Endpoint Protection

View Only

Back to Library

What's new in SEPM 12.1 RU5 & User interface (differences) - Part 1

Recommend

Sep 19, 2014 03:58 AM

Chetan Savade

#Updated on 30th Sep'14

Hello,

With the release of SEP 12.1 RU5 many new GUI enhancement have been introduced, I have tried to list few of them.

However, In the release notes you can find more info about this release : http://www.symantec.com/business/support/index?page=content&id=DOC7696

New fixes and features in Symantec Endpoint Protection and Network Access Control 12.1.5

http://www.symantec.com/docs/TECH224706

Platform support updates:

Symantec Endpoint Protection 12.1.5 adds support for the following platforms, applications, and formats:

• Windows 8.1 Update 2

• Windows Server 2012 Update 2

• Mac OS X 10.10

• Symantec Endpoint Protection Client for Linux adds support for Red Hat Enterprise Linux Server 6.5 and CentOS 6.5.

• Download Insight and SONAR can now scan Office 2013 applications.

• The firewall can now define host groups with IPv6 addresses.

• Network Threat Protection now supports SHA-256 checksums as file fingerprints for the application learning feature and firewall rules

Client enhancements:

• IPS audit signatures monitor the network traffic of certain applications on Windows computers. For example, you can use these signatures to detect Yahoo IM logons. You can enable logging, review the Network Threat Protection traffic logs, and then decide whether or not to take action on the traffic.

• PowerEraser is now available in the Symantec Endpoint Protection Manager console.

• Client startup time is shorter, and the client service uses fewer processes.

• The Symantec Endpoint Protection for Linux client replaces the Symantec AntiVirus for Linux client. You can now provide Virus and Spyware Protection on the clients that run Linux. Symantec Endpoint Protection Manager provides client policy management, reporting, monitoring, logging, and licensing in a single client package for Linux

Content Storage Optimization feature:

As part of the upgrade to SEPM 12.1 RU5, the SEPM converts all of the content from full definitions to delta definitions. This process is resource intensive and may take an extended period of time. After this process is completed, the SEPM will use significantly less disk space.

In a typical enterprise setup where 30 content revisions stored, the SEPM upgrade process must reduce 55GB of full content to under 2GB of delta content. This process requires significant resources to complete and is impacted by the performance of any available CPUs, CPU cores (physical/logical/hyperthreading), memory, and disks (I/O). On a server that performs multiple roles, stores larger numbers of content, or is otherwise resource constrained, this process may take a longer duration to complete.

Refer this article to find more info: The LiveUpdate content optimization and content storage space optimization steps take a long time to complete when upgrading to Symantec Endpoint Protection Manager 12.1 RU5

http://www.symantec.com/docs/TECH224055

Managed linux clients:

The enterprise version of Symantec Endpoint Protection now includes the Symantec Endpoint Protection client for Linux. The Symantec Endpoint Protection client for Linux replaces the Symantec AntiVirus client for Linux and supports a greater range of distributions and kernels. Added distributions include Red Hat Enterprise Linux Server (RHEL) 6.5 and CentOS 6.5

SEP for Linux clients can now be managed by an RU5 SEPM, or later. Configuration enhancements have been made to the SEPM to allow policy creation for managed Linux clients. This includes AV policy settings, centralized exceptions, and LiveUpdate settings. The SEPM also features enhanced reporting for Linux clients, including the SEP client version, host OS details, and hardware details.

Note: SEPM can not distribute content updates (Virus & Spyware) to SEP linux client, You need LUA or internet liveupdate server.

Under Virus & Spyware Protection linux Settings are available:

LinuxRPM & LinuxDPKG packages have been added under admin --> Install Packages

Linux Packages.jpg

Host Integrity Policy:

The Host Integrity policy is now included with Symantec Endpoint Protection. The Host Integrity policy evaluates the client computers and ensures that they meet the security policies you have downloaded to those client computers.

Host Integrity policy has been added uner Polices, SEPM --> Policies --> Host Integrity

Host Integrity, Peer-to-peer enforcement, and Quarantine policies, formerly part of Symantec Network Access Control, are now available for all users, regardless of whether or not they had purchased a SNAC license. This change does not grant users access to the NAC portion of the product, which still requires a Network Enforcer and a SNAC license that has been purchased separately. It should also be noted that this change does not apply to the Small Business Edition version of the SEP product. There is no actual change in Host Integrity or SNAC functionality related to this enhancement

By default policy will not be assign to any group. Locatin use count will be '0'

As a result the HOME page of the SEPM now always displays Host Integrity Failed .

Once a policy is assigned, it then exposes the Quarantine policy user interface related options, so that quarantine policies can be defined to be used in the event of an HI check failure

In addition, peer-to-peer authentication is also available within the Firewall policy. Peer-to-peer authentication allows you to block clients from communicating with each other until they problems have been rectified.