IT Consultant Group

 View Only
Back to Library

My first impression of Symantec Endpoint Protection 12.X, 

May 09, 2011 08:09 PM

My first impression of SEP 12.X,

The first word that comes to my mind when we say SEP 12.x, is GREAT.To be honest it looks good. Whatever I expected it to have it has all that and also quite a few new additions in features and functionality that makes standout. The most important thing is that it is no more a scaled down version of SEP 11.0, the way SEP 12.0 was. It maintains almost all functionality of version SEP 11.0 .SEP 12.x incorporates many of the features from the enterprise edition. It is designed for small-to-medium businesses with up to 250 clients. It has quite a few   improvements that make Symantec Endpoint Protection easier and more efficient to use.

 

After testing it for 2 days and reading the manuals, this is what my first impression.

 

  • The GUI looks similar to SEP11 and SEP 12.0.

 

  • It is no more  "AntiVirus and AntiSpyware Protection" in Symantec Endpoint Protection 12.1. It is now called “Virus and Spyware Protection". Removing   the "Anti" has certainly improved the performance of the software.

 

  • Changes have been made to the way Auto-Protect works. It now provides additional protection with Download Insight, which examines the files that users try to download through Web browsers, text messaging clients, and other portals.

 

  • SONARhas replaced the TruScan . This technology is thre to identify malicious behavior of unknown threats using heuristics and reputation data. While TruScan runs on a schedule, SONAR runs at all times.

 

  • Insight Lookup detects the files that might not typically be detected as risks and sends the files to Symantec for evaluation. If Symantec determines that the files are risks, the client computer then handles the files as risks. Insight Lookup makes malware detection faster and more accurate.  Insight lets scans skip trusted files, which improves scan performance.

 

  •   Download Insightinspects files that users try to download through Web browsers, text messaging clients, and other portals. Download Insight uses reputation information from Symantec Insight to make decisions about files.

 

  • The Firewall policy now includes firewall rules to block IPv6-based traffic.

 

  • The Intrusion Prevention policy includes browser intrusion prevention, which uses IPS signatures to detect the attacks that are directed at browser vulnerabilities.

 

  • Centralized licensing lets you purchase, activate, and manage product licenses from the management console.

 

  • The Symantec Endpoint Protection Manager logon screen enables you to have your forgotten password emailed to you.  Symantec Endpoint Protection Manager includes an option to let any of the administrators in a site reset their forgotten password.

 

  • Now we can  configure Linux clients to send log events to Symantec Endpoint Protection Manager.

 

  • LiveUpdate can run when the client computer is idle, has outdated content, or has been disconnected, which uses less memory.

 

  • Now we can configure the polices for Mac clients based on a location as well as a group.

 

  •  Now we  can configure when and how Symantec Endpoint Protection Manager restarts the

              client computer, so that the restart does not interfere with the user's activity.

 

  • The Monitors page includes a set of preconfigured email notifications that inform you of the most frequently used events. The events include when new client software is available, when a policy changes, license renewal messages, and when the management server locates unprotected computers. The notifications are enabled by default and support the BlackBerry, iPhone, and Android.

   

  • The management server performs automatic database cleanup tasks to improve the server-client responsiveness and scalability.

 

  • Virus and spyware scans use Insight to let scans skip safe files and focus on files at risk.

 

  • Scans that use Insight are faster and more accurate, and reduce scan overhead by up to

     70%.

 

  • The management server Web service uses Apache instead of IIS. You do not need to install IIS first, as in previous versions.

 

  • Symantec Endpoint Protection Manager now supports Internet Explorer 7.0, 8.0, 9.0

 

  • Apart from all these it has support for quite a few new operating system, the list can be obtained from Admin Guide or the Release Notes.

 

  • The installation process has improved. Now the process is faster and easier than before. New installation features have also been added.

 

 Now again coming back to from where I started it, SEP 12.X looks good and also has good performance. It has a few unknown issues and I am sure that the development team should be fix that out before it is released.

Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Comments

Migration User
Oct 04, 2011 04:45 AM

Dear All,

Recently I've intalled SEP12 for testing to upgrade our current SEP11. and this is my result and really annoyed me:

- SEP12 need more space for installation (630Mb, SEP11 only 450MB)

- On my SEPM, SEP12 only distributed first release of virus definition everyday, even SEPM have same release with Symantec release. I used setting from mt SEP11 and it run rormally on SEP11.

- "Bad Gateway" still appear on SEP12, I hope it can fix on SEP12 but....

- Still have no un-install feature on SEPM. On other antivirus this feature available.

- The Quarantine Console have same GUI and function with older SEP version.

- Same question with Ajay about SONAR..

 

Thank you..

ajhay.siingh
Oct 03, 2011 03:12 AM

Hi Prachand,

Thank you for your article about SEP 12.1. But here we have problem that we upgraded our SEPM with RU7, and after upgrade to RU7 as ducument says not possible to upate with SEPM12.1. So till next releae of MP for RU7 we will have to wait to upgrade with SEPM12.1.

I have installed 12.1 SEPM on testing environment. here I have one querry that when saw downloaded defenition, found that Sonar Version not downloading on regular basis as IPS and spypare defintions.

 Is Sonar update relases every week or daily basis so that I can check live updateerror

 

 

 

 

Thanking you,

Ajay Kumar Singh

Migration User
Jul 25, 2011 04:03 AM

Hi Thanks for the article.

 

 what are the main feature we can consider for upgradation ?

Migration User
Jul 19, 2011 10:18 AM

Great article and it is good to know what to expect when I make the move one day!

Migration User
Jun 06, 2011 12:02 AM

Great Article Prachand.

 

But what about memory used in full scan?

Srikanth_Subra
May 28, 2011 02:29 AM

Great Yar!!!

Many new information for me as well as many users who are expecting the Symantec 12.

Thanks...

Migration User
May 18, 2011 05:05 AM

Great Article Prachand,

I do want to set a couple of points straight though:

  • SEP 12.1 is designed for both enterprise and small business (there are two versions) and an unlimited number of computers - SEP 12.0 is very specificially a small business product.
  • Firewall and IPS now support IPv6, not just blocking

When you state "SEP 12.x incorporates many of the features from the enterprise edition" which features do you think are missing?

 

 

Migration User
May 17, 2011 03:44 PM

Sounds great !!

Related Entries and Links

No Related Resource entered.