Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.
Endpoint Security Blog

SEP 12 Announced

Created: 15 Feb 2011 • Updated: 18 Feb 2011 • 11 comments
dschrader's picture
+7 7 Votes
Login to vote

 

 

Symantec today announced the next version of Symantec Endpoint Protection.  This release, version 12.1, will ship later this year.  You can sign up for the beta at http://go.symantec.com/sep12beta/ .

Long in coming, this release is a major milestone.  On the face of it, that statement is odd; after all, SEP is mature product and its feature set hasn't at a fundamental level, changed.  It is still offers the critical elements of endpoint security, - malware protection, access control, device control, application control, firewall and IPS. It “kinda, sorta” looks like nothing has changed.

Well, don't believe it. There are countless new features in this release, and in subsequent blog posts I will dive into them.  The real change, however, is under the covers and in the test results.  SEP 12 is built on a powerful new stack of security technologies – which not only offer state-of-the-art protection, but which also position SEP to continue to provide great protection in a world with hundreds of millions, even billions of unique malicious programs.

Last year, Symantec identified 286 million different pieces of malware.  Think about scanning each of the thousands of scanable objects on your computer for any one of 286 million malware signatures.  Ok, the problem isn’t really that bad – that 286,000,000 figure represents mostly minor variants of a much smaller number of malware samples.  But still, we are talking about over 10 million virus signatures.

Powered by Insight, SEP knows the reputation of up to 70% of the executables on your system – which means it need not scan those files unless they have changed.  By reputation, I don’t just mean that we can identify bad files with signatures in the cloud (which, by the way, is the secret sauce behind McAfee’s Artemis/ Global Threat Intelligence technology).  Insight does has something unique, well, 2 things.  First, for every file we track (over 2.5 billion files), we have a security rating.  Second, WE TRACK 2.5 BILLION FILES – 31 MILLION NEW FILES EVERY WEEK.  Sorry for shouting, but that is a huge database. It is large enough that we can derive the context and the associations of the file – its "reputation" if you will, with great confidence.  We are tracking the presence, age and security rating of nearly every executable on the internet.  No-one else can do that.  It is not even close. 

Insight isn’t the only new security feature in SEP.  The other half of the story is Sonar. 
Sonar is an AI driven driven technology that tracks file behaviour in real time.  Where older generations of heuristic scanners ran on file open/close/modify and on periodic scans, Sonar runs all the time – watching file behaviours and rating them on over 400 attributes. 

The other big change in SEP is its enhanced support for virtualization.  I look into the new virtualization technology in a later post.

You can see how effective SEP is in latest detection and performance test reports.  We have posted them on the SEP Beta page - http://go.symantec.com/sep12beta/ .  Take a look.

Comments 11 CommentsJump to latest comment

MaRRuT@CC's picture

I hope SEP12 will be "the" enterprise security killer. The "others" have good programs too...

+1
Login to vote
D.slinger's picture

Will SEP 12 have any better integration with your other products? I'm really tired of using multiple consoles to admin all your products. A McAfee rep was here a few weeks ago and mentioned the lack of network visibility in your product line up. It would seem like a big blind spot.

Hope 12 knocks it out of the park!

-3
Login to vote
TNicikowski's picture

If "network visibility" is the only negative thing McAfee is saying against SEP, then they should REALLY be shaking in their boots. blush

Symantec has a single sign on console login called Symantec Protection Center.

http://www.symantec.com/business/protection-center?om_sem_cid=biz_sem_nam_us_Google_ES_PC&om_sem_kw=symantec+protection+center

Have a look. Hope that helps smiley

+1
Login to vote
Constantine's picture

as i know 12th version of SEPM will have many enhanced features and design will be improved as well. also there is some chnages in client side as well...

-1
Login to vote
BadAxe's picture

Will we be able to manage our EndPoint Hard Drive Encryption from the new Endpoint Management Software?

-1
Login to vote
dschrader's picture

No, we have not reached that level of integration. 

+3
Login to vote
BadAxe's picture

DOD Data-At-Rest requirements will soon require us to implement an encryption solution. We were hoping to use your product since we are already using your A/V solution and manage it all from one console. We actually still using the old A/V management software and plan on upgrading the EndPoint Management. We are very excited about the performance gains with the new version.

+1
Login to vote
BadAxe's picture

Can they both reside on the same server without conflicts?

-1
Login to vote
justin_g's picture

Have the alert emails been updated to a format that's actually viewable on mobile devices (as opposed to the .mht format)?

+1
Login to vote
LittleAVRascals's picture

We've been trying to register for the SEP 12 Beta since we first got the announcement via an e-mail from Symantec in February.  We are an existing customer using SEP 10.  We called Support to ask how to register for the Beta and we used the Beta registration web site.  In both cases we got a quickie response that said to call Sales because no one took the 10 second to read the fact that we are already a Symantec customer using SEP 10.  In any event, yet another Sales person just called and said "Oh, there is no SEP 12 Enterprise, it is just for small businesses.  This, of course, flies in the face of logic and the Beta site itself which clearly has two links; one for SEP 12 and one for SEP 12 Small Business.  I'm not hoping for much but if someone from Symantec could possibly take 30 seconds to actually LISTEN to an existing customer who would actually like to actively participate the in the SEP 12 Beta program we would greatly appreciate it.

+1
Login to vote
hadi1364's picture

I have installed the new version sep12 and I am woundering that how to deploy to all client automaticlly

-1
Login to vote