Symantec Endpoint Protection Student

Status
Not open for further replies.

motox781

Level 10
Thread author
Verified
Well-known
Apr 1, 2015
483
@Nico@FMA

Version 12.12.2.10 from local university (unmanaged client)

I don't know much about SEP. I've heard it's not good to run it on a personal home PC b/c of how bare it comes by default. I looked through the settings and everything seems setup pretty well.

Question: What should I look for to make sure it is setup properly? If I have a subscription already for Norton Security Premium, should I just use that instead?

All the firewall ports seem to be in there and enabled. Sonar, Download Insight, Intrusion Prevention, etc. seems to be checked and setup for a good default protection (I raised a couple settings up, but not much).

Thanks!
 
Last edited:

Svoll

Level 13
Verified
Top Poster
Well-known
Nov 17, 2016
627
From what i have read, Norton and Symantec offers same protection, one is aimed at consumers and one at business. SEP doesn't have the fancy animation, but detection and engine is similar. SEP 12.1.2 has a security flaw according to this article: Symantec and Norton Security Products Contain Critical Vulnerabilities | US-CERT so if you able to upgrade to SEP 14 or SEP 12.1.6 MP6, that would be more secure as it was patched by Symantec. Flaw was discovered by Travis from Google. (MODS and Admins, if i am not suppose to post links, Sorry, Please remove or edit my post or inform me and I will remove the link)

I had tried it as it was also free from my Uni, and its on par with most antivirus I have tried and experiment with. Their default settings are really good, on my Lab VM, professor had us uncheck all the allow firewall rules and experiment on certain networks and needs. 90% of the time, its workable for a lot of networks with all their predefined ALLOW firewall rules uncheck. Quite a fun lab session.

@frogboy seems very knowledgable on AV from what i have read on his post on MalwareTips, so maybe him or someone more experienced than me could give you a better suggestion and opinion.

Cheers!
 

cLcL

Level 1
Verified
Jan 6, 2015
31
If you use the unmanaged one, better go with Norton Security Premium. SEP unmanaged only has basic feature of NIS, to get full-powered you'll need the managed one (u can try to find some profile for it then export, i havent tried it tho).

if u have SEP managed client, and u trust the admin who manages the SEP manager, then it's all good.

mind you tho, for me, i still believe if you have "decent" knowledge about the internet (eg: know what to click and what-not), u'll be fine even with just win defender, so SEP unmanaged is ok too, but if you want more layer of protection, go with Norton Security
 

motox781

Level 10
Thread author
Verified
Well-known
Apr 1, 2015
483
Thanks for the replies. I was able to update to SEP 14.

Anymore opinions on this?
 
  • Like
Reactions: Wingman

motox781

Level 10
Thread author
Verified
Well-known
Apr 1, 2015
483
If you use the unmanaged one, better go with Norton Security Premium. SEP unmanaged only has basic feature of NIS, to get full-powered you'll need the managed one (u can try to find some profile for it then export, i havent tried it tho).

Can you elaborate on 'what' features the unmanaged SEP lacks compared to NS?

From what I can tell via the settings, it looks like it has all the features of NS, but allows greater control.
 

Svoll

Level 13
Verified
Top Poster
Well-known
Nov 17, 2016
627
nt.png
Correct me if I am wrong, but features are the with SEP 14 managed and unmanaged are same as far as I have learned. The cert. that I have to download thru the Uni should have all the security as the managed. Only difference is not being managed or connected thru the Uni's server. All functions are enabled... I hope

  • The Certificate Authority (CA) authenticates the secure web server to your computer. They are valid for several years. You'll be adding the CA to a group of other certificate signers within each of your web browsers.
  • Your Personal Certificate authenticates your computer and provides access to restricted web pages or applications. It is "signed" by the CA and associates you with your Kerberos username and password, proving to the secure web server that you are who you claim to be.
Might go back to SEP after I am done with playing and test all other AV's, Testing Xvirus and Avast atm....
 
Last edited:

cLcL

Level 1
Verified
Jan 6, 2015
31
Can you elaborate on 'what' features the unmanaged SEP lacks compared to NS?

From what I can tell via the settings, it looks like it has all the features of NS, but allows greater control.

View attachment 125793 Correct me if I am wrong, but features are the with SEP 14 managed and unmanaged are same as far as I have learned. The cert. that I have to download thru the Uni should have all the security as the managed. Only difference is not being managed or connected thru the Uni's server. All functions are enabled... I hope
i'm sorry, what i meant by features are the settings, the "deep settings" or something like that, which can only be obtained from policy created in SEP Manager. For example, password protection to the sep client, the more settings in sonar, etc, and for me, i think SEP unmanaged takes so much disk space (more than 1 gB), cause it need backup definitions in the harddrive, delete the backup only resulted re-download :D , the update can only be set via the Manager.

if your university or company give you policy for SEP, that's good (depends on the admin tho).

mind you that ive tested SEP unmanaged years ago (2012/13), there might be some changes in current version. and note that i havent tried NIS yet, :D , but i think password protection for an AV is a-must (you might not need that tho).[/QUOTE]
 

Svoll

Level 13
Verified
Top Poster
Well-known
Nov 17, 2016
627
@cLcL Times have changed, SEP is no longer 1 gb and definitions are thru cloud or you also have the option to save it on your HD if you want. Its quite light on system resources also, last I check it was less than 1% CPU usage and about 20-30mb on ram. I guess my Admin was nice, I have all settings enabled, even Darknet client settings on SEP.

Side Track : Twins still sing? heard they disbanded a few years ago. I know Charlene still does solo's.
 

cLcL

Level 1
Verified
Jan 6, 2015
31
@cLcL Times have changed, SEP is no longer 1 gb and definitions are thru cloud or you also have the option to save it on your HD if you want. Its quite light on system resources also, last I check it was less than 1% CPU usage and about 20-30mb on ram. I guess my Admin was nice, I have all settings enabled, even Darknet client settings on SEP.
wow, i didnt know that, guess i should test SEP again. yes i know it's light, no impact on system performance at all when i tested it. but the more 1gB space needed was a big no for me. it's good if you have policies for it, heck i think it's still good without policies, but still, imo, without policies, NIS (should) give better settings for protection.

Side Track : Twins still sing? heard they disbanded a few years ago. I know Charlene still does solo's.
They sing too? Haha. I just know it's from a movie, which i havent watched. the girl on the left (gillian cheung) looks cute :D . been using that pic as avatar in forums since 2006, too lazy to change.
 

motox781

Level 10
Thread author
Verified
Well-known
Apr 1, 2015
483
it's good if you have policies for it, heck i think it's still good without policies, but still, imo, without policies, NIS (should) give better settings for protection.

What policies would make a large impact on managed vs unmanaged? Sorry, I've never seen the SEPM policy page so I don't know much about managing SEP.

I know you can password protect, but other than that...what other policies make an managed much stronger (other than obvious things such as block .exe or external devices, etc that would be implemented in a corporate environment).

I guess I'm trying to get a narrowed down list of:

What makes unmanaged SEP and NS different?

From what I can see, they have the same technologies. SEP seems to have something called "Bloodhound" that I don't see in NS. SEP has more configuration options for Norton Insight. Most of the default settings in SEP seem good enough and you can tweak SEP more than NS. SEP has the capability to use both Symantec and Community Insight database.

What am I missing because by looking at it on the surface...it seems very capable out of the box.
 
Last edited:
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top