# Updated: 27th May'15
SEP 12.1 RU6 (12.1.6168.6000) has been released and now available on Flexnet to download. For Non English languages it may take few more days.
Note: Symantec Endpoint Protection 12.1 RU6 does not ship Small Business Edition which reached End of Life (EOL) in May'15. Small Business Edition 12.1 customers can use a tool to migrate to the cloud-based Symantec Endpoint Protection.
This does NOT mean the customer needs to immediately upgrade their product. Customers will be able to renew their on-premises license and continue to use their SBE SEPM’s until 2018.
For more details check this blog: https://www-secure.symantec.com/connect/blogs/end-life-small-business-edition-121x-edition
SEP 12.1 RU6 includes the additonal following support:
- Red Hat Enterprise Linux (RHEL) 7.0 and 7.1
- Oracle Linux (OEL) 6U5
- Microsoft Internet Explorer 11
- Mozila Firefox 11 through 38.0.11
- Google Chrome through 42.0.2311.152
For more details go through release notes: http://www.symantec.com/docs/DOC8626
To install RU6, process almost same as we seen in previous versions so can definitely refer an article: "Endpoint Protection Manager 12.1.5 (RU5) installation pictorial walkthrough"
To know upgrade path please refer: Supported upgrade paths to Symantec Endpoint Protection
In SEP 12.1 RU6 “What’s new” page is added to be a companion of the “welcome” page. What’s new” page contains the summary description of the new features and links to open pages for more information. What’s new” is displayed after every upgrade to every admin who logs onto SEPM
“Welcome” page is displayed after fresh installation.
Windows Embedded Platform Support:
Symantec Endpoint Protection includes the following additional support for clients that run on Windows Embedded devices and in virtual desktop environments.
You can create a client installation package that includes a smaller set of virus and spyware definitions. The reduced-size installation package includes the same protections as for a standard-size Windows client. To deploy a reduced-size client installation package, in the wizard, choose a new package deployment. In the Select Group and Install Feature Sets pane, in the Install Settings drop-down list, click .
Symantec Endpoint Protection supports Windows Embedded write filters. Write filters protect the Windows Embedded operating system from any writes by redirecting the disk writes to temporary storage. When the device restarts, the device reverts to a default clean state, and discards any writes from the last boot session. The disadvantage to an enabled write filter is that after you install the client and restart the device, the client is no longer installed. However, the write filter can be disabled to allow writes to files, directories, or registry keys by excluding the Symantec Endpoint Protection client's file path and registry keys. The Symantec Endpoint Protection installer detects if write filters are installed or enabled and alerts you if you need to disable the filter to continue the installation.
Symantec Endpoint Protection supports the File-Based Write Filter (FBWF) for Windows XP Embedded, Windows 7 Embedded, and Windows 8 Embedded. The Registry Filter, combined with the FBWF, allows persistence of specific registry keys while protecting the rest of the operating system. Symantec Endpoint Protection does not support the Unified Write Filter (UWF).
Virus and spyware definitions are now available in a reduced size. You use reduced-size definitions on computers where you need a reduced footprint, such as on Embedded devices and in virtual environments. The reduced-size definitions are 80-90% smaller than the size of the standard-size Windows definitions. The reduced-size definitions are a fixed size and include the most recent set of definitions only, rather than the standard set of definitions.
To configure Symantec Endpoint Protection Manager to download reduced-size definitions, click > , select the site, and click . On the LiveUpdate tab, change the selection for Content Size to Download.
System Lockdown Enhancement:
You can run a new command from the management console to collect file fingerprints for applications to use in your system lockdown configuration. The command fingerprints for the .exe and .dll extensions. You use this method to add a list of the approved applications for a master image. The master image, or gold image, is a template for a virtual machine or Embedded device. The advantage of the new command is that it collects the file fingerprints that all the client computers in a group use at one time. Otherwise, you have to run the checksum utility or a third-party utility on each client computer individually. You add the collected file fingerprints to the system lockdown policy to specify which applications are allowed or blocked. These collected file fingerprints include the additional new files that belong to those applications. All other files are blocked from running on the client computer, such as zero-day malware.
You cannot edit or merge the collected file fingerprints with other file fingerprint lists so that you do not mistakenly merge the applications that you don't want. However, you can copy a collected file fingerprint into an existing file fingerprint list.
The collected file fingerprint list for a master image is targeted to a group. After you include the list in the system lockdown configuration, it applies to the group's computers immediately. However, you may want to include other fingerprints or to test the configuration first. You then use a different utility and the two-step process to set up and test the system configuration. You should also use the two-part process if you do not want to collect the fingerprints for all applications on the computers. For example, you may want to target the applications in a folder only.
You can run the command on a group or a single client from the Clients tab. Right-click the group or client and click > or > respectively.
To add the file fingerprint list, click > > . In the System Lockdown dialog box, click . In the File Fingerprint List text box, click and select .
See Running commands on client computers from the console.
See Configuring system lockdown.
See Automatically updating whitelists or blacklists for system lockdown.
Advance Threat Protection Enablement:
Symantec Advanced Threat Protection: Endpoint (ATP: Endpoint) is a virtual appliance that detects advanced threats on Symantec Endpoint Protection clients in your network. Advanced threats are those that typically bypass traditional protection technologies. The ATP: Endpoint server acts as an intermediary for Symantec Insight. ATP: Endpoint analyzes reputation data from Symantec Insight combined with submitted client detection data.
You can configure Symantec Endpoint Protection Manager to redirect the reputation queries and submissions from clients in a client group to ATP: Endpoint.
Under Clients --> Group --> Policies --> External Communication Settings --> Private Cloud.
See Configuring client groups to use private servers for reputation queries and submissions.
Content Distribution Monitor tool will be available under Tools folder.
The Content Distribution Monitor tool (SepmMonitor) helps you manage and monitor multiple Group Update Providers (GUPs) in your environment. The tool displays a graphical display of the GUPs' health and content distribution status. You can run the tool on Symantec Endpoint Protection Manager directly or remotely.
To install and use the tool, see the following article and video:
Content Download Managment
If the management server can provide only full definitions, you cna let clients download smaller packages from a liveupdate server instread. Make sure to optimize the rest of your environment to support this option. It helps
SEPM configuration: Policies > LiveUpdate > LiveUpdate Settings policy > Windows Settings > Advance Settings: (enabled by default)
For more detail information go through public article: What’s new in Symantec Endpoint Protection 12.1.6
Title: Upgrading or migrating to Symantec Endpoint Protection 12.1.6 (RU6)
Document ID: TECH230601
Article URL: http://www.symantec.com/docs/TECH230601
Title: New fixes in Symantec Endpoint protection 12.1.6 (RU6)
Document ID: TECH230558
Article URL: http://www.symantec.com/docs/TECH230558
Title: Symantec Endpoint Protection 12.1.6 Release Notes/What’s New
Document ID: DOC8626
Article URL: http://www.symantec.com/docs/DOC8626
Title: System Requirements for Symantec Endpoint Protection 12.1.6
Document ID: TECH230602
Article URL: http://www.symantec.com/docs/TECH230602
Title: Symantec Endpoint Protection 12.1.6 Installation and Administration Guide
Document ID: DOC8645
Article URL: http://www.symantec.com/docs/DOC8645
Title: Symantec Endpoint Protection 12.1.6 Getting Started Guide
Document ID: DOC8646
Article URL: http://www.symantec.com/docs/DOC8646
Title: Symantec Endpoint Protection 12.1.6 Windows Client Guide
Document ID: DOC8647
Article URL: http://www.symantec.com/docs/DOC8647