What is Symantec Endpoint Protection? This content has been archived , and is no longer maintained by Indiana University. Resources linked from this page may no longer be available or reliable. Antivirus and antispyware scans detect viruses and other security risks, including spyware, adware, and other files, that can put a computer or a network at risk. The Symantec Endpoint Protection firewall provides a barrier between the computer and the Internet, preventing unauthorized users from accessing the computers and networks.
It detects possible hacker attacks, protects personal information, and eliminates unwanted sources of network traffic. The intrusion prevention system IPS is the Symantec Endpoint Protection client's second layer of defense after the firewall. The intrusion prevention system is a network-based system. If a known attack is detected, one or more intrusion prevention technologies can automatically block it. Proactive threat scanning uses heuristics to detect unknown threats. Heuristic process scanning analyzes the behavior of an application or process to determine if it exhibits characteristics of threats, such as Trojan horses, worms, or keyloggers.
This type of protection is sometimes referred to as zero-day protection. Device and application control: Application-level control is implemented using rule sets that block or allow applications that try to access system resources. Symantec Endpoint Protections expands rootkit protection to detect and repair kernel-level rootkits.
Rootkits are programs that hide from a computer's operating system and can be used for malicious purposes. Different administrators can access different levels of the management system based on their roles and responsibilities.
Symantec Endpoint Protection clients can be configured to provide signature and content updates to clients in a group. When clients are configured this way, they are called group update providers. Group update providers do not have to be in the group or groups that they update.
Symantec Endpoint Protection expands location awareness support to the group level. Each group can be divided into multiple locations, and when a client is in that location, policies can be applied to that location.
Policies control most client settings, and can be applied down to the location level. Domains let you create additional global groups. This feature is advanced and should be used only if necessary. Failover and load balancing: If you have a large network and need the ability to conserve bandwidth consumption, you can configure additional management servers in a load-balanced configuration. If you have a large network and need the ability to configure redundancy, you can configure additional management servers in a failover configuration.
Symantec Endpoint Protection stores client information in a database on the management server. Where legacy products stored information in the registry, Symantec Endpoint Protection Manager now stores all information about client computers in a SQL database either the embedded database or a Microsoft SQL database.
LiveUpdate now supports the downloading and installation of a wide variety of content, including definitions, signatures, whitelists to prevent false positives, engines, and product updates.