:Symantec Endpoint Protection

The first release of Symantec Endpoint Protection was published in September 2007 and was called version 11.0.{{cite web | last=Messmer | first=Ellen | title=Symantec revamps endpoint security product | website=Network World | date=24 September 2007 | url=https://www.networkworld.com/article/814489/lan-wan-symantec-revamps-endpoint-security-product.html | access-date=16 April 2017}} Endpoint Protection is the result of a merger of several security software products, including Symantec Antivirus Corporate Edition 10.0, Client Security, Network Access Control, and Sygate Enterprise Edition. Endpoint Protection also included new features. For example, it can block data transfers to unauthorized device types, such as USB flash drives or Bluetooth devices.

At the time, Symantec Antivirus Corporate Edition was widely criticized as having become bloated and unwieldy. Endpoint Protection 11.0 was intended to address these criticisms.{{Cite news |url=https://books.google.com/books?id=LmAEAAAAMBAJ&pg=PA36 |title=Troubled Waters |last=Walsh |first=Lawrence |date=November 2007 |work=CSO Magazine |publisher=CXO Media |issue=10 |volume=6}} The disk footprint of Symantec Corporate Edition 10.0 was almost 100 MB, whereas Endpoint Protection's was projected to be 21 MB.

In 2009, Symantec introduced a managed service, whereby Symantec staff deploy and manage Symantec Endpoint Protection installations remotely.{{Cite web |url=http://www.networkworld.com/article/2257821/security-vulnerability-mgmt/symantec-unveils-endpoint-protection-services.html |title=Symantec unveils endpoint protection services |last=Messmer |first=Ellen |date=23 June 2009 |website=Network World |publisher=IDG |access-date=3 May 2017 |archive-date=19 May 2018 |archive-url=https://web.archive.org/web/20180519224646/https://www.networkworld.com/article/2257821/security-vulnerability-mgmt/symantec-unveils-endpoint-protection-services.html |url-status=dead }} A Small Business Edition with a faster installation process was released in 2010.{{Cite web |url=http://www.crn.com/features/security/222300110/security-in-20-minutes-really.htm |title=Security In 20 Minutes, Really |last=Moltzen |first=Edward |date=1 January 2010 |website=CRN |publisher=The Channel Company}} In February 2011, Symantec announced version 12.0 of Endpoint Protection.{{Cite web |url=http://www.networkworld.com/article/2199769/network-security/symantec-looks-to-protect-users-from-mutating-malware.html |archive-url=https://web.archive.org/web/20170816201424/http://www.networkworld.com/article/2199769/network-security/symantec-looks-to-protect-users-from-mutating-malware.html |url-status=dead |archive-date=16 August 2017 |title=Symantec looks to protect users from mutating malware |last=Messmer |first=Ellen |date=15 February 2011 |website=Network World |publisher=IDG}} Version 12 incorporated a cloud-based database of malicious files called Symantec Insight. Insight was intended to combat malware that generates mutations of its files to avoid detection by signature-based anti-malware software. In late 2012, Symantec released version 12.1.2, which supports VMware vShield.{{Cite web |url=http://www.networkworld.com/article/2161783/network-security/symantec-releases-first-anti-malware-software-to-work-with-vmware-vshield-security-.html |archive-url=https://web.archive.org/web/20170816192706/http://www.networkworld.com/article/2161783/network-security/symantec-releases-first-anti-malware-software-to-work-with-vmware-vshield-security-.html |url-status=dead |archive-date=16 August 2017 |title=Symantec releases first anti-malware software to work with VMware vShield security system |last=Messmer |first=Ellen |date=3 December 2012 |website=Network World |publisher=IDG}}

A cloud version of Endpoint Protection was released in September 2016.{{Cite web |url=http://www.crn.com/news/security/300082061/symantec-rolls-out-new-cloud-based-endpoint-protection-solution-for-smbs.htm |title=Symantec Rolls Out New Cloud-Based Endpoint Protection Solution For SMBs |last=Kuranda |first=Sarah |date=13 September 2016 |website=CRN |publisher=The Channel Company}} This was followed by version 14 that November.{{Cite web |url=https://www.zdnet.com/article/symantec-launches-endpoint-protection-solution-based-on-artificial-intelligence/ |title=Symantec launches endpoint protection solution based on artificial intelligence |last=Osborne |first=Charlie |date=1 October 2016 |website=ZDNet |publisher=CBS Interactive}} Version 14 incorporates machine learning technology to find patterns in digital data that may be indicative of the presence of a cyber-security threat. It also incorporates memory exploit mitigation and performance improvements.{{Cite web |last=Ouellet |first=Eric |last2=McShane |first2=Ian |last3=Litan |first3=Avivah |date=30 January 2017 |title=Magic Quadrant for Endpoint Protection Platforms |url=https://www.gartner.com/doc/reprints?id=1-3N82LG5&ct=161205&st=sb |website=gartner.com |publisher=Gartner}}

Symantec Endpoint Protection is a security software suite that includes intrusion prevention, firewall, and anti-malware features.{{cite web | title=Symantec Endpoint Protection and the details for buyers to know | website=SearchSecurity | date=February 8, 2018 | url=http://searchsecurity.techtarget.com/feature/Antimalware-protection-products-Symantec-Endpoint-Protection | access-date=February 8, 2018}} According to SC Magazine, Endpoint Protection also has some features typical of data loss prevention software. It is typically installed on a server running Windows, Linux, or macOS.{{Cite news |url=https://www.scmagazine.com/symantec-endpoint-protection-12-v121/review/6652/ |title=Symantec Endpoint Protection 12 v12.1 |last=Stephenson |first=Peter |date=1 August 2012 |work=SC Magazine |access-date=16 April 2017 |publisher=Haymarket Media Group}} As of 2018, Version 14 is the only currently-supported release.{{Cite web |url=https://support.symantec.com/en_US/article.TECH154475.html |archive-url=https://web.archive.org/web/20160923050424/https://support.symantec.com/en_US/article.TECH154475.html |url-status=dead |archive-date=23 September 2016 |title=Released versions of Symantec Endpoint Protection |date=16 March 2017 |website=Enterprise Technical Support |publisher=Symantec |access-date=18 April 2017}}

Endpoint Protection scans computers for security threats. It is used to prevent unapproved programs from running, and to apply firewall policies that block or allow network traffic.{{Cite web |url=http://www.symantec.com/docs/HOWTO80961 |title=About the Symantec Endpoint Protection firewall |date=28 October 2016 |website=Enterprise Technical Support |publisher=Symantec}}{{dead link|date=April 2024|bot=medic}}{{cbignore|bot=medic}} It attempts to identify and block malicious traffic in a corporate network or coming from a web browser.{{Cite web |url=http://www.symantec.com/docs/HOWTO80870 |title=How intrusion prevention works |date=28 October 2016 |website=Enterprise Technical Support |publisher=Symantec}}{{dead link|date=April 2024|bot=medic}}{{cbignore|bot=medic}} It uses aggregate information from users to identify malicious software. As of 2016, Symantec claims to use data from 175 million devices that have installed Endpoint Security in 175 countries.

Endpoint Protection has an administrative console that allows the IT department to modify security policies for each department, such as which programs or files to exclude from antivirus scans. It does not manage mobile devices directly, but treats them as peripherals when connected to a computer and protects the computer from any malicious software on the mobile devices.

In early 2012, source code for Symantec Endpoint Protection was stolen and published online.{{cite web | last=Vijayan | first=Jaikumar | title=Symantec confirms source code leak in two enterprise security products | website=Computerworld | date=6 January 2012 | url=http://www.computerworld.com/article/2501007/cybercrime-hacking/symantec-confirms-source-code-leak-in-two-enterprise-security-products.html | access-date=18 April 2017}} A hacker group called "The Lords of Dharmaraja" claimed credit, alleging the source code was stolen from Indian military intelligence.{{Cite web |url=https://www.cnet.com/news/that-stolen-symantec-source-code-its-for-older-enterprise-products/ |title=That stolen Symantec source code? It's for older enterprise products |last=Akhtar |first=Iyaz |date=6 January 2012 |website=CNET |publisher=CBS Interactive |access-date=18 April 2017}} The Indian government requires vendors to submit the source code of any computer program being sold to the government, to ensure that they are not being used for espionage. In July 2012, an update to Endpoint Protection caused compatibility issues, triggering a Blue Screen of Death on Windows XP machines running certain third-party file system drivers.{{Cite web |url=https://www.scmagazineuk.com/news/symantec-fixes-blue-screen-of-death-bug/article/546098/ |title=Symantec fixes 'blue screen of death' bug |last=Raywood |first=Dan |date=16 July 2012 |website=SC Magazine UK |publisher=Haymarket Media Group |access-date=16 April 2017}} In 2014, Offensive Security discovered an exploit in Symantec Endpoint Protection during a penetration test of a financial services organization. The exploit in the Application and Device control driver allowed a logged-in user to get system access.{{Cite web |url=https://www.pcworld.com/article/440690/symantec-patches-privilege-escalation-flaws-in-endpoint-protection.html |title=Symantec patches privilege escalation flaws in Endpoint Protection |last=Kirk |first=Jeremy |date=5 August 2014 |website=Network World |publisher=IDG}} It was patched that August. In 2019, Ofir Moskovitch, a Security Researcher discovered a Race Condition bug which involves 2 Critical Symantec Endpoint Protection Client Core Components: Client Management & Proactive Threat Protection and directly results in Protection Mechanism Failure that can lead to a Self-Defense Bypass, aka "SEMZTPTN" - Symantec Endpoint Minimized Timed Protection.{{Cite web|url=https://www.youtube.com/playlist?list=PLOzYF8qeSHOmCjixOMav3cT2-xG76gtKQ|title=Symantec Endpoint Protection Vulnerability|website=YouTube}}

According to Gartner, Symantec Endpoint Protection 14 is one of the more comprehensive endpoint security products available and regularly scores well in independent tests. However, a common criticism is that customers are "fatigued" by "near constant changes" in the product and company direction. SC Magazine said Endpoint Protection 14 was the "most comprehensive tool of its type . . . with superb installation and documentation."{{Cite news |url=https://www.scmagazine.com/symantec-endpoint-protection-14/review/7116/ |title=Symantec Endpoint Protection 14 |last=Stephenson |first=Peter |date=22 August 2016 |work=SC Magazine |access-date=20 April 2017 |publisher=Haymarket Media Group}} The review said EndPoint Protection had a "no-brainer setup and administration," but it does have a "wart" that support fees are "a bit steep."

Forrester said version 12.1 was the most complete endpoint security software product on the market, but the different IT security functions of the software were not well-integrated.{{Cite web |url=https://www.forrester.com/report/The+Forrester+Wave+Endpoint+Security+Suites+Q4+2016/-/E-RES113145 |title=The Forrester Wave: Endpoint Security Suites, Q4 2016 |last=Sherman |first=Chris |last2=McClean |first2=Christopher |date=19 October 2016 |last3=Schiano |first3=Salvatore |last4=Dostie |first4=Peggy}} The report speculated the lack of integration would be addressed in version 14. Network World ranked Symantec Endpoint Protection sixth in endpoint security products, based on data from NSS Labs testing.{{Cite web |url=http://www.networkworld.com/article/3170114/security/nss-labs-rated-13-advanced-endpoint-security-products-flagged-2-with-caution-rating.html |archive-url=https://web.archive.org/web/20170215195243/http://www.networkworld.com/article/3170114/security/nss-labs-rated-13-advanced-endpoint-security-products-flagged-2-with-caution-rating.html |url-status=dead |archive-date=15 February 2017 |title=NSS Labs rated 13 advanced endpoint security products, flagged 2 with caution rating |date=15 February 2017 |website=Network World |publisher=IDG |access-date=18 April 2017}}

{{reflist|30em}}

• {{Official website|https://www.broadcom.com/products/cyber-security/endpoint}}

{{Antivirus software}}

{{Symantec}}

Category:Gen Digital software

Category:Security software

Category:Antivirus software

Category:Firewall software

Category:Proprietary software

Category:Windows security software

Category:MacOS security software

Category:Linux security software