Jump to content

Symantec Endpoint Protection

This is a good article. Click here for more information.
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by 190.88.35.81 (talk) at 19:06, 7 December 2023 (TRUTH). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Symantec Endpoint Protection
Developer(s)Broadcom Inc.
Stable release
14.3 RU7 (Build 9681) / 24 March 2023; 2 years ago (2023-03-24)[1]
Operating systemWindows, macOS and Linux
PlatformIA-32 and x86-64
TypeAnti-malware, intrusion prevention and firewall
LicenseTrialware
Websitewww.broadcom.com/products/cyber-security/endpoint

Symantec Endpoint Protection, developed by Broadcom Inc., is a security software suite that consists of anti-malware, intrusion prevention and firewall features for server and desktop computers.[2] It has the largest market-share of any product for endpoint security.[3]

Version history

SEMPER TIN GANA MENTU DEN WIKI PASO DE ZON KIM KIM EN DE WIND WAI WAI NIET

Symantec Endpoint Protection is a security software suite that includes intrusion prevention, firewall, and anti-malware features.[4] According to SC Magazine, Endpoint Protection also has some features typical of data loss prevention software.[5] It is typically installed on a server running Windows, Linux, or macOS.[6] As of 2018, Version 14 is the only currently-supported release.[7]

Endpoint Protection scans computers for security threats.[4] It is used to prevent unapproved programs from running,[4] and to apply firewall policies that block or allow network traffic.[8] It attempts to identify and block malicious traffic in a corporate network or coming from a web browser.[9] It uses aggregate information from users to identify malicious software.[5] As of 2016, Symantec claims to use data from 175 million devices that have installed Endpoint Security in 175 countries.[5]

Endpoint Protection has an administrative console that allows the IT department to modify security policies for each department,[4] such as which programs or files to exclude from antivirus scans.[5] It does not manage mobile devices directly, but treats them as peripherals when connected to a computer and protects the computer from any malicious software on the mobile devices.[5]

Vulnerabilities

In early 2012, source code for Symantec Endpoint Protection was stolen and published online.[10] A hacker group called "The Lords of Dharmaraja" claimed credit, alleging the source code was stolen from Indian military intelligence.[11] The Indian government requires vendors to submit the source code of any computer program being sold to the government, to ensure that they are not being used for espionage.[10] In July 2012, an update to Endpoint Protection caused compatibility issues, triggering a Blue Screen of Death on Windows XP machines running certain third-party file system drivers.[12] In 2014, Offensive Security discovered an exploit in Symantec Endpoint Protection during a penetration test of a financial services organization.[13] The exploit in the Application and Device control driver allowed a logged-in user to get system access.[13] It was patched that August.[13] In 2019, Ofir Moskovitch, a Security Researcher discovered a Race Condition bug which involves 2 Critical Symantec Endpoint Protection Client Core Components: Client Management & Proactive Threat Protection and directly results in Protection Mechanism Failure that can lead to a Self-Defense Bypass, aka "SEMZTPTN" - Symantec Endpoint Minimized Timed Protection.[14]

Reception

According to Gartner, Symantec Endpoint Protection 14 is one of the more comprehensive endpoint security products available and regularly scores well in independent tests.[3] However, a common criticism is that customers are "fatigued" by "near constant changes" in the product and company direction.[3] SC Magazine said Endpoint Protection 14 was the "most comprehensive tool of its type . . . with superb installation and documentation."[5] The review said EndPoint Protection had a "no-brainer setup and administration," but it does have a "wart" that support fees are "a bit steep."[5]

Forrester said version 12.1 was the most complete endpoint security software product on the market, but the different IT security functions of the software were not well-integrated.[15] The report speculated the lack of integration would be addressed in version 14.[15] Network World ranked Symantec Endpoint Protection sixth in endpoint security products, based on data from NSS Labs testing.[16]

References

  1. ^ "What's new for all releases of Symantec Endpoint Protection 14.x". Release versions, notes, new fixes, and system requirements for Endpoint Security and all versions of Endpoint Protection. [Symantec]. 17 November 2020.
  2. ^ Walsh, Lawrence (November 2007). "Troubled Waters". CSO Magazine. Vol. 6, no. 10. CXO Media.
  3. ^ a b c Ouellet, Eric; McShane, Ian; Litan, Avivah (30 January 2017). "Magic Quadrant for Endpoint Protection Platforms". gartner.com. Gartner.
  4. ^ a b c d "Symantec Endpoint Protection and the details for buyers to know". SearchSecurity. 8 February 2018. Retrieved 8 February 2018.
  5. ^ a b c d e f g Stephenson, Peter (22 August 2016). "Symantec Endpoint Protection 14". SC Magazine. Haymarket Media Group. Retrieved 20 April 2017.
  6. ^ Stephenson, Peter (1 August 2012). "Symantec Endpoint Protection 12 v12.1". SC Magazine. Haymarket Media Group. Retrieved 16 April 2017.
  7. ^ "Released versions of Symantec Endpoint Protection". Enterprise Technical Support. Symantec. 16 March 2017. Retrieved 18 April 2017.
  8. ^ "About the Symantec Endpoint Protection firewall". Enterprise Technical Support. Symantec. 28 October 2016.
  9. ^ "How intrusion prevention works". Enterprise Technical Support. Symantec. 28 October 2016.
  10. ^ a b Vijayan, Jaikumar (6 January 2012). "Symantec confirms source code leak in two enterprise security products". Computerworld. Retrieved 18 April 2017.
  11. ^ Akhtar, Iyaz (6 January 2012). "That stolen Symantec source code? It's for older enterprise products". CNET. CBS Interactive. Retrieved 18 April 2017.
  12. ^ Raywood, Dan (16 July 2012). "Symantec fixes 'blue screen of death' bug". SC Magazine UK. Haymarket Media Group. Retrieved 16 April 2017.
  13. ^ a b c Kirk, Jeremy (5 August 2014). "Symantec patches privilege escalation flaws in Endpoint Protection". Network World. IDG.
  14. ^ "Symantec Endpoint Protection Vulnerability". YouTube.
  15. ^ a b Sherman, Chris; McClean, Christopher; Schiano, Salvatore; Dostie, Peggy (19 October 2016). "The Forrester Wave: Endpoint Security Suites, Q4 2016".
  16. ^ "NSS Labs rated 13 advanced endpoint security products, flagged 2 with caution rating". Network World. IDG. 15 February 2017. Retrieved 18 April 2017.
Retrieved from "https://en.wikipedia.org/w/index.php?title=Symantec_Endpoint_Protection&oldid=1188795297"