For more than a decade, multiple point technology products were the weapons of choice for IT security professionals fighting the inexhaustible battle against endpoint security threats. This traditional approach, which includes firewalls, antivirus, intrusion protection, and antispyware, was driven by good intentions and best practices, but is now becoming too complex and too costly. More importantly, point solutions are no longer robust enough to protect the corporate jewels.

Today, disarming sophisticated attackers means embracing a comprehensive and integrated endpoint security solution that also reduces acquisition, management, and administrative costs.

That's the goal of Symantec’s recently introduced proactive Endpoint Protection 11.0. Combining best-of-breed security technologies into a single agent with a single management console, Endpoint Protection provides advanced threat protection while lowering the costs and complexity of protecting laptops, desktops, and servers.

Endpoint Protection 11.0 provides the utmost in endpoint security, addressing antivirus/antispyware, network threat protection, and proactive threat protection. Representing the next generation of IT defense, the product also integrates with Symantec Network Access Control 11.0 to address endpoint compliance.

Companies understand the tremendous business risks associated with lax endpoint security – the potential for data theft, loss of intellectual property, disruption of business services, name brand damage, and a negative hit on the corporate reputation. It’s also understood that throwing multiple security products at the problem comes with its own set of liabilities; namely, a drain on technical and corporate resources. Furthermore, when the burden of security management becomes too big, it becomes its own security liability.

With the availability of Endpoint Protection 11.0, Symantec offers IT security managers a new strategy for waging war against viruses, bots, worms, Trojan horses, spyware, adware, rootkits, zero-day attacks, and the challenge of staying ahead of a myriad of known and unknown threats.

Endpoint Protection 11.0, Symantec’s next generation antivirus product, combines award-winning and best-of-breed technology. Key product ingredients begin with Symantec’s AntiVirus solution for protection against viruses, Trojans, and worms. Symantec AntiVirus is the only product to have won the most consecutive awards from independent testing entity Virus Bulletin (VB100) beginning in 1999.

After integrating Veritas into the company’s product line several years ago, Symantec's antispyware now includes VxMS, which looks deeper into the file system than any competing solution to enable the analysis and repair necessary to remove rootkit attacks. Rootkits are stealth applications or scripts that a hacker uses to gain an undetectable presence on a system and gives the hacker administrator-level access to that system.

A 2006 study by Thompson Cyber Security Labs deemed Symantec’s Antispyware the best performing rootkit detection and removal technology -- ahead of vendors such as McAfee, F-Secure and Trend Micro.

A Gartner Magic Quadrant leader for four consecutive years, Symantec’s sophisticated endpoint firewall technology grew out of its 2005 acquisition of Sygate Technologies. The rules-based firewall engine can dynamically adjust port settings to block threats from spreading.

The intrusion prevention technology in Endpoint Protection is made up of several technologies, most notably TruScanTM proactive threat scanning technology from Whole Security, a leading provider of behavior-based security and anti-phishing technology, which was acquired by Symantec in 2005. Known for its accuracy, TruScan has a very low false positive rate, fewer than 50 false positives for every 1 million PCs.

Another intrusion protection feature is Generic Exploit Blocking (GEB), a vulnerability-based IPS technology that uses generic signatures to allow one signature to proactively protect against all variants, potentially hundreds or thousands. Endpoint Protection allows administrators to create custom, or rule-based, intrusion prevention signatures for their own unique environments and custom applications.

Device and Application Control, another critical endpoint security technology prevents data leakage by enabling administrators to deny specific devices, e.g., USB keys, back-up drives, and application activities determined to be high risk. The device and application control capability in Endpoint Protection will reportedly save one beta user about $800,000 in server costs from employees' music downloads. Another beta user anticipates recovering more than $2 million from network outages caused by unauthorized peer-to-peer applications. Endpoint Protection allows administrators to create a white list, allowing only trusted applications to run on the network.

Symantec Network Access Control is a separate product that uses the same agent and management console as Endpoint Protection. It is an add-on product that IT security managers can enable through the purchase of a Symantec Network Access Control license. Network access control enforces compliance by controlling access to the corporate network through security policy.

Symantec AntiVirus 9.0 and 10.0 customers with valid support or maintenance licenses are currently eligible to migrate to Endpoint Protection 11.0. Each component in Endpoint Protection 11.0 is policy based, allowing users to roll out components as they see fit.

Companies with existing investments in endpoint security can also leverage Endpoint Protection since it works with other leading antivirus products, firewalls, IPS technologies, and network access control infrastructures. The product is also compatible with leading software deployment tools, patch management tools, and security information tools.

IT security professions know they need a better, more cost-effective and efficient way to protect laptops, desktops and servers than deploying and managing multiple standalone solutions – now they have it with Symantec Endpoint Protection 11.0.