Sure but keep in mind that the SEP IPS is limited because it is software based. With a hardware based IPS, you will get much better performance.
With that being said, are you only needing to defend workstations/servers? Do you plan to write your own signatures or just use what Symantec has?
SEP is only a HIPS so it can only defend the endpoints.
I believe SEP has around 3800 signatures between the HIPS and Browser IPS.
A few helpful guides:
Best Practices for the Intrusion Prevention System component of Symantec Endpoint Protection on high-availability/high bandwidth servers.
Article:TECH162135 |
| |
Created: 2011-06-13 |
| |
Updated: 2013-07-10 |
| |
Article URL http://www.symantec.com/docs/TECH162135 |
Expected behavior of Browser Intrusion Prevention
Article:TECH172174 |
| |
Created: 2011-10-19 |
| |
Updated: 2013-08-19 |
| |
Article URL http://www.symantec.com/docs/TECH172174 |