Symantec Endpoint Protection Cloud

Every endpoint is a launchpad for a cyber-attack, no matter how it touches your network. Symantec Endpoint Protection, a multi-layered endpoint protection solution, provides everything from file reputation and behavioural analysis to advanced machine learning AI. Furthermore, Symantec Endpoint Protection is the lightest and strongest endpoint protection on the market.

Have you considered a Managed Service for your endpoint protection?

Anti-Virus - Protects against malware, rootkits, spyware and similar file-based malicious code and has the usual options of: exclusions, schedule and real-time scanning. Along with traditional virus fingerprint matching, Symantec Endpoint Protection uses reputation lookups to positively identify ‘known good’ software and apps and hence classify possible risks. This is only possible due to Symantec’s global intelligence network (GIN) of some 350 million sensors, which are constantly locating, fingerprinting and classifying software for addition to the reputation library.

DTFW - (Desk Top Fire Wall) - Typically enabled for endpoints that operate outside of the corporate firewall. This module can self-determine its location and enable functionality automatically, i.e. reduce protection when inside the office LAN, whilst applying maximum network security connection control to the host when outside the LAN. This module can also be used to prevent the corporate firewall from being bridged; it can prevent a laptop from simultaneously connecting to the LAN in the office, for instance, and connecting via Wi-Fi to an external, non-secured Wi-Fi node (e.g. local Starbucks). The DTFW also supports multiple NICs, ensuring that different security controls can be applied to different ingress points on a single host.

USB & Attached Media Control - Managing the connection state of USB-attached devices to the host. A few examples of usage include:

• Allowing USB storage media access and specifically preventing executable code from being copied to the host or network, thereby preventing malicious code ingress.
• Allowing USB storage access but only for preauthorised storage devices, thereby allowing staff productivity through file sharing, whilst also ensuring security by controlling the specific type and model of device to be used.
• Allowing USB file copying, but making a log of files copied and/or moved, thus helping with data loss management.

Application Control - This module halts an application from launching, thus preventing malicious code propagation or system configuration drift. Typically deployed for systems that are either high risk or high value and where a “lock-down” and “hardened” approach is needed. Enablement takes the form of “Denying” or “Allowing” processes and services; having both options allows flexibility of configuration. One usage scenario of this feature is to lock the registry, preventing changes even if the user is a local administrator.

Advanced Protection - Zero-day threats are risks that have not been previously identified, therefore signature scanning can miss such risks. SEP has a feature called Sonar that monitors processes every few minutes for both acceptable and suspicious activity. A few examples of suspicious activity would be: a program not adding itself to the add/remove program stack, not having a help file associated with it, and invoking remote connections without user input. By scoring these and augmenting against the acceptable behaviour marks, a zero-day threat can be identified and blocked.

Key Features & Benefits:

• A single agent incorporating five endpoint security components
• Support for Windows (Including Win10), MAC and Linux.
• Optimised for virtualised environments: eliminate scan storms, secure the host and protect all guest OS’s.
• Improved Performance: low footprint, fast scanning and non-intrusive.
• Additional options for:

1. Mobile devices & Smart phones
2. SharePoint
3. MS Exchange
4. Lotus Notes
5. File Transfer Protocol (FTP)
6. Web Gateway Security
7. Email Gateway