Symantec Endpoint Protection Protects Virtual Environments
Symantec is barreling into the future of security technology with the launch of Endpoint Protection 12. Version 12 brings with it new features designed specifically for virtual environments along with improvements to detection engine technology. Here’s the scoop …
Symantec Endpoint Protection 12 (SEP12) comes on the heels of what Symantec is calling an “explosion” in malware complexity and size, along with a constantly lower barrier of entry into cybercrime. With the backdrop set, Symantec has imbued SEP12 with the the power of Insight, Symantec’s community-based reputation technology. With Insight on board, Symantec believes it is poised to better protect than any other offering currently on the market.
Symantec also noted some enhancements in its security engines, such as reputation-based identification via the aforementioned Insight, along with “cloud-based community intelligence” to drop the overhead needed for a scan by an alleged 70 percent.
SEP12 also was built with virtualization in mind, and can whitelist an entire base image to maintain integrity, while also managing virtual SEP12 clients. SEP12 also includes Sonar 3 as part of Symantec’s Small Business Edition to allow for enterprise-class threat detection and performance boosts without the hassle.
Ashish Mohindroo, senior director of enterprise security, said SEP12 is a prime example of Symantec’s approach to the threat landscape. “Traditional signature based identification is becoming obsolete,” he said. “It’s not enough … to prevent new wave of attacks. Repetition-based technology, which was used at Norton, has in every test outpaced every solution in the market.”
Mohindroo also noted that Symantec looks at 20 million files every day, setting the company apart from its closest competitors. Other security protection companies wouldn’t be able to catch up to Symantec’s scale and size of security knowledge, he said.
Mohindroo also discussed whitelisting approaches, including whether size is really that important. Whitelisting, he said, is a “Challenge with new malware. Malware mutates, so you have no history of them. If they do something malicious you have to create a malicious behavior [entry],” he said, referring to the mechanics of adding and removing software from white lists. “Whitelisting is not sustainable and not right for our customers.”
For Symantec’s partners, channel chief Randy Cochran noted the new technology represents a major step forward in securing virtualized environments, especially in the SMB space.
“When you combine the Sonar with our additional capabilities, it’s not just blacklisting or whitelisting. It’s a multi-layered approach for a solid platform. We’ve been working with partners focused on small businesses [and] feedback is positive. We’re working on enablement aspects, getting the partner ecosystem up to speed and getting their hands dirty working with the product. Partners like to add services … [and SEP12] has genuine excitement around the product.”
Currently SEP12 is in an invitation-only beta, but it will be available for public consumption come April 2011. Symantec plans to continue the beta program in the SMB and enterprise spaces to gather partner perspective prior to the full-blown launch, Cochran said.
Pricing will be made available closer to the launch, and we’ll be sure to follow up as April 2011 nears.