Symantec Endpoint Protection 11 review

[Jota.Ce]

I tried SEP v11.0.5002.333 (latest version i found here, ZWT release) in another partition, so i don't use it for primary needs.

It works without any further licensing/fixing which is very nice (i thought these things would require more action from me). Installer lets you decide which modules you want (don't remember exactly, but Internet Protection, Network protection, Application Control...).

Time to boot is increased (in welcome screen) compared with ESS, that's noticeable. Even SEP seems to not respond in some moments (clicking some buttons some times). But Windows is overall happy with it, i've don't see a big slowdown in Windows Explorer.

You have to configure at least 2 important things though:

- SEP will clean any risk by default -> In Real-time Filesystem protection, set SEP to "Log only" and enable risk notifications. This way, when a threat is detected, you'll receive a popup window and access will be blocked for that file. I wouldn't do this on Internet protection, only in Filesystem, cause i have some cracks/keygens,... and i don't want they to be deleted without even asking me.

- SEP will (strangely) allow all internet traffic by default -> Enable Application traffic only (and also "ask for permission for each application")

Without that 2 things, i'd uninstall SEP inmediately !!!

Bad thing in SEP is it will quarantine/delete detected risks in manual scan. I don't use that feature, but it would be nice to let people decide (or i haven't found it). Nice side of this is you can click a file and if it's bad an automatic warning popup will appear blocking that file. You can't delete that file, but you can do a manual scan and it will be deleted.

Main GUI is coloured (for kids xDDDDD) (and it seems to be even simpler than NIS), but inner dialogues and risk/traffic popups are old-fashioned (gray everywhere). I don't mind that, since i want protection and not drawing.

I don't know what more to say, i've used it for 1 hour approximately. I can't compare with NIS, until this one makes me hate it and try the other one.

[donizme]

I would try this but I highly doubt it uses the latest technology which is present in NIS 2010. The one your using version 11 was first released years ago, with only minor updates since then. There is no quorum feature also.

[Jota.Ce]

You're right, i wrote in another thread they themselves recognize that they don't offer newest techniques of detection in SEP, only in NIS.

But they have to offer their enterprise clients a solid solution for their needs, son SEP only includes the most stable things.

I also wrote that people says that Symantec AntiVirus Corporate (and this one cause it's a wider security software) have a higher detection rate than Norton products.

I'll try for a time in that secondary partition.