Offentliche Verwaltung Deutschland - Symantec Endpoint Protection Group

Introduction to various Symantec and Norton Security Products 

12-30-2013 09:52 AM

What is this about?

In this article we will have a look at portfolio of both Symantec and Norton Security products. The introduced list will include both Enterprise products in case of Symantec family and Consumer products from Norton family. Some of the products will be possibly already familiar to you but what I hope to achieve in this article is to introduce some of the products that are maybe not that widely known but can indeed make your environment much more secure. During the course of reading you will undoubtly see that the range of Symantec Security products is really vast - reaching from Antivirus applications for desktops and laptops up to very specialized solutions for Exchange, Domino Servers or NAS devices. The portfolio will include both products descriptions as well as link to product home pages or whitepapers where more detailed info or pricing can be obtained. For Norton Security products I recommend as well perusing the provided links to the online reviews that will additionaly provide more informations about the software.



Symantec Products:

Symantec Antivirus Corporate Edition (CE) 10.x
Symantec Endpoint Protection Enterprise Edition 11.x / 12.1
Symantec Endpoint Protection SBE 12.1
Symantec Endpoint Protection SBE 2013
Symantec Protection Suite (SPS)
SAV for Linux (SAVFL)
Network Access Control (SNAC)
Symantec Critical System Protection (SCSP)
Symantec Data Loss Prevention (SDLP)
Symantec Web Gateway
Symantec Mail Security for Microsoft Exchange (SMSMSE)
Symantec Mail Security for Domino (SMSDOM)
Symantec Messaging Getaway (SMG)
Symantec Protection Engine for Network Attached Storage (SPE for NAS)
Symantec Protection Engine for Cloud Services
Symantec Endpoint Encryption Full Disk Edition
Symantec Mobile Security


Norton Products:

Norton Antivirus 2014
Norton Internet Security
Norton 360
Norton 360 Multi-Device
Norton Internet Security for Mac
Norton Antivirus 12 for Mac
Norton Mobile Security
Norton Hotspot Privacy



Symantec Security Products for Enterprise

  • Symantec Antivirus Corporate Edition (CE) 10.x - legacy Symantec Antivirus solution. Product reached its End-of-Support-Life (EOSL) on July 4, 2012 and was replaced by newer SEP 11.x and SEP 12.1 software solutions. Depending on the version old legacy SAV CE may be directly upgraded either to SEP 11.x or 12.1 - please consult relevant migration documentation for supported upgrade paths.

End of Life announcement for Symantec AntiVirus Corporate Edition and Symantec Client Security
Frequently asked questions about Symantec AntiVirus 10.x End of Support Life
How to request a virus definition extension for Symantec AntiVirus 10.x Corporate Edition beyond its End-of-Support-Life date


  • Symantec Endpoint Protection Enterprise Edition 11.x / 12.1 - Symantec Endpoint Protection is a client-server solution that protects laptops, desktops, Mac computers, and servers in your network against malware such as viruses, worms, Trojan horses, spyware, and adware. Additionally it is able to provide protection against even the more sophisticated attacks that evade traditional security measures such as rootkits and zero-day attacks.The suite comprises of Antivirus / Antimalware protection, Firewall, IPS and Application and Device Control. In 12.1 version SEP is built on multiple additional layers of protection, including Symantec Insight and SONAR both of which provide protection against new and unknown threats. The most recent SEP 12.1 version is 12.1 RU4. Latest version of Symantec Endpoint Protection 11.x is 11 RU7 MP4 - this is as well the last release of SEP 11.x product family and with this revision the product reaches its EOL stage - we recommend upgrading to SEP 12.1.


Symantec Endpoint Protection
Release Notes and System Requirements for all versions of Symantec Endpoint Protection and Symantec Network Access Control
Latest Symantec Endpoint Protection Released - SEP 12.1.RU4
Support life extension for Endpoint Protection 11.x and Endpoint Protection Small Business Edition 12.0.x


  • Symantec Endpoint Protection SBE 12.1 - Symantec Endpoint Protection Small Business Edition incorporates many of the features from Symantec Endpoint Protection Enterprise Edition. It is designed for small-to-medium businesses with up to 250 clients. Same as the full version the SBE protects against malware such as viruses, worms, Trojan horses, spyware, and adware. Please review the release and implementation documentation about SBE version as several of the features and functionalities included natively in 12.1 EE may be missing in 12.1 SBE edition. From the most importart differences to mention:
  1. no SQL Database support
  2. no Application and Device Control feature
  3. no Host Integrity enforcement
  4. no Shared Insight Cache support
  5. no AD Synchronisation option
  6. does not include several other components such as Risk Tracer, Virtual Image Exception, Group Update Providers
  7. includes some limitations regarding the available management options in the SEPM GUI

Feature comparison between SEP 12.1 SBE and EE
Installing and configuring Symantec Endpoint Protection Small Business Edition
Symantec™ Endpoint Protection, Symantec Endpoint Protection Small Business Edition, and Symantec Network Access Control 12.1.4 Release Notes


  • Symantec Endpoint Protection SBE 2013 - Symantec Endpoint Protection Small Business Edition 2013 offers simple, fast and effective protection against viruses and malware. It is available as a cloud-managed service which means there are no additional hardware requirements for the management layer as all administrative task are executed from a web-based console. SBE 2013 has as well an option available for on-premise management application in case this is more preferable to cloud-managed one. Similar to other SEP 12.1 solution as SBE and Enterprise Edition the SBE 2013 offers an unified security solution with a variety of features like Antivus and Antimalware protection, Firewall, heuristic Sonar protection, etc.


Symantec Endpoint Protection Small Business Edition 2013
Quick Start Tips for SEP Small Business Edition 2013
Symantec Endpoint Protection Small Business Edition 2013


  • Symantec Protection Suite (SPS) - a budled product of Symantec Security Software, available both in Small Business Edition as well as Enterprise editions, comprising of following components:
  1. Endpoint Protection
  2. Endpoint Protection for Macintosh
  3. Antivirus for Linux
  4. Mail Security for Microsoft Exchange
  5. Mail Security for Domino
  6. Messaging Gateway
  7. System Recovery Desktop Edition
  8. Symantec Protection Center
  9. Web Gateway

SPS provides multiple layers of protection for endpoint security, messaging security, web, data loss prevention, and data and system recovery, allows as well for  deployment of integrated essential endpoint and messaging security technologies as unified solutions with coordinated management.

Symantec Protection Suite Enterprise Edition
Compare Antivirus Software & Security Products
Protect More, With Less - See How Symantec Protection Suite Can Do It
Top 10 Benefits of Symantec Protection Suite


  • SAV for Linux (SAVFL) - software designed to provide antivirus protection on Linux OS. Symantec AntiVirus for Linux includes real-time antivirus file protection through Auto-Protect scanning, and file system scanning via manual and scheduled scans. Symantec AntiVirus for Linux requires a specific kernel on the system before installing Symantec AutoProtect package or otherwise you should compile your own kernel with our AutoProtect to ensure it will function properly

Best practice to install Symantec Antivirus for Linux
System requirements for Symantec AntiVirus for Linux 1.0
SAV for Linux Scanning Best Practices: A (Somewhat) Illustrated Guide
SAV for Linux: A (Somewhat) Illustrated Guide Part 2
SAV for Linux: A (Somewhat) Illustrated Guide Part 3


  • Network Access Control (SNAC) - Symantec product to validate and enforces policy compliance for the computers that try to connect to the production network. This validation and enforcement process begins before the computer connects to the network and continues throughout the duration of the connection. The Host Integrity policy is the security policy that serves as the basis for all evaluations and actions. SNAC clients may interact with a Symantec Enforcer. The Enforcer ensures that all the computers that connect to the network that it protects run the client software and have a correct security policy. SNAC can work as well in so called self-enforcement mode where it uses the Symantec desktop firewall to police network access, providing the easiest and fastest enforcement deployment option.

Symantec Endpoint Protection and Symantec Network Access Control Implementation Guide 12.1
About the types of enforcement in Symantec Network Access Control
How Symantec Network Access Control works


  • Symantec Critical System Protection (SCSP) - proactive policy-based protection and compliance software targeted at securing physical, virtual and cloud server environments. CSP consist of both HIDS (host-based intrusion detection) and HIPS (host-based intrusion prevention) as well as least privilege access control and application and device control policies. Some of the key features of SCSP:

- Non-signature based Host Intrusion Prevention
- Provides zero-day protection with use of out-of-box OS hardening policies. Those are either prebuild for Windows environments or based on the latest vSphere hardening guidelines, to protect the virtual environment  at the management server, hypervisor and guest level.
- Full integration with AD
- Broad platform support - Windows (Server Core editions including), VMware, Unix, Linux AIX, HP-UX
- Real-time File/Directory Integrity Monitoring - identifies changes to files and directories alongside with information who made the change and what was changed
- Configuration Monitoring - can identify policy violations and suspicious activity
- Tamper Prevention policies - allows lock down of system, administrators, settings and files to prevent tampering
- Application and Device Control - allows for lock down of application executables, devices like removable media and configuration settings
- Host firewall - controls inbound and outbound traffic, host based
- Advanced Memory Controls - to combat various types of memory attacks
- Privilege Access Control - rola-based policies to prevent unauthorized user access
- Compliance Solution addressing security regulations like PCI DSS, SOX or HIPPAA

Symantec Critical System Protection
Symantec Critical System Protection - Maximum protection for physical and virtual data centers - Whitepaper
Symantec Critical System Protection and how is it different from Symantec Endpoint Protection


  • Symantec Data Loss Prevention (SDLP) - data security solution that discovers, monitors and manages confidential data both when it is stored and during transfer. DLP helps monitor the confidential data usage in order to establish potential high-risk users or endpoints. DLP provides as well email protection for corporate mobile devices like Iphone or Android based smartphones. DLP includes a Vector Machine Learning technology that learns how to detect sensitive data based on the unique characteristics of the sample data rather than on the file fingerprinting. DLP provides coverage of data monitoring and protection on all 3 levels:

- DLP Storage - DLP can scan the datacenters to find and protect confidential data stored on file servers, shares, databases or similar file repositories. In case of sensitive information exposure DLP can both provide the incident security teams with data owner and location information as well as content details of it in order to allow for fastest remediation.
- DLP Endpoint - scans for confidential data on laptops and desktops. DLP can secure the data from being copied to external drives by disabling the devices itself in order to prevent data leakage. It can as well encrypt confidential data if such is being identified and unprotected on the endpoints. DLP can also prevent the sensitive information to be printed out by desktop or laptop users.
- DLP Network - protects against data breaches in the network. Prevents data loss over outbound emaila by monitoring the email traffic and if needed quarantining or blocking it to prevent leak of sensitive information.


Video - Symantec Data Loss Prevention


Symantec Data Loss Prevention
What's New in Symantec Data Loss Prevention 12 - Whitepaper


  • Symantec Web Gateway - security solution that allows for filtering of undesirable URLs to secure end users by preventing them from visiting specific either malicious sites or sites that would violate the company policy - the integrated filtering list allows for administration of 62 different site categories. Web Gateway is powered by Symantec Insight technology that uses the Global Intelligence Network and allows to identify and block new and emerging threats before they propagate to end users. Symantec Web Geteway allows for integration with Symantec DLP for Web solution that identifies sensitive data and prevents it from leaking outside of corporate channels via Web traffic. Some of the other key features of Web Gateway:
  1. Application control capabilities
  2. Symantec RuleSpace URL filtering with flexible policy setting
  3. Virtual or physical appliance deployment option
  4. SSL Decryption capabilities
  5. Multiple layers of malware protection
  6. Integrates with award-winning Symantec AntiVirus engine

Symantec Web Gateway
Symantec™ Web Gateway 5.1 - Whitepaper


  • Symantec Mail Security for Microsoft Exchange (SMSMSE) - integrated mail protection against malware, spyware, spam and phishing. Allows for real-time or scheduled scan of email content in order to provide efficient protection. Latest version of Mail Security for Exchange provide support for all recent Exchange versions up to Exchange 2013 - all varieties of Exchange environments are supported - hosted, VMware or Hyper-V. Mail Security scans are based both on standard definitions as well as advanced heuristics technologies.

Symantec Mail Security for Microsoft Exchange
Symantec™ Mail Security for Microsoft Exchange 7.0 - Whitepaper
Release notes for Symantec Mail Security 7.0 for Microsoft Exchange
Overview of Premium AntiSpam in Symantec Mail Security for Microsoft Exchange



  • Symantec Mail Security for Domino (SMSDOM) - solution is providing a real-time protection against malware, spyware, spam and phishing - this version is targeted at Lotus Domino Servers. Mail Security for Domino natively supports both Windows and IBM AIX environments with full support for Lorus Domino Clusters.

Symantec Mail Security for Domino
Symantec Mail Security for Domino - Whitepaper
Release notes for Symantec Mail Security 8.1.x for Domino
SMSDOM Best Practices: Setup


  • Symantec Messaging Getaway (SMG) - the most feature-rich mail security solution from Symantec. It contains features like real-time antimalware and antispam protection, advanced content filtering, data loss prevention and email encryption. Since release 10 the product contains improved Targeted Attack Protection that helps against targeted attacks and zero-day threats by removing exploitable content from Office and .pdf attachments. Antispam filtering feature similarly like in Symantec Mail Security product line is powered by Symantec Brightmail set of technologies that are able to identify threats based on reputation.

Symantec Messaging Gateway
Symantec Messaging Gateway 10.5 - Whitepaper
Symantec Messaging Gateway v/s Symantec Mail Security for Exchange- Which solution is the right one for my organization?


  • Symantec Protection Engine for Network Attached Storage (SPE for NAS) - product formerly known as "Symantec Antivirus for NAS" - provides high-performance content scan and threat detection. Specifically designed and recommended for various range of NAS devices allows for detection of both known threats as well as those with no known signatures through advanced heuristics. This solution provides increased scanning performance and improved detection capabilities for protection against multi-blended threats. Supported NAS platform vendors include: BlueArc, EMC, Hitachi, NetApp, Sun. For all third-party NAS devices SPE for NAS can integrate via ICAP protocol.

Introduction to Symantec Protection Engine for Network Attached Storage
Symantec Protection Engine for Network Attached Storage
Symantec Protection Engine for Network Attached Storage 7.0 - Whitepaper


  • Symantec Protection Engine for Cloud Services - formerly known as "Scan Engine". SPE for Cloud Services is a client/server application that allows to incorporate threat detection technologies into almost any application. Protection Engine includes Symantec's proprietary, patented URL categorization technology and industry-leading malware protection for fast, scalable, and reliable content scanning services. These services help organizations protect their data and storage systems against the ever-growing malware threat landscape.

Symantec Protection Engine for Cloud Services
Symantec Protection Engine for Cloud Services 7.0


  1. Protects and prevents your information from accidental data loss and assures protection for desktops and laptops against unauthorized access
  2. Meets government directives and regulations and offers full audit trail
  3. Provides scalable, centralized management for easy deployment and administration
  4. Offers boot protection, pre-boot authentication, and pre-boot event logging and supports Single Sign-On (SSO) to avoid the need to remember and enter multiple passwords
  5. Provides native MS AD integration

Symantec Endpoint Encryption Full Disk Edition
Symantec Endpoint Encryption Full Disk Edition - Whitepaper


  • Symantec Mobile Security - Security solution designed for large enterprise-wide deployments providing protection against malicious threats and unauthorized data access on Android devices. Beside threat detection Symantec Mobile Security offers as well privacy and theft protection of the spoken devices. Key features of Symantec Mobile Security:

- Scheduled or on-demand scans on the device.
- Anti-phishing Web browser protection
- Remote locate function to locate a lost or stolen device
- Remote lock function to lock stole device
- Remote wipe function to erase a stolen device
- Scream alarm allowing to locate a missing device
- Integration with Symantec Liveupdate
- centralized management and distribution of security policies


Symantec Mobile Security
Symantec Mobile Security - Whitepaper



Norton Security Products for Consumer Market

  • Norton Antivirus 2014 - provides antivirus and antimalware solution for consumer PC computers. Includes as well set of tools to clean up the threats from the machine: Norton Power Eraser and Norton Bootable Recovery Tool. Key features of the product:

- powered by Symantec Insight that identifies which files and applications are safe and which are dangerous based on the reputation of files
- SONAR Behavioral Protection - heuristic detections of unknown threats
- including Intrusion Prevention ssystem that helps blocking exploits at network level
- Internet Protection System - protects against suspicious links
- Download Insight - prevents downloads from website with low reputation score
- Scam Insight - reviews websites to determine if PII input is safe
- Identity Safe - personal vault of passwords and credentials
- Safe Web and Safe Web for Facebook modules
- Anti-phishing Technology - block phishing attempts


Video - The New Norton AntiVirus

Norton Antivirus Product Page



  • Norton Internet Security - complete internet protection suite for PC computers. Includes all the cleanup tools from Norton Antivirus. Additionally provides enhanced internet experience security by including following features (some of the features covers the ones implemented in Norton Antivirus as well):


- powered by Symantec Insight
- SONAR Behavioral Protection
- Download Insight and Scam Insight
- Internet Protection System -  protection against suspicious links and content on both websites and social networking sites
- Spam Blocking - to secure users from unwanted emails
- Identity Safe
- Anti-phishing Technology
- Safe Web and Safe Web for Facebook modules
- Parental Control for children
- 2way Firewall included
- includes additional performance tools known from Norton 360 suite: Defrag, Startup Manager


Video - The New Norton Internet Security

Norton Internet Security Product Page



  • Norton 360 - most feature-rich security solution for PC computers providing a mix of both antivirus/antispyware solutions and tools as well as backup/restore technologies. Key features of Norton 360:


- Antivirus and antimalware protection powered by Symantec Insight and reputation scans.
- SONAR behavioural protection - proactively helps detecting unknown threats
- SPAM blocking function
- Download Insight - prevents download from suspicious websites
- Scam Insight - reviews website reputation
- Anti-Phishing technologies
- Identity Safe - to store safely user names and passwords
- Parental Controls
- Safe Web for Facebook - used to scan Facebook Wall for security threats
- Firewall
- Automatic product downloads and content downloads are secured by Symatec Liveupdate
- Performance Tools including - Defrag, Startup MAnager and PC Tuneup
- Cleanup and Threat Removal tools - Norton Power Eraser, Norton Bootable Recovery Tool
- Automatic Backup with Symantec Online Backup allowing 2GB of online storage


Video - The New Norton 360

Norton 360 Product Page



- Norton 360 for Windows
- Norton Internet Security 5 for Macintosh
- Norton Mobile Security for Android and IOS


Video - Norton 360™ Multi-Device

Norton 360 Multi-Device Product Page



- AntiVirus and Antispyware Protection
- Two-Way Firewall
- Location Awareness: adjust level of protection depending on where the Mac laptop is being used
- Norton Safe Web and Safe Search: Proactively protects users while surfing the Web by warning of and blocking unsafe and fake websites right in search results.
- Norton Safe Web for Facebook - scans Facebook News Feeds for malicious downloads
- Antiphishing Technology: Blocks fraudulent phishing websites
- Vulnerability Protection: Updates daily to defend against threats that can infect Mac through gaps in the operating system.
- Confidential File Guard: Password protects users' files.
- Email and Instant Message Monitoring: Scans iChat and other IMs for suspicious attachments and other tricks used to steal user's identity.

Norton Internet Security for Mac - Product Page



  • Norton Antivirus 12 for Mac - basic antivirus protection for Macintosh, does not include Firewall or any of the Norton Safe Web features included in Norton Internet Security for Mac. Does include following components:

Daily Protection Updates
Vulnerability Protection
Email and Instant Message Monitoring

Norton Antivirus 12 for Mac - Product Page



  • Norton Mobile Security - security solution designed for consumer market of Android and IOS devices both smartphones and tablets. Includes antivirus and antitheft protection. Allows control of the selected mobile features over website. Key features:


- Back up the contacts from Android, iPhone or iPad device
- includes spam blocking features
- blocks  phishing websites
- comprehensive antimalware solution
- scans downloaded apps and apps updates for threats
- allows for scanning of SD cards when inserted or on schedule basis
- remotele locks the device if stolen
- allows to erase all information from the device if stolen or lost
- includes option to block the mobile if SIM card is removed and does not allow for other SIM to be used
- shows location of missing device to help locate it
- allows taking photos remotely in case the device was stolen to identify the identity of the thief
- scream alarm to locate the missing device


Video - Norton Mobile Security

Norton Mobile Security Product Page



  • Norton Hotspot Privacy - solution designed to protect login details, passwords and privacy while using public Wi-Fi hotspots. Creates a private, encrypted connection making the user invisible while on public hotspot and securing the data send over the public network. Protects the entire session so that both Web browsing activities or apps execution are protected. Devices supported by the product include: PC, Mac, IPad and IPod, Iphone devices. Despite the name suggesting Wi-fi networks only the product works as well on wired public networks.


Video - Norton Hotspot Privacy


Video - WiFi is not secure: Protect your privacy with Norton Hotspot Privacy

Norton Hotspot Privacy Product Page




0 Favorited
0 Files

Tags and Keywords


01-23-2018 09:53 AM

This is an awesome and very valuable comparison Sebastian, thank you. 

Can we get this updated to compare SEP 14.1 vs Norton vs SEP Cloud? I would be glad to volunteer our lab (Westcon/ Synnex...)



01-28-2014 01:53 PM

Nice consolidated information. Norton Identity Safe and Norton Zone are missed.

01-07-2014 01:17 PM

Nice, thanks for posting

Related Entries and Links

No Related Resource entered.