Hi Friends,

In this blog i have added some Articles which can help to guide about firewall policy.

Symantec Endpoint Protection Manager - Firewall - Policies explained

How a firewall works

Symantec keeps tab on the changing Threat Landscape and incorporates relevant security on its products.Same is the story with SAV to SEP to now SEP 12..

When we had SAV in the market what our customer needed was just a Antivirus to protect their system from downtime..here antivirus was looked more as a Availability facilitator than a core security product..till early 2000.

Even though we had SCS (firewall and IPS) seclected people used the other features.

Starting from 2006-2007 that was a high rise in malware being created and vulnerabilities being exploited..slowly the trend changed and it all came down to money making malwares..

FakeAntivirus, Downadup, Various Blackmailing Trojans etc..here the audience was not high profile..and SEP 11 very well detect and blocks and does whatever it can..Slowly people started using IPS, ADC and found much more can be done with SEP and they are doing it..

However in last few years there has been...

Today i had a strange problem regarding a HP Software installation. The client had Symantec Endpoint Protection 12.1 installed.

The windows event log had the following entry:

SYMANTEC TAMPER PROTECTION ALERT 
Target: C:Program FilesSymantecSymantec Endpoint Protection12.1.671.4971.105BinccSvcHst.exe 
Event Info: Open Process 
ActionTaken: Blocked 
Actor Process: C:HP_LJM2727_FULL_SOLUTION_AM_EMEA1SETUPHPZSHL01.EXE (PID 4192) 
Time: Sonntag, 11. März 2012 16:47:26 

So the Tamper protection blocked the installation of the HP software.

To fix this you can adapt the 'Exeception Policy' and add an entry for the installation folder of the HP Software. Another way would be to disable tamper protection till the installation is done (remember to update the policy or wait for the policy to be updated)

Microsoft gets it. Today, it makes no sense to release an operating system, especially a game-changer like Windows 8, without some form of basic antivirus protection. That’s why Windows 8 comes preloaded with a default form of protection, Windows Defender, that automatically kicks in when the system does not boot up with installed third-party protection.

If you get Defender for free with Windows 8, is there any point to getting any further protection? Yes -- at least 83 to begin with…

The numbers tell a compelling performance story

In side-by-side tests conducted by PassMark, an independent laboratory, Windows 8 with Symantec Endpoint Protection 12 consistently outperformed Windows 8 without it (with Defender as its default). Consider the highlights:

• 83% faster scanning: End users spend more time working, less time managing interruptions.