On January 5th, 2015, Symantec Endpoint Protection version 11.0.x will reach end of support life. Virus definitions and security updates will cease to be published to LiveUpdate and general support for the product will no longer be provided.
The initial end of support life date was originally scheduled for January 5th, 2014. All customers were provided a complimentary extension. No further extensions will be provided.
Symantec Endpoint Protection 11.0.x was a best-in-breed antimalware solution when it was released in 2007. Over the past seven years, the threat landscape has changed considerably, with attackers finding new forms and disguises to compromise the security of their targets. These threats are also expanding into new areas, with social media and mobile devices coming under increasing attack.
With the end of support life of Symantec Endpoint Protection 11.0.x quickly approaching and the new protection technologies available in Symantec Endpoint Protection 12.1.x, continued protection requires an immediate upgrade.
What January 5th, 2015 means to you
- Endpoint Protection 11.0.x clients will no longer be able to download updates from Symantec LiveUpdate or an internal LiveUpdate Administrator.
- Endpoint Protection 11.0.x clients can still obtain virus definitions from a 12.1.x Endpoint Protection Manager. This is not a recommended or supported configuration, and should only be considered to maintain protection while completing the upgrade to SEP 12.1.x.
- Intrusion Prevention, Proactive Threat Protection and all other content will not be available for download through any means.
- Endpoint Protection 11.0.x will no longer be supported by Technical Support.
- If a problem does occur, your only course of action with Technical Support will be to upgrade to Endpoint Protection 12.1.x. All other requests for support will be denied.
Symantec Endpoint Protection 12.1.x provides the necessary protection technologies against today's malware
Today's malware is attacking targets with more variation. New variants are harder to detect with traditional antivirus solutions. In 2007, the year Endpoint Protection 11.0.x was released, 711,912 unique malware variants were discovered. In 2011, the year Endpoint Protection 12.1.x was released, that number had increased to 403,000,000 new variants. The number of newly discovered variants will continue to increase.
In order to fully protect your environment, standalone antivirus is not enough. Continued virus definition updates along with the following new features will give you the best protection:
- Symantec Insight can detect threats based on files characteristics and reputation scores rather than relying solely on virus definitions.
- Real-Time SONAR replaces TruScan to identify malicious behavior of unknown threats using heuristics and reputation data in real time.
- Download Insight examines files that are downloaded through Web browsers, text messaging clients, and other portals. Download Insight uses reputation information from Symantec Insight to make educated decisions about a file's safety and improve system performance by only scanning at-risk files.
- Insight Lookup can detect malicious zero-day executable files that may not be detected by AutoProtect, and sends information from the files to Symantec for evaluation. Insight Lookup makes malware detection faster and more accurate.
- The Intrusion Prevention policy includes browser intrusion prevention, which uses IPS signatures to detect attacks that are directed at browser vulnerabilities.
|Feature||Symantec Endpoint Protection 11||Symantec Endpoint Protection 12.1||Description|
|Signature Detection||✔||✔||Traditional reactive malware detection technologies.|
|IPS||✔||✔||Scans network traffic for indications of intrusions or attempted intrusions.|
|Symantec Insight||✔||Insight separates files at risk from those that are safe, for faster and more accurate malware detection.|
|Real-Time Heuristics||✔||Monitors files as they execute for malicious behavior.|
|Real-time SONAR||✔||Replacing Symantec TruScan technology, this version of SONAR examines programs as they run, identifying and stopping malicious behavior even of new and previously unknown threats.|
|Browser Intrusion Prevention||✔||Scans for attacks directed at browser vulnerabilities.|
|Symantec Endpoint Protection and Symantec Network Access Control for Mac||✔||Endpoint protection and access control for Mac OS X managed through the Symantec Endpoint Protection Manager.|
|32-bit and 64-bit Protection Parity||✔||Identical protection for 32-bit and 64-bit systems.|
|Enhanced IPv6 Support||✔||Enables IPS scanning of network traffic, enhanced firewall support for IPv6.|
|Download Insight||✔||Tells you whether a file is risky before you install it.|
|File Insight||✔||Informs of the risk, source, and performance impact of files and processes.|
|Symantec Power Eraser||✔||Powerful tool for removing malware.|
|Bootable Recovery Tool||✔||Allows a computer to be clean booted from a removable device for removal of rootkits and other deeply infecting malware.|
|Auto Remediation of Infected Clients||✔||Flags infections that could not be removed. When new definitions arrive, it rescans those files at the next system idle.|
|Cloud Scan||✔||During a scan, Insight information is used to determine whether malware has infected known trusted processes.|
What is Symantec Insight?
Symantec Insight is a reputation-based security technology that puts files in context, using their age, frequency, location and more to expose threats otherwise missed. Built on contributions from over 210 million systems in over 200 countries, Symantec Insight has the ability to examine and track the context of files.
Some of what Insight has achieved to date:
- Directly blocking over 8.7 million attacks.
- Assisted in blocking over 31 million attacks.
- Tracked more than 3.1 billion files.
- Served 4.1 billion Insight ratings each day.
What is Real-Time SONAR?
SONAR is a real-time protection that detects potentially malicious applications when they run on your computer. SONAR provides “zero-day” protection because it detects threats before traditional virus and spyware detection definitions have been created. Unlike its predecessor, TruScan, SONAR runs in real time.
What is Browser Intrusion Prevention?
Browser Intrusion Prevention System (Browser IPS) is a new advanced protection feature included with the Endpoint Protection 12.1.x client. This browser plugin works in conjunction with, but is separate from the Client Intrusion Detection System (CIDS) used by the client firewall-based IPS engine.
What does Browser IPS do?
How Browser IPS works
The Browser IPS engine intercepts the code before it can execute, and determines that the code exploits a vulnerability. The SEP client blocks the attack, displays a notification in the browser, and writes a log entry for the browser attack in the SEP Security log.
What is Download Insight (Advanced Download Protection)?
Download Insight is a new advanced protection feature included with the SEP 12.1.x client. This feature allows the SEP client to leverage Symantec's Cloud-based reputation database when files are downloaded or executed directly from popular Web browsers.
How Does Advanced Download Protection Work?
- Download Insight scans executable files (.bat, .com, .dll, .drv, .exe, .msi, .ocx, .sys ) when they are downloaded through or launched by a portal application.
- Web browsers like Internet Explorer and Firefox are supported portal applications.
- Download Insight is a protection technology based solely on the reputation of files, not signature or behavioral analysis.
- Download Insight uses the SEP client's Client Intrusion Detection System ( CIDS ) to retrieve information about files being accessed
The benefits of upgrading to Symantec Endpoint Protection 12.1.x go well beyond the end of virus definition updates, security updates and technical support for version 11.0.x. Endpoint Protection 12.1.x provides overall improved security over Endpoint Protection 11.0.x on multiple levels.
Upgrading to Endpoint Protection 12.1.x not only provides the necessary virus definitions and security updates moving forward, but introduces numerous, additional protection technologies that were not present in Endpoint Protection 11.x that will better protect your environment today, as well as tomorrow.