What's new in SEP 12.1 RU2
Previously we have seen What's new in SEP 12.1 RU1 MP1
Now Symantec has released SEP 12.1 RU2 with many new features and enhancements.For more detail info check this article.
I have tried to list down few of them.
Especially I would like to show changes/additions in GUI, inhancements.
1. Security Virtual Appliance
Path: SEPM --> Monitors --> Security Virtual Appliance
A Symantec Endpoint Protection Security Virtual Appliance is a Linux-based virtual appliance that you install on a VMware ESX/ESXi server. Symantec Endpoint Protection Security Virtual Appliance integrates with VMware's vShield Endpoint and hosts the Symantec Endpoint Protection Shared Insight Cache server.
Shared Insight Cache lets Guest Virtual Machines (GVMs) share scan results so that identical files need to be scanned only once across all GVMs on the ESX/ESXi host. Shared Insight Cache improves performance of full scans by reducing disk I/O and CPU usagec
2. Early Launch Anti-Malware Driver:
Early launch anti-malware (ELAM) protects client computers from threats that load at startup. Symantec Endpoint Protection includes an early launch anti-malware driver that works with the Microsoft early launch anti-malware driver to provide the protection. The settings are supported on Microsoft Windows 8.
The early launch anti-malware driver is a special type of driver that initializes first and inspects other startup drivers for malicious code. When the Symantec Endpoint Protection driver detects a startup driver, it determines whether the driver is good, bad, or unknown. The Symantec Endpoint Protection driver then passes the information to Windows to decide to allow or block the detected driver.The Symantec Endpoint Protection settings provide an option to treat bad drivers and bad critical drivers as unknown. Bad critical drivers are the drivers that are identified as malware but are required for computer startup. By default, Windows allows unknown drivers to load. You might want to select the override option if you get any false positive detections that block an important driver. If you block an important driver, you might prevent client computers from starting up.
The Windows early launch anti-malware driver must be enabled for the Symantec Endpoint Protection settings to take effect. You use the Windows Group Policy editor to view and modify the Windows ELAM settings. See your Windows 8 documentation for more information.
Path: SEPM --> Virus & Spyware Protection --> Edit assigned Policy --> Protection Technology --> Early Launch Anti-Malware Driver
Adjusting the Symantec Endpoint Protection early launch anti-malware (ELAM) options
3. Explicit Group Update Provider for Roaming Clients:
It will allow clients to use GUP's outside their subnet.
Only configurable through SEPM
This is not auto discovery feature
Path: SEPM --> Policies --> Liveupdate Policy --> Edit liveupdate setting policy --> Server Settings --> Group Update Provider
4. Client Deployment Wizard:
Now you can successfully replace communication file only. No need to re-deploy entire pacakge in case of communication issue.
SEP 12.1 RU2 onwards no need to use Sylink replacer utility.
You can check this article to learn more about it:
5. New third party products are added under Software security removal feature.
Check this article
Third-party security software removal support in Symantec Endpoint Protection 12.1 RU2
6. New Cleanwipe version is introudced & it works/performs much better.
Check this article to know more about it
Here are few Articles provided below which would provide more information on the Latest Version Released:
SEP release details can be found here: http://bit.ly/m0vOJp
What's new in Symantec Endpoint Protection 12.1.2
System Requirements for Symantec Endpoint Protection, Enterprise and Small Business Editions, and Network Access Control 12.1.2
New fixes and enhancements in Symantec Endpoint Protection 12.1 Release Update 2
Upgrading or migrating to Symantec Endpoint Protection 12.1.2011 (RU2)
I hope it's informative