Hello,
In SEP 12.1 client, we have Browser Intrusion Prevention System (Browser IPS), which is a new advanced protection feature . This technology works in conjunction with, but is separate from the Client Intrusion Detection System (CIDS) used by the client firewall-based IPS engine in SEP.
Browser IPS intercepts VBScript, JavaScript and ActiveX calls running in the browser as they are executed, inspecting the parameters of these calls for exploits to vulnerabilities. This allows the Browser IPS engine to detect exploit code which would otherwise have been hidden or obfuscated from other detection methods -including the CIDS engine.
Reference: http://www.symantec.com/docs/TECH172174
The Intrusion Prevention policy includes browser intrusion prevention, which uses IPS signatures to detect the attacks that are directed at browser vulnerabilities.
See Enabling or disabling network intrusion prevention or browser intrusion prevention.
Also, check How Symantec Endpoint Protection protection features work together
http://www.symantec.com/docs/HOWTO55268
"Norton Safe Web Lite" - http://safeweb.norton.com/lite
There is no Enterprise Tool, however Norton Safe Web Lite is a tool which could be Installed on all client machines.
Norton Safe Web Lite is our FREE Web site rating service. It's designed to let you surf the Web, use search engines, and shop online in safety.
There is an Idea already in place to implement this - Let's Promote this -
https://www-secure.symantec.com/connect/idea/add-safe-web-lite-sep
https://www-secure.symantec.com/connect/idea/malicious-website-blocking-sep
https://www-secure.symantec.com/connect/ideas/alert-or-notification-or-logs-websites-visited
Hope that would assist you!!