Symantec Endpoint Protection - Hardening
Symantec Endpoint Protection Hardening (SEP Hardening) protects a set of supported trusted applications and browsers with specific policies. You can also review the list of policies that appear in the cloud portal when you license or use a trial version of SEP Hardening.
Use Memory Exploit Mitigation policies to protect other applications that do not have an out-of-the-box isolation policy.
In addition to protecting applications, Hardening policies can also isolate suspicious applications to prevent them from harming your environment.
Symantec Endpoint Encryption
Symantec Endpoint Encryption combines strong full-disk and removable media encryption with centralized management to protect sensitive information and ensure regulatory compliance, including devices encrypted with BitLocker, FileVault 2 or OPAL compliant self-encrypting drives.
Symantec provides maximum protection by encrypting each drive, sector-by-sector, ensuring that all files are encrypted. In addition to protecting laptops, desktops and Windows tablets, Endpoint Encryption supports various types of removable media including USB drives, external hard drives, and CD/DVD/Blu-ray media. With Symantec, removable media users can access their data on any Windows or Mac system, even if encryption isn’t installed on the machine.
Symantec Data Loss Prevention
With Symantec Data Loss Prevention, you can discover, monitor and protect sensitive data wherever it’s used – in the office, on the road, or in the cloud. It gives you complete visibility and control across the broadest range of data loss channels: cloud apps, endpoints, data repositories, and email and web communications.
Identifies any type of sensitive data with the most comprehensive data detection technologies ranging from fingerprinting to machine learning.
Easily manage data loss policies and incidents across every channel – all from one powerful management console.Offers flexible deployment options for any type of environment: on-premises, private cloud, hybrid cloud or public cloud.
Symantec Endpoint Protection 15 (Cloud Delivered)*
Symantec Endpoint Protection 15 defines cloud-delivered endpoint security with multilayered defense, simplified single agent/single console management with AI-guided policy updates, and the broadest set of integrations available.
Symantec Endpoint Protection 14 (On-Premises | Hybrid)
Symantec Endpoint Protection 14 offers security against all known attack vectors with unrivaled efficacy, cyber defense at scale delivered by one single agent, and high-performance client/on-premises management architecture.
Symantec Endpoint Protection Cloud (for Business)
Symantec Endpoint Protection Cloud delivers uncompromised protection via security-as-a-service for businesses with limited IT security resources. It combines multi-layered threat protection and device management with intuitive cloud-based management.
Symantec Data Center Security: Server
Symantec Data Center Security: Server delivers agentless anti-malware, agentless network IPS, in-guest file quarantine, file reputation services for VMware hosts and virtual guests. It integrates with VMware vCenter, VMware NSX, Palo Alto Networks Next Generation Firewall and Rapid 7 Nexpose to automate and orchestrate application-level security throughout the lifecycle of an the workload. Symantec™ Data Center Security: Monitoring Edition delivers security detection and monitoring capabilities for both physical and virtual server infrastructures.
Symantec Data Center Security: Monitoring Edition
Symantec Data Center Security: Monitoring Edition combines agent-less malicious code protection along with intrusion detection, file integrity and configuration monitoring. With Symantec™ Data Center Security: Monitoring Edition, customers are also able to monitor OpenStack based data centers including configuration changes, access monitoring, and Keystone data.
Symantec Data Center Security: Server Advanced
Symantec Data Center Security: Server Advanced protects both physical and virtual servers in on-prem, hybrid, and cloud-based data centers by delivering (1) application and protected whitelisting, (2) fine-grained intrusion detection and prevention, (3) file, system and admin lockdown, (4) and file integrity and configuration monitoring. Data Center Security: Server Advanced helps minimize time and effort and reduce operational costs by using out of the box monitoring and hardening for most common data center applications. Protect your OpenStack based data centers using file integrity monitoring of all OpenStack modules and with full hardening of the Keystone identity service module.
Symantec Critical System Protection
Symantec Critical System Protection is a compact, behavioral security engine that provides comprehensive and in-depth security for your IoT devices. Based on the fixed-function and predictable nature of IoT devices, Critical System Protection can enact policies to define expected behavior of the system, allowing only nonmalicious and hygienic operations.
Critical System Protection can augment EOL/EOS and new operating systems without content, signature or any need for a cloud connection, while Symantec Critical System Protection provides a host firewall, device and configuration control, file integrity monitoring, intrusion detection, operating system hardening, application whitelisting, automatic sandboxing, and many more features.
Symantec Messaging Gateway
Symantec’s on-premises email security solution begins with Messaging Gateway which provides essential inbound and outbound messaging security including, powerful protection against the latest messaging threats including ransomware, spear phishing, and business email compromise, It catches more than 99 percent of spam with a less than 1 in 1 million false positives, and effectively responds to new messaging threats with real-time automatic antispam and antimalware updates.
Symantec Email Security.Cloud
Symantec Email Security.cloud is a complete email security solution that safeguards cloud email such as Office 365 and G Suite and on-premises email such as Microsoft Exchange. It blocks new and sophisticated email threats such as ransomware, spear phishing, and business email compromise with a multilayered defense and insights from the world’s largest civilian global intelligence network. And it does all this with the industry’s highest effectiveness and accuracy.
Email Security.cloud repels spear phishing attacks with comprehensive defense that includes protection, isolation, visibility, sender authentication and user awareness. It also accelerates your attack response with analytics that provide deep visibility into targeted attack campaigns.
Symantec Endpoint Protection - Mobile
Symantec Endpoint Protection Mobile responds in real time to many identified threats taking deliberate actions and leveraging machine learning to protect devices and the resources they connect to.
Here are just a few of the many active protections that keep mobile devices, and all of the sensitive information they may have access to, safe:
- Protect sensitive corporate resources
- Help block installation of malicious apps
- End detected malicious processes
- Help prevent access to corporate Wi-Fi from compromised devices
- Help block communication to known malicious command and control servers
Symantec Control Compliance Suite
Symantec Control Compliance Suite features asset discovery, which rapidly discovers and inventories all networks and assets, including managed and unmanaged devices, and allows for network leak detection. Control Compliance Suite Vulnerability Manager will proactively identify security exposures, analyze business impact, and plan and conduct remediation across network, web, mobile, cloud, virtual, and IoT infrastructure.
- Discover network, web, mobile, cloud, virtual, and IoT infrastructure
- Out-of-the-box support for over 100 regulations, mandates, and best practice frameworks (including GDPR, HIPAA, NIST, PCI and SWIFT)
- Profile asset configuration and risk potential
- Pinpoint vulnerabilities, malware and attacks
- Trigger remediation through integration with 3rd party systems
- Report on vulnerabilities, compliance, benchmarks, etc.
- Assess ONCE and then report against MANY regulations
- Support for both technical and procedural controls
- Audit ready reports and dashboards
Managed Endpoint Detection and Response
Address threats that often go unnoticed and recover valuable time and resources that your team would have spent investigating incident alerts. Your Managed Security Services team, armed with Symantec Endpoint Detection and Response (EDR) will proactively perform:
- Managed Threat Hunting – Automated hunting for threats based on emerging IoCs and TTPs using the MITRE ATT&CK framework and DeepSight MATI Intelligence
- Remote Investigation – Rapid response to assess and validate suspicious threat activity across your on-premises and cloud endpoint environments
- Pre-authorized Containment* – Fast containment of compromised endpoints to reduce the efficacy of an attack
Managed Cloud Defense: Security Monitoring Expertise
Managed Cloud Defense provides security and monitoring services for SaaS and IaaS apps and infrastructures from the largest cyber security company in the world.
Any time your data accesses the cloud—public, private, or hybrid—you face a myriad of security challenges: Losing visibility across multiple clouds; detecting increasingly malicious threats; and analyzing, prioritizing and addressing alerts -- all of which are complicated by a lack of staff that is trained in cloud security.
Managed Cloud Defense delivers:
- Security monitoring services that never sleep for always-on response
- Threat correlation across multiple clouds
- Cloud-native integrations with AWS and Azure, and Symantec CASB and CWP
- Remote incident investigation, containment, and threat hunting
- Actionable insights and real-time guidance from cyber warriors trained in securing the cloud
Symantec Endpoint Detection and Response
Symantec EDR exposes advanced attacks with precision machine learning and global threat intelligence minimizing false positives and helps ensure high levels of productivity for security teams. Symantec EDR capabilities allow incident responders to quickly search, identify and contain all impacted endpoints while investigating threats using a choice of on-premises and cloud-based sandboxing.
Also, Symantec EDR enhances investigator productivity with automated investigation playbooks and user behavior analytics that brings the skills and best practices of the most experienced security analysts to any organization, resulting in significantly lower costs. In addition, continuous and on-demand recording of system activity supports full endpoint visibility. Symantec EDR utilizes advanced attack detections at the endpoint and cloud-based analytics to detect targeted attacks such as breach detection, command and control beaconing, lateral movement and suspicious power shell executions.
Symantec™ Cyber Security Services: DeepSight™ Intelligence
Symantec™ Cyber Security Services: DeepSight™ Intelligence is a cloud-hosted cyber threat intelligence platform that provides that edge. DeepSight provides you access to technical and adversary intelligence collected by Symantec through its end-points and other security products and aggregated through its big data warehouse. The data is enriched, verified and analyzed to provide attribution and to connect seemingly disparate indicators into campaigns with known actors and motivations behind them.
Powered by two newly released cyber threat intelligence services, Managed Adversary and Threat Intelligence (MATI) and Directed Threat Research, DeepSight enables organizations to shift from always being one step behind the attackers to being informed, prepared and to having the right measures in place to mitigate risks.
Secure Web Gateway
The Symantec Secure Web Gateway either as a Physical or Virtual Appliance provides on-demand cloud intelligence and real-time web content ratings to ensure your enterprise is protected from the latest threats. Symantec’s cloud-based Global Intelligence Network feeds valuable, up-to-date information on the latest risks to the analytics engines to accelerate responses to web-based threats Symantec typically blocks over four million previously unseen or uncategorized threats per day
The Symantec Secure Web Gateway has an SSL Proxy that allows for visibility into SSL traffic, so the Symantec Secure Web Gateway can securely send attachments and content for inspection services. Encrypted Tap, a licensable feature, builds on the SSL Proxy capabilities to send a stream of decrypted content to third-party systems for additional analysis, archiving, and forensics.
Symantec Secure Web Gateway works seamlessly with best-of-breed technologies, including anti-malware, anti-virus (AV), blacklist and whitelist engines from a variety of vendors, as well as the static code analysis, sandbox, and sandbox brokering found in Symantec Content Analysis. The Symantec Secure Web Gateway can securely enable data loss prevention with certified DLP partners, via S-ICAP or standard ICAP
Symantec Web Security Service
Symantec Web Security Service provides the same proactive web protection capabilities delivered by the market’s leading on-premises Secure Web Gateway, the Symantec Secure Web Gateway, but delivered as a resilient and performant cloud security service. Sitting between your employees, wherever they are located, and the internet, the service protects your enterprise from cyber threats, controls and protects corporate use of cloud applications and the web, prevents data leaks, and ensures compliance with all of your company’s information and web/cloud access policies. Whether they are in the cloud or on- premises, enterprises can ensure consistent protection is in place.