Symantec has boosted its endpoint protection products with the local launch of a public beta of Endpoint Protection 11.0, code-named Hamlet, and Network Access Control 11.0. The products consolidate five technologies — antivirus, antispyware, firewall, host- and network-based intrusion prevention solutions, and application and device control — into a single agent, says Rob Pregnell, Symantec's product marketing manager for client and host security. Network Access Control (NAC) is an optional module that can be added on to Endpoint Protection. The package is 84% smaller than Symantec Antivirus, Pregnell says. The company managed to shrink it by eliminating the overhead of the management layers. “But it is also fair to say that Symantec needed to boil down its core antivirus and antispyware products, and our developers have been working rigorously for a long time just to do that,” he says. “So, the memory footprint is 21MB for the protection piece, and 25MB in all, including the management.” Pregenell says the launch is a significant release for Symantec and much bigger than a version upgrade. Endpoint Protection includes technologies that automatically analyse application behaviours and network communications to detect and block attacks. Signature-based antivirus protection is not dead, but you need to do more to stay protected today, says Pregnell. Attackers today are “collectively, and intelligently” constructing their threats so that they are essentially launching denial of service attacks against research labs and antivirus vendors, he says. “Researchers just can’t cut out the signatures fast enough,” he says. “Antivirus is effective, but it’s not the only security mechanism you should be relying on. It’s really becoming second line of defence.” Zero-day threats also undermine the logic of an antivirus-based defence mechanism, he says. In 2006, there was a 12-fold increase in zero-day threats, according to Symantec’s internet security threat report, Pregnell says.
The technologies in the product come from two recent Symantec acquisitions – WholeSecurity, which brings application behavioural control to the table, and Sygate, which brings the device control and NAC, says Pregnell. Sygate’s Policy Manager is the basis of the console of Endpoint Protection 11.0, mainly because it has more and better features than the legacy Symantec Antivirus management console, he adds.
Commercial versions of the products will be available in New Zealand on 24 September.
The product will have the same pricing as Symantec’s basic antivirus product, says Pregnell.