Symantec Sharpens Its Endpoint Security Fangs

took the wraps off the public beta

At Symantec Vision 2007 in Las Vegas, the Cupertino, Calif.-based vendor unveiled Endpoint Protection 11.0, formerly known as Project Hamlet, which combines several different product lines that it either developed in house or gained through acquisition. The official release is slated for September.

Endpoint Protection 11.0 bundles antivirus, firewall, network and host IPS, rootkit detection, application and device control, all integrated into the Symantec endpoint protection agent. Symantec Network Access Control 11.0 is available as a separate license.

The NAC and firewall come from Symantec's acquisition of Sygate, while the host IPS and proactive threat scanning come from its purchase of Whole Security, said George Myers, director of the Endpoint Security group at Symantec.

Endpoint Protection 11.0, which replaces the old Antivirus Corporate Edition product line, is aimed at control and protection, includes a Veritas technology known as Raw Disk Scan that can find rootkits hidden deep within the dark recesses of hard drives, said Myers.

Sponsored post

Network IPS in Endpoint Protection 11.0 uses a homegrown technology called Generic Exploit Blocking that doesn't require signatures and can block zero day threats, said Myers.

"It finds a lot of threats that antivirus engines don't; in fact, every month we're finding 1000 threats that none of the antivirus engines are finding," he said.

Endpoint Protection is managed through a console that pulls together all the different technologies into an organized view. Symantec has also streamlined the Endpoint Protection agent, which now has a baseline memory footprint of 21 megabytes, according to Myers.

Several solution providers told CRN in March that the performance of Symantec's antivirus engine was less that stellar, but Myers says those issues have been addressed in the new release, which consumes less memory and manages processing power more efficiently.

"The scan engine is more resource-friendly. It's not just a complete on-off action, but can come on in increments, which makes it much more intelligent in that regard," said Myers.

Symantec is in the process of training its support teams on the broader range of products that Endpoint Protection encompasses, through field and online training programs, Myers said.

Endpoint Protection 11.0 and NAC 11.0 pricing will be announced closer to the September ship date, said Myers.