out to clients.
LDAP and Active Directory integration is available for importing clients. Setting policy is easy and sorted by type: firewall policy for access control and application rules; anti-virus and anti-spyware policy for handling threats; application control and device control policy for managing applications and devices that are allowed to run on the endpoint; IPS policy base and custom policies for packet-based signatures; and a host integrity policy for validating compliance for network access.
We were impressed by the level of control we had over the endpoint from this single interface. We could enable, edit and apply any or all of the policies we chose to assign. This made the client deployment more complex and time-consuming but having done the work, adding new clients would be much faster.
The documentation was very good. Support is business hours only, unless you purchase an upgraded support plan.
This solution was a complete offering. It was one of the few solutions that cover the network, port protection and host-based categories. All it lacked was encryption and support for IPV6. For all its strong qualities and for the price, the Symantec Endpoint Protection solution is our Best Buy.