Endpoint Protection

Hi I want to know how exactly this features works, is there any new way of downloading updates?

Hello,

SONAR is a real-time protection that detects potentially malicious applications when they run on your computers. SONAR provides "zero-day" protection because it detects threats before traditional virus and spyware detection definitions have been created to address the threats.

SONAR uses heuristics as well as reputation data to detect emerging and unknown threats. SONAR provides an additional level of protection on your client computers and complements your existing Virus and Spyware Protection, intrusion prevention, and firewall protection.

SONAR uses a heuristics system that leverages Symantec's online intelligence network with proactive local monitoring on your client computers to detect emerging threats. SONAR also detects changes or behavior on your client computers that you should monitor.

Reference: http://www.symantec.com/docs/HOWTO81392

Hope that helps!!

 

IPS:-

Intelligent Updater is an exe file which is generated by Symantec (most probably everyday) which contains the latest virus and web protection definitions. And it cannot contain the product updates. Once you have exe in your machine you have to run and it would get synced with theantivirus definitions in the product

 

 

AFAIK, you';re meant to be able to download these from the Intelligent updater site the same way you do with AV Defs and the JDB files

http://www.symantec.com/docs/TECH102607

The problem I see is that I can't see a download link for the PTP and NTP defs, nor can I see SEP12.1RU3 in the product list on the below site:

http://www.symantec.com/security_response/definitions.jsp

I suspect it's not been updated to allow downloads of the PTP and NTP defs yet

Hi, SONAR is a real-time protection that detects potentially malicious applications when they run on your computers. SONAR provides "zero-day" protection because it detects threats before traditional virus and spyware detection definitions have been created to address the threats. SONAR uses heuristics as well as reputation data to detect emerging and unknown threats. SONAR provides an additional level of protection on your client computers and complement your existing Virus and Spyware Protection, intrusion prevention, and firewall protection. Legacy clients do not support SONAR; however, legacy clients use TruScan proactive threat scans to provide protection against zero-day threats. TruScan proactive threat scans run periodically rather than in real time. Go through the following helpful articles: About SONAR http://www.symantec.com/business/support/index?pag... Managing SONAR http://www.symantec.com/business/support/index?pag...

Hi,

SONAR and IPS Defination you can update only (LUA /SEP live update).If you have update manually (JDB) NTP and PTP defination will not update.

Some of artical already provided above comments

 

 

Hi,

Thank you for posting in Symantec community

I would be glad to answer your question.

Hi,

Please let me know if any more help required.

It doesn't appear they can be downloaded yet. It simply states for NTP and PTP, "Download: Content is downloaded by your product via LiveUpdate."

So some further clarification is needed on how to handle this. This is a great new addition and much needed, but how do we download them? What are we missing here?

Like I said in my post earlier, I reckon they've just not updated the site yet.

I would personally expect to see a new product option to be listed for SEP12.1RU3 in the drop-down list, but you can never tell can you? 

Agreed but why make it public if it's not available yet. I would be ok with a "coming soon" tag on it.

I've got techs around the world asking about it since they know it's now possible to update all three.

Hello,

Let me check with the correct authority and come back to you on this.

Check this thread with similar issue:

https://www-secure.symantec.com/connect/forums/intelligent-updater-sonar-and-ips

Hope that helps!!

Your understanding is correct.

The product supports this functionality at this point. The website should be updated with the relevant downloads for 12.1.3 soon. Perhaps as early as next week, although I'm not in a position to commit to that.

James

Hello All,

SONAR and IPS Intelligent updater (IU) are now available on :

http://www.symantec.com/security_response/definitions.jsp

NOTE: These SONAR and IPS Intelligent updater are only for SEP 12.1 RU3.

Hope that helps!!

Hi Brian81,

Sorry for the confusion.

The website (http://www.symantec.com/security_response/definitions.jsp) hasn't been updated with the new downloads for 12.1.3 (RU3) yet. This should go live soon, possibly as soon as next week, although I'm not in a position to commit to this timeframe.

James

EDIT: The new Intelligent Updater packages are now available at: http://www.symantec.com/security_response/definitions.jsp Select the product "Symantec Endpoint Protection 12.1.3" to download them.

Thanks for the update James.