The Client Deployment Wizard includes the following changes:
The Client Deployment Wizard includes the Communication Update Package Deployment option to push the communications file (Sylink.xml) to the client in a client installation package. You use the Sylink.xml file to convert an unmanaged client to a managed client, or to manage a previously orphaned client. In previous releases, you needed to export the Sylink.xml file from the management server, and import Sylink.xml to each client.
The Client Deployment Wizard searches the network faster to find the computers that do not have the client software installed.
The Client Deployment Wizard includes the Automatically uninstall existing security software option so that a security software removal feature can uninstall third-party security products from the client computer. The feature removes security software before the client installation package installs the client software. With version 12.1.2, the feature removes more than 40 additional third-party products.
You can download and run a new diagnostic tool on the management server and client to help you diagnose common issues before and after installation. The Symantec Help tool enables you to resolve product issues yourself instead of calling Support.
Symantec Endpoint Protection includes the following virtualization improvements:
VMware vShield-enabled Shared Insight Cache.
Delivered in a Security Virtual Appliance, you can deploy
the vShield-enabled Shared Insight Cache into a VMware
infrastructure on each host. The vShield-enabled Shared
Insight Cache makes file scanning more efficient. You
can monitor the Security Virtual Appliance and client status
in Symantec Endpoint Protection Manager.
For managing Guest Virtual Machines (GVMs) in non-persistent virtual desktop infrastructures:
Symantec Endpoint Protection Manager includes a new option to configure the aging period for offline non-persistent GVMs. Symantec Endpoint Protection Manager removes the non-persistent GVM clients that have been offline longer than the specified time period.
Symantec Endpoint Protection clients now have a configuration setting to indicate that they are non-persistent GVMs. You can filter out the offline non-persistent GVMs in the Clients tab view in Symantec Endpoint Protection Manager.
Symantec Endpoint Protection provides public support to remotely manage and monitor the client and the management server. New Web services let you write your own tools to perform the following tasks remotely:
Run commands on the client to remediate threat situations.
Export policies from the server.
Apply policies to clients across servers.
Monitor license status and content status on the management server.
Documentation and other tools for remote monitoring and management support appear in the Web services SDK, located in the following folder on the installation disc: /Tools/Integration/ SEPM_WebService_SDK
Windows 8 features
Support for the Microsoft Windows 8 style user interface, including toast notifications for critical events.
Windows 8 and Windows Server 2012 Early Launch Anti-Malware (ELAM) support provides a Microsoft-supported way for anti-malware software to start before all other third-party components. In addition, vendors can now control the launching of third-party drivers, depending on trust levels. If a driver is not trusted, it can be removed from the boot sequence. ELAM support makes more efficient rootkit detection possible.
Full support for the Microsoft Windows 8 style user interface.
Proactive Threat Protection:
Device Control now sends a notification and creates a log event each time it blocks a previously disabled device. Previously, Device Control sent a notification and log event only the first time the device was disabled.
System lockdown can now run in blacklist mode. You must configure system lockdown to display a blacklist mode as well as the default whitelist mode. The blacklist mode blocks only the applications on the specified list. Symantec Endpoint Protection Manager can automatically update the existing file fingerprint lists and application name lists that system lockdown uses for whitelisting or blacklisting.
The LiveUpdate Settings policy includes an additional type of Group Update Provider (GUP) that allows clients to connect to Group Update Providers in a different subnet. This new type of GUP lets you explicitly define which networks each client may connect to. You can configure a single LiveUpdate policy to meet all your requirements.
A link on the client Status page now lets end users quickly and easily confirm that the client has the most current content. The link displays the content version dialog box, where a new column lists the last time that the client checked each content type for updates. Users can be more confident that their client updates correctly and has the latest protection.