SEP 14 - any review?

vemn · Feb 11, 2017

Hi,

Anyone has any reviews on SEP 14 (new ML technology etc enhancement).
Wonder how big difference it is from 13 (performance, detection, FP).

Deleted member 178 · Feb 11, 2017

a friend of mine tested it, uninstalled it right aways because the same old bugs wasn't fixed ^^

509322 · Feb 11, 2017

vemn said:
Hi,

Anyone has any reviews on SEP 14 (new ML technology etc enhancement).
Wonder how big difference it is from 13 (performance, detection, FP).

Database update\connection issues.

vemn · Feb 12, 2017

Lockdown said:
Database update\connection issues.

oh my... that's fundamental isn't it.. no QC =.=

vemn · Feb 12, 2017

Umbra said:
a friend of mine tested it, uninstalled it right aways because the same old bugs wasn't fixed ^^

XD haven't reach the stage of testing the new features? Seriously?

Deleted member 178 · Feb 12, 2017

vemn said:
XD haven't reach the stage of testing the new features? Seriously?

when you have basic issues , pointless to go further, because the results would be irrelevant for a proper use.

vemn · Feb 12, 2017

Umbra said:
when you have basic issues , pointless to go further, because the results would be irrelevant for a proper use.

And while keep acquiring companies like LifeLock and BlueCoat.. lol.
Wonder what will the integration turns out to be...

509322 · Feb 12, 2017

vemn said:
oh my... that's fundamental isn't it.. no QC =.=

Installer uses java. I disabled Windows Firewall, disabled VPN services, disabled VPN startups,... but still installer cannot connect to SMTP mail server or Symantec database server. My networking is fine, all my other softs connect out no problem. Installer bug ? I have no idea, but it isn't my networking.

Not worth my time... "Cannot test."

vemn · Feb 12, 2017

Lockdown said:
Installer uses java. I disabled Windows Firewall, disabled VPN services, disabled VPN startups,... but still installer cannot connect to SMTP mail server or Symantec database server. My networking is fine, all my other softs connect out no problem. Installer bug ? I have no idea, but it isn't my networking.

Not worth my time... "Cannot test."

Their support needs to hear you out XD XD XD

Aleeyen · Feb 12, 2017

I can't tell you anything about SEP 14 but I can surely tell you a lot about FEB 14.

509322 · Feb 12, 2017

vemn said:
Their support needs to hear you out XD XD XD

I don't waste my time. I made reports and they were deleted.

Wingman · Feb 12, 2017

vemn said:
Hi,

Anyone has any reviews on SEP 14 (new ML technology etc enhancement).
Wonder how big difference it is from 13 (performance, detection, FP).

There was no version 13 of SEP

Symantec decided to skip it (I guess it was bad luck)
I am currently using SEP 14 (unmanaged client) and I am happy with it. I has one of the bes IPS for enterprise endpoint and I hope that with the acquisition of Bluecoat the product will be much better (share Databases etc). Having said that , messagelabs was a great product until Symantec acquired it and became symantec cloud

AML technology is catching up and it is a great improvement of sonar

It depends what you are looking for though?If you want to compare v 14 with 12 then yes, it is a great improvement. I am not going to debate which AV solution is the best cause they all have their own issue/bugs/CVE so whatever solution you go with, always keep in mind to have a "defense in depth " model

@Umbra do you have specific bugs in mind?Were there cosmetic ones of CVE numbers?

@vemn In terms of Changes to the previous version, symantec has released a change log :
What's new in Symantec Endpoint Protection 14

vemn · Feb 12, 2017

Wingman said:
There was no version 13 of SEP Symantec decided to skip it (I guess it was bad luck)
I am currently using SEP 14 (unmanaged client) and I am happy with it. I has one of the bes IPS for enterprise endpoint and I hope that with the acquisition of Bluecoat the product will be much better (share Databases etc). Having said that , messagelabs was a great product until Symantec acquired it and became symantec cloud AML technology is catching up and it is a great improvement of sonar

It depends what you are looking for though?If you want to compare v 14 with 12 then yes, it is a great improvement. I am not going to debate which AV solution is the best cause they all have their own issue/bugs/CVE so whatever solution you go with, always keep in mind to have a "defense in depth " model
What's new in Symantec Endpoint Protection 14

Oppps.. pardon me for the version thingy.
Don't understand the part on unmanaged client. You do away with SEPM and make it simply just grabbing signatures from Symantec's cloud database that's all?

And have you tested their ML feature? Wonder how well it works though.

Wingman · Feb 12, 2017

vemn said:
Oppps.. pardon me for the version thingy.
Don't understand the part on unmanaged client. You do away with SEPM and make it simply just grabbing signatures from Symantec's cloud database that's all?

You can see the differences of manages vs unmanaged client : Difference between a managed Symantec Endpoint Protection (SEP) Client and an Unmanaged SEP Client.
Even with unmanaged client you can configure all settings of SEP -mac version of SEP 14 do not have that capability yet AFAIK. There are few differences that I do not affect me or justify a SEPM in my environment ( Liveupdate instead of the internet and LUA could also be done via GUP and the manager itself)

vemn said:
And have you tested their ML feature? Wonder how well it works though.

This is a tricky question! What do you mean by "how well it works"? As stated this feature was not available in previous versions of SEP. Only thing I can confirm is that I have seen malicious samples that SEP 14 is detecting with the AML engine (the detection name would be AML*) that other AV wouldn't based on Open source results (VT)

vemn · Feb 12, 2017

Wingman said:
You can see the differences of manages vs unmanaged client : Difference between a managed Symantec Endpoint Protection (SEP) Client and an Unmanaged SEP Client.
Even with unmanaged client you can configure all settings of SEP -mac version of SEP 14 do not have that capability yet AFAIK. There are few differences that I do not affect me or justify a SEPM in my environment ( Liveupdate instead of the internet and LUA could also be done via GUP and the manager itself)

This is a tricky question! What do you mean by "how well it works"? As stated this feature was not available in previous versions of SEP. Only thing I can confirm is that I have seen malicious samples that SEP 14 is detecting with the AML engine (the detection name would be AML*) that other AV wouldn't based on Open source results (VT)

Ahh.. thanks for the explanations. I think the best is for me to download to play with the unmanaged SEP client!

Deleted member 178 · Feb 12, 2017

Wingman said:
@Umbra do you have specific bugs in mind?

Mostly database updates issues, i selected the option to have only limited database locally (forgot the term, it was during installation) and relying on the cloud instead but it keeps downloading the full database.

vemn · Feb 16, 2017

[Using Generic Exploit Mitigation]
This feature looks good though? Working on top of MS EMET.
Any review?

A.S.K · Mar 2, 2017

how to change over the firewall mode in symantec EPP like we do in windows firewall from public to home ?

Wingman · Mar 2, 2017

A.S.K said:
how to change over the firewall mode in symantec EPP like we do in windows firewall from public to home ?

Do you have a managed or unmanaged client?

A.S.K · Mar 3, 2017

its unmanaged client

Search

Search

SEP 14 - any review?

vemn

Level 6

Deleted member 178

509322

vemn

Level 6

vemn

Level 6

Deleted member 178

vemn

Level 6

509322

vemn

Level 6

Aleeyen

Level 22

509322

Wingman

Level 4

vemn

Level 6

Wingman

Level 4

vemn

Level 6

Deleted member 178

vemn

Level 6

A.S.K

Level 1

Wingman

Level 4

A.S.K

Level 1

You may also like...