New in version 12.1.4013.4013

October 31st, 2013
  • Support for Microsoft Windows 8.1 and Windows 2012 R2.
  • SEPM Manageability enhancements – Allowing immediate critical security event notification and additional telemetry.
  • Fixes for customer reported defects.

New in version 12.1.3001.165 (July 24th, 2013)

  • Support for Microsoft Outlook 2013:
  • The Microsoft Outlook Auto-Protect plug-in adds support for Microsoft Outlook 2013.
  • Support for Microsoft Exchange 2013 Server:
  • Symantec Endpoint Protection now detects the default installation of Microsoft Exchange 2013 Server and automatically excludes Microsoft Exchange files and folders.
  • Intelligent Updater support for Proactive Threat Protection and Network Threat Protection:
  • Added support for Intelligent Updater to provide content for Proactive Threat Protection and Network Threat Protection
  • FIPS 140-2 certification:
  • You can deploy Symantec Endpoint Protection with a FIPS-compliant configuration to protect its server-to-server and client-to-server communications
  • Integration with VMware’s vShield Endpoint provides better than physical security for data-rich virtual environments while maintaining blazing fast performance.
  • Tuned for Windows 8 performance to make make your OS 80% faster and 29% safer than the native Defender solution, according to testing conducted by PassMark and Av-Test.
  • Enhanced security features include SONAR monitoring nearly1400, rather than 400, file behaviors.
  • Improved management through the ability to automatically remove existing security software, find orphaned machines, and more efficiently use group update providers.

New in version 12.1.2015.2015 (November 26th, 2012)

  • Installation - The Client Deployment Wizard includes the following changes:
  • The Client Deployment Wizard includes the Communication Update Package Deployment option to push the communications file (Sylink.xml) to the client in a client installation package.
  • You use the Sylink.xml file to convert an unmanaged client to a managed client, or to manage a previously orphaned client. In previous releases, you needed to export the Sylink.xml file from the management server, and import Sylink.xml to each client.
  • The Client Deployment Wizard searches the network faster to find the computers that do not have the client software installed.
  • The Client Deployment Wizard includes the Automaticallyuninstallexistingsecuritysoftware option so that a security software removal feature can uninstall third-party security products from the client computer. The feature removes security software before the client installation package installs the client software. With version 12.1.2, the feature removes more than 40 additional third-party products.
  • You can download and run a new diagnostic tool on the management server and client to help you diagnose common issues before and after installation. The Symantec Help tool enables you to resolve product issues yourself instead of calling Support.
  • Remote Management:
  • Symantec Endpoint Protection provides public support to remotely manage and monitor the client and the management server.NewWebservices let you write your own tools to perform the following tasks remotely:
  • Run commands on the client to remediate threat situations.
  • Export policies from the server.
  • Apply policies to clients across servers.
  • Monitor license status and content status on the management server.
  • Documentation and other tools for remote monitoring and management support appear in the Web services SDK, located in the following folder on the installation disc: /Tools/Integration/SEPM_WebService_SDK
  • Windows 8 features:
  • Support for the Microsoft Windows 8 style user interface, including toast notifications for critical events.
  • Support for Windows 8 and Windows Server 2012.
  • Windows 8 Early Launch Anti-Malware (ELAM) support provides a Microsoft-supported way for anti-malware software to start before all other third-party components. In addition, vendors can now control the launching of third-party drivers, depending on trust levels. If a driver is not trusted, it can be removed from the boot sequence. ELAM support makes more efficient rootkit detection possible.
  • Protection features:
  • Virus and Spyware Protection:
  • Full support for the Microsoft Windows 8 style user interface.
  • Exceptions:
  • Added support for HTTPS in trusted Web domain exceptions.
  • Commonvariables in exceptions now apply to 64-bit applications as well as 32-bit applications.
  • LiveUpdate:
  • A link on the client Status page now lets end users quickly and easily confirm that the client has the most current content. The link displays the content version dialog box, where a new column lists the last time that the client checked each content type for updates. Users can be more confident that their client updates correctly and has the latest protection.
  • Virtualization:
  • Symantec Endpoint Protection includes the following virtualization improvements:
  • A VMware vShield-enabled Shared Insight Cache. Delivered in a Security Virtual Appliance, you can deploy the vShield-enabled Shared Insight Cache into a VMware infrastructure on each host. The vShield-enabled Shared Insight Cache makes file scanning more efficient. You can monitor the Security Virtual Appliance and client status in Symantec Endpoint Protection
  • Manager.
  • For managing Guest Virtual Machines (GVMs) in non-persistent virtual desktop infrastructures:
  • Symantec Endpoint Protection Manager includes a new option to configure the aging period for offline non-persistent GVMs. Symantec Endpoint Protection Manager removes the non-persistent GVM clients that have been offline longer than the specified time period.
  • Symantec Endpoint Protection clients now have a configuration setting to indicate that they are non-persistent GVMs. You can filter out the offline non-persistent GVMs in the Clients tab view in Symantec Endpoint Protection Manager.
  • Protection features:
  • Proactive Threat Protection:
  • Device Control now sends a notification and creates a log event each time it blocks a previously disabled device. Previously, Device Control sent a notification and log event only the first time the device was disabled.
  • System lockdown can now run in blacklist mode. You must configure system lockdown to display a blacklist mode as well as the default whitelist mode. The blacklist mode blocks only the applications on the specified list. Symantec Endpoint Protection Manager can automatically update the existing file fingerprint lists and application name lists that system lockdown uses for whitelisting or blacklisting.
  • Policies:
  • You can export all the policies, locations, and server settings for a domain. If you then import these policies and settings into a new domain, you do not need to recreate them.
  • LiveUpdate:
  • The LiveUpdate Settings policy includes an additional type of Group Update Provider (GUP) that allows clients to connect to Group Update Providers in a different subnet. This new type of GUP lets you explicitly define which networks each client may connect to. You can configure a single LiveUpdate policy to meet all your requirements.

New in version 12.1.1101.401 (November 6th, 2012)

  • To provide better support for a set of registry keys that are commonly used for client monitoring, the following subkeys have been moved in Symantec Endpoint Protection version 12.1.1100:
  • ASRunningStatus
  • AVRunningStatus
  • DeployPreviousVersion
  • DeployRunningVersion
  • DeployStatus
  • DeployTargetVersion
  • FWRunningStatus
  • Infected
  • LastServerIP
  • RebootReason
  • snac_enabled

New in version 12.1.671.4971 (July 20th, 2011)

  • Unrivaled security. Blazing performance. Built for Virtual Environments:
  • We've worked hard to further the unrivaled security and blazing performance for which Symantec Endpoint Protection is known. Built for virtual environments it has dramatically improved performance, and a new state-of-the-art protection system – Symantec Insight. Symantec Endpoint Protection 12.1 includes hundreds of new features for improved security, performance and management.
  • Symantec Insight:
  • Symantec Insight is the only system in the world that tracks the age, prevalence and security rating of nearly every program file on the internet. Because Insight knows what files are new or changed, Insight takes the most important advantage of cyber-criminals, their ability to generate millions of unique threats, and turns it against them.
  • Real Time SONAR 3: Replacing Symantec’s TruScan technology, this version of SONAR examines programs as they run, identifying and stopping malicious behavior even of new and previously unknown threats.
  • Browser Intrusion Prevention: Integrates into leading browsers to scan for attacks directed at browser vulnerabilities.
  • Antivirus for Mac and Linux
  • Faster central console: Optimized database to increase responsiveness.
  • Smart Scheduler: Stays out of your way by performing non-critical security tasks when your computer is idle.
  • Enhanced client deployment: Improved wizards and more deployment options will allow new installs and upgrades to be faster and easier than ever before.
  • Built for Virtual Environments: Enhanced to help protect your virtual infrastructure. Symantec Endpoint Protection can white list baseline images, maintain a shared scan cache, randomize scans and updates, scan offline images and automatically identify and manage virtual clients.
  • SEP Manager Integration with Symantec Workflow: Optimizes efficiency, enforces processes and policies, and automates redundant tasks by integrating the SEP Manager with Symantec Workflow.
  • Faster central console: Optimized database to increase responsiveness.
  • The Symantec Endpoint Recovery Tool and Power Eraser: The Symantec Endpoint Recovery Tool repairs severely infected PCs. The tool creates a self-booting CD or USB stick with Symantec's most powerful malware removal technology. The tool boots the computer into a specialized, virus free state so that malware can be safely removed.
  • Advanced Reporting and Analytics: Symantec Endpoint Protection now includes The Altiris IT Analytics Symantec Endpoint Protection Pack. ITA complements and expands upon the traditional reporting offered by Symantec Endpoint Protection by incorporating multi-dimensional analysis and robust graphical reporting in an easy to use dashboard.

New in version 11.0.6300.803 (April 4th, 2011)

  • Single Agent and Single Console:
  • Delivers a single agent for all Symantec Endpoint Protection technologies and Symantec Network Access Control. Delivers a single integrated interface for managing all Symantec Endpoint Protection technologies and Symantec Network Access Control. All allow for a single communication method and content delivery system across all technologies.
  • Provides operational efficiencies such as single software updates, single policy updates.
  • Provides unified and central reporting.
  • Provides unified licensing and maintenance.
  • Requires no change to the client when adding Symantec Network Access Control enforcement.
  • Multi-platform Support:
  • Symantec Endpoint Protection now protects Windows, Mac OS X and Linux endpoints.
  • Single Sign-on Web Console:
  • Efficiently manage your environment with a single sign-on web console that provides administrators full configuration management, report generation, and consolidated dashboard views across multiple Symantec protection technologies.
  • Manage Easily
  • Unified Management and Administration
  • Automatically remove existing solutions, install new clients, and report on them
  • Manage Windows and Mac clients from the same console
  • Proactive Threat Scanning:
  • Behavioral-based protection that protects against zero-day threats and threats not seen before. Unlike other heuristic-based technologies, TruScanTM Proactive Threat Scan scores both the good and bad behavior of unknown applications, providing a more accurate malware detection.
  • Accurately detects malware without the need to set up rule-based configurations.
  • Helps lower the number of false positives.
  • Advanced Rootkit Detection and Removal:
  • Provides superior rootkit detection and removal by integrating VxMS (Veritas Mapping Service—a Veritas technology), thereby providing access below the operating system to allow thorough analysis and repair.
  • Detects and removes the most difficult rootkits.
  • Saves time and money and productivity lossses associated with re-imaging infected machines.
  • Application Control:
  • Allows administrators to control access to specific processes, files, and folders by users and other applications. It provides application analysis, process control, file and registry access control, and module and DLL control. It enables administrators to restrict certain activities deemed as suspicious or high risk.
  • Prevents malware from spreading or harming endpoints.
  • Locks down endpoints to prevent data leakage.
  • Device Control:
  • Controls which peripherals can be connected to a machine and how the peripherals are used. It locks down an endpoints to prevent connections from thumb drives, CD burners, printers, and other USB devices.
  • Prevents sensitive and confidential data from being extracted or stolen from endpoints (data leakage).
  • Prevents endpoints from being infected by viruses spread from peripheral devices.
  • The Symantec Endpoint Recovery Tool:
  • The Symantec Endpoint Recovery Tool repairs severely infected PCs. The tool is a self-booting CD with Symantec's most powerful malware removal technology. The tool boots the computer into a specialized, virus free state so that malware can be safely removed.
  • Optimal Client and Server Performance:
  • Optimized client boot times and application load times enables comprehensive protection and better performance for all customer sizes and environments
  • Secure Virtual Environments:
  • Symantec Endpoint Protection 11.0.6 adds resource utilization leveling to ensure that simultaneous scans or updates won't impact the performance of virtual environments. Utilization leveling includes an option to randomize when scans and updates take place, preventing resource contention and leveling CPU resources. In addition, SEP's performance optimized scan engine includes IO aware Scan Tuning, and multithreading for optimal performance.
  • Advanced Reporting and Analytics:
  • Symantec Endpoint Protection now includes The Altiris IT Analytics Symantec Endpoint Protection Pack. ITA complements and expands upon the traditional reporting offered by Symantec Endpoint Protection by incorporating multi-dimensional analysis and robust graphical reporting in an easy to use dashboard.