Endpoint Protection

 

I am wondering if SEP 12 will have a new client for Unix/Linux?  Or are we still stuck with the SAV 10 client?

Thanks.

You will have the same SAV Linux 10.x reporting capabilities like in SEP 11, but no new client will be offered for Linux/Unix at this time.

 

http://www-uat.ges.symantec.com/business/theme.jsp?themeid=sep12-beta#

I did not know I could manage(report) a SAV 10 Linux client with SEP11 Console.  How so?

To set up logging and reports for SAV clients see screen below.

 

You can report logs back to the SEPM, but the client will still be unmanaged. (ie. You will still not be able to manage it from the SEPM. You will be able to see the client in logs and reports in the SEPM)

I wanted to point you in this direction:

Symantec AntiVirus for Linux (SAVFL) Reporter 1.0.10 Release Notes
http://www.symantec.com/docs/DOC3474

SAVFL Reporter will work with RU6 MP2 PP1 (11.0.6205.762) or greater SEPM (or RU5 or earlier too, but I wouldn't recommend downgrading just for this functionality ).

Hope this helps...

sandra

Okay. Why is that the case? More and more are corporate and government requiring the use of A/V for their Unix\Linux platforms. It seems to me that Symantec has an opportunity to have a fully integrated product. What are Symantec's plan for the Unix\Linux client and why not migrate the code over from the OSX client to use for the Unix\Linux clients?

I believe that is the plan, to have full integration for those platforms with SEP -- I don't know what the timeline is for that though.

The SEP for Mac client was ported over from SAV for Mac. I am no programmer, but I don't think the OSX and Linux builds have much in common aside from Java LiveUpdate.

sandra

Hi Carver,

 

I can confirm that a SEP for Linux client is currently on the roadmap.  If you wish to express support for such a client, please do vote for the following "Ideas" (proposed Enhancement Requests).

https://www-secure.symantec.com/connect/idea/linux-unmanaged-client

https://www-secure.symantec.com/connect/idea/sep-features-and-console-linux-or-mac-os

 

There are many more Ideas that have been proposed by members of the Connect forum.  Please do cast your votes for any features that you would like to see in a future release of SEP.

 

Thanks and best regards,

 

Mick

What kind of roadmap are you referring about? 1-year roadmap, 3-year roadmap, 5-year roadmap or the roadmap to aporwarevay?  We have a lot of linux servers in our environment and it would be grand if Symantec had a fully managed linux support for them. However we might be forced to look for a different managed AV solution for the linux side of the house. Since we're discussing roadmaps, when is Symantec going to offer a true VDI antivirus solution for VMware? Again we're forced to look to other vendors for a viable solution.

Symantec gave us a roadmap during the Vision 2011 conference yesterday for short term, 12-24 months, and then beyond. All the question you asked were covered in the roadmap presentation. You may want to speak with your Symantec SE to see if they can send you the slides or discuss them with you. Of course the roadmap came with a disclaimer that everything discussed is subject to change and you should not purchase the Symantec product based on roadmaps but instead you should purchase based on what's available today.

Hi glentc,

Put simply, its a matter of priorities and where our customer base tells us we should focus - most customers we asked in the last couple of years said "Mac is more important to us" so we spent time and focused on bringing the Mac client into the SEPM.  I suspect thats because for most customers, the Macs are in use by the big guys in the company, CIO, CTO, etc. and they want protection. 

That said, we do see Linux as a priority and are working on our strategy at the moment to deliver full management of SEP for Linux in the future.  As to when, nothing is set in stone at this point but it is abolutely in the works.  To aid some of our customers short term problems of simply knowing whats happening with their Linux clients, we have released the reporting agent which you can see details of above.  That allows a SAV for Linux client to send its logs and information to a SEPM and lets you report on the clients in the same way as your Mac and Windows devices.

On the VDI front, I'd be interested to hear your requirements here and what you would class as a viable solution - is there a specific feature of "VDI antivirus for VMware" that you are looking for?  While other vendors have indeed released solutions, these use the premise of reducing security to increase performance.  vShield from VMware is an awesome technology, but for us because we want to do so much more with it than just offload file scanning, its just not quite ready yet.  We are working closely with VMware to develop the future of this technology, which would allow us to offload the majority of our protection stack. 

Until that point comes however, we have made huge improvements with SEP 12.1 on virtual environments.  Through using a combination of resource levelling, Virtual Image Exception and the Shared Insight Cache, we are seeing massive reductions in disk I/O and CPU usage on the virtual systems and the platforms they run.  In some cases, we are seeing better performance with us than with a true "VDI Solution" - thats not from our testing, thats from some of our early BETA customers trying this stuff out in their own VDI environments.  One customer in particular has seen an 80% reduction in disk I/O compared to SEP11 on the same platform (and better performance than a true VDI solution) - thats huge, and we aren't reducing security to do it!  I urge you to take a look at this blog post here: https://www-secure.symantec.com/connect/blogs/configuring-sep-121-virtual-environments and try SEP12 out on your VDI infrastructure - I think you will be very surprised!

Please feel free to get in touch directly if you want to talk through any of this further, thanks!