1 / 35

Symantec Endpoint Protection 11.0 Maintenance Release 2: What’s new

Symantec Endpoint Protection 11.0 Maintenance Release 2: What’s new. Updated 11 th April 2008. New features and improvements. 1. Resolved product issues. 2. Other points to be aware of. 3. Agenda. New features and improvements. New features and improvements: New platform support.

abby
Download Presentation

Symantec Endpoint Protection 11.0 Maintenance Release 2: What’s new

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Symantec Endpoint Protection 11.0Maintenance Release 2: What’s new Updated 11th April 2008

  2. New features and improvements 1 Resolved product issues 2 Other points to be aware of 3 Agenda

  3. New features and improvements

  4. New features and improvements:New platform support • Windows 2008 support (inc Server Core) SEP client only (32 and 64bit) • Windows Vista SP1 support SEP client only (32 and 64bit)

  5. New features and improvements:Less resource usage / Lighter footprint Symantec Endpoint Protection Manager • Use less RAM for Console, Server and Embedded DB • approx 256mb • Now less disk space • approx 2GB Symantec Endpoint Protection client • Now less disk space • approx 400mb

  6. New features and improvements: Manager Installation > Create sys admin

  7. New features and improvements: Manager Installation > Choose config * This dialog will only appear with a new SEPM install, not an upgrade *

  8. New features and improvements: Manager Installation > Simple Automatically configures the following: • Embedded database chosen • Site name set to ‘My Site’ • Admin-specified password used for DB and encryption also • 3 content revisions stored Please note: By default a SEPM will download 3 new certified AV/Antispyware content updates per day, therefore storing 3 content revisions would mean SEP client content could only be out of date by 1 full day before a full update would be downloaded.

  9. New features and improvements: Manager Installation > Advanced

  10. New features and improvements: Manager Installation > Advanced Content revisions stored, for each option chosen: • Less than 100: 3 • Between 100 and 500: 3 • Between 500 and 1000: 10 • More than 1000: 30 Please note: By default a SEPM will download 3 new certified AV/Antispyware content updates per day, therefore storing 3 content revisions would mean SEP client content could only be out of date by 1 full day before a full update would be downloaded.

  11. New features and improvements: Manager Installation > DB choice

  12. New features and improvements: Manager Installation > DB choice Re embedded DB option now supporting 5000 computers: • Increased so that customers in the range of 1000-5000 were not forced to purchase SQL licenses. • No further DB optimisation has been implemented, BUT: • Lab testing has proven the embedded DB can adequately scale beyond 5000 managed computers, even out-performing MS-SQL in environments with small numbers. • A product issue has been resolved whereby the embedded DB would not reclaim freed up space, therefore would continue to grow indefinitely.

  13. New features and improvements: Manager Installation > Summary

  14. New features and improvements: Console Homepage Latest content versions now show on homepage for both Symantec’s public Liveupdate server and the local SEPM:

  15. New features and improvements: Content revision control via the console • Number of content revisions stored is now configurable via the console. • Please note: If you choose ‘Simple’, this will set the stored content revisions to 3. • If you choose ‘Advanced, then: • Less than 100: 3 revisions • Between 100 and 500: 3 revisions • Between 500 and 1000: 10 revisions • More than 1000: 30 revisions • If you upgraded the SEPM, the previously configured setting will be preserved (10 by default preMR2).

  16. New features and improvements: Delta generation CPU usage control • The mdef25builder will now, by default, never use more than 50% of available CPU cycles. • This is configurable by adding the following parameter to the conf.properties file: • scm.delta.cpu.usage • The advantage is less impact on the SEPM when deltas are being created • Be aware though that this also means the process will take longer to complete the required delta generation task.

  17. New features and improvements: More responsive console experience * Not installed by default, optional component on CD3 * • The IIS 6.0 FastCGI extension improves the performance of the Home, Monitors, and Reports pages of the console. • Is standard component to ship with Windows 2008. • Documentation also provided on CD3 detailing setup steps. • Symantec provides full support for the SEPM with the successful installation of the FastCGI extension.

  18. New features and improvements: Template AV/Antispyware policies • Default (Balanced), High Security, High Performance. • All specifics documented in product admin manual (p394)

  19. New features and improvements: Template Application Control policies Further template policies added in MR2:

  20. New features and improvements: Automatic AV/Antispyware exclusions • SEP 11.0, when released, already set automatic exclusions for MS Exchange 2003 and 2007. • Now, MR2 will add automatic exclusions for: • SEPM embedded database and transactional logs • Active Directory database, transactional logs and working files • Following Microsoft best practice recommendations

  21. New features and improvements: Granular Device Control • Devices can now be identified by any means • Type, Brand, Model, Serial Number • Tool provided on CD3 to verify Device IDs (DevViewer) • Some Device ID examples: • SanDisk Micro Cruzer - USBSTOR\DISK&VEN_SANDISK&PROD_CRUZER_MICRO&REV_2033\0002071406&0 • Apple iPod - USBSTOR\DiskApple___iPod____________1.62\4&3656B0&0 • Hitachi IDE Hard Drive - IDE\DISKHTS541060G9SA00_________________________MB3IC60H\4&14AA9DA8&0&0.0.0

  22. New features and improvements: Granular Device Control

  23. New features and improvements: Granular Device Control

  24. New features and improvements: Other updated included components • Liveupdate Administrator 2.1.2 (MR2) • Now supports Vista SP1 and Windows 2008 • Symantec Antivirus for Linux 1.0.4 (MR4) • Network Access Control 11.0.2(optional additional purchase) • Now includes Microsoft NAP support and Peer-to-Peer enforcement

  25. Resolved product issues

  26. Resolved product issues:Performance • Fixed port leaks on SEPM server • Optimized disk space usage of embedded database • Fixed excessive disk space used by antivirus logs on SEPM • Fixed excessive disk space use by LiveUpdate on SEP client • Reduced length of accelerated heartbeat on SEP client to optimize communication between SEPM and SEP client

  27. Resolved product issues: Functionality and usability • Resolved inconsistent scanning of files on SEP client • Improvements to SEPM console home page include all charts displayed properly, all agents and agent status appear correctly • Fixed site and agent replication issues • Fixed ClientRemote Utility • Optimized creation of group folders so that they can be created in a timely manner • Optimized performance of Active Directory synchronization to avoid database deadlocks • Minimized boot time on SEP client by optimizing Symantec processes during startup

  28. Resolved product issues: Communication and connectivity • Addressed issues whereby SEP clients connecting to a SEPM over slow network links could saturate the line when retrieving content updates • Addressed issues with SEP client communicating with SEPM behind a firewall with NAT or after changing the remote console port • Addressed issue with SEP clients management being blocked by Checkpoint VPN client connections

  29. Other points to be aware of

  30. Other points to be aware of:SEP client cached installs have moved * Now also compressed to save disk space *

  31. Other points to be aware of:Default AV/Antispyware policy overwrite • MR2 changes the default AV/Antispyware policy so that an ActiveScan doesn’t occur each time new definitions are loaded (which occurs 3 times a day by default): • This change means that if you install MR2 over an existing pre MR2 SEPM, the default AV/Antispyware policy will be overwritten. • It is recommended, if you wish to keep this default AV/Antispyware policy, please make a copy of it or rename it before upgrading to MR2.

  32. Other points to be aware of:MR2 client will not be available via LU • Due to a defect in SEPM, pre-MR2 releases of SEPM cannot download MR2 LiveUpdate Packages. • Customers will have to download SEPM via FileConnect. • Since new SEPM will already contain MR2 SEP client packages, it will be unnecessary for administrators to use LiveUpdate to download the MR2 client packages. • Once administrators have MR2 SEPM release in their environment, they can use LiveUpdate to download future client packages (to be determined... either MR2 MP1 or MR3) that will be available via LiveUpdate.

  33. Other points to be aware of:How to shrink the embedded DB • There is a product issue preMR2 whereby the embedded DB would continue to grow indefinitely. • This was caused by the SEPM not successfully periodically reclaiming freed up space. • If you have upgraded the SEPM to MR2, some steps can still be followed to reclaim this space: Note: Technical Support can assist with this procedure as needed. • Via DOS prompt, navigate to C:\Program Files\Symantec\Symantec Endpoint Protection Manager\ASA\win32\ • Run command dbunload -c "uid=dba;pwd=dba_password" –ar • Restart the SEPM service.

  34. & QUESTIONS ANSWERS

  35. Thank you!

More Related