Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog

Setting the record straight

Created: 12 Nov 2007 • Updated: 15 Apr 2009 • 4 comments
BFoster's picture
0 0 Votes
Login to vote
 

Let me start by saying, like many folks, I’m a competitive person.  No matter what I do in my professional, social or personal life, I’m driven to succeed.  I understand that people will go to extreme measures to try and stay competitive.  That brings us to the reason for this post, desperate actions by a competitor that obviously has something to worry about.

As some of you know, I oversee product management for Symantec’s endpoint security business unit.  We recently launched a new endpoint security product called Symantec Endpoint Protection 11.0.  Symantec Endpoint Protection is the culmination of a year and half long development project here at Symantec in which we tightly integrated multiple security technologies, some of which have been developed in house and some acquired through various acquisitions over the years. 

We really feel we have a game changing solution here that will allow customers to streamline their endpoint security efforts and provide a higher level of protection.  Apparently, so does one of our competitors.  I call this out because I think you will find the feeble attempt listed below by Trend Micro to influence Symantec customers quite comical, I know I did when I read their email.  Please see below…

 

Just to be clear, Symantec does not recommend or require a “rip and replace” of supported Symantec endpoint security solutions during an upgrade to Symantec Endpoint Protection.  Symantec Endpoint Protection will migrate over existing Symantec AntiVirus version 9.x and 10.x and Symantec Client Security 2.0 and 3.x installations without requiring them to be uninstalled beforehand.  In addition, all supported versions of Symantec AntiVirus and Symantec Client Security with a valid maintenance contract may be upgraded to Symantec Endpoint Protection at no additional charge.

 

The new solution is very flexible and customizable, allowing customers to install and enable only the functionality they desire.  Elements of Symantec Endpoint Protection such as antivirus, antispyware, TruScanTM (our proactive threat scan technology which stops zero-day attacks without a signature), and the ability to manage and receive content updates, are enabled without requiring a reboot.  The firewall, IPS, Application Control, and Device Control functionality will not be enabled until after a reboot.

 

It is not possible to enable this additional security functionality without a reboot.  It is very easy for a competitor to criticize this point when they don’t offer their customers the additional protection technologies.  We also offer IT administrators the ability to control whether or not the user is prompted for a reboot when necessary.  In fact, the screen capture Trend chose to include was from the beta release of our product – here is the production version:

 

I would like to encourage Symantec customers to ignore the marketing FUD being distributed by competitors and try the new solution.  For those of you who have tried the new offering, we’d love to hear your thoughts.  Below is a link to a recent comparative review of endpoint security products, conducted by Information Security Magazine, in which we competed with a Beta version of Symantec Endpoint Protection. 


Until next time…    

 

 

Comments 4 CommentsJump to latest comment

NGLCIO's picture

You should be more worried about how far behind the ball on x64 support you behind Trend. We have submitted 3 support incidents just to get updates to work with 10.x with no mixed sucess. It is hard to focus on the value that end point security when we can't get udates!

0
Login to vote
BFoster's picture

SEP 11.0 fully supports x64. It can be managed and updated using the new Symantec Endpoint Protection Manager. However, as your email points to, the 10.x product line on x64 chips runs in what I call "unmanaged" mode. However, this does not mean that these servers cannot be kept up to date. You need to have the x64 machines point their LiveUpdate to Symantec (or local) LiveUpdate servers.

If I could be of assistance, please do not hesitate to contact me at bfoster@symantec.com.

0
Login to vote
Vetman's picture

First of all I would like to commend you on your efforts to update the full security suite of products in one package. From what I’ve seen the package is not suited or ready for mass markets. The main issues that I see are the manger is best suited for separate server because it does not play well with other web apps. This does not go well for small shops with few servers. Secondly the issue of a real fix for unmanaged wireless clients and other “why wasn’t these issues address before it shipped” are too numerous for mass deployment. If I could make a suggestion, double your efforts to fix the most glaring problems and get an 11.5 version out, so that a reseller like me can make some money on it.

0
Login to vote
BFoster's picture

Thanks for the comment Vetman. Our out of the box policies for the unmanaged client did block wireless access. That policy needs to be disabled. We are shipping MR1 in mid-December and we will be fixing that issue in that release.

0
Login to vote