Symantec Endpoint Protection 11.0

bubblesradiographerΔιακομιστές

4 Δεκ 2013 (πριν από 3 χρόνια και 6 μήνες)

96 εμφανίσεις

Symantec Endpoint Protection 11.0

Update and Review

Endpoint Security Group


September 2008

2

Agenda

New features and improvements in SEP MR2/MR3

1

2

Upsell/Cross
-
sell Opportunities

3

Selling Tips and Resources

4

NEW! Third Party SEP Research Results

Q&A

5

3

Symantec Endpoint Protection MR2


Applications


Windows 2008 support (client)



Windows Vista SP1 support (client)


MSFT NAP Framework


Enhanced Device Control Support


Performance


Fixed port leaks


Optimized/fixed disk space utilization (LiveUpdate, database, AV Logs)


Reduced CPU utilization


Client communication speed improvement


Functionality/Usability


Stability


Reduced the amount of crashes and errors that appear



on the screen


Communication and Connectivity


Improved communication between SEPM and SEP client


Resolved inconsistent scanning of files on SEP
client

• Improvements to SEPM console home page
include all charts displayed properly, all agents and
agent status appear correctly

• Fixed site and agent replication issues

• Fixed ClientRemote Utility

• Optimized creation of group folders so that they
can be created in a timely manner

• Optimized performance of Active Directory
synchronization to avoid database deadlocks

• Minimized boot time on SEP client by optimizing
Symantec processes during startup

• Device control enhancements that permit more
specific granularity of choices i.e. Vendor Device ID

4

SEP 11.0 Maintenance Release 3
(MR3) enhancements

5

Symantec Endpoint Protection MR3


Improved Client Performance


Significant Boot Time improvement



Reduced Virtual Memory


Reduced Application Load time


Improved Management Server Performance


Reduction in resources with new delta creation process


Smaller incremental virus definitions



Improved Reporting Management


Additional information added and easier to read


IIS Custom website now utilized


More secure



Avoid Conflicts


Virtualization Support


Randomize Client connections to SEPM for obtaining
Content Updates


Scalability Controls


Group Update Provider modifications


Other


SNAC trialware now included!




0
5
10
15
20
25
30
35
40
45
1
9
17
25
33
41
49
57
65
73
81
89
97
105
Time(s)



Boot Time


Significant boot time
impact improvement


Utilize persistent cache of
known good files between
reboots


Delayed loading of definitions
reduces memory usage by
60MB when not on
-
demand
scanning


Reduced On Disk Footprint:
284MB


Less disk I/O


Reduced thread count


Comparisons based on Symantec internal tests on a test system of 1.0 Ghz CPU and 256MB RAM.

Competitive Boot Time (seconds)



McAfee VirusScan Enterprise 8.5i



McAfee AntiSpyware Enterprise 8.5



McAfee HIPS 7.0



McAfee SiteAdvisor 1.5

Comparisons based on Symantec internal tests using competitive trialware for the products referenced above .

Application Load Time (seconds)



McAfee VirusScan Enterprise 8.5i



McAfee AntiSpyware Enterprise 8.5



McAfee HIPS 7.0



McAfee SiteAdvisor 1.5

Comparisons based on Symantec internal tests using competitive trialware for the products referenced above on a test system o
f 1
.0 Ghz CPU and 256MB RAM.

Website Load Time (seconds)



McAfee VirusScan Enterprise 8.5i



McAfee AntiSpyware Enterprise 8.5



McAfee HIPS 7.0



McAfee SiteAdvisor 1.5

Comparisons based on Symantec internal tests using competitive trialware for the products referenced above on a test system o
f 1
.0 Ghz CPU and 256MB RAM.


Utilizes a new delta creation process called X
-
Delta.


Typically delta creation takes seconds instead of minutes (as was
the case with MR2 and previous).


Managed clients must be running MR3 also for this X
-
Delta
process to work.


Previous process (mdef25builder )is still present and utilized for all
preMR3 managed clients.


Improved Management Server
Performance

Symantec Endpoint Protection 11.0


MR3 and Beyond…

10

0
5
10
15
20
25
30
35
40
45
1
9
17
25
33
41
49
57
65
73
81
89
97
105
Time(s)



Significant reduction in
resource usage
during delta content creation

Example shows a one month delta being created (in seconds)

11

SEPM Performance MR3 vs. MR2

Symantec Endpoint Protection 11.0


MR3 and Beyond…

Significant
speed

improvement…

Smaller
delta sizes

in
certain cases…

SEPM Performance MR3 (X
-
Delta) vs
MR2

Symantec Endpoint Protection 11.0


MR3 and Beyond…

12

Time in seconds


Content download more
virtualization friendly.


Configurable option to randomize
when client will pull content from
SEPM after it is available on the
server.


Ensures less chance of heavy
disk I/O due to the SEP client on
different VMs loading new content
at the same time.


13

Content Download Randomization

Symantec Endpoint Protection 11.0


MR3 and Beyond…


Control # days content is stored


Control amount of disk space used
on client


Configure client to never bypass
GUP


Configure the hours and days clients will
wait for GUP until the download directly
from SEPM


Configure client to never bypass so that
traffic is minimized


Increased Scalability of client to
GUP ratio


Now officially supports up to 1000 clients


Configurable thread pool used to serve
clients (10
-
1000)


14

GUP Enhancements

Symantec Endpoint Protection 11.0


MR3 and Beyond…

15


Allows admin to have control over
specific policies


AntiVirus and
AntiSpyware


Firewall


Intrusion Prevention


Application and Device Control


Centralized Exceptions


Host Integrity


Policies not selected, will not appear
in UI


All policies enabled by default


Policies filtered in Clients and Policy
Library

Granular Roles Administration

Symantec Endpoint Protection 11.0


MR3 and Beyond…


More secure because we only enable
the options we need.



Previous website (IIS default)
enabled many options, was more
prone to vulnerability and attack.


Custom helps avoid conflicts with
other apps or specific configuration
which are used with the default
website.

16

IIS custom website now utilised by
default

Symantec Endpoint Protection 11.0


MR3 and Beyond…

17

Symantec Endpoint Protection MR3


LiveUpdate in SEPM


Automatic download of new releases to the SEPM console via
LiveUpdate



Virtualization Support


Randomize Client connections to SEPM for obtaining Content
Updates



Scalability Controls


Group Update Provide modifications



Other


SNAC SE trialware now available


And more!!!



18

MR3 Beta Customer

“ Great news… I have created a Pilot group on the management
server … We have heard great feedback at this point. Pre MR3
reports of 30 minutes from startup to usability to presently not
even noticing it is running at startup are good signs..
Additionally, sluggishness during full scans has dropped
dramatically… I would like to pilot a larger group on the MR3 but
for now, I am getting very positive feedback…”


US Financial Services company specializing in tax services

19

The Tolly Group:


Impact on Office Productivity

Productivity Impact


Highlight Symantec’s strengths vs. McAfee


Less impact on typical office usage


Faster open and save time for Word and PowerPoint


The Test


Symantec Endpoint Protection11.0 vs. McAfee Total Protection for
Endpoint bundle


Measure time to open and save 5MB Microsoft Word file


Measure time to open and save 20MB Microsoft PowerPoint file


The Result


Better Open and Save times when compared to McAfee

20

Productivity Impact

Time (seconds)

Microsoft Office 2007/Vista File “Open” Times

(Increase Over Unprotected System)


Source: The Tolly Group


Symantec Endpoint Protection vs. McAfee Total Protection for Endpoint Page 1 (08/2008)

Productivity Impact

Time (seconds)

Microsoft Office 2007/Vista File “Save/Close” Times

(Increase Over Unprotected System)


Source: The Tolly Group


Symantec Endpoint Protection vs. McAfee Total Protection for Endpoint Page 1 (08/2008)

23

Up selling Customers to SMP

Symantec™ Multi
-
tier Protection 11.0


Symantec Endpoint Protection 11.0



Symantec AntiVirus for Macintosh & Linux


Symantec Mail Security for Domino & MS Exchange


Symantec Mobile AntiVirus for Windows Mobile
(NEW!)


SMS 8300 Software Subscription (AV & AS)
(NEW!)


Premium Antispam
(NEW!)





Heterogeneous protection for larger organizations

24

ANSWERS

QUESTIONS