Advanced Threat Protection

Hi there

I was wondering if someone could explain to me wether or not i need both ATP and SEP. We have both, ATP 3.2 running on linux as well as SEP 14.1.

What is the point of having both as they both seem to be doing the same thing essentially?

There are multiple linnks in here explaining the integration between the two:

https://www.symantec.com/docs/HOWTO125193

h Brian

i did look into this, yet is seems that you dont need to have both as they do the same job. Yes ATP does give you more information but it seems that is it really? 

Or am i wrong?

 You can do the same with SEPM but it requires a lot of efforts and trained resource.

Hi, Name it or self describe it is as "advanced threat protection" . With the help of this product you can protect your environment proactively. I will let you know how with the help of an example which as follows, In ATP console on the dash board you can see "Active managed client" this will give you top targeted machines within last 4 days and by clicking on the same you will navigate to list of system/machines which were compromised and also it will give you the actual malware which was detected,moreover you can directly right click and submit the suspicious file to Symantec sandbox for analysis and meanwhile to stop spreading it across the network you can also isolate that particular system from network and after the remediation process you can easily rejoin the system to network. If the the suspicious file is declared malware by Symantec, you can black list the same to avoid next time. Symantec have dedicated cloud sandbox which is named as "cynic" and correlation engine "synapse". "Synapse" will compare all the events across the three approaches (network , email and Sep) and give you the correlated result. This is only one example.