Symantec Endpoint Protection v11.0.4
Strengths: Protection across the endpoint spectrum, easy to use and manage, very attractive price, and high availability capabilities for enterprise deployments.
Weaknesses: Does not support IPv6.
Verdict: Full protection, easy to install and manage, and good reporting and alerting, all for what most would pay for anti-virus.
SummarySymantec Endpoint Protection delivers a centrally managed, web-based, easy-to-use, fully integrated management interface that delivers a full suite of protection to the endpoints. The endpoint protection is delivered as a single agent and includes a personal firewall, anti-virus, anti-spyware, intrusion prevention system, application control and device control.
We installed the software with the embedded database, which is rated for up to 5,000 clients. For larger environments, both Microsoft Data Engine (MSDE) and SQL databases are supported. A high availability configuration is also supported for enterprise deployments. The install went well as the script was fully automated. Once loaded, we were provided a deployment wizard for setting up the client software distribution packages. Windows and Linux client types are supported. All of the signatures are updated on the server and push out to the clients.
LDAP and AD integration is available for importing clients.
Setting policy is easy and sorted by type: firewall policy for access control and application rules; AV and anti-spyware policy for handling threats; application control and device control policy for managing apps and devices that are allowed to run on the endpoint and IPS policy base; custom policies for packet-based signatures; and a host integrity policy for validating compliance for network access.
We were impressed by the level of control we had over the endpoint from this single interface. We could enable, edit and apply any or all of the policies we chose to assign.
The documentation was very good. With this much to offer, we needed to reference the guides often, but quickly found what we needed. Support is offered during business hours only if you purchase an upgraded support plan.
This was a complete offering. It was one of the few solutions that cover the network, port protection and host-based categories. All it lacked was encryption and support for IPv6. For the price, the Symantec Endpoint Protection solution is a great buy.