Documente Academic
Documente Profesional
Documente Cultură
Protection, Symantec
Endpoint Protection Small
Business Edition, and
Symantec Network Access
Control 12.1.5 Release Notes
Legal Notice
Copyright 2014 Symantec Corporation. All rights reserved.
Symantec, the Symantec Logo, the Checkmark Logo, Altiris, LiveUpdate, and TruScan are
trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and
other countries. Other names may be trademarks of their respective owners.
This Symantec product may contain third party software for which Symantec is required to
provide attribution to the third party (Third Party Programs). Some of the Third Party Programs
are available under open source or free software licenses. The License Agreement
accompanying the Software does not alter any rights or obligations you may have under those
open source or free software licenses. Please see the Third Party Legal Notice Appendix to
this Documentation or TPIP ReadMe File accompanying this Symantec product for more
information on the Third Party Programs.
The product described in this document is distributed under licenses restricting its use, copying,
distribution, and decompilation/reverse engineering. No part of this document may be
reproduced in any form by any means without prior written authorization of Symantec
Corporation and its licensors, if any.
THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED
CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED
WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR
NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH
DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL
NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION
WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE
INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE
WITHOUT NOTICE.
The Licensed Software and Documentation are deemed to be commercial computer software
as defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19
"Commercial Computer Software - Restricted Rights" and DFARS 227.7202, "Rights in
Commercial Computer Software or Commercial Computer Software Documentation", as
applicable, and any successor regulations. Any use, modification, reproduction release,
performance, display or disclosure of the Licensed Software and Documentation by the U.S.
Government shall be solely in accordance with the terms of this Agreement.
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
http://www.symantec.com
Technical Support
Symantec Technical Support maintains support centers globally. Technical Supports
primary role is to respond to specific queries about product features and functionality.
The Technical Support group also creates content for our online Knowledge Base.
The Technical Support group works collaboratively with the other functional areas
within Symantec to answer your questions in a timely fashion. For example, the
Technical Support group works with Product Engineering and Symantec Security
Response to provide alerting services and virus definition updates.
Symantecs support offerings include the following:
A range of support options that give you the flexibility to select the right amount
of service for any size organization
For information about Symantecs support offerings, you can visit our website at
the following URL:
www.symantec.com/business/support/
All support services will be delivered in accordance with your support agreement
and the then-current enterprise technical support policy.
Hardware information
Operating system
Network topology
Problem description:
Customer service
Customer service information is available at the following URL:
www.symantec.com/business/support/
Customer Service is available to assist with non-technical questions, such as the
following types of issues:
customercare_apac@symantec.com
semea@symantec.com
supportsolutions@symantec.com
Release notes
This document includes the following topics:
You should assume that all the material applies to all editions, unless otherwise
noted.
Review this document before you install these products, or before you call Technical
Support. The release notes describe known issues and provide the additional
information that is not included in the standard documentation or the
context-sensitive Help.
Release notes
What's new in Symantec Endpoint Protection 12.1.5
Feature
Description
OpenSSL 1.0.1h
for Symantec
Endpoint
Protection
Manager
Symantec Endpoint Protection Manager now uses OpenSSL 1.0.1h. The update to OpenSSL
addresses several security vulnerabilities, including the one known as Heartbleed, which the
OpenSSL Security Advisory for CVE-2014-0160 describes. Earlier versions of OpenSSL can
reveal sensitive information from the computer's memory to a remote attacker.
You can read the full text of the OpenSSL Security Advisory at the following link:
OpenSSL Security Advisory for CVE-2014-0160
System
requirements
The enterprise version of Symantec Endpoint Protection now includes the Symantec Endpoint
Protection client for Linux. The Symantec Endpoint Protection client for Linux replaces the
Symantec AntiVirus client for Linux and supports a greater range of distributions and kernels.
Added distributions include Red Hat Enterprise Linux Server (RHEL) 6.5 and CentOS 6.5.
Symantec Endpoint Protection 12.1.5 adds the following operating system support:
Mac OS X 10.10
You can now access Symantec Endpoint Protection Manager from the following browsers:
Release notes
What's new in Symantec Endpoint Protection 12.1.5
Table 1-1
Feature
Description
Windows client
The Windows client provides the following new protection enhancements:
protection features Virus and Spyware Protection:
Power Eraser can now be run from the Symantec Endpoint Protection Manager console.
Power Eraser provides aggressive scanning and analysis to help resolve issues with heavily
infected Windows computers. You should only run Power Eraser in emergency situations,
such as when a repair fails or a computer is unstable. Note that when you run Power Eraser
from the management console, Power Eraser does not scan and analyze user-specific
locations. Use Power Eraser in the SymHelp tool directly on the client computer to examine
user-specific locations.
Download Insight and SONAR can now scan Office 2013 applications.
The client no longer scans and deletes backed up files on a server where the Symantec
Endpoint Protection client and either Symantec Backup Exec or Symantec NetBackup is
installed.
For firewall rules, you can now define a host group with an IPv6 IP address. Intrusion Prevention
policies do not support host names with IPv6 addresses.
The default firewall policy includes a default Allow ICMPv6 firewall rule that contains ICMPv6
types of 1-4,128-132,141-143,148,149,151-153. You can also add a rule with ICMPv6 as a
protocol in the network service list.
These firewall policy changes apply only to the enterprise version of Symantec Endpoint
Protection.
You can now use SHA-256 checksums as well as MD5 checksums for file fingerprints in the
application learning feature (enterprise version) and the firewall rules.
IPS audit signatures monitor the network traffic of certain applications on Windows computers.
For example, you can use these signatures to detect Yahoo IM logons. You can enable logging,
review the Network Threat Protection traffic logs, and then decide whether or not to take action
on the traffic.
Linux management The Symantec Endpoint Protection for Linux client replaces the Symantec AntiVirus for Linux
client. You can now provide Virus and Spyware Protection on the clients that run Linux. Symantec
Endpoint Protection Manager provides client policy management, reporting, monitoring, logging,
and licensing in a single client package for Linux.
Only the Symantec Endpoint Protection enterprise version includes the Symantec Endpoint
Protection client for Linux.
Policy enforcement The Host Integrity policy is now included with Symantec Endpoint Protection. The Host Integrity
policy evaluates the client computers and ensures that they meet the security policies you have
downloaded to those client computers.
Only the Symantec Endpoint Protection enterprise version includes the Host Integrity policy.
Release notes
What's new in Symantec Endpoint Protection 12.1.5
Table 1-1
Feature
Description
Management
server updates
You can now remotely deploy the Mac client installation package in addition to deploying it
with a third-party installation tool.
Symantec Protection Center 1 is removed for Symantec Endpoint Protection 12.1.5, enterprise
version. You can still integrate Symantec Endpoint Protection Manager (enterprise version)
with Symantec Protection Center 2, but the feature is no longer tested or available for download.
You can configure the installation package to remove from the client computer over 300
third-party software products from more than 60 vendors. For more information, see:
Third-party security software removal support in Symantec Endpoint Protection
Client password settings dialog box
The client password protection settings now appear in a more accessible location in Clients
(or Computers) > Policies > Password Settings. You can also access the Password
Settings dialog box when you log on to Symantec Endpoint Protection Manager.
Management
server integration
with network
security
technology
You can no longer set the console timeout to Never. For security reasons, the maximum
timeout period is one hour.
The console timeout settings apply only to the enterprise version of Symantec Endpoint
Protection.
After an administrator's failed logon attempts trigger an account lockout, the lockout interval
now doubles with each subsequent lockout. Symantec Endpoint Protection Manager reverts
to the original lockout interval after a successful logon, or after 24 hours since the first lockout.
The progressive lockout interval applies only to the enterprise version of Symantec Endpoint
Protection.
Web services on the management server now support integration with Symantec Managed
Security Services. Together, Symantec Managed Security Services and Symantec Endpoint
Protection Manager provide advanced threat monitoring and targeted remediation options.
The following new web services are also available for use by third-party remote monitoring and
management solutions:
Documentation and other tools for remote monitoring and management support appear in the
web services SDK. The SDK is located in the Tools installation file in the following folder:
/Integration/SEPM_WebService_SDK
10
Release notes
Known issues and workarounds
Table 1-1
Feature
Description
Management
server integration
with advanced
reporting
Symantec Endpoint Protection 12.1.5 (enterprise version) comes with a new version of IT Analytics.
This new version removes the need for the Symantec Management Platform, supports most
common browsers, requires no plug-ins, and also supports mobile devices. IT Analytics delivers
advanced reporting and query capability for customers who want more sophisticated reporting
than Symantec Endpoint Protection Manager can provide alone. The IT Analytics installer is
located in the Tools installation file in the following folder:
/ITAnalytics
Management
server and client
performance
The management server and the client include the following performance improvements:
To reduce hard disk space, Symantec Endpoint Protection Manager now stores only the most
recent full set of virus definitions, plus the deltas for previous versions. Storing the deltas
reduces delivery time and network bandwidth, and improves disk storage requirements on
the management server by 65% to 80%.
The definition storage change applies only to the enterprise version of Symantec Endpoint
Protection.
Enhancements to the scan throttling logic for the Windows client improve scan performance.
These enhancements also minimize the effect on computers with solid-state drives (SSDs)
or that run in a virtualized or Terminal Services environment.
If Symantec Endpoint Protection and Critical System Protection are both installed on the same
client computer, these applications now share Symantec components.
Documentation
The main PDF files are now on the Technical Support site. You can now look for and download
the most current PDF files from a single location. The documents for specific tools remain in
the same folder as the associated tool.
See Where to get more information on page 27.
The Symantec Endpoint Protection Installation and Administration Guide no longer includes
Network Access Control topics. A new Symantec Network Access Control Installation and
Administration Guide includes the Network Access Control topics.
11
Release notes
Known issues and workarounds
The known issues specific to the enterprise version and not the Small Business
Edition display "enterprise version" at the end of the topic title.
You can view a list of resolved issues and feature enhancements for this release
at the following location:
New fixes and features in Symantec Endpoint Protection 12.1 Release Update 5
(12.1 RU5)
Upgrades
This section contains information about upgrading to the current release of the
product.
12
Release notes
Known issues and workarounds
The full configuration instructions appear in the following knowledge base article:
Enabling Mac clients to download LiveUpdate content using the Apache Web server
as a reverse proxy
13
Release notes
Known issues and workarounds
Navigate to installation_folder\tomcat\webapps\ROOT\help\.
The default installation_folder is C:\Program Files\Symantec\Symantec
Endpoint Protection Manager on 32-bit systems, or C:\Program Files
(x86)\Symantec\Symantec Endpoint Protection Manager on 64-bit systems.
Right-click Spe.htm, click Open With, and then click Internet Explorer or
Mozilla Firefox.
Client issues
This section contains information about the Symantec Endpoint Protection client.
14
Release notes
Supported upgrade paths for Symantec Endpoint Protection
12.1.671.4971
15
Release notes
System requirements for Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition
You must uninstall all legacy Symantec products before you install Symantec
Endpoint Protection 12.1.5. Legacy products include Symantec AntiVirus and
Symantec Client Security.
The following Symantec Endpoint Protection client for Mac versions can upgrade
directly to 12.1.5:
12.1.671.4971
You must uninstall Norton products before you install Symantec Endpoint Protection.
The installation of Symantec Endpoint Protection over a Norton product is not
supported.
You can migrate Symantec AntiVirus for Linux 1.0.14 only directly to Symantec
Endpoint Protection for Linux 12.1.5 (enterprise version only). You must uninstall
all other versions of Symantec AntiVirus for Linux first. You cannot migrate a
managed client to an unmanaged client, or downgrade Symantec Endpoint
Protection to Symantec AntiVirus for Linux.
16
Release notes
System requirements for Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition
System requirements for the Symantec Endpoint Protection client for Windows
See System requirements for the Symantec Endpoint Protection client for
Windows on page 19.
System requirements for the Symantec Endpoint Protection client for Mac
See System requirements for the Symantec Endpoint Protection client for Mac
on page 21.
System requirements for the Symantec Endpoint Protection client for Linux
See System requirements for the Symantec Endpoint Protection client for Linux
on page 22.
Component
Requirements
Processor
17
Release notes
System requirements for Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition
Table 1-2
Component
Requirements
Hard drive
Display
1024 x 768
Operating system
Web browser
Windows XP (32-bit, SP2 or later; 64-bit, all SPs; all editions except
Home)
Windows 7 (32-bit, 64-bit; RTM and SP1; all editions except Home)
Windows Server 2008 (32-bit, 64-bit; R2, RTM, SP1 and SP2)
18
Release notes
System requirements for Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition
Table 1-2
Component
Requirements
Supported
virtualization
installations and
products
Windows Azure
Amazon WorkSpaces
Note: This Symantec Endpoint Protection Manager version manages clients earlier
than version 12.1, regardless of the client operating system.
Symantec Endpoint Protection Manager includes an embedded database. For the
enterprise version of Symantec Endpoint Protection, you may also choose to use
one of the following versions of Microsoft SQL Server:
19
Release notes
System requirements for Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition
Table 1-3
Component
Requirements
Processor
Hard drive
800 x 600
Operating system
20
Release notes
System requirements for Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition
Table 1-3
Component
Requirements
Browser Intrusion
Prevention
Supported virtual
installations and
virtualization
products
You can use the Symantec Endpoint Protection client to protect the
supported operating systems that run in the following virtual
environments:
Windows Azure
Amazon WorkSpaces
Component
Requirements
Processor
Physical RAM
2 GB of RAM
Hard drive
Display
800 x 600
Operating system
21
Release notes
System requirements for Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition
Component
Requirements
Hardware
1 GB of RAM
Operating systems
Red Hat Enterprise Linux Server (RHEL) 5U7 - 5U10, 6U2 - 6U5;
32-bit and 64-bit
SUSE Linux Enterprise Server (SLES) 10 SP3, 10 SP4, 11 SP1 11 SP3; 32-bit and 64-bit
SUSE Linux Enterprise Desktop (SLED) 10 SP3, 10 SP4, 11 SP1
- 11 SP3; 32-bit and 64-bit
Ubuntu Server 11.10, 12.04, 12.04.2, 13.04; 64-bit
You can use the following graphical desktop environments to view the
Symantec Endpoint Protection client's graphical user interface:
KDE
Gnome
22
Release notes
System requirements for Symantec Network Access Control
Table 1-5
Component
Other environmental
requirements
Supported virtual
installations and
virtualization
products
You can use the Symantec Endpoint Protection client to protect the
supported operating systems that run in the following virtual
environments. You do not install the Symantec Endpoint Protection
client directly onto the host machine.
23
Release notes
System requirements for Symantec Network Access Control
Release Notes and System Requirements for all versions of Symantec Endpoint
Protection and Symantec Network Access Control
System requirements for the Symantec Network Access Control client for
Windows
See System requirements for the Symantec Network Access Control client for
Windows on page 24.
Component
Requirement
Processor
24
Release notes
System requirements for Symantec Network Access Control
Table 1-6
Component
Requirement
Operating system
Windows XP Embedded
Physical RAM
Hard disk
Display
800 x 600
Component
Description
Processor
25
Release notes
System requirements for Symantec Network Access Control
Table 1-7
Component
Description
Operating System
Memory
512 MB RAM
Hard disk
Download size: 9 MB
The amount of free disk space that is needed to run the client: 100 MB
Display
Super VGA (1,024 x 768) or higher resolution video adapter and monitor
Browser
Component
Description
Processor
Operating system
Memory
512 MB of RAM
26
Release notes
Where to get more information
Table 1-8
Component
Description
Hard disk
Download size: 9 MB
The amount of free disk space that is needed to run the client: 100 MB
Display and
connectivity
Browser
Table 1-9
Types of information
Web address
Trial versions
Trialware
Technical Support
Product guides for all versions of Symantec Endpoint Protection and Symantec
Endpoint Protection Small Business Edition (English)
Symantec Endpoint Protection (other languages)
Product guides for all versions of Symantec Network Access Control (English)
Includes the public knowledge base, product release details, updates and patches,
and contact options for support.
Endpoint Protection Technical Support
Endpoint Protection Small Business Edition
Symantec Network Access Control
SymantecTV
27
Release notes
Where to get more information
Table 1-9
Types of information
Web address
28