Endpoint Protection Small Business Edition

and will be replacing customers’ licenses with Symantec Endpoint Protection Small Business Edition as of May 4, 2015.

With Symantec Endpoint Protection Small Business Edition, customers will have the option to continue managing their endpoints on-premise or migrate to the cloud. Symantec Protection Suite Small Business Edition, which also contains Symantec Endpoint Protection Small Business Edition 12.1.X, will also be EOL. For customers with Mac endpoints, you will need to continue to protect your Mac endpoints with SEP SBE on-premise version. You can migrate any non-Mac endpoints to the cloud version.

http://www.symantec.com/page.jsp?id=sbe-migration

I really, and truly, hope that Symantec vastly improves the capabilities of the cloud portal and software before this migration begins in earnest.  Otherwise, there are going to be a large number of extremely unhappy partners...

In all curiosity, what are the biggest issues/pain points? We can certainly take it to PM but your input would be valuable. Many of your posts, although very honest and I appreciate that, have stopped me from looking at moving to cloud.

There is an incredible - for lack of a better word - disconnect between the agent on the desktop and the Partner Management Console.  I guess it comes down to vernacular, terminology, and technology.

The agent thinks that cookies are risks, and they are reported that way.  I, professionally, don't care about that.  They are a fact of Internet browsing and whatever risks they pose are truly insignificant compared to the dangers that are actually present.

I do care that malware gets through Symantec.cloud-protected computers and that is NOT reported.  The Norton Power Eraser, in the rare cases I have used it, has not provided much in the way of help.  My arsenal consists of Malwarebytes, HitmanPro, and adwcleaner.

(As an aside, this product is called Symantec and is labeled as a business product.  Whenever the Norton name appears, I cringe because it is from the consumer side of the house.  Yes, this company is big on disconnects.)

Another aspect of disconnected reporting occurred just this week:  an agent on one desktop had antispyware and email protection turned off.  The client's details - on the desktop - showed "At Risk."

However, in the Computers page for that site, the computer was "green" and there was no pending alert on the PMC.  If it wasn't for my RMM software that reported something amiss, I would never - repeat - never have known that there was a problem.

Of course, that leads to the inevitable tech support issue of why did this occur?  Tech support always claims that one or more web sites are inaccessible/unavailable (and it is my fault).  Yet, when tested, there are no communications errors and the sites reflect the appropriate responses.  And, rather than spend any time actually investigating WHY this occurred, their response is to reset the service.

To clear this particular error required the following steps:

1. Remove the service via the portal, reboot
2. Restore the service via the portal, reboot
3. Continued malfunction
4. Remove Symantec.cloud from the computer, reboot
5. Run two removal/cleanup tools on the computer, reboot after each one
6. Download a new software package on the computer from the portal
7. Run Definitions update to make sure everything is current
8. Scan to make certain nothing bad happened in the 5 days this was malfunctioning

Total process time for this abomination averages between 4 to 6 hours depending on the speed of the computer and Internet connection.

And I always wonder why, for a "cloud-based" product, the payload for this software is so huge, that it is staggering.

• C:\Program Files\Symantec.cloud = 828 MB
• C:\ProgramData\Symantec.cloud = 6.5 GB

Also on the down side, it does not protect Mac - and those machines are part of my RMM client base.  Yes, I can download a stand-alone version of the software to a Mac, but I get absolutely no display on my PMC about that client's status - they are invisible.

On the good side, it does put the kibosh on web-based interference, and I get an email anytime something like that occurs. I also get the emails from clients who mistakenly think that some trial software is OK to download when it is not.  But, once again, the software falls down on the job.  Because it can detect known signatures, it will quarantine the main package (usually the uninstaller); but it does nothing to prevent resulting malicious software from running.  I have been told - perhaps mistakenly - that because the user clicked "Run" there was tacit approval to install, so the agent will let the bad stuff run.

Rumor has it that a new version of the agent is expected that might have some improvements, but no timeframe (as is usual) was given.

By the same token, Symantec is planning to become two companies in the near future.  With all of that corporate nonsense going on I am actually afraid of how it will affect the product development teams and the technical support teams.

Is this the best product out there?  I am not certain.  Despite the time and effort invested in my Symantec Partnership, never mind the 100 endpoints this software is protecting, I am going to investigate another cloud-based solution during the summer.  If it does what I need it to do, I won't have any qualms about moving on.
 

Thanks. I appreciate the honesty and insight.

Thanks for your feedback & I can try to take it to concern teams.

& though SBE 12.1.X is EOL this does NOT mean the customer needs to immediately upgrade their product. Customers will be able to renew their on-premises license and continue to use their SBE SEPM’s until 2018.

I agree Company is splitting in two  (Security Company & Information Management Company) but there is no change in product development teams and the technical support teams. These steps are taken to focus more on each entity separately.

Chetan,

Agreed that 12.1.x users can continue for two more years before starting to plan a migration to the cloud.

The key question becomes:  How is the Symantec.cloud product going to evolve, improve, and otherwise become rock solid during those transition years?

I have seen nothing in the way of truly significant improvements in this product since I started using and deploying it in June 2012.  In fact, there was the September 2014 debacle of an agent that was released before its time that cause havoc on the resulting client computers - so much so that it had to be withdrawn.

There have been numerous requests for enhancements from partners, yet I have not seen any indication that the development teams have even acknowledged them.

I have deployed this product for over two and a half years, and I have been subjected to numerous reinstallations during that time for idosyncratic agent issues.  The sheer amount of time wasted is disheartening, if not disgusting.

I can honestly say that unless the designers and developers refresh how the agent works, how it communicates with the PMC, and how the PMC reports back to the partner, Symantec is setting itself up for a possible level of disatisfaction that could prove disasterous.
 

Hello All,

Also is there a way to unify purchases made through the year into one co-term agreement with the SBE 2013 product. We have been finding that SBE 2013 clients are ending up with several end dates through the year resulting in multiple subscription renewal times. This causes a lot of extra administration time for everyone including Symantec, Disti, Reseller, IT Manager and Accounting.

With the 12.x licensing model you could renew support at any time and it just applied time to the end wherever that particular license was in its cycle, or if you have a few certificates the CIS team could create a co-term renewal brigning them all into one certficate/date.

This does not seem available with the 2013 Subscription model. And new renewed subscriptions do not seem to tag onto the end of the old subscription, they just start whenever the order processes at Disti leading to wasted customer value (unless we let their old one expire before renewing). Last time I checked with CIS they said they had no way of unifying dates, so customers will be stuck with several small renewals instead of one per year. 

Also the customer having the ability to buy their own licenses direct from Symantec so easily from within their customer portal is a problem for resellers. 

Well I tried a trial version of SEP SBE 2013 to see what can I install.

I can confirm after the registration phase you have the choiche to use Cloud version and On-Premise version.

I chose first on-premise and you will go to the classic download of the SEP SBE 12.1.x (yestarday not updated to 12.1.6 but still 12.1.5 for win, mac or linux) and after you can also go to cloud site and install the Cloud version and install that agent version.

So as my point of view it not completely true the end of life on 4 may of Symantec Endpoint Protection Small Business Edition 12.1.X.

If it was ended why yestarday I can still install SEP SBE 12.1.x ?

And a more point of view; if you purchase now SYMC Endpoint Protection Small Business Edition 2013 (the suggested alterantive product) it seems that you will have 2 products and not just the new one:

1) the SEP SBE 12.1.6  (just released, so as it is possible that it is EOL ?)

2) the Cloud version

At the end it seems to be underevualated the differences between the 2 products: thay are not the same and they manage different OS !

The facts that I have gathered:

You can continue using SEP SBE 12.1.5 on prem for as long as it's still supported (re definitions)....however there will be no SEP SBE 12.1.6 released (to support Windows 10). SEP Enterprise 12.1.6 has been released and it does support Windows 10....

For those transitioning to the Symantec.Cloud - Endpoint protection SBE license, it will eventually see an update to support Windows 10...just not yet.

I have 60 seats of Symantec Protection Suite SBE (which is EOL also due to the SEP SBE 12.1 EOL).

The 3 products licensed within this suite are now separated:

1. Mail Security for MS Exchange 7.5 - will continue
2. SEP SBE 12.1.5 - EOL, licences can be transferred to the cloud client or you can continue on 12.1.5 (if you don't want to upgrade to Windows 10).
3. Symantec System Recovery 2013 R2 - will transition to become a Veritas product.

Finally, my renewal for the SBE Suite was a mere $22.34/license (covering all 3 products).

I think I can expect a significant increase after this Symantec change in direction...not happy...

So, when is this SSR R2 transition?????  How will it affect my current situation and the computers that I currently monitor???  Does anyone have any info on this?? please help!!

Best off posting here:

https://www-secure.symantec.com/connect/backup-and-recovery/forums/symantec-system-recovery-formerly-backup-exec-system-recovery

Hi,

  I don't seem to be able to find an answer to my questions - I hope this is the correct thread

to ask it - if it is not please direct me.

  All of the computers in the following are 'stand-alone' (no SEP server because they

are remote computers that are not directly connected to the network running SEP

server and getting them here to do the upgrade is unrealistic because that would

involve my doing both the Win 10 and the SEP upgrades while the user is without

his computer ... for almost a day based upon my personal experience with the

Win 10 upgrade process).

  1) There is a Win 7, 32-bit computer running SEP 12.1.4 that is going to use the upgrade

      process to bring it up to Win 10.  What is the upgrade path to use - as in "where in the

      Win 10 process does it get upgraded from 32-bit SEP to 12.1.6 64-bit?"

  2) There are computers running Win 10 (non-upgrade - installed new).  How we get those

      to use SEP 12.1.6?

  3) There is a Win 7, 64-bit computer running SEP 12.1.4 - what is the upgrade path to

      Win 10 that includes the upgrade to 12.1.6?  Upgrade SEP first and then upgrade

      the OS to Win 10?

                                                                        Thanks for your help/answers ... Jim

Hi Jim,

Q. ) There is a Win 7, 32-bit computer running SEP 12.1.4 that is going to use the upgrade

      process to bring it up to Win 10.  What is the upgrade path to use - as in "where in the

      Win 10 process does it get upgraded from 32-bit SEP to 12.1.6 64-bit?"

-->  I think you can't directly upgrade Win 7, 32 bit computer to Windows 10 64 bit. Need to upgrade Windos 10 32 bit first. However check more with Microsoft.

Q.   2) There are computers running Win 10 (non-upgrade - installed new).  How we get those

      to use SEP 12.1.6?

-->  Simply install SEP 12.1 RU6 package on fresh machines to keep them protected. SEP offers 32 bit & 64 bit packages separately.

Q.  3) There is a Win 7, 64-bit computer running SEP 12.1.4 - what is the upgrade path to

      Win 10 that includes the upgrade to 12.1.6?  Upgrade SEP first and then upgrade

      the OS to Win 10?

-->  First upgrade SEP clients to the latest version 12.1 RU6 MP1a which is compatible with Windows 10 but you must first update Virus and Spyware Protection definitions to July 27, 2015, or later. Definitions as of this date include an update to the Eraser engine (115.1.1.10) that is required for Windows 10 compatibility.

You must uninstall earlier versions of Symantec Endpoint Protection. The operating system upgrade stops if it detects an earlier version of Symantec Endpoint Protection.

The following operating system upgrade paths are supported with 12.1.6 MP1 or 12.1.6 MP1a installed:

• Windows 8.1 to Windows 10
• Windows 8 to Windows 10
• Windows 7 to Windows 10

Reference: http://www.symantec.com/docs/INFO2746