Sunteți pe pagina 1din 28

Symantec Endpoint

Protection, Symantec
Endpoint Protection Small
Business Edition, and
Symantec Network Access
Control 12.1.5 Release Notes

Symantec Endpoint Protection, Symantec Endpoint


Protection Small Business Edition, and Symantec
Network Access Control Release Notes
Product version: 12.1.5
Documentation version: 1
This document was last updated on: September 22, 2014

Legal Notice
Copyright 2014 Symantec Corporation. All rights reserved.
Symantec, the Symantec Logo, the Checkmark Logo, Altiris, LiveUpdate, and TruScan are
trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and
other countries. Other names may be trademarks of their respective owners.
This Symantec product may contain third party software for which Symantec is required to
provide attribution to the third party (Third Party Programs). Some of the Third Party Programs
are available under open source or free software licenses. The License Agreement
accompanying the Software does not alter any rights or obligations you may have under those
open source or free software licenses. Please see the Third Party Legal Notice Appendix to
this Documentation or TPIP ReadMe File accompanying this Symantec product for more
information on the Third Party Programs.
The product described in this document is distributed under licenses restricting its use, copying,
distribution, and decompilation/reverse engineering. No part of this document may be
reproduced in any form by any means without prior written authorization of Symantec
Corporation and its licensors, if any.
THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED
CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED
WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR
NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH
DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL
NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION
WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE
INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE
WITHOUT NOTICE.
The Licensed Software and Documentation are deemed to be commercial computer software
as defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19
"Commercial Computer Software - Restricted Rights" and DFARS 227.7202, "Rights in
Commercial Computer Software or Commercial Computer Software Documentation", as
applicable, and any successor regulations. Any use, modification, reproduction release,
performance, display or disclosure of the Licensed Software and Documentation by the U.S.
Government shall be solely in accordance with the terms of this Agreement.

Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
http://www.symantec.com

Technical Support
Symantec Technical Support maintains support centers globally. Technical Supports
primary role is to respond to specific queries about product features and functionality.
The Technical Support group also creates content for our online Knowledge Base.
The Technical Support group works collaboratively with the other functional areas
within Symantec to answer your questions in a timely fashion. For example, the
Technical Support group works with Product Engineering and Symantec Security
Response to provide alerting services and virus definition updates.
Symantecs support offerings include the following:

A range of support options that give you the flexibility to select the right amount
of service for any size organization

Telephone and/or Web-based support that provides rapid response and


up-to-the-minute information

Upgrade assurance that delivers software upgrades

Global support purchased on a regional business hours or 24 hours a day, 7


days a week basis

Premium service offerings that include Account Management Services

For information about Symantecs support offerings, you can visit our website at
the following URL:
www.symantec.com/business/support/
All support services will be delivered in accordance with your support agreement
and the then-current enterprise technical support policy.

Contacting Technical Support


Customers with a current support agreement may access Technical Support
information at the following URL:
www.symantec.com/business/support/
Before contacting Technical Support, make sure you have satisfied the system
requirements that are listed in your product documentation. Also, you should be at
the computer on which the problem occurred, in case it is necessary to replicate
the problem.
When you contact Technical Support, please have the following information
available:

Product release level

Hardware information

Available memory, disk space, and NIC information

Operating system

Version and patch level

Network topology

Router, gateway, and IP address information

Problem description:

Error messages and log files

Troubleshooting that was performed before contacting Symantec

Recent software configuration changes and network changes

Licensing and registration


If your Symantec product requires registration or a license key, access our technical
support Web page at the following URL:
www.symantec.com/business/support/

Customer service
Customer service information is available at the following URL:
www.symantec.com/business/support/
Customer Service is available to assist with non-technical questions, such as the
following types of issues:

Questions regarding product licensing or serialization

Product registration updates, such as address or name changes

General product information (features, language availability, local dealers)

Latest information about product updates and upgrades

Information about upgrade assurance and support contracts

Information about the Symantec Buying Programs

Advice about Symantec's technical support options

Nontechnical presales questions

Issues that are related to CD-ROMs, DVDs, or manuals

Support agreement resources


If you want to contact Symantec regarding an existing support agreement, please
contact the support agreement administration team for your region as follows:
Asia-Pacific and Japan

customercare_apac@symantec.com

Europe, Middle-East, and Africa

semea@symantec.com

North America and Latin America

supportsolutions@symantec.com

Release notes
This document includes the following topics:

About this document

What's new in Symantec Endpoint Protection 12.1.5

Known issues and workarounds

Supported upgrade paths for Symantec Endpoint Protection

System requirements for Symantec Endpoint Protection and Symantec Endpoint


Protection Small Business Edition

System requirements for Symantec Network Access Control

Where to get more information

About this document


This document contains information for the following product editions:

Symantec Endpoint Protection, enterprise version

Symantec Endpoint Protection Small Business Edition

Symantec Network Access Control

You should assume that all the material applies to all editions, unless otherwise
noted.
Review this document before you install these products, or before you call Technical
Support. The release notes describe known issues and provide the additional
information that is not included in the standard documentation or the
context-sensitive Help.

Release notes
What's new in Symantec Endpoint Protection 12.1.5

What's new in Symantec Endpoint Protection 12.1.5


Note: Symantec Endpoint Protection 12.1.5 is the last release update to support
Symantec Protection Center 2.0.
In addition, LiveUpdate Administration Utility 1.x reaches end of life on January 5,
2015. If you use this utility in your environment, you should migrate to LiveUpdate
Administrator 2.3.x. To get the latest version of LiveUpdate Administrator, see
Downloading LiveUpdate Administrator.
These items pertain to the enterprise version only.
Table 1-1 describes the new features in the latest version of Symantec Endpoint
Protection.
Table 1-1

New features in Symantec Endpoint Protection 12.1.5

Feature

Description

OpenSSL 1.0.1h
for Symantec
Endpoint
Protection
Manager

Symantec Endpoint Protection Manager now uses OpenSSL 1.0.1h. The update to OpenSSL
addresses several security vulnerabilities, including the one known as Heartbleed, which the
OpenSSL Security Advisory for CVE-2014-0160 describes. Earlier versions of OpenSSL can
reveal sensitive information from the computer's memory to a remote attacker.
You can read the full text of the OpenSSL Security Advisory at the following link:
OpenSSL Security Advisory for CVE-2014-0160

System
requirements

The enterprise version of Symantec Endpoint Protection now includes the Symantec Endpoint
Protection client for Linux. The Symantec Endpoint Protection client for Linux replaces the
Symantec AntiVirus client for Linux and supports a greater range of distributions and kernels.
Added distributions include Red Hat Enterprise Linux Server (RHEL) 6.5 and CentOS 6.5.
Symantec Endpoint Protection 12.1.5 adds the following operating system support:

Windows 8.1 Update 2

Windows Server 2012 Update 2

Mac OS X 10.10

You can now access Symantec Endpoint Protection Manager from the following browsers:

Microsoft Internet Explorer 10.2, 11

Mozilla Firefox 5.x through 31.0

Google Chrome through 37.0.2062.94

For the complete list of system requirements:


See System requirements for Symantec Endpoint Protection and Symantec Endpoint Protection
Small Business Edition on page 16.

Release notes
What's new in Symantec Endpoint Protection 12.1.5

Table 1-1
Feature

New features in Symantec Endpoint Protection 12.1.5 (continued)

Description

Windows client
The Windows client provides the following new protection enhancements:
protection features Virus and Spyware Protection:

Power Eraser can now be run from the Symantec Endpoint Protection Manager console.
Power Eraser provides aggressive scanning and analysis to help resolve issues with heavily
infected Windows computers. You should only run Power Eraser in emergency situations,
such as when a repair fails or a computer is unstable. Note that when you run Power Eraser
from the management console, Power Eraser does not scan and analyze user-specific
locations. Use Power Eraser in the SymHelp tool directly on the client computer to examine
user-specific locations.

Download Insight and SONAR can now scan Office 2013 applications.

The client no longer scans and deletes backed up files on a server where the Symantec
Endpoint Protection client and either Symantec Backup Exec or Symantec NetBackup is
installed.

Network Threat Protection:

For firewall rules, you can now define a host group with an IPv6 IP address. Intrusion Prevention
policies do not support host names with IPv6 addresses.
The default firewall policy includes a default Allow ICMPv6 firewall rule that contains ICMPv6
types of 1-4,128-132,141-143,148,149,151-153. You can also add a rule with ICMPv6 as a
protocol in the network service list.
These firewall policy changes apply only to the enterprise version of Symantec Endpoint
Protection.
You can now use SHA-256 checksums as well as MD5 checksums for file fingerprints in the
application learning feature (enterprise version) and the firewall rules.
IPS audit signatures monitor the network traffic of certain applications on Windows computers.
For example, you can use these signatures to detect Yahoo IM logons. You can enable logging,
review the Network Threat Protection traffic logs, and then decide whether or not to take action
on the traffic.

Linux management The Symantec Endpoint Protection for Linux client replaces the Symantec AntiVirus for Linux
client. You can now provide Virus and Spyware Protection on the clients that run Linux. Symantec
Endpoint Protection Manager provides client policy management, reporting, monitoring, logging,
and licensing in a single client package for Linux.
Only the Symantec Endpoint Protection enterprise version includes the Symantec Endpoint
Protection client for Linux.
Policy enforcement The Host Integrity policy is now included with Symantec Endpoint Protection. The Host Integrity
policy evaluates the client computers and ensures that they meet the security policies you have
downloaded to those client computers.
Only the Symantec Endpoint Protection enterprise version includes the Host Integrity policy.

Release notes
What's new in Symantec Endpoint Protection 12.1.5

Table 1-1

New features in Symantec Endpoint Protection 12.1.5 (continued)

Feature

Description

Management
server updates

You can now remotely deploy the Mac client installation package in addition to deploying it
with a third-party installation tool.

Symantec Protection Center 1 is removed for Symantec Endpoint Protection 12.1.5, enterprise
version. You can still integrate Symantec Endpoint Protection Manager (enterprise version)
with Symantec Protection Center 2, but the feature is no longer tested or available for download.

You can configure the installation package to remove from the client computer over 300
third-party software products from more than 60 vendors. For more information, see:
Third-party security software removal support in Symantec Endpoint Protection
Client password settings dialog box
The client password protection settings now appear in a more accessible location in Clients
(or Computers) > Policies > Password Settings. You can also access the Password
Settings dialog box when you log on to Symantec Endpoint Protection Manager.

Management
server integration
with network
security
technology

You can no longer set the console timeout to Never. For security reasons, the maximum
timeout period is one hour.
The console timeout settings apply only to the enterprise version of Symantec Endpoint
Protection.

After an administrator's failed logon attempts trigger an account lockout, the lockout interval
now doubles with each subsequent lockout. Symantec Endpoint Protection Manager reverts
to the original lockout interval after a successful logon, or after 24 hours since the first lockout.
The progressive lockout interval applies only to the enterprise version of Symantec Endpoint
Protection.

Web services on the management server now support integration with Symantec Managed
Security Services. Together, Symantec Managed Security Services and Symantec Endpoint
Protection Manager provide advanced threat monitoring and targeted remediation options.
The following new web services are also available for use by third-party remote monitoring and
management solutions:

You can run the new Power Eraser commands.

You can place clients into Quarantine.

You can run an Evidence of Compromise command on the client.

Documentation and other tools for remote monitoring and management support appear in the
web services SDK. The SDK is located in the Tools installation file in the following folder:
/Integration/SEPM_WebService_SDK

10

Release notes
Known issues and workarounds

Table 1-1

New features in Symantec Endpoint Protection 12.1.5 (continued)

Feature

Description

Management
server integration
with advanced
reporting

Symantec Endpoint Protection 12.1.5 (enterprise version) comes with a new version of IT Analytics.
This new version removes the need for the Symantec Management Platform, supports most
common browsers, requires no plug-ins, and also supports mobile devices. IT Analytics delivers
advanced reporting and query capability for customers who want more sophisticated reporting
than Symantec Endpoint Protection Manager can provide alone. The IT Analytics installer is
located in the Tools installation file in the following folder:
/ITAnalytics

Management
server and client
performance

The management server and the client include the following performance improvements:

Bandwidth control for client communication


The management server now includes an Apache module that you can configure to control
network bandwidth. The module reduces the network load between Symantec Endpoint
Protection Manager and the client computers, especially when the clients download content
definitions or client installation packages.

To reduce hard disk space, Symantec Endpoint Protection Manager now stores only the most
recent full set of virus definitions, plus the deltas for previous versions. Storing the deltas
reduces delivery time and network bandwidth, and improves disk storage requirements on
the management server by 65% to 80%.
The definition storage change applies only to the enterprise version of Symantec Endpoint
Protection.

The client startup time has improved by more than 10%.

The client service needs fewer processes to run.

Enhancements to the scan throttling logic for the Windows client improve scan performance.
These enhancements also minimize the effect on computers with solid-state drives (SSDs)
or that run in a virtualized or Terminal Services environment.
If Symantec Endpoint Protection and Critical System Protection are both installed on the same
client computer, these applications now share Symantec components.

Documentation

Symantec Endpoint Protection provides the following documentation changes:

The main PDF files are now on the Technical Support site. You can now look for and download
the most current PDF files from a single location. The documents for specific tools remain in
the same folder as the associated tool.
See Where to get more information on page 27.

The Symantec Endpoint Protection Installation and Administration Guide no longer includes
Network Access Control topics. A new Symantec Network Access Control Installation and
Administration Guide includes the Network Access Control topics.

Known issues and workarounds


The issues in this section apply to the most current version of the product.

11

Release notes
Known issues and workarounds

The known issues specific to the enterprise version and not the Small Business
Edition display "enterprise version" at the end of the topic title.
You can view a list of resolved issues and feature enhancements for this release
at the following location:
New fixes and features in Symantec Endpoint Protection 12.1 Release Update 5
(12.1 RU5)

Upgrades
This section contains information about upgrading to the current release of the
product.

The upgrade to Symantec Endpoint Protection Manager 12.1.5


may take much longer than expected
The upgrade process to 12.1.5 converts all existing content to the optimized storage
format. LiveUpdate also runs to obtain the most current content revisions. These
resource-intensive processes may cause the upgrade to 12.1.5 to take significantly
longer than previous upgrades. The extended length of time that the upgrade
process requires is normal and to be expected. Do not cancel or interrupt the
installation.
For more information, see the following knowledge base article:
The LiveUpdate content optimization and content storage space optimization steps
take a long time to complete when upgrading to Symantec Endpoint Protection
Manager 12.1 RU5

Symantec Endpoint Protection Manager issues


This section contains information about Symantec Endpoint Protection Manager.

After an upgrade to 12.1.5, the number of stored LiveUpdate


revisions increases (enterprise version) (3433705)
A change in the way Symantec Endpoint Protection Manager stores and handles
LiveUpdate content means that less disk space is required to store multiple content
revisions. Therefore, the minimum default for the number of stored LiveUpdate
revisions is higher in 12.1.5 than in earlier releases. If the previous number of
revisions is less than the new minimum default, the number of revisions automatically
increases to match the new default. For more information on the new minimum
defaults, see the context-sensitive Help for LiveUpdate site properties.

12

Release notes
Known issues and workarounds

A change to file permissions prevents the viewing or collection


of logs while logged on with a User account (3578528)
As of Symantec Endpoint Protection 12.1.5, the file permissions for the Symantec
Endpoint Protection Manager folders have been strengthened for security purposes.
Non-administrative users may be unable to access the log files or the folder that
contains the log collection tools. You should be logged on to the computer with an
account in the Administrators account group to access these files and folders.
Non-administrative users may be prompted to authenticate with administrator
credentials. Alternately, you can copy the log files from the Tomcat logs folder to
another folder to view them.

After you install or upgrade to 12.1.5, the Apache reverse web


proxy configuration for Mac clients does not work (3515095)
In a knowledge base article on how to enable the Apache web server as a reverse
proxy for Mac clients, the instructions fail for Symantec Endpoint Protection Manager
12.1.5. The version of Apache that comes with 12.1.5 includes two modules whose
names have changed from the earlier Apache version.
In Step 6 of the article, substitute the following text for 12.1.5 only:

Replace the line


LoadModule disk_cache_module modules/mod_disk_cache.so with
LoadModule cache_disk_module modules/mod_cache_disk.so

Replace the line <IfModule mod_disk_cache.c> with


<IfModule mod_cache_disk.c>

The full configuration instructions appear in the following knowledge base article:
Enabling Mac clients to download LiveUpdate content using the Apache Web server
as a reverse proxy

Symantec Endpoint Protection Manager does not report the


correct infected status for Linux clients (enterprise version)
(3328330)
The Computer Status log on the Monitors > Logs page does not report that a
Linux client is still infected after a failed remediation attempt. This behavior is by
design. The Symantec Endpoint Protection client for Linux does not report an
infected status. However, you can still see the security details for the Linux client
in the Risk log or Scan log. These logs include information about the detected
threats.

13

Release notes
Known issues and workarounds

The Chrome browser is incompatible with the Help for


Symantec Endpoint Protection Manager when launched through
the Start menu (2853441)
You can view the Symantec Endpoint Protection Manager Help using a web browser.
However, if Google Chrome is installed and is the default web browser, you cannot
open the Help through the Start menu. This issue does not affect access to
context-sensitive Help from within Symantec Endpoint Protection Manager.
To work around this issue, you can open the Help manually with Internet Explorer
or Mozilla Firefox.
To manually open the Help in Internet Explorer or Mozilla Firefox:

Navigate to installation_folder\tomcat\webapps\ROOT\help\.
The default installation_folder is C:\Program Files\Symantec\Symantec
Endpoint Protection Manager on 32-bit systems, or C:\Program Files
(x86)\Symantec\Symantec Endpoint Protection Manager on 64-bit systems.

Right-click Spe.htm, click Open With, and then click Internet Explorer or
Mozilla Firefox.

Client issues
This section contains information about the Symantec Endpoint Protection client.

Changes to the Symantec Endpoint Protection client for Mac


installation package
The structure of the Symantec Endpoint Protection client package for Mac changes
for 12.1.5. The folder Additional Resources now accompanies the application
installer. Both items must be present in the same location for a successful
installation. If you copy the installer to another location, you must also copy
Additional Resources or the installation fails.

The Symantec Endpoint Protection client version for Mac


incorrectly displays as 13.0.0.0 (3596217)
After you install the managed Symantec Endpoint Protection client for Mac with
remote deployment or by command line, the client version incorrectly displays as
13.0.0.0 in Symantec Endpoint Protection Manager. To resolve this issue, you must
restart the Mac as required after installation. After the Mac restarts, the client version
correctly displays in Symantec Endpoint Protection Manager.

14

Release notes
Supported upgrade paths for Symantec Endpoint Protection

Installation of a Brazilian Portuguese Symantec Endpoint


Protection 12.1.5 client to a Brazilian Portuguese Mac running
OS X 10.10 results in an English user interface (3607113)
You install the Symantec Endpoint Protection 12.1.5 client for Mac to a computer
that runs Mac OS X 10.10. The language of both the 12.1.5 client and the Mac are
set to Brazilian Portuguese, but the resulting 12.1.5 client installation displays in
English.
This issue has no workaround.

Supported upgrade paths for Symantec Endpoint


Protection
The following Symantec Endpoint Protection Manager versions and Symantec
Endpoint Protection Windows client versions can upgrade directly to 12.1.5:

From 11.0 to 12.1.5 (enterprise version)

12.0.122.192 Small Business Edition

12.0.1001.95 Small Business Edition - Release Update 1 (RU1)

12.1.671.4971

12.1.1000.157 - Release Update 1 (RU1)

12.1.1101.401 - Release Update 1, Maintenance Patch 1 (RU1 MP1)

12.1.2015.2015 - Release Update 2 (RU2)

12.1.2100.2093 - Release Update 2, Maintenance Patch 1 (RU2 MP1)

12.1.3001.165 - Release Update 3 (RU3)

12.1.4013.4013 - Release Update 4 (RU4)

12.1.4023.4080 - Release Update 4a (RU4a)

12.1.4100.4126 - Release Update 4, Maintenance Patch 1 (RU4 MP1)

12.1.4104.4130 - Release Update 4, Maintenance Patch 1a (RU4 MP1a)

12.1.4112.4156 - Release Update 4, Maintenance Patch 1b (RU4 MP1b)

For details on upgrading from specific versions of Symantec Endpoint Protection


Manager 11.0 to 12.1, see the following knowledge base article:
Supported upgrade paths to Symantec Endpoint Protection Manager 12.1 from
Symantec Endpoint Protection Manager 11.x

15

Release notes
System requirements for Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition

Symantec Endpoint Protection Manager and Symantec Endpoint Protection Windows


client versions do not support the following downgrade paths:

Symantec Endpoint Protection 11.0 to 12.1.5 Small Business Edition

Symantec Endpoint Protection 12.1.x (enterprise version) to Symantec Endpoint


Protection Small Business Edition

You must uninstall all legacy Symantec products before you install Symantec
Endpoint Protection 12.1.5. Legacy products include Symantec AntiVirus and
Symantec Client Security.
The following Symantec Endpoint Protection client for Mac versions can upgrade
directly to 12.1.5:

From 11.0 to 12.1.5

12.1.671.4971

12.1.1000.0157 - Release Update 1 (RU1)

12.1.2015.2015 - Release Update 2 (RU2)

12.1.4013.4013 - Release Update 4 (RU4)


Note: The Symantec Endpoint Protection client for Mac did not update for
Release Update 3 (RU3).

You must uninstall Norton products before you install Symantec Endpoint Protection.
The installation of Symantec Endpoint Protection over a Norton product is not
supported.
You can migrate Symantec AntiVirus for Linux 1.0.14 only directly to Symantec
Endpoint Protection for Linux 12.1.5 (enterprise version only). You must uninstall
all other versions of Symantec AntiVirus for Linux first. You cannot migrate a
managed client to an unmanaged client, or downgrade Symantec Endpoint
Protection to Symantec AntiVirus for Linux.

System requirements for Symantec Endpoint


Protection and Symantec Endpoint Protection Small
Business Edition
In general, the system requirements for Symantec Endpoint Protection Manager
and the Symantec Endpoint Protection clients are the same as those of the operating
systems on which they are supported.

16

Release notes
System requirements for Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition

For the most current system requirements, see:


Release Notes and System Requirements for all versions of Symantec Endpoint
Protection and Symantec Network Access Control

System requirements for Symantec Endpoint Protection Manager


See System requirements for Symantec Endpoint Protection Manager
on page 17.

System requirements for the Symantec Endpoint Protection client for Windows
See System requirements for the Symantec Endpoint Protection client for
Windows on page 19.

System requirements for the Symantec Endpoint Protection client for Mac
See System requirements for the Symantec Endpoint Protection client for Mac
on page 21.

System requirements for the Symantec Endpoint Protection client for Linux
See System requirements for the Symantec Endpoint Protection client for Linux
on page 22.

System requirements for Symantec Endpoint Protection Manager


Table 1-2 displays the minimum requirements for Symantec Endpoint Protection
Manager.
Table 1-2

Symantec Endpoint Protection Manager system requirements

Component

Requirements

Processor

32-bit processor: Intel Pentium 4 or equivalent (minimum dual core


or hyper-threading recommended)
64-bit processor: Intel Pentium 4 with x86-64 support or equivalent
(minimum dual core or hyper-threading recommended)

Note: Intel Itanium IA-64 processors are not supported.


Physical RAM

2 GB RAM available minimum; 4 GB or more available recommended.

Note: Your Symantec Endpoint Protection Manager server may require


additional RAM depending on the RAM requirements of other
applications that are already installed.

17

Release notes
System requirements for Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition

Table 1-2

Symantec Endpoint Protection Manager system requirements


(continued)

Component

Requirements

Hard drive

Enterprise version: 16 GB available minimum (100 GB recommended)


for the management server. 40 GB available minimum (200 GB
recommended) for the management server and a locally installed
database.
Small Business Edition: 16 GB available minimum; 100 GB available
recommended.

Display

1024 x 768

Operating system

Web browser

Windows XP (32-bit, SP2 or later; 64-bit, all SPs; all editions except
Home)
Windows 7 (32-bit, 64-bit; RTM and SP1; all editions except Home)

Windows 8 (32-bit, 64-bit)

Windows 8.1 (32-bit, 64-bit)

Windows 8.1 Update 1 (32-bit, 64-bit)

Windows 8.1 Update 2 (32-bit, 64-bit)

Windows Server 2003 (32-bit, 64-bit; R2, SP1 or later)

Windows Server 2008 (32-bit, 64-bit; R2, RTM, SP1 and SP2)

Windows Server 2012

Windows Server 2012 R2

Windows Server 2012 R2 Update 1

Windows Server 2012 R2 Update 2

Windows Small Business Server 2003 (32-bit)

Windows Small Business Server 2008 (64-bit)

Windows Small Business Server 2011 (64-bit)

Windows Essential Business Server 2008 (64-bit)

Microsoft Internet Explorer 8, 9, 10, 10.2, 11

Mozilla Firefox 3.6 through 31.0

Google Chrome, through 37.0.2062.94

18

Release notes
System requirements for Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition

Table 1-2

Symantec Endpoint Protection Manager system requirements


(continued)

Component

Requirements

Supported
virtualization
installations and
products

You can install and manage Symantec Endpoint Protection Manager


on the supported operating systems that run in the following virtual
environments:

Windows Azure

Amazon WorkSpaces

VMware WS 5.0 (workstation) or later

VMware GSX 3.2 (enterprise) or later

VMware ESX 2.5 (workstation) or later

VMware vSphere 4.1-5.5

Microsoft Virtual Server 2005

Microsoft Enterprise Desktop Virtualization (MED-V), which includes


Windows XP mode
Windows Server 2008 Hyper-V

Windows Server 2012 Hyper-V

Windows Server 2012 R2 Hyper-V

Citrix XenServer 5.6 or later

Virtual Box, supplied by Oracle

Note: This Symantec Endpoint Protection Manager version manages clients earlier
than version 12.1, regardless of the client operating system.
Symantec Endpoint Protection Manager includes an embedded database. For the
enterprise version of Symantec Endpoint Protection, you may also choose to use
one of the following versions of Microsoft SQL Server:

SQL Server 2005, SP4

SQL Server 2008, through SP3

SQL Server 2008 R2, through SP2

SQL Server 2012, through SP1

SQL Server 2014

System requirements for the Symantec Endpoint Protection client


for Windows
Table 1-3 displays the minimum requirements for the Windows client.

19

Release notes
System requirements for Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition

Table 1-3

Symantec Endpoint Protection client for Windows system


requirements

Component

Requirements

Processor

32-bit processor: 1 GHz Intel Pentium III or equivalent minimum


(Intel Pentium 4 or equivalent recommended)
64-bit processor: 2 GHz Pentium 4 with x86-64 support or
equivalent minimum

Note: Itanium processors are not supported.


Physical RAM

512 MB of RAM (1 GB recommended), or higher if required by the


operating system

Hard drive

1.8 GB of available hard disk space for the installation; additional


space is required for content and logs

Note: Space requirements are based on NTFS file systems.


Display

800 x 600

Operating system

Windows XP Home or Professional (32-bit, SP2 or later; 64-bit, all


SPs)
Windows XP Embedded (SP2 and later)

Windows Vista (32-bit, 64-bit)

Windows 7 (32-bit, 64-bit; RTM and SP1)

Windows 7 Embedded Standard

Windows 8 (32-bit, 64-bit)

Windows 8 Embedded (32-bit)

Windows 8.1 (32-bit, 64-bit), including Windows To Go

Windows 8.1 Update 1 (32-bit, 64-bit)

Windows 8.1 Update 2 (32-bit, 64-bit)

Windows 8.1 Embedded (32-bit)

Windows Server 2003 (32-bit, 64-bit; R2, SP1 or later)

Windows Server 2008 (32-bit, 64-bit; R2, SP1, and SP2)

Windows Server 2012

Windows Server 2012 R2

Windows Server 2012 R2 Update 1

Windows Server 2012 R2 Update 2

Windows Small Business Server 2003 (32-bit)

Windows Small Business Server 2008 (64-bit)

Windows Small Business Server 2011 (64-bit)

Windows Essential Business Server 2008 (64-bit)

20

Release notes
System requirements for Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition

Table 1-3

Symantec Endpoint Protection client for Windows system


requirements (continued)

Component

Requirements

Browser Intrusion
Prevention

Microsoft Internet Explorer 7 - 11

Supported virtual
installations and
virtualization
products

You can use the Symantec Endpoint Protection client to protect the
supported operating systems that run in the following virtual
environments:

Mozilla Firefox 5.x through 31.0

Windows Azure

Amazon WorkSpaces

VMware WS 5.0 (workstation) or later

VMware GSX 3.2 (enterprise) or later

VMware ESX 2.5 (workstation) or later

VMware vSphere 5.1

Microsoft Virtual Server 2005

Microsoft Enterprise Desktop Virtualization (MED-V), which includes


Windows XP mode
Windows Server 2008 Hyper-V

Windows 8 Server Hyper-V

Citrix XenServer 5.6 or later

Virtual Box, supplied by Oracle

System requirements for the Symantec Endpoint Protection client


for Mac
Table 1-4 displays the minimum requirements for the Mac client.
Table 1-4

Symantec Endpoint Protection client for Mac system requirements

Component

Requirements

Processor

Intel Core 2 Duo, Intel Quad-Core Xeon

Physical RAM

2 GB of RAM

Hard drive

1 GB of available hard disk space for the installation

Display

800 x 600

Operating system

Mac OS X 10.8, 10.9, 10.10

21

Release notes
System requirements for Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition

System requirements for the Symantec Endpoint Protection client


for Linux
Table 1-5 displays the minimum requirements for the Linux client.
Note: Only the enterprise version of Symantec Endpoint Protection includes the
client for Linux.
Table 1-5

Symantec Endpoint Protection client for Linux system requirements

Component

Requirements

Hardware

Intel Pentium 4 (2 GHz) or higher processor

1 GB of RAM

5 GB of available hard disk space

CentOS 6U4, 6U5; 32-bit and 64-bit

Debian 6.0.5 Squeeze; 32-bit and 64-bit

Fedora 16, 17; 32-bit and 64-bit

Novell Open Enterprise Server (OES) 2 SP2 and 2 SP3 running


SUSE Linux Enterprise Server (SLES) 10 SP3; 32-bit and 64-bit
Novell Open Enterprise Server (OES) 11 and 11 SP1 running
SUSE Linux Enterprise Server (SLES) 11 SP1 and SP2; 64-bit
Oracle Linux 5U8, 5U9, 6U2, 6U4; 64-bit

Operating systems

Red Hat Enterprise Linux Server (RHEL) 5U7 - 5U10, 6U2 - 6U5;
32-bit and 64-bit
SUSE Linux Enterprise Server (SLES) 10 SP3, 10 SP4, 11 SP1 11 SP3; 32-bit and 64-bit
SUSE Linux Enterprise Desktop (SLED) 10 SP3, 10 SP4, 11 SP1
- 11 SP3; 32-bit and 64-bit
Ubuntu Server 11.10, 12.04, 12.04.2, 13.04; 64-bit

Ubuntu Desktop 11.10, 12.04, 12.04.2, 13.04; 64-bit

For a list of supported kernels, see:


http://entced.symantec.com/sep/12.1.5/doc_sep_linux_sys_req
Graphical desktop
environments

You can use the following graphical desktop environments to view the
Symantec Endpoint Protection client's graphical user interface:

KDE

Gnome

22

Release notes
System requirements for Symantec Network Access Control

Table 1-5

Component

Symantec Endpoint Protection client for Linux system requirements


(continued)
Requirements

Other environmental
requirements

Oracle Java 1.5 or later; Java 7 or later recommended.


This installation requires superuser privileges.
Unlimited Strength Java Cryptography Extension (JCE)
You must install the Unlimited Strength Java Cryptography
Extension policy files to match your version of Java. This installation
requires superuser privileges.
You can download the installation files under Additional
Resources from the following Oracle website:
http://www.oracle.com/technetwork/java/javase/downloads/
index.html
i686-based dependent packages on 64-bit computers
Many of the executable files in the Symantec Endpoint Protection
package are 32-bit programs. For 64-bit computers that run Fedora
Linux, you must install the i686-based dependent packages before
you install the Symantec Endpoint Protection package.
If you have not already installed the i686-based dependent
packages on the Fedora Linux computer, you can install them with
the following command. This installation requires superuser
privileges, which the following command demonstrates with sudo:
sudo yum install glibc.i686 libgcc.i686
libX11.i686

Supported virtual
installations and
virtualization
products

You can use the Symantec Endpoint Protection client to protect the
supported operating systems that run in the following virtual
environments. You do not install the Symantec Endpoint Protection
client directly onto the host machine.

VMware WS 5.0 (workstation) or later

VMware GSX 3.2 (enterprise) or later

VMware ESX 2.5 (workstation) or later

VMware vSphere 5.1

System requirements for Symantec Network Access


Control
In general, the system requirements for Symantec Endpoint Protection Manager
and the Symantec Network Access Control clients are the same as those of the
operating systems on which they are supported.
For the most current system requirements, see:

23

Release notes
System requirements for Symantec Network Access Control

Release Notes and System Requirements for all versions of Symantec Endpoint
Protection and Symantec Network Access Control

System requirements for Symantec Endpoint Protection Manager


See System requirements for Symantec Endpoint Protection Manager
on page 17.

System requirements for the Symantec Network Access Control client for
Windows
See System requirements for the Symantec Network Access Control client for
Windows on page 24.

System requirements for the Symantec Network Access Control On-Demand


Client for Windows
See System requirements for the Symantec Network Access Control
On-Demand Client for Windows on page 25.

System requirements for the Symantec Network Access Control On-Demand


Client for Mac
See System requirements for the Symantec Network Access Control
On-Demand Client for Mac on page 26.

System requirements for the Symantec Network Access Control


client for Windows
Table 1-6 displays the minimum requirements for the Symantec Network Access
Control Windows client.
Table 1-6

Symantec Network Access Control client for Windows system


requirements

Component

Requirement

Processor

32-bit processor: 1 GHz Intel Pentium III or equivalent minimum


(Intel Pentium 4 or equivalent recommended)
64-bit processor: 2 GHz Pentium 4 with x86-64 support or
equivalent minimum

Note: Itanium processors are not supported.

24

Release notes
System requirements for Symantec Network Access Control

Table 1-6

Symantec Network Access Control client for Windows system


requirements (continued)

Component

Requirement

Operating system

Windows XP (32-bit, SP2 or later; 64-bit, all SPs)

Windows XP Embedded

Windows Vista (32-bit, 64-bit)

Windows 7 (32-bit, 64-bit)

Windows 8 (32-bit, 64-bit)

Windows 8.1 (32-bit, 64-bit)

Windows 8.1 Update 1 (32-bit, 64-bit)

Windows Server 2003 (32-bit, 64-bit; R2, SP1 or later)

Windows Server 2008 (32-bit, 64-bit)

Windows Server 2012

Windows Server 2012 R2

Windows Server 2012 R2 Update 1

Windows Small Business Server 2008 (64-bit)

Windows Essential Business Server 2008 (64-bit)

Physical RAM

512 MB of RAM, or higher if required by the operating system

Hard disk

32-bit: 300 MB; 64-bit: 400 MB

Display

800 x 600

System requirements for the Symantec Network Access Control


On-Demand Client for Windows
Table 1-7 lists the minimum requirements for the computers on which the Symantec
Network Access Control On-Demand Client needs to be installed.
Table 1-7

System requirements for the Symantec Network Access Control


On-Demand Client for Windows

Component

Description

Processor

Intel Pentium II 550 MHz (1 GHz for Windows Vista) or faster

25

Release notes
System requirements for Symantec Network Access Control

Table 1-7

System requirements for the Symantec Network Access Control


On-Demand Client for Windows (continued)

Component

Description

Operating System

The following operating systems are supported:

Windows XP Home or Professional (32-bit; SP2 and SP3)

Windows Vista (32-bit, 64-bit)

Windows 7 (32-bit, 64-bit)

Windows 8 (32-bit, 64-bit)

Windows 8.1 (32-bit, 64-bit)

Windows Server 2003 (32-bit, 64-bit; R2, SP1 or later)

Windows Server 2008 (32-bit, 64-bit; R2)

Windows Server 2012

Windows Server 2012 R2

Windows Small Business Server 2008 (64-bit)

Windows Essential Business Server 2008 (64-bit)

Memory

512 MB RAM

Hard disk

Download size: 9 MB
The amount of free disk space that is needed to run the client: 100 MB

Display

Super VGA (1,024 x 768) or higher resolution video adapter and monitor

Browser

You can use one of the following browsers:

Microsoft Internet Explorer 6.0 or later

Mozilla Firefox 3.0 or later

System requirements for the Symantec Network Access Control


On-Demand Client for Mac
Table 1-8 lists the minimum requirements for the computers on which the Symantec
Network Access Control On-Demand Client installs.
Table 1-8

System requirements for Symantec Network Access Control


On-Demand Downloader and Client on a Mac

Component

Description

Processor

Mac computer with an Intel CPU

Operating system

Mac OS X 10.6 or 10.7

Memory

512 MB of RAM

26

Release notes
Where to get more information

System requirements for Symantec Network Access Control


On-Demand Downloader and Client on a Mac (continued)

Table 1-8

Component

Description

Hard disk

Download size: 9 MB
The amount of free disk space that is needed to run the client: 100 MB

Display and
connectivity

Browser

Super VGA (1,024 x 768) or higher resolution video adapter and


monitor
At least one Ethernet adapter (with TCP/IP installed)

Apple Safari 4.0 and 5.0; Mozilla Firefox 3.0 or later.

Where to get more information


Table 1-9 displays the websites where you can get best practices, troubleshooting
information, and other resources to help you use the product.
Symantec websites

Table 1-9
Types of information

Web address

Trial versions

Trialware

Manuals and documentation


updates

Technical Support

Product guides for all versions of Symantec Endpoint Protection and Symantec
Endpoint Protection Small Business Edition (English)
Symantec Endpoint Protection (other languages)

Symantec Endpoint Protection Small Business Edition (other languages)

Product guides for all versions of Symantec Network Access Control (English)

Symantec Network Access Control (other languages)

Includes the public knowledge base, product release details, updates and patches,
and contact options for support.
Endpoint Protection Technical Support
Endpoint Protection Small Business Edition
Symantec Network Access Control

Virus and other threat information Security Response


and updates
Free online technical training

SymantecTV

Symantec Educational Services

Symantec Endpoint Security Training Courses

27

Release notes
Where to get more information

Table 1-9

Symantec websites (continued)

Types of information

Web address

Symantec Connect forums

Endpoint Protection (AntiVirus)


Endpoint Protection Small Business Edition 12.x
Network Access Control

28

S-ar putea să vă placă și