Software:Symantec Endpoint Protection

From HandWiki
Symantec Endpoint Protection
Symantec Endpoint Protection Manager GUI, version 14.2
Developer(s)Broadcom Inc.
Stable release
14.3 RU9 (Build 11216) / 24 June 2024; 18 months ago (2024-06-24)[1]
Operating systemWindows, macOS and Linux
PlatformIA-32 and x86-64
TypeAnti-malware, intrusion prevention and firewall
LicenseTrialware
Websitewww.broadcom.com/products/cyber-security/endpoint

Symantec Endpoint Protection, developed by Broadcom Inc., is a security software suite that consists of anti-malware, intrusion prevention and firewall features for server and desktop computers.[2]

Version history

The first release of Symantec Endpoint Protection was published in September 2007 and was called version 11.0.[3] Endpoint Protection is the result of a merger of several security software products, including Symantec Antivirus Corporate Edition 10.0, Client Security, Network Access Control, and Sygate Enterprise Edition.[3] Endpoint Protection also included new features.[3] For example, it can block data transfers to unauthorized device types, such as USB flash drives or Bluetooth devices.[3]

At the time, Symantec Antivirus Corporate Edition was widely criticized as having become bloated and unwieldy.[2] Endpoint Protection 11.0 was intended to address these criticisms.[2] The disk footprint of Symantec Corporate Edition 10.0 was almost 100 MB, whereas Endpoint Protection's was projected to be 21 MB.[2]

In 2009, Symantec introduced a managed service, whereby Symantec staff deploy and manage Symantec Endpoint Protection installations remotely.[4] A Small Business Edition with a faster installation process was released in 2010.[5] In February 2011, Symantec announced version 12.0 of Endpoint Protection.[6] Version 12 incorporated a cloud-based database of malicious files called Symantec Insight.[6] Insight was intended to combat malware that generates mutations of its files to avoid detection by signature-based anti-malware software.[6] In late 2012, Symantec released version 12.1.2, which supports VMware vShield.[7]

A cloud version of Endpoint Protection was released in September 2016.[8] This was followed by version 14 that November.[9] Version 14 incorporates machine learning technology to find patterns in digital data that may be indicative of the presence of a cyber-security threat.[9] It also incorporates memory exploit mitigation and performance improvements.[10]

Features

Symantec Endpoint Protection is a security software suite that includes intrusion prevention, firewall, and anti-malware features.[11] According to SC Magazine, Endpoint Protection also has some features typical of data loss prevention software.[12] It is typically installed on a server running Windows, Linux, or macOS.[13] As of 2018, Version 14 is the only currently-supported release.[14]

Endpoint Protection scans computers for security threats.[11] It is used to prevent unapproved programs from running,[11] and to apply firewall policies that block or allow network traffic.[15] It attempts to identify and block malicious traffic in a corporate network or coming from a web browser.Cite error: Closing </ref> missing for <ref> tag A hacker group called "The Lords of Dharmaraja" claimed credit, alleging the source code was stolen from Indian military intelligence.[16] The Indian government requires vendors to submit the source code of any computer program being sold to the government, to ensure that they are not being used for espionage.[17] In July 2012, an update to Endpoint Protection caused compatibility issues, triggering a Blue Screen of Death on Windows XP machines running certain third-party file system drivers.[18] In 2014, Offensive Security discovered an exploit in Symantec Endpoint Protection during a penetration test of a financial services organization.[19] The exploit in the Application and Device control driver allowed a logged-in user to get system access.[19] It was patched that August.[19] In 2019, Ofir Moskovitch, a Security Researcher discovered a Race Condition bug which involves 2 Critical Symantec Endpoint Protection Client Core Components: Client Management & Proactive Threat Protection and directly results in Protection Mechanism Failure that can lead to a Self-Defense Bypass, aka "SEMZTPTN" - Symantec Endpoint Minimized Timed Protection.[20]

Reception

According to Gartner, Symantec Endpoint Protection 14 is one of the more comprehensive endpoint security products available and regularly scores well in independent tests.[10] However, a common criticism is that customers are "fatigued" by "near constant changes" in the product and company direction.[10] SC Magazine said Endpoint Protection 14 was the "most comprehensive tool of its type . . . with superb installation and documentation."[12] The review said EndPoint Protection had a "no-brainer setup and administration," but it does have a "wart" that support fees are "a bit steep."[12]

Forrester said version 12.1 was the most complete endpoint security software product on the market, but the different IT security functions of the software were not well-integrated.[21] The report speculated the lack of integration would be addressed in version 14.[21] Network World ranked Symantec Endpoint Protection sixth in endpoint security products, based on data from NSS Labs testing.[22]

References

  1. "What's new for all releases of Symantec Endpoint Protection 14.x". [Symantec]. 17 November 2020. https://knowledge.broadcom.com/external/article/154575/release-versions-notes-new-fixes-and-sys.html. 
  2. 2.0 2.1 2.2 2.3 Walsh, Lawrence (November 2007). "Troubled Waters". CSO Magazine (CXO Media) 6 (10). https://books.google.com/books?id=LmAEAAAAMBAJ&pg=PA36. 
  3. 3.0 3.1 3.2 3.3 Messmer, Ellen (24 September 2007). "Symantec revamps endpoint security product". https://www.networkworld.com/article/814489/lan-wan-symantec-revamps-endpoint-security-product.html. 
  4. Messmer, Ellen (23 June 2009). "Symantec unveils endpoint protection services". IDG. http://www.networkworld.com/article/2257821/security-vulnerability-mgmt/symantec-unveils-endpoint-protection-services.html. 
  5. Moltzen, Edward (1 January 2010). "Security In 20 Minutes, Really". The Channel Company. http://www.crn.com/features/security/222300110/security-in-20-minutes-really.htm. 
  6. 6.0 6.1 6.2 Messmer, Ellen (15 February 2011). "Symantec looks to protect users from mutating malware". IDG. http://www.networkworld.com/article/2199769/network-security/symantec-looks-to-protect-users-from-mutating-malware.html. 
  7. Messmer, Ellen (3 December 2012). "Symantec releases first anti-malware software to work with VMware vShield security system". IDG. http://www.networkworld.com/article/2161783/network-security/symantec-releases-first-anti-malware-software-to-work-with-vmware-vshield-security-.html. 
  8. Kuranda, Sarah (13 September 2016). "Symantec Rolls Out New Cloud-Based Endpoint Protection Solution For SMBs". The Channel Company. http://www.crn.com/news/security/300082061/symantec-rolls-out-new-cloud-based-endpoint-protection-solution-for-smbs.htm. 
  9. 9.0 9.1 Osborne, Charlie (1 October 2016). "Symantec launches endpoint protection solution based on artificial intelligence". CBS Interactive. https://www.zdnet.com/article/symantec-launches-endpoint-protection-solution-based-on-artificial-intelligence/. 
  10. 10.0 10.1 10.2 Ouellet, Eric; McShane, Ian; Litan, Avivah (30 January 2017). "Magic Quadrant for Endpoint Protection Platforms". Gartner. https://www.gartner.com/doc/reprints?id=1-3N82LG5&ct=161205&st=sb. 
  11. 11.0 11.1 11.2 "Symantec Endpoint Protection and the details for buyers to know". February 8, 2018. http://searchsecurity.techtarget.com/feature/Antimalware-protection-products-Symantec-Endpoint-Protection. 
  12. 12.0 12.1 12.2 Stephenson, Peter (22 August 2016). "Symantec Endpoint Protection 14". SC Magazine (Haymarket Media Group). https://www.scmagazine.com/symantec-endpoint-protection-14/review/7116/. 
  13. Stephenson, Peter (1 August 2012). "Symantec Endpoint Protection 12 v12.1". SC Magazine (Haymarket Media Group). https://www.scmagazine.com/symantec-endpoint-protection-12-v121/review/6652/. 
  14. "Released versions of Symantec Endpoint Protection". Symantec. 16 March 2017. https://support.symantec.com/en_US/article.TECH154475.html. 
  15. "About the Symantec Endpoint Protection firewall". Symantec. 28 October 2016. http://www.symantec.com/docs/HOWTO80961. 
  16. Akhtar, Iyaz (6 January 2012). "That stolen Symantec source code? It's for older enterprise products". CBS Interactive. https://www.cnet.com/news/that-stolen-symantec-source-code-its-for-older-enterprise-products/. 
  17. Cite error: Invalid <ref> tag; no text was provided for refs named Vijayan 2012
  18. Raywood, Dan (16 July 2012). "Symantec fixes 'blue screen of death' bug". Haymarket Media Group. https://www.scmagazineuk.com/news/symantec-fixes-blue-screen-of-death-bug/article/546098/. 
  19. 19.0 19.1 19.2 Kirk, Jeremy (5 August 2014). "Symantec patches privilege escalation flaws in Endpoint Protection". IDG. https://www.pcworld.com/article/440690/symantec-patches-privilege-escalation-flaws-in-endpoint-protection.html. 
  20. "Symantec Endpoint Protection Vulnerability". https://www.youtube.com/playlist?list=PLOzYF8qeSHOmCjixOMav3cT2-xG76gtKQ. 
  21. 21.0 21.1 Sherman, Chris; McClean, Christopher; Schiano, Salvatore; Dostie, Peggy (19 October 2016). "The Forrester Wave: Endpoint Security Suites, Q4 2016". https://www.forrester.com/report/The+Forrester+Wave+Endpoint+Security+Suites+Q4+2016/-/E-RES113145. 
  22. "NSS Labs rated 13 advanced endpoint security products, flagged 2 with caution rating". IDG. 15 February 2017. http://www.networkworld.com/article/3170114/security/nss-labs-rated-13-advanced-endpoint-security-products-flagged-2-with-caution-rating.html. 



Retrieved from "https://handwiki.org/wiki/index.php?title=Software:Symantec_Endpoint_Protection&oldid=3961302"