Product Overview: Symantec Endpoint Protection
Symantec Endpoint Protection, developed by Broadcom Inc., is a comprehensive security software suite designed to protect laptops, desktops, servers, and other endpoints from a wide range of threats. This solution integrates multiple layers of defense to safeguard networks against known and unknown threats, ensuring robust security across the entire attack chain.
What it Does
Symantec Endpoint Protection is a client-server solution that combines traditional virus protection with advanced threat protection mechanisms. It proactively secures client computers against various types of malware, including viruses, worms, Trojan horses, adware, rootkits, zero-day attacks, and mutating spyware. The software is engineered to protect networks before, during, and after an attack, reducing the risk of exposure and enhancing the overall security posture of the organization.
Key Features and Functionality
Layered Defense Approach
Symantec Endpoint Protection employs a holistic security approach that covers all stages of the attack chain: incursion, infection, infestation and exfiltration, and remediation and inoculation. Here are some key components of this approach:
- Web and Cloud Access Protection: Controls Internet access and network traffic over all ports and protocols, ensuring secure web and cloud interactions.
Threat Detection and Prevention
- Intrusion Prevention/Firewall: Blocks threats as they travel through the network, preventing command and control setup and known network and browser-based malware attacks.
- Behavioral Analysis: Helps stop the spread of infection by monitoring and analyzing system behavior to identify and mitigate potential threats.
- Exploit Prevention: Uses machine learning and other technologies to prevent exploits and malware from compromising the system.
Application and Device Control
- Application Control: Allows administrators to control which applications can run on the network, reducing the risk of unauthorized software execution.
- Device Control: Manages and controls the use of external devices, such as USB drives, to prevent data leakage and unauthorized access.
Advanced Security Mechanisms
- Endpoint Detection and Response (EDR): Integrated EDR capabilities enable the detection, response, and blocking of targeted attacks and advanced persistent threats without the need for additional agents.
- Deception: Uses lures and baits (fake files, credentials, network shares, etc.) to expose and delay attackers, providing early visibility into malicious activities.
- Active Directory Security: Defends against lateral movement and domain admin credential theft by controlling the attacker’s perception of an organization’s Active Directory resources.
Centralized Management and Real-Time Threat Intelligence
- Centralized Management Console: Provides a single console for managing all endpoints, offering real-time threat visibility and simplified management across on-premises, cloud-managed, and hybrid environments.
- Global Intelligence Network: Leverages one of the world’s largest civilian cyber intelligence networks to deliver real-time threat information, threat analytics, and comprehensive threat blocking data.
Additional Features
- Antivirus and Antispyware: Protects against traditional malware threats.
- Network Threat Protection: Safeguards against network-based threats.
- Email Security: Protects email communications from malware and other threats.
- Data Loss Prevention: Helps prevent sensitive data from being leaked or stolen.
- Cloud-Based Management: Offers flexible deployment options, including cloud-managed solutions.
Conclusion
Symantec Endpoint Protection is a powerful and comprehensive endpoint security solution that provides robust protection against a wide array of threats. With its layered defense approach, advanced threat detection and prevention mechanisms, and centralized management capabilities, it is an ideal choice for organizations seeking to enhance their endpoint security posture and protect their networks from sophisticated attacks.