No don't use the embedded client on your machine
It's specifically for low end machines
Symantec Endpoint Protection
- Thread starter Shadowra
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
It's specifically for low end machines
Alright I'm using avira prime rn
SEP is good (not great), but it has two flaws:
1- Cannot scan files with non-latin names
2- When you allow application through firewall, it is allowed for both outbound and inbound; so you have to create first a custom rule blocking all inbound traffic (the same situation with simplewall).
1- Cannot scan files with non-latin names
2- When you allow application through firewall, it is allowed for both outbound and inbound; so you have to create first a custom rule blocking all inbound traffic (the same situation with simplewall).
1. Unable to find any evidence that Symantec Endpoint Protection is unable to handle/parse files with non-latin names. Both Symantec Endpoint Protection and the Norton products which used the same engine up until a year ago, are localised in Chinese, Japanese and Russian. Makes very little sense for the AV engine to support only latin characters, when a product is designed for and sold in the aforementioned countries. Also, the scan engine cares very little about the file name.
2. No idea why someone would want to block this traffic, but not that. Blocking the inbound traffic specially, would almost 100% render connected applications useless.
I believe you mean blocking outbound traffic, which could be a good practice in some limited cases (for example to block telemetry for applications which are not expected to use network) but still, not a good idea at all.
1. Regarding the scanner, i tried it myself; I was gettings error message it can't scan the file; after renaming in English it was scanned as usual.
It's odd, I know.
2. I block inbound traffic because I use home PC, not a server.
Even WF default is to block all inbound with exceptions and allow all outbound.
Did you try changing your system locale settings to enable support of non-unicode characters?
2. OK, but how will applications receive data? Or you mean you block all inbound traffic, except for approved applications?
This is my system locale; to what should I change it?
Blocking inbound traffic didn't affect any of the applications.
You can change it to the language that contains these unrecognised characters (like Russian, Bulgarian for Cyrillic) or you can enable the UTF8 support.
If blocking inbound traffic really didn’t affect any applications then it wasn’t really blocked. There were exceptions. Blocking all inbound traffic is the same as not paying your broadband bill/cancelling the service
Indeed it's blockedYou can change it to the language that contains these unrecognised characters (like Russian, Bulgarian for Cyrillic) or you can enable the UTF8 support.
If blocking inbound traffic really didn’t affect any applications then it wasn’t really blocked. There were exceptions. Blocking all inbound traffic is the same as not paying your broadband bill/cancelling the service
Windows firewall control by default allow only outbound traffic and all inbound traffic is blocked.
Next time I install SEP, it will try UTF8 support trick; the rest of AVs does not need this modification.You can change it to the language that contains these unrecognised characters (like Russian, Bulgarian for Cyrillic) or you can enable the UTF8 support.
If blocking inbound traffic really didn’t affect any applications then it wasn’t really blocked. There were exceptions. Blocking all inbound traffic is the same as not paying your broadband bill/cancelling the service
But this applies to inbound traffic that doesn’t match any other rule, this is the so called cleanup rule. Approved applications are allowed their inbound traffic.
In the logs, I find blocked inbound traffic from other apps such as browsers, with m-dns mark beside; I think this is related to multicast.
Windows Firewall Control steps on the foundation of Windows Firewall (now known as Defender Firewall with the MpsSvc service) which is a stateful firewall like many others. It controls traffic based on application rules, general policies (which apply even when the app is allowed) and inspection of certain packet parts for understanding if the packet was solicited. So whilst individual packets will inevitably be dropped, applications still generate inbound traffic.
Downloaded the most recent 7 script samples (vbs, vbe, js, ps1) from MB.
On-demand scan by SEP detected 3, K 2, and each of MD, Avast-AVG, ESET 1, nothing by B.
Signatures are good; its relatively weak spot is behavioral detection.
Did not try to launch, but I bet K and B will detect most of them post-execution.
On-demand scan by SEP detected 3, K 2, and each of MD, Avast-AVG, ESET 1, nothing by B.
Signatures are good; its relatively weak spot is behavioral detection.
Did not try to launch, but I bet K and B will detect most of them post-execution.
Is Symantec Endpoint Protection good web protection? Does it use the Symantec Browser Protection extension?
It comes with a similar built-in extension, but I prefer chrome store one which allows to ignore and proceed easily; the one which comes with SEP does not have this option and to allow you have to dig deep inside settings and manually add the web address.
So that means you can't easily remove the extension from your browser once it's installed, let alone allow a page blocked by SEP? And the browser also says it's managed by an organization, is that it?
I prefer to ditch the extension built-in with SEP by unselecting browser protection from settings, and to replace it by the more flexible one from chrome store; both afford the same protection.
So in the SEP installation process, can you refuse to install this extension? How stupid of me not to pay attention to that the day I installed SEP.
You may also like...
-
-
-
Huawei HiSec Endpoint Protection 2025
- Started by Shadowra
- Replies: 33
-
Emsisoft Anti-Malware Home 2025
- Started by Shadowra
- Replies: 52
-