Symantec Endpoint Protection OS

Basic Information

Broadcom Symantec Endpoint Protection (SEP), now often referred to as Symantec Endpoint Security (SES), is a comprehensive security software suite designed for anti-malware, intrusion prevention, and firewall capabilities across server and desktop computers.

• Model: Symantec Endpoint Protection (SEP) / Symantec Endpoint Security (SES)
• Version: The latest stable release is 14.3 RU9 (Build 11216), released on June 24, 2024. Newer patches include 14.3 RU10 Patch 1 and 14.3 RU9 Patch 2, both released on November 19, 2025.
• Release Date: The first version, SEP 11.0, was released in September 2007.
• Minimum Requirements: Detailed in the Technical Requirements section below.
• Supported Operating Systems: Windows, macOS, and Linux. Specific versions vary by SEP/SES client and management components.
• Latest Stable Version: 14.3 RU9 (Build 11216) / June 24, 2024.
• End of Support Date: For SEP 12.x, content and signature updates ceased on April 3, 2021. Symantec Endpoint Protection 14.3 RU7 Patch 3 has an End of Service date of March 31, 2026. No specific End of Life (EOL) date has been publicly set for 14.2/14.3, but it is anticipated.
• End of Life Date: Symantec Endpoint Protection Cloud (SEPC) and Small Business Version 2013 (SEP SBE 2013) reached their final end-of-life on December 7, 2020.
• Auto-update Expiration Date: Not explicitly specified, but tied to the End of Support dates for content and signature updates.
• License Type: Typically offered as trialware for evaluation, with enterprise deployments utilizing subscription-based licensing models.
• Deployment Model: Supports flexible deployment options including on-premises, cloud-managed, and hybrid models.

Technical Requirements

Technical requirements vary based on the component (management server or client) and the operating system.

• RAM:
  • Symantec Endpoint Protection Manager (SEPM): A minimum of 2 GB RAM is required, with 8 GB or more recommended. If Microsoft SQL Server is installed on the same machine as SEPM, a minimum of 8 GB RAM is recommended.
  • Symantec Endpoint Protection Client for Windows (Embedded/VDI): Requires 245 MB of available hard disk space if installed to the system drive, or 230 MB on the system drive and 15 MB on an alternate drive if installed elsewhere.
  • Symantec Endpoint Protection Client for Linux: Requires 1 GB RAM.
  • Threat Defense for AD Gateway: Requires 16 GB RAM.
• Processor:
  • SEPM: An Intel Pentium Dual-Core or equivalent processor is the minimum, with an 8-core or greater processor recommended. Intel Itanium IA-64 processors are not supported.
  • Symantec Endpoint Protection Client for Windows (virtual computers): One virtual socket and one core per socket at 1 GHz minimum, with one virtual socket and two cores per socket at 2 GHz recommended.
  • Symantec Endpoint Protection Client for Linux: An Intel Pentium 4 (2 GHz) or later processor.
• Storage:
  • SEPM: 16 GB available minimum (100 GB recommended) for the management server. For the management server with a locally installed database, 40 GB available minimum (200 GB recommended). An additional 135 MB is required during installation.
  • Symantec Endpoint Protection Client for Windows (SEP 16): System drive requires 30 MB, program data drive 350 MB, and alternate installation drive 150 MB.
  • Symantec Endpoint Protection Client for Linux: Requires 7 GB of available hard disk space. An additional 5 GB of disk space is recommended in /opt when enabling Symantec Endpoint Detection and Response (EDR) features.
• Display: SEPM requires a display resolution of 1024 x 768.
• Operating System: Refer to the "Supported Operating Systems" in the Basic Information section.

Analysis of Technical Requirements: The technical requirements for Broadcom Symantec Endpoint Protection are tiered, with the management server (SEPM) demanding significantly more resources, particularly RAM and storage, especially in larger deployments or when co-hosting a database. Client installations generally have more modest requirements, though specific considerations exist for embedded/VDI environments and Linux. There is a clear trend towards 64-bit operating systems, with 32-bit support being phased out in recent versions. Users should carefully assess their infrastructure to ensure adequate resources for optimal performance, particularly for the SEPM component.

Support & Compatibility

Broadcom Symantec Endpoint Protection offers broad compatibility across various operating systems, with support evolving with newer product versions.

• Latest Version: 14.3 RU9 (Build 11216) / June 24, 2024.
• OS Support:
  • Windows: Supports a wide range of Windows operating systems from Windows 7 through Windows 11, and Windows Server 2008 R2 through Windows Server 2025. Specific compatibility depends on the SEP version; for instance, 32-bit Windows clients are not supported from 14.3 RU6 onwards, requiring 32-bit machines to run 14.3 RU5.
  • macOS: Supports macOS 10.15.x and 11.x with Symantec Agent for Mac build 14.3 RU1 and newer. Compatibility extends to Apple M1, M2, M3, and M4 processors, supported from specific RU versions.
  • Linux: Compatible with various distributions including Amazon Linux, CentOS, Debian, Oracle Linux, Red Hat Enterprise Linux, SUSE Linux Enterprise Server/Desktop, and Ubuntu. Support for older Linux distributions like RHEL 6, CentOS 6, Ubuntu 14, Debian 9, and SLES 12 has been discontinued with 14.3 RU9.
• End of Support Date: Refer to the Basic Information section for details on End of Support and End of Life dates for various product versions.
• Localization: While not explicitly detailed in the search results, enterprise-grade security software typically offers support for multiple languages to cater to a global user base.
• Available Drivers: The software suite integrates components like Intrusion Prevention and Firewall (Network Threat Protection) that interact directly with the operating system's network stack and other system-level functions, implying the inclusion of necessary drivers within the installation.

Analysis of Overall Support & Compatibility Status: Broadcom Symantec Endpoint Protection demonstrates extensive compatibility across major operating systems, catering to diverse enterprise environments. Continuous updates ensure support for newer OS releases and hardware, including Apple's M-series chips. However, organizations must proactively manage their SEP/SES versions to align with supported OS versions, as older platforms and 32-bit Windows are progressively being deprecated. The management console primarily operates on Windows Servers, while clients are broadly supported across platforms.

Security Status

Broadcom Symantec Endpoint Protection (SEP) and Symantec Endpoint Security (SES) offer a robust, multi-layered security framework designed to protect against a wide array of cyber threats.

• Security Features:
  • Core Protection: Includes anti-malware, intrusion prevention, and firewall capabilities.
  • Advanced Threat Protection: Features attack surface reduction, attack prevention, breach prevention, and Endpoint Detection and Response (EDR).
  • Proactive Defense: Utilizes advanced policy controls, continuous vulnerability scanning, and misconfiguration detection.
  • Behavioral and Application Control: Implements Behavioral Isolation, Application Control, and Device Control to restrict unauthorized activities and hardware access.
  • AI/ML-driven Detection: Leverages machine learning and artificial intelligence for advanced threat detection, anomaly detection, real-time threat protection, and file reputation analysis (Insight).
  • Ransomware Defense: Provides dedicated features to prevent, detect, and remediate ransomware attacks.
  • Memory Exploit Mitigation: Neutralizes zero-day exploits in popular software.
  • System Integrity: Includes Host Integrity to ensure endpoint compliance and System Lockdown to control application execution.
  • Active Directory Security: Protects against lateral movement and credential theft targeting Active Directory.
  • Data Encryption: Symantec Endpoint Encryption offers strong full-disk and removable media encryption, built on PGP technology, with a FIPS 140-2 validated cryptographic module.
• Known Vulnerabilities: An exploit in the Application and Device control driver was identified in 2014, allowing system access, but was subsequently patched.
• Blacklist Status: The Intrusion Prevention and Firewall components actively block known network and browser-based malware attacks and include automated domain IP address blacklisting.
• Certifications: Symantec Endpoint Encryption utilizes a FIPS 140-2 validated cryptographic module, aiding compliance with various government and industry requirements. Broadcom also offers Symantec Certified Specialist (SCS) programs for SEP administration.
• Encryption Support: Comprehensive full-disk and removable media encryption is provided through Symantec Endpoint Encryption, supporting authentication via passwords, certificates, and default passwords for removable media.
• Authentication Methods:
  • For Endpoint Encryption: Supports Windows passwords, tokens, double authentication (preboot and Windows logon), Drive Encryption user names and passwords, and smart cards. OAuth is supported for server-client communications from SEE 11.4.
  • For SEPM Administrators: Offers various authentication methods including Symantec Endpoint Protection Manager Authentication (default), RSA SecurID, Symantec VIP (for two-factor authentication), smart cards, and integration with LDAP/Microsoft Active Directory. Okta with multifactor authentication is supported from 14.3 RU8.
• General Recommendations: To achieve comprehensive network security, it is recommended to enable all available protection features. Regular upgrades to supported versions are crucial, especially before operating system upgrades, to maintain security posture.

Analysis on the Overall Security Rating: Broadcom Symantec Endpoint Protection (SES) provides a high level of security through its multi-layered defense mechanisms, incorporating cutting-edge technologies like AI/ML, behavioral analysis, and EDR. It effectively addresses a wide spectrum of threats, from common malware to sophisticated zero-day exploits and ransomware. The inclusion of strong encryption with FIPS 140-2 validation and diverse, robust authentication methods, including multi-factor options, significantly enhances data protection and regulatory compliance. While past vulnerabilities have been identified, they were promptly addressed, reflecting an active commitment to security maintenance.

Performance & Benchmarks

The performance of Broadcom Symantec Endpoint Protection has been a topic of discussion, with improvements noted over time.

• Benchmark Scores: Specific, recent benchmark scores were not readily available in the provided information. An older review from 2012 noted an overall protection score of 98 and good performance in false positive tests.
• Real-world Performance Metrics:
  • Historically, Symantec Endpoint Protection faced criticism for being "bloated and unwieldy" and "super hungry" on system resources, particularly RAM, leading to perceived slowdowns.
  • Subsequent updates have reportedly led to improvements in performance and reduced resource consumption.
  • Despite improvements, some contemporary user feedback indicates that the software can still be "resource intensive, especially when performing scans or updates," which can frustrate users.
  • Conversely, some users describe it as running "fairly light in the background."
• Power Consumption: Specific metrics for power consumption were not found in the search results.
• Carbon Footprint: Information regarding the carbon footprint of the software was not available.
• Comparison with Similar Assets:
  • In older comparisons, SEP was considered less oversensitive to potential threats than some small business-oriented rivals.
  • A 2012 comparison found Kaspersky Small Office Security to be more reliable and accurate, with a broader feature set.
  • Users generally find SEP reliable and effective at threat detection.
  • Some users perceive it as "a bit costly" compared to other options offering similar features.
  • It is sometimes noted for having "limited features/modules as compared with NGAV (Next Gen Antivirus) Tools."
  • Some users consider alternatives like Windows Defender for Endpoint or SentinelOne (S1) as viable or superior options.

Analysis of the Overall Performance Status: Broadcom Symantec Endpoint Protection has a mixed performance history. While earlier versions were often criticized for high resource utilization, subsequent updates have aimed to mitigate these issues. Current user experiences vary, with some reporting efficient background operation and others still noting resource intensity during active scans or updates. Its core protection capabilities are generally well-regarded. However, in a competitive market, its performance, cost, and feature set are frequently benchmarked against newer Next-Generation Antivirus (NGAV) solutions and integrated operating system security features. [cite: , its performance, cost, and feature set are frequently benchmarked against newer Next-Generation Antivirus (NGAV) solutions and integrated operating system security features. [cite: