Content deleted Content added
Line 29:
A cloud version of Endpoint Protection was released in September 2016.<ref>{{Cite web |url=http://www.crn.com/news/security/300082061/symantec-rolls-out-new-cloud-based-endpoint-protection-solution-for-smbs.htm |title=Symantec Rolls Out New Cloud-Based Endpoint Protection Solution For SMBs |last=Kuranda |first=Sarah |date=13 September 2016 |website=[[CRN (magazine)|CRN]] |publisher=The Channel Company}}</ref> This was followed by version 14 that November.<ref name="Osborne 2016">{{Cite web |url=http://www.zdnet.com/article/symantec-launches-endpoint-protection-solution-based-on-artificial-intelligence/ |title=Symantec launches endpoint protection solution based on artificial intelligence |last=Osborne |first=Charlie |date=1 October 2016 |website=[[ZDNet]] |publisher=[[CBS Interactive]]}}</ref> Version 14 incorporates machine learning technology to find patterns in digital data that may be indicative of the presence of a cyber-security threat.<ref name="Osborne 2016" /> It also incorporates memory exploit mitigation and performance improvements.<ref name="gartner" />
=='''Features'''==
Symantec Endpoint Protection is a security software suite that includes [[intrusion prevention]], [[Firewall (computing)|firewall]], and [[anti-malware]] features.<ref name="SearchSecurity20182">{{cite web | title=Symantec Endpoint Protection and the details for buyers to know | website=SearchSecurity | date=February 8, 2018 | url=http://searchsecurity.techtarget.com/feature/Antimalware-protection-products-Symantec-Endpoint-Protection | access-date=February 8, 2018}}</ref> According to ''SC Magazine'', Endpoint Protection also has some features typical of [[data loss prevention]] software.<ref name="scmag" /> It is typically installed on a server running [[Windows]], [[Linux]], or [[macOS]].<ref name="one">{{Cite news |url=https://www.scmagazine.com/symantec-endpoint-protection-12-v121/review/6652/ |title=Symantec Endpoint Protection 12 v12.1 |last=Stephenson |first=Peter |date=1 August 2012 |work=SC Magazine |access-date=16 April 2017 |publisher=[[Haymarket Media Group]]}}</ref> As of 2018, Version 14 is the only currently-supported release.<ref name="Symantec Enterprise Technical Support 2017">{{Cite web |url=https://support.symantec.com/en_US/article.TECH154475.html |title=Released versions of Symantec Endpoint Protection |date=16 March 2017 |website=Enterprise Technical Support |publisher=[[NortonLifeLock|Symantec]] |access-date=18 April 2017}}</ref>
Line 36:
Endpoint Protection has an administrative console that allows the IT department to modify security policies for each department,<ref name="SearchSecurity20182"/> such as which programs or files to exclude from antivirus scans.<ref name="scmag" /> It does not manage mobile devices directly, but treats them as peripherals when connected to a computer and protects the computer from any malicious software on the mobile devices.<ref name="scmag" />
=='''Vulnerabilities'''==
In early 2012, [[source code]] for Symantec Endpoint Protection was stolen and published online.<ref name="Vijayan 2012">{{cite web | last=Vijayan | first=Jaikumar | title=Symantec confirms source code leak in two enterprise security products | website=Computerworld | date=6 January 2012 | url=http://www.computerworld.com/article/2501007/cybercrime-hacking/symantec-confirms-source-code-leak-in-two-enterprise-security-products.html | access-date=18 April 2017}}</ref> A hacker group called "[[Lords of Dharmaraja|The Lords of Dharmaraja]]" claimed credit, alleging the source code was stolen from Indian [[military intelligence]].<ref name="Akhtar 2012">{{Cite web |url=https://www.cnet.com/news/that-stolen-symantec-source-code-its-for-older-enterprise-products/ |title=That stolen Symantec source code? It's for older enterprise products |last=Akhtar |first=Iyaz |date=6 January 2012 |website=[[CNET]] |publisher=[[CBS Interactive]] |access-date=18 April 2017}}</ref> The Indian government requires vendors to submit the source code of any computer program being sold to the government, to ensure that they are not being used for [[espionage]].<ref name="Vijayan 2012"/> In July 2012, an update to Endpoint Protection caused compatibility issues, triggering a [[Blue Screen of Death]] on [[Windows XP]] machines running certain third-party [[file system]] [[Device driver|drivers]].<ref>{{Cite web |url=https://www.scmagazineuk.com/news/symantec-fixes-blue-screen-of-death-bug/article/546098/ |title=Symantec fixes 'blue screen of death' bug |last=Raywood |first=Dan |date=16 July 2012 |website=SC Magazine UK |publisher=[[Haymarket Media Group]] |access-date=16 April 2017}}</ref> In 2014, Offensive Security discovered an exploit in Symantec Endpoint Protection during a [[penetration test]] of a financial services organization.<ref name="Kirk 2014" /> The exploit in the Application and Device control driver allowed a logged-in user to get system access.<ref name="Kirk 2014">{{Cite web |url=http://www.networkworld.com/article/2461981/security/symantec-patches-privilege-escalation-flaws-in-endpoint-protection.html |title=Symantec patches privilege escalation flaws in Endpoint Protection |last=Kirk |first=Jeremy |date=5 August 2014 |website=[[Network World]] |publisher=[[IDG]]}}</ref> It was patched that August.<ref name="Kirk 2014" /> In 2019, Ofir Moskovitch, a Security Researcher discovered a Race Condition bug which involves 2 Critical Symantec Endpoint Protection Client Core Components: Client Management & Proactive Threat Protection and directly results in Protection Mechanism Failure that can lead to a Self-Defense Bypass, aka "SEMZTPTN" - Symantec Endpoint Minimized Timed Protection.<ref>{{Cite web|url=https://www.youtube.com/playlist?list=PLOzYF8qeSHOmCjixOMav3cT2-xG76gtKQ|title=Symantec Endpoint Protection Vulnerability|website=YouTube}}</ref>
=='''Reception'''==
According to [[Gartner]], Symantec Endpoint Protection 14 is one of the more comprehensive endpoint security products available and regularly scores well in independent tests.<ref name="gartner" /> However, a common criticism is that customers are "fatigued" by "near constant changes" in the product and company direction.<ref name="gartner" /> ''SC Magazine'' said Endpoint Protection 14 was the "most comprehensive tool of its type . . . with superb installation and documentation."<ref name="scmag">{{Cite news |url=https://www.scmagazine.com/symantec-endpoint-protection-14/review/7116/ |title=Symantec Endpoint Protection 14 |last=Stephenson |first=Peter |date=22 August 2016 |work=SC Magazine |access-date=20 April 2017 |publisher=[[Haymarket Media Group]]}}</ref> The review said EndPoint Protection had a "no-brainer setup and administration," but it does have a "wart" that support fees are "a bit steep."<ref name="scmag" />
[[Forrester Research|Forrester]] said version 12.1 was the most complete endpoint security software product on the market, but the different IT security functions of the software were not well-integrated.<ref name="forrester">{{Cite web |url=https://www.forrester.com/report/The+Forrester+Wave+Endpoint+Security+Suites+Q4+2016/-/E-RES113145 |title=The Forrester Wave: Endpoint Security Suites, Q4 2016 |last=Sherman |first=Chris |last2=McClean |first2=Christopher |date=19 October 2016 |last3=Schiano |first3=Salvatore |last4=Dostie |first4=Peggy}}</ref> The report speculated the lack of integration would be addressed in version 14.<ref name="forrester" /> ''Network World'' ranked Symantec Endpoint Protection sixth in endpoint security products, based on data from NSS Labs testing.<ref name="Smith 2017">{{Cite web |url=http://www.networkworld.com/article/3170114/security/nss-labs-rated-13-advanced-endpoint-security-products-flagged-2-with-caution-rating.html |title=NSS Labs rated 13 advanced endpoint security products, flagged 2 with caution rating |date=15 February 2017 |website=[[Network World]] |publisher=[[IDG]] |access-date=18 April 2017}}</ref>
=='''References'''==
{{reflist|30em}}
=='''External links'''==
*{{Official website|https://www.broadcom.com/products/cyber-security/endpoint}}
| |||