Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Few differences between SEP 11 Enterprise Edition and SEP 12.1 Enterprise Edition

Created: 11 Aug 2011 • Updated: 03 Jan 2013 | 20 comments
Language Translations
Chetan Savade's picture
+30 30 Votes
Login to vote

Updated on 10th May'12

 

Hello Everyone,

There are many differences between SEP 12.1 and SEP 11.x.

Few differences are listed below

SEP 11.x can create package with only two options i.e. reboot is required or not

Reboot Manager is a new feature it manages reboot at the endpoints.

Ability to schedule reboots.

Gives more power to the SEPM admin(s) to manage reboot at the endpoints

 

SEP 11.x have only resetpass.bat to reset password

Configurable Password Recovery options

Passwords can be recovered via Email

SEP 11.X is paper license product, no software license needed to activate product

SEP 12.1 is license product.

•   Advantage: Expired license cannot submit suspicious files to Symantec site.Only a registered and paid customer can submit files to the Insight database to avoid poisoning from malware authors.

•   Customers and partners can keep track of license usage.

•   Symantec License Format, SLF, (like other Symantec software) is used.

In SEP 11.x there are no any predefined notifications.

In SEP 12.1 there are predefine reports like AV definitions out of date, license expire, over deployed clients.  It will help you to monitor SEPM status.

SEP 11.x you will have to break SEPM’S replication before performing  upgrade

SEP 12.1 onwards there is no need to break replication before product upgrade.

Starting in SEP 12.1, replication performs version checking

Eliminates cross version replication corruption.

SEP 11.x firewall have limited support for  IPV6

SEP 12.1 firewall support IPV6 Support,NDIS5/NDIS6 Support

-Firewall Rules can be applied to IPv6 Traffic

-Decoupled FW Dependencies with AV/DC/IDS

-Improved Windows Firewall Integration

-Improved IDS Reporting and Error Handling

SEP 11.x doesn’t support application and device control policy on 64 bit OS

SEP 12.1 supports application and device control policy on 64 bit OS

Features supported on 64 bit OS         

-AV                                                                  

-Proactive threat Scan (a.k.a truscan or Sonar)     

-Bloodhound                                                      

-Malheur                                                            

-Tamper Protection                                            

-Device Control

-Application Control

-System Lockdown

-Outlook Email Scanning

-Lotus Notes Email Scanning

-Right Click scan for viruses

-Firewall

-IPS

-Application learning

-Host Integrity (SNAC)

 

IIS is mandatory in SEP 11.X. Reporting issues are commonly observed due to IIS issue.

SEP 12.1 has replaced IIS with Apache, dependency is removed from IIS.

Database maintenance was concern with SEP 11.x with day to day increase in Size.

Improve database efficiency through automatic maintenance

SEP 11.x is using third party software’s with old engines

SEP 12.1 is using third party software with latest engines.

•          Tomcat Upgrade From v4.1.25 To v6.0.29

•          Embedded Sybase DB Upgrade from v9x to v11.0.1.2472

•          JRE Upgrade from 1.x to  v1.6u21

•          PHP Upgrade to v5.3.3

SEP 11.x are not supporting with latest operating systems

SEP 12.1 now support latest market operating systems, it does support now Small business Server 2008, 2011.

http://www.symantec.com/docs/TECH163806

SEP 11.x will stop support around 2014

 

SEP 12.1 will have more life span compare to SEP 11.x

SEP 11.x policies are not not tuned as SEP 12.1

Upgraded Default Polices Tuned for Today’s Threat Landscape

New ICMP Trigger for Location Awareness

Improved Tamper Protection

When you export package through SEP 11.x, it contains old definitions when SEPM was installed first time or upgraded last time

SEP 12.1 export package with latest definitions.

SEP 11.x shows  succeeded (if package copied successfully) status even though SEP clients is not installed successfully

Clients register in console as soon as installation starts, enables rich detail on install status

Reports now show

-Success

-Errors

-Rollbacks

-Unsupported Operating systems

-Reboot required

SEP 11.x upgrade failure may cause client to not protect system, SEP client may become inactive

SEP 12.1 uses an MSI based, Side-by-Side, Replace on Reboot installation system.

This method never leaves the client without protection, even in case of upgrade failure.

PTP feature is not supported on Server operating systems

PTP feature is supported on server operating systems.

Scan performance is low

Scan performance is significantly improved in SEP 12.1

SEPM can’t be install on windows 7

SEPM can be install on windows 7

SEP 11.x cannot manage Mac OS through console

SEP 12.1 can manage Mac OS through console

SEP 11.x have 15 default firewall rules

SEP 12.1 have 26 built in default firewall rules

SEP 11.x administrator have limitation while providing access to other administrator

By default, administrators have access to all features in a single domain. That is, the administrator can view and run reports, manage groups, remotely run commands, manage installation packages, and manage policies for that domain. The administrator can also run reports on all groups in the domain, except for any groups that migrated from Symantec Antivirus 10.x. You must explicitly configure reporting rights to these migrated groups.

Also, you can grant site rights to administrators to authorize them to fully manage a site, which includes managing the database and servers. When you create a new administrator, the administrator is not authorized to manage sites. You must explicitly grant site privileges to allow the administrator to fully manage sites in a single domain.

Live update is slower compare to SEP 12.1

Live update is faster than sep 11.x, using latest live update engine.

Liveupdate is inbuild in SEP 12.1 client so luall.exe won't work on SEP client. But luall.exe is supported on SEPM machine.

 

Third party security removal feature is not available
Symantec has released latest version i.e SEP 12.1 RU1 MP1 & it has feature of Security Software removal.
 
Check following KB for more details:
 
http://www.symantec.com/docs/TECH178757 

 

Helpful link :

https://www-secure.symantec.com/connect/sites/default/files/21169174_GA_QR_SEP_12.1Feature_Comparison_Chart.01.11.pdf

Feature comparison between SEP 12.1 Enterprise Edition and Small Business Edition 

https://www-secure.symantec.com/connect/articles/feature-comparison-between-sep-121-sbe-and-ee

Screenshots for reference:

1. Schedule Reboot options :-

2. Password recovery option :-

3. New License tab:-

4. Pre-defined Notifications :-

5. Protection Technlogies:

6. SEPM 12.1 Login Screen with easy accessible option of Install proection clients to computers, Run Liveupdate, Activate license :-

Comments 20 CommentsJump to latest comment

twilight123's picture

Nice information :)

Don't forget to mark this post as solution if it answered your query... :)

0
Login to vote
AravindKM's picture

Good one

Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind

0
Login to vote
outrunred's picture

Great, thanks.

 

BTW - that's probably the only time you'll ever see a nice big green tick saying 'Security Status Good'

smiley

+2
Login to vote
John Santana's picture

LOL yes, I must admit thatI've never seen it shiny green after all this time :-|

there is always an issue.

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.

0
Login to vote
W007's picture

Nice Article.

 

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

0
Login to vote
Ashish-Sharma's picture

Good one

Thanks In Advance

Ashish Sharma

 

 

0
Login to vote
Chetan Savade's picture

Thanks to all !!!

Chetan Savade
Sr Technical Support Engineer, Endpoint Security
Enterprise Technical Support
CCNA | CCNP | MCSE | SCTS |

Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<

+1
Login to vote
John Santana's picture

thanks man !!!

Kind regards,

John Santana
IT Professional

--------------------------------------------------

Please be nice to me as I'm newbie in this forum.

0
Login to vote
Prashant_S's picture

This is Great Info... Thanks for Sharing...!!!

+1
Login to vote