App Review Symantec Endpoint Protection 2014 (Manzaitest)

[Manzai]

\! / Not to be confused with Norton Internet Security protects differently!

URL:

Symantec protect effective with malicious URL.

Malware Pack

Disappointment, the system is very infected. Symantec stops very few files with SONAR.

Through: 2/5 => Average, prefer Norton Internet Security which is more efficient

 

[Adhit Prakosho]

Ariana Grande-Break Free

thanks bro..

I salute you, you always review every antivirus. I noticed you only a few hours to rest and always active in this forum.

 

[Cch123]

Symantec EP was never for the home user. Home users should not try these EP products as they do not have the necessary resources (such as a central server) to run the program effectively. It requires a lot of manual configuration and a combination of different symantec technologies to be truly effective.

Also, a very important note to point out is that from the video, this is an unmanaged version of Symantec EP. Some of the best technologies inside Symantec EP are not activated/available in unmanaged versions, only in those clients managed by a central command server.

 

[cruelsister]

It also didn’t do very well in the Managed form as administered by IT professionals either at Target or Home Depot. Malware was swimming around their respective servers and happily transmitting data to the Russian C&C for about 3 weeks (19 days, actually) in the case of Target, and for over 5 months at Home Depot.

Although the Firewall is very good, it has excesive alerts- not an issue for a small office, but on an Enterprise basis the logs can be so externsive that they are blown off (a product that alerts to everything alerts to nothing). Finally the Proactive module is just so-so. Malware can be coded, true Zero-day, that won't be detected via definitions by SEP; here's where a good Proactive module should come into play, which SEP does not have (a good one, anyway). In a nutshell, this is what happened at Target and HD.

Not exactly a ringing endorsement of SEP.

 

[Rahadian Putra]

I appreciate the test as always, but this time I must disagree, I'm sorry
SEP was built for company and they has huge reason why this software not released for home users. SEP is not a simple antivirus, not a simple internet security, it's an excellent protection for Network with many features etc, but...in order to make SEP run properly, users cannot run it under default settings jut like when it installed, its quite different than other Norton's product for home users, if not configured properly, then SEP will simply fail. It will requires a manual book to read and understanding the whole features in SEP and manual configuration. And since you also said and admitted by your self by saying "prefer Norton Internet Security which is more efficient" it is true...then how in the world this Norton's product gave different results? especially since this was built for company? it should provide better result, the answer is : because it's not a simple internet security.

Both N.Nvt and Umbra can provide more details and explanation, especially N.Nvt since he's using SEP for a long time, also keep in mind running SEP under managed client and unmanaged client could also provide different protection, thus...the results as well.

 

[nsm0220]

I appreciate the test as always, but this time I must disagree, I'm sorry
SEP was built for company and they has huge reason why this software not released for home users. SEP is not a simple antivirus, not a simple internet security, it's an excellent protection for Network with many features etc, but...in order to make SEP run properly, users cannot run it under default settings jut like when it installed, its quite different than other Norton's product for home users, if not configured properly, then SEP will simply fail. It will requires a manual book to read and understanding the whole features in SEP and manual configuration. And since you also said and admitted by your self by saying "prefer Norton Internet Security which is more efficient" it is true...then how in the world this Norton's product gave different results? especially since this was built for company? it should provide better result, the answer is : because it's not a simple internet security.

Both N.Nvt and Umbra can provide more details and explanation, especially N.Nvt since he's using SEP for a long time, also keep in mind running SEP under managed client and unmanaged client could also provide different protection, thus...the results as well.

oh come on it made a mess if this was my pc i would be PO on Norton for life just like i did to an another av that mess up my pcs when i was a kid

 

[Rahadian Putra]

Yes indeed it was a mess, like I said..it's not a simple Av or a simple internet security like other products for home users
OP even said that he prefer Norton IS which is more efficient for him, why? my guess it was because SEP is pretty different than other Norton's home products, it require to tweak it and understanding how SEP works, and it will provide better protection when it running not under default settings nor in unmanaged client. The goal is to protect the network not a simple virus scanner

 

[Nikos751]

n.nvt will come to this thread very soon hahaha

 

[XxBrazilianoxX]

This is pretty much correct, the unmanaged client requires additional rules and settings.
The managed client is different as its pretty much ready to go and have a serious level of protection.

In the regards to Manzai his test i have to agree, out of the box SEP is just a frame work and has basic protection which does not mean much.
If SEP is set right then i challenge Manzai to do the test again and you will see that the results are VERY different.
However that would also require a different test as this test does not show what SEP can do as SEP is not a antivirus.
Other then that i agree to the test because as its done SEP does have virtually NO out of the box protection.

Can you please tell me what settings do you change from default in SEP client?

 

[nsm0220]

Well i could tell you how to configure SEP, but it really depend on how you config your PC and Network.
There are just to many options here, so there is no can do it all option here.

you know i test avs by default this software should be in the trash can for its pathetic protection

 

[Ink]

you know i test avs by default this software should be in the trash can for its pathetic protection

You should also be aware that default settings are optimised for the vast majority of users, not those who intend to "trash" a VM with dozen malware (- to destruction).

Endpoint protection works differently (IMO) to home environments, where it's the IT security/management's responsibility to correctly configure and maintain the security of the network.

If you, like some, have Business/Endpoint protection on their home PC, then I'm sure @n.nvt and @Umbra Polaris will say the default/core protection isn't great without some tweaking.

 

[nsm0220]

You should also be aware that default settings are optimised for the vast majority of users, not those who intend to "trash" a VM with dozen malware (- to destruction).

Endpoint protection works differently (IMO) to home environments, where it's the IT security/management's responsibility to correctly configure and maintain the security of the network.

If you, like some, have Business/Endpoint protection on their home PC, then I'm sure @n.nvt and @Umbra Polaris will say the default/core protection isn't great without some tweaking.

i think you haven't seen my av reviews lately only 3 in this season (fall 2014 - late spring 2015) have shown to protect not only important windows files and folders from malware but the pc as well

 

[jim lin]

i'm sorry nsm0220 but is this not a post of a Symantec Endpoint Protection 2014 video and not test a of Norton AV?

i doin't see the point you have not tested Symantec Endpoint Protection 2014 in a video

and i'm sorry but what is "windows files and fodders" do you mean folders?


@Manzai thanks for the video



James

 

[nsm0220]

i'm sorry nsm0220 but is this not a post of a Symantec Endpoint Protection 2014 video and not test a of Norton AV?

i doin't see the point you have not tested Symantec Endpoint Protection 2014 in a video

and i'm sorry but what is "windows files and fodders" do you mean folders?


@Manzai thanks for the video



James

have you seen my videos jim lin because i made clear why is its important for zero day protection to protect important windows files and folders from malware

 

[jim lin]

but why promote your videos here in someone else's post?

and thanks so much

but i do not need to see your video's to help me protect my computer and understand
what you are saying

i can kill my pc if i want all on my own thanks

been there done that lol

and i'm very sorry for being OT.

i'm done here



James

 

[nsm0220]

but why promote your videos here in someone else's post?

and thanks so much

but i do not need to see your video's to help me protect my computer and understand
what you are saying

i can kill my pc if i want all on my own thanks

been there done that lol

and i'm very sorry for being OT.

i'm done here



James

im not promoting my videos i was letting you know if you wanted the info

 

[XxBrazilianoxX]

@n.nvt
Thanks for your info.
Just to confirm, If I install SEP client only (selecting unmanaged client option) it can also be tweaked for better security?

 

[Cch123]

Actually, if I am not wrong some important features like application control are missing in the unmanaged client.

 

[cruelsister]

Nico- I pretty much agree with what you wrote with the exception of blaming the recent breaches at both Target and Home Depot on human error. I'm sure that it is no secret to you that malware can be coded and tested to ensure that it would be undetected by SEP. This was indeed done in both cases (why that disguised the malware as a Mcafee service is still curious to me).

The firewall did indeed note occasional connections to the Steppes of Central Asia but sadly was buried in the logs. Considering both retail establishments have about 2000 stores with at the very least 1000 transactions daily (each with their own log entry) it can be easily seen that a sporadic unusual connection can be lost. In both cases the massive network volume resulted in such high alert volumes that the malicious connection alert was ignored as a FP. Some would say that here was the human error, but this is like giving someone Encyclopedia Britannica, telling them to read it in 24 hours and then deriding them for not picking out one misspelled word (I can’t believe I’m actually defending IT…).

I also must add a rant about the disingenuous post breach analysis statements by Symantec. They made the point that HD was using 11.5 (still supported) instead of 12.1. They obviously wanted one to infer that this was the cause of the malware remaining undetected. Seems plausible, but what they didn’t say is that the previous Target breach (caused by essentially by the same malware vector) occurred on a system protected by SEP 12.1.whatever.

But to the point, I agree with you:

1). SEP is not for Home use
2). For maximum effectiveness it must be set up and administered by those with extensive knowledge of the product.

Meghan

 

[XxBrazilianoxX]

@n.nvt

Thanks alot for clarification.

In my case, I cant download the extra stuff since I don't have a license. (Currently using my school bare version).