Symantec Endpoint Protection 12 provides a single agent and console for antivirus, antispyware, firewall, and other protections across Windows and Mac devices. It uses a new Insight technology powered by data from over 175 million endpoints to detect emerging and mutated threats that evade traditional signature-based scanning. Insight analyzes factors like file age, frequency, location, and community reputation ratings to proactively protect against new threats. Testing shows Symantec provides the most effective security with fewer false positives than competitors like Sophos, Kaspersky, Trend Micro, Microsoft, and McAfee.

1. Symantec Endpoint Protection 12
July 2011
1

2. Jan, 2007 - 250,000 viruses
Dec, 2009 – over 240 million
2

3. Malware authors have switched tactics
75% of malware infect less than
50 machines
From: To:
A mass distribution of a A micro distribution model e.g.
relatively few threats e.g.
 The average Vundo variant is
 Storm made its way onto millions distributed to 18 Symantec users!
of machines across the globe  The average Harakit variant is
distributed to 1.6 Symantec users!
3

4. A Security Catastrophe… the growth in AV signatures
10,000,000
8,000,000
6,000,000
Signature based scanning
4,000,000
won’t keep up
2,000,000
0
4

5. What is SEP 12? Single Agent, Single Console
On-Premise Infrastructure
Antivirus Windows & Mac
Network
Access
Antispyware
Control
(add-on)
Application
Control
Firewall
Device Intrusion
Control Prevention
5

6. What’s New in SEP 12
Unrivaled Blazing Built for Virtual
Security Performance Environments
• Powered by Insight • Up to 70% reduction • Tested and optimized
• Real Time Behavior in scan overhead for virtual
Monitoring with • Smarter Updates environments
SONAR • Faster Management • Higher VM densities
6

7. Powered by
Insight
Proactive protection against new, mutating threats
• puts files in context, using their age, frequency, location and
more to expose threats otherwise missed
• using community-based security ratings
• derived from Symantec's more than 175 million endpoints
7

8. How Insight Works Check the DB
4
during scans
2 Rate nearly
2.5 billion
every file on
the files
internet
1 Build a
175
collection
million
network
PCs
Is it new?
Bad reputation?
Prevalence
Age
Source
Provide 3 Look for
5 associations Behavior
actionable data Associations
8

9. Unrivaled Security
Hackers mutate threats to evade fingerprints
Mutated threats stick out like a sore thumb
It’s a catch-22 for the virus writers
– Mutate too much =Insight finds it
– Mutate too little = Easy to discover & fingerprint
9

10. Symantec Protection Model
Defense in Depth
File
17b053e6352ad233
85c59efcbac2490b
Website/ Network
Domain/
IP address
Network File Reputation Behavioral
 Network-based
Protection  File-based
Protection  Reputation-based
Protection  Behavioral-based
Protection
Stops malware as it Looks for and Establishes information Looks at processes as
travels over the network eradicates malware about entities e.g. they execute and uses
and tries to take up that has already taken websites, files, IP malicious behaviors to
residence on a system up residence on a addresses to be used in indicate the presence
system effective security of malware
 Protocol aware IPS  Antivirus Engine  Domain Reputation  SONAR
 Browser Protection  Auto Protect  File Reputation  Behavioral Signatures
 Malheur  Insight
10

11. Proven Most Effective in Real World Test
100% 100%
3.8%
13.5%
90% 90%
26.9%
3.8% 32.7%
80% 40.4% 80%
44.2%
70% 70%
% of samples
3.8% 15.4%
% False Positives
60% 60%
5.8%
3.8%
50% 50%
96.2%
40% 82.7% 40%
30%
63.5% 30%
57.7%
53.8% 51.9%
20% 20%
Infected
10% 10% Partial
Blocked
4% FP
0% 0%
Symantec Sophos Kaspersky Trend Micro Microsoft McAfee
11

12. Most Effective Remediation
120 30
110
100 104 25
Number of False Positives
94 93
Remediation Score
80 20
75
(higher is better)
(lower is better)
69
60 15
40 10
20 24 5
1
0 0
Symantec Kaspersky Microsoft Sophos Malwarebytes McAfee Trend Micro
12

13. Insight: Faster than Traditional Scanning
Insight - Optimized Scanning
Traditional Scanning Skips any file we are sure is good,
Has to scan every file leading to much faster scan times
On a typical system, 70% of active
applications can be skipped!
13

14. Tests Prove SEP 12 Outperforms Competition
Symantec Endpoint Protection 12 Scans:
 3.5X faster than McAfee
 2X faster than Microsoft
Ranked 1st in overall Performance!
160
140
120
100
80
60
40
20
0
Symantec Kaspersky Trend Micro Microsoft Sophos McAfee Average
14

15. Lowest Memory Use
180.0
160.0
140.0
120.0
100.0
80.0
60.0
40.0
20.0
0.0
Symantec Kaspersky Trend McAfee Sophos Microsoft Average
Memory Usage Micro
Symantec Endpoint Protection 12 uses:
 66% less memory than McAfee
 76% less memory than Microsoft
15

16. Built for Virtual Environments
Virtual Client Virtual Image Shared Insight Resource
Tagging Exception Cache Leveling
Together – up to 90% reduction in disk IO
16

17. Virtualization Features
Virtual Client Virtual Image Shared Insight
Tagging Exception Cache
Offline Image Resource
Scanning Leveling
Together – up to 90% reduction in disk IO
17

18. Symantec Endpoint Protection
Small Business Edition 12.1
Fastest •Powered by Symantec
Insight and SONAR
•Support for Macintosh
Most Effective
•Faster Installs and
Upgrades
Simple
•Smart Scanning
18

19. Solutions Tailored for Business of All Sizes
Servers, Desktops
& Laptops
Servers, Desktops Servers, Desktops
& Laptops & Laptops
Servers, Desktops & Servers, Desktops Servers, Desktops
Laptops & Laptops & Laptops
Servers, Desktops & Desktops & Laptops Desktops & Laptops Desktops & Laptops Desktops & Laptops
Laptops
19

20. What’s Right For Your Business?
Endpoint
Endpoint
Feature Protection Small
Protection
Business Edition
Seats 5-99 seats 100+ seats
Antivirus/Antispyware • •
Desktop Firewall • •
Intrusion Detection/Prevention • •
Generic Exploit Blocking • •
Protection for Mac OS X and Windows • •
Protection for Linux •
Device and Application Control •
Network Access Control Self-Enforcement •
Flexible, granular policy management •
Enhanced Virtualization Features •
20

21. go.symantec.com/SEP12
Copyright © 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in
the U.S. and other countries. Other names may be trademarks of their respective owners.
This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied,
are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
21