Symantec Endpoint Protection Security Target
Symantec Endpoint ProtectionSecurity TargetAcumen Security, LLC.1
Table Of Contents1Security Target Introduction . 51.1Security Target and TOE Reference . 51.2TOE Overview . 51.3TOE Architecture . 51.3.11.3.1.1Hardware. 51.3.1.2Software . 51.3.1.3Operational Environment . 61.3.22452Logical Boundaries . 61.3.2.1Cryptographic Support . 61.3.2.2User Data Protection. 61.3.2.3Identification and Authentication . 71.3.2.4Security Management . 71.3.2.5Privacy . 71.3.2.6Protection of the TSF . 71.3.2.7Trusted Path/Channels. 71.3.3TOE Documentation . 71.3.4Other References . 7Conformance Claims . 82.1CC Conformance . 82.2Protection Profile Conformance . 82.3Conformance Rationale . 82.3.13Physical Boundaries . 5Technical Decisions . 8Security Problem Definition . 103.1Threats . 103.2Assumptions . 103.3Organizational Security Policies . 10Security Objectives. 114.1Security Objectives for the TOE . 114.2Security Objectives for the Operational Environment . 11Security Requirements . 135.1Conventions . 135.2Security Functional requirements. 14
635.2.1Cryptographic Support (FCS) . 145.2.2User Data Protection (FDP) . 155.2.3Identification and Authentication (FIA) . 155.2.4Security Management (FMT) . 165.2.5Privacy (FPR). 175.2.6Protection of TSF (FPT) . 175.2.7Trusted Path/Channel (FTP) . 185.3TOE SFR Dependencies Rationale for SFRs . 185.4Security Assurance Requirements . 195.5Rationale for Security Assurance Requirements . 195.6Assurance Measures . 19TOE Summary Specification . 21
Revision HistoryVersion1.01.11.24DateSeptember 2018November 2018November 2018DescriptionInitial ReleaseUpdated per reviewUpdated per ECR review
1 Security Target Introduction1.1 Security Target and TOE ReferenceThis section provides information needed to identify and control this ST and its TOE.CategoryST TitleST VersionST DateST AuthorTOE IdentifierTOE Software VersionTOE DeveloperKey WordsIdentifierSymantec Endpoint Protection Security Target1.2November 2018Acumen Security, LLC.Symantec Endpoint Protection (SEP)Version 14.2Symantec CorporationEndpoint Security, Client, Application, Cyber DefenseTable 1 TOE/ST Identification1.2 TOE OverviewThe Symantec Endpoint Protection client (hereafter referred to as the TOE or SEP) is a multifacetedendpoint threat control agent blending features of traditional antivirus, HIDS, host-based firewalls, etc.,into a single software package.The SEP comprises a set of applications (.exe) and libraries (.dll), written in C , running as native codeon the operating system. It is composed of components which run in user space (the traditional“application”), as well as service providers which run in privileged mode in kernel space, essentially asdrivers, to allow the software to control security-relevant functionality on the host operating system,such as blocking network traffic to malicious hosts, and shutting down host access to removable media.The platform for this evaluation will be the Windows Operating System.1.3 TOE Architecture1.3.1 Physical Boundaries1.3.1.1 HardwareThe TOE is a software-only evaluation running on a Windows OS platform. The following minimumrequirements are needed for the underlying platform to ensure the TOE functions as required: Operating Systemo Windows 10Processoro 32-bit processor: 1 GHz Intel Pentium III or equivalent minimum (Intel Pentium 4 orequivalent recommended)o 64-bit processor: 2 GHz Pentium 4 with x86-64 support or equivalent minimumPhysical RAMo 512MB (1GB recommended)Hard Driveo 395 MB (Additional 135MB required during installation)1.3.1.2 SoftwareThe software boundary of the TOE incudes the Symantec Endpoint Protection Client application as wellas the Graphical User Interface (GUI). For cryptographic operations, the TOE uses the Windows built-inTLS v1.2 implementation in support of HTTPS/TLS communications.5
1.3.1.3 Operational EnvironmentIn support of the TOE, the following components are present within the Operational Environment:ComponentSymantec Endpoint Protection(SEP) ManagerLiveUpdate ServerUsage/PurposeSEP Manager maintains the authenticated user accounts and informationregarding how it itself authenticates to databases. The SEPM providesmanagement over the Endpoint client configuration.LiveUpdate provides administrators a method in which to downloaddefinitions, signatures, and other content and distributes the updates toclient computers. The connection is secured via TLS.Table 2 Operational Environment ComponentsThe following diagram shows a typical TOE deployment. The TOE is deployed throughout the networkand communicates with the Symantec Endpoint Protection (SEP) Manager/LiveUpdate Server on acorporate network.Notes regarding this above diagram: The TOE is running on a Windows 10 PCThe diagram shows a connection to a Symantec Endpoint Protection (SEP) Manager and aLiveUpdate Server. These services may or may not be residence on the same device.1.3.2 Logical BoundariesThe TOE provides the security functionality required by [ASPP].1.3.2.1 Cryptographic SupportThe TOE leverages the Windows built-in TLS v1.2 implementation. When establishing a session over TLS,the Windows built-in TLS v1.2 ensures the identifier presented in the exchange matches the correctreference identifier before proceeding with the connection. The Windows built-in TLS v1.2 also performsvalidation of TLS server certificates. If for any reason during session establishment the validity of acertificate cannot be performed successfully, the Windows built-in TLS v1.2 will not accept thecertificate or establish the session. The TOE does not use any DRBG functionality for its cryptographicoperations.1.3.2.2 User Data ProtectionIn the evaluated configuration, the TOE does not store sensitive data on the drive. In addition, the TOE isrestricted to use of only the underlying platforms network connectivity for client/servercommunications and content updates. These are triggered either by user action or via response to a SEPManager request. While the TOE writes to the Windows event logs, it does not provide functionality toread the generated events.6
1.3.2.3 Identification and AuthenticationThe TOE supports use of X.509 certificates for TLS communication between the TOE and SEP Manager.This is performed via the X509TrustManager.1.3.2.4 Security ManagementThe TOE does not install with any default credentials and does not store any credentials on the system.The authentication mechanisms of the underlying platform are used to ensure only authorized users ofthat platform can gain access to the application and underlying platform functionality.Configuration options are stored via native mechanisms (Windows Registry) and proprietary securestorage. Protection of these configuration options is provided using Access Control Lists (ACLs) andSymProtect (Symantec Tamper Protection). By default, the application is configured with filepermissions which protect it and its data from unauthorized access1.3.2.5 PrivacyIn the evaluated configuration, the TOE does not transmit any Personally Identifiable Information (PII)over the network.1.3.2.6 Protection of the TSFIn the evaluated configuration, the TOE does not request memory mapping to any explicit address.However, the TOE does request allocation of memory regions for write and execute permissions. Thisallocation is performed using PAGE EXECUTE READWRITE. It is important to note that the applicationdoes not provide the user with the ability to write modifiable files to directories containing executablefiles.The TOE is compiled with use of the GS flag to provide protection against stack-based buffer overflow.This provides buffer security checks during compilation of code by checking for risks such as bufferoverruns on return addresses and potentially vulnerable parameters.For updates to the TOE, SEP client implements its own functionality (LiveUpdate) to check for updateswhich are distributed as MSI files on the Windows platform. TOE updates are digitally signed for imagevalidation. Checking of the software version can be performed through the TOE’s GUI as well as usingthe SWID tags provided with the application. Additional updates to the MSI include content updates andsecurity updates which can be used to update the binary code to ensure up-to-date protection. If theapplication is uninstalled from the platform, all traces of the application will be purged from theplatform.For the TOE to function as defined within the protection profile, Windows Defender should be disabledon the underlying platform.1.3.2.7 Trusted Path/ChannelsDuring operation of the TOE, transmitted data is encrypted via HTTPS and TLSv1.2. TLS communication isprovided via the Windows built-in TLS v1.2. LiveUpdate, the service used for transmission of securitydefinitions, are sent via HTTPS.1.3.3 TOE Documentation [ST] Symantec Endpoint Protection, Version 14.2 Security Target[AGD] Symantec Endpoint Protection Installation and Administration Guide1.3.4 Other ReferencesProtection Profile for Application Software, version 1.2, dated, 25 April 2016 [ASPP]7
2 Conformance Claims2.1 CC ConformanceThis TOE is conformant to: Common Criteria for Information Technology Security Evaluations Part 1, Version 3.1, Revision 4,September 2012Common Criteria for Information Technology Security Evaluations Part 2, Version 3.1, Revision 4,September 2012: Part 2 extendedCommon Criteria for Information Technology Security Evaluations Part 2, Version 3.1, Revision 4,September 2012: Part 3 extended2.2 Protection Profile ConformanceThis TOE is conformant to: Protection Profile for Application Software, version 1.2, dated, 25 April 2016 [ASPP].2.3 Conformance RationaleThis Security Target provides exact conformance to Version 1.2 of the Protection Profile for ApplicationSoftware. The security problem definition, security objectives and security requirements in this SecurityTarget are all taken from the Protection Profile performing only operations defined there.2.3.1Technical DecisionsThe following Technical Decisions have been considered for this evaluation:8TDApplicable Notes0359: Buffer Protection0327 – Default file permissions forFMT CFG EXT.1.20326 – RSA-based key establishmentschemes0305 – Handling of TLS connections with andwithout mutual authentication0304 – Update to FCS TLSC EXT.1.20300 – Sensitive Data in FDP DAR EXT.10296 – Update to FCS HTTPS EXT.1.30295 – Update to FPT AEX EXT.1.3Assurance Activities0293 – Update to FCS CKM.1(1)0283 – Cipher Suites for TLS in SWApp v1.20269 – Update to FPT AEX EXT.1.3Assurance Activity0268 – FMT MEC EXT.1 Clarification0267 – TLSS testing - Empty CertificateAuthorities list0244 – FCS TLSC EXT - TLS Client CurvesAllowed0241 – Removal of Test 4.1 inFCS TLSS EXT.1.10238 – User-modifiable filesFPT AEX EXT.1.4YesYesNoNoThe TOE does not support key generation, keyestablishment, or TLS server functionality.The TOE does not support mutual authentication.YesYesYesYesNoYesNoYesNoSuperseded by TD0326.Superseded by TD0295.The TOE does not support TLS serverfunctionality.YesNoYesThe TOE does not support TLS serverfunctionality.
TDApplicable Notes0221 – FMT SMF.1.1 - Assignments movedto Selections0218 – Update to FPT AEX EXT.1.3Assurance Activity0217 – Compliance to RFC5759 and RFC5280for using CRLs0215 – Update to FCS HTTPS EXT.1.20192 – Update to FCS STO EXT.1 ApplicationNote0178 – Integrity for installation tests inAppSW PP0177 – FCS TLSS EXT.1 Application NoteUpdate0174 – Optional Ciphersuites for TLS0172 – Additional APIs added toFCS RBG EXT.1.10163 – Update to FCS TLSC EXT.1.1 Test 5.4and FCS TLSS EXT.1.1 Test0131 – Update to FCS TLSS EXT.1.1 Test 4.5Yes0122 – FMT SMF.1.1 Assignments moved toSelections0121 – FMT MEC EXT.1.1 ConfigurationOptions0119 – FCS STO EXT.1.1 in PP APP v1.20107 – FCS CKM - ANSI X9.31-1998, Section4.1.for Cryptographic Key GenerationNoTable 3 TDs9NoSuperseded by TD0326.YesYesYesNoThe TOE does not run on Apple iOS.NoThe TOE does not support TLS serverfunctionality.YesYesYesNoThe TOE does not support TLS serverfunctionality.Superseded by TD0221.YesYesNoSuperseded by TD0326.
3 Security Problem DefinitionThe security problem definition has been taken from [ASPP] and is reproduced here for the convenienceof the reader. The security problem is described in terms of the threats that the TOE is expected toaddress, assumptions about the operational environment, and any organizational security policies thatthe TOE is expected to enforce.3.1 ThreatsThe following threats are drawn directly from the ASPP.IDThreatT.NETWORK ATTACKAn attacker is positioned on a communications channel or elsewhere on thenetwork infrastructure. Attackers may engage in communications with theapplication software or alter communications between the application softwareand other endpoints in order to compromise it.An attacker is positioned on a communications channel or elsewhere on thenetwork infrastructure. Attackers may monitor and gain access to data exchangedbetween the application and other endpoints.An attacker can act through unprivileged software on the same computingplatform on which the application executes. Attackers may provide maliciouslyformatted input to the application in the form of files or other localcommunications.An attacker may try to access sensitive data at rest.T.NETWORK EAVESDROPT.LOCAL ATTACKT.PHYSICAL ACCESSTable 4 Threats3.2 AssumptionsThe following assumptions are drawn directly from the ASPP.IDAssumptionA.PLATFORMThe TOE relies upon a trustworthy computing platform for its execution. Thisincludes the underlying platform and whatever runtime environment it provides tothe TOE.The user of the application software is not willfully negligent or hostile, and usesthe software in compliance with the applied enterprise security policy.The administrator of the application software is not careless, willfully negligent orhostile, and administers the software within compliance of the applied enterprisesecurity policy.A.PROPER USERA.PROPER ADMINTable 5 OSPs3.3 Organizational Security PoliciesThere are no OSPs for the application10
4 Security ObjectivesThe security objectives have been taken from [ASPP] and are reproduced here for the convenience ofthe reader.4.1 Security Objectives for the TOEThe following security objectives for the TOE were drawn directly from the ASPP.IDTOE ObjectiveO.INTEGRITYConformant TOEs ensure the integrity of their installation and update packages,and also leverage execution environment-based mitigations. Software is seldom ifever shipped without errors, and the ability to deploy patches and updates tofielded software with integrity is critical to enterprise network security. Processormanufacturers, compiler developers, execution environment vendors, andoperating system vendors have developed execution environment-basedmitigations that increase the cost to attackers by adding complexity to the task ofcompromising systems. Application software can often take advantage of thesemechanisms by using APIs provided by the runtime environment or by enabling themechanism through compiler or linker options.Addressed by: FDP DEC EXT.1, FMT CFG EXT.1, FPT AEX EXT.1, FPT TUD EXT.1To ensure quality of implementation, conformant TOEs leverage services and APIsprovided by the runtime environment rather than implementing their own versionsof these services and APIs. This is especially important for cryptographic servicesand other complex operations such as file and media parsing. Leveraging thisplatform behavior relies upon using only documented and supported APIs.Addressed by: FMT MEC EXT.1, FPT API EXT.1, FPT LIB EXT.1To facilitate management by users and the enterprise, conformant TOEs provideconsistent and supported interfaces for their security-relevant configuration andmaintenance. This includes the deployment of applications and application updatesthrough the use of platform-supported deployment mechanisms and formats, aswell as providing mechanisms for configuration. This also includes providing controlto the user regarding disclosure of any PII.Addressed by: FMT SMF.1, FPT IDV EXT.1, FPT TUD EXT.1.5, FPR ANO EXT.1To address the issue of loss of confidentiality of user data in the event of loss ofphysical control of the storage medium, conformant TOEs will use data-at-restprotection. This involves encrypting data and keys stored by the TOE in order toprevent unauthorized access to this data. This also includes unnecessary networkcommunications whose consequence may be the loss of data.Addressed by: FDP DAR EXT.1, FCS STO EXT.1, FCS RBG EXT.1To address both passive (eavesdropping) and active (packet modification) networkattack threats, conformant TOEs will use a trusted channel for sensitive data.Sensitive data includes cryptographic keys, passwords, and any other data specificto the application that should not be exposed outside of the application.Addressed by: FTP DIT EXT.1, FCS TLSC EXT.1, FCS DTLS EXT.1, FCS RBG EXT.1O.QUALITYO.MANAGEMENTO.PROTECTED STORAGEO.PROTECTED COMMSTable 6 Objectives for the TOE4.2 Security Objectives for the Operational EnvironmentThe following security objectives for the operational environment assist the TOE in correctly providingits security functionality. These track with the assumptions about the environment.ID11Objective for the Operation Environment
OE.PLATFORMOE.PROPER USEROE.PROPER ADMINThe TOE relies upon a trustworthy computing platform for its execution. Thisincludes the underlying operating system and any discrete execution environmentprovided to the TOE.The user of the application software is not willfully negligent or hostile, and usesthe software within compliance of the applied enterprise security policy.The administrator of the application software is not careless, willfully negligent orhostile, and administers the software within compliance of the applied enterprisesecurity policy.Table 7 Objectives for the environment12
5 Security RequirementsThis section identifies the Security Functional Requirements for the TOE and/or Platform. The SecurityFunctional Requirements included in this section are derived from Part 2 of the Common Criteria forInformation Technology Security Evaluation, Version 3.1, Revision 4, dated: September 2012 and allinternational interpretations.RequirementFCS RBG EXT.1FCS STO EXT.1FDP DEC EXT.1FDP NET EXT.1FDP DAR EXT.1FMT MEC EXT.1FMT CFG EXT.1FMT SMF.1FPR ANO EXT.1FPT API EXT.1FPT AEX EXT.1FPT TUD EXT.1FPT LIB EXT.1FTP DIT EXT.1FCS CKM EXT.1FCS TLSC EXT.1FCS TLSC EXT.4FCS HTTPS EXT.1FIA X509 EXT.1FIA X509 EXT.2FPT IDV EXT.1Auditable EventMandatory SFRsCryptographic Operation - Keyed-Hash Message AuthenticationStorage of SecretsAccess to Platform ResourcesNetwork CommunicationsEncryption Of Sensitive Application DataSupported Configuration MechanismSecure by Default ConfigurationSpecification of Management FunctionsUser Consent for Transmission of Personally Identifiable InfoUse of Supported Services and APIsAnti-Exploitation CapabilitiesIntegrity for Installation and UpdateUse of Third Party LibrariesProtection of Data in TransitOptional, Selection-Based and Objective SFRsCryptographic Key Generation ServicesTLS Client ProtocolTLS Client ProtocolHTTPS ProtocolX.509 Certificate ValidationX.509 Certificate AuthenticationSoftware Identification and VersionsTable 8 SFRs5.1 ConventionsThe CC defines operations on Security Functional Requirements: assignments, selections, assignmentswithin selections and refinements. This document uses the following font conventions to identify theoperations defined by the CC: 13Assignment: Indicated with bold text and are surrounded by brackets;Refinement: Indicated with bold text;Selection: Indicated with bold italic text and are surrounded by brackets;Assignment within a selection: Indicated with underlined bold italic text and are surrounded bybrackets;Iteration: Indicated by appending the iteration number in parenthesis, e.g., (1), (2), (3).Where operations were completed in the PP itself, the formatting used in the PP has beenretained.
Explicitly stated SFRs are identified by having a label ‘EXT’ after the requirement name for TOE SFRs.Formatting conventions outside of operations matches the formatting specified within the PP.5.2 Security Functional requirements5.2.1 Cryptographic Support (FCS)FCS CKM EXT.1 Cryptographic Key Generation ServicesFCS CKM EXT.1.1The application shall [generate no asymmetric cryptographic keys].FCS HTTPS EXT.1 HTTPS ProtocolFCS HTTPS EXT.1.1The application shall implement the HTTPS protocol that complies with RFC 2818.FCS HTTPS EXT.1.2The application shall implement HTTPS using TLS in accordance with [FCS TLSC EXT.1].FCS HTTPS EXT.1.3The application shall [not establish the connection] if the peer certificate is deemed invalid.FCS RBG EXT.1 Random Bit Generation ServicesFCS RBG EXT.1.1The application shall [use no DRBG functionality] for its cryptographic operationsFCS STO EXT.1 Storage of CredentialFCS STO EXT.1.1The application shall [not store any credentials] to non-volatile memory.FCS TLSC EXT.1 TLS Client ProtocolFCS TLSC EXT.1.1The application shall [invoke platform-provided TLS 1.2] supporting the following cipher suites:[ 14TLS RSA WITH AES 128 CBC SHA as defined in RFC 5246TLS RSA WITH AES 128 CBC SHA256 as defined in RFC 5246TLS RSA WITH AES 256 CBC SHA256 as defined in RFC 5246TLS RSA WITH AES 256 GCM SHA384 as defined in RFC 5288TLS DHE RSA WITH AES 256 GCM SHA384 as defined in RFC 5288TLS ECDHE RSA WITH AES 128 CBC SHA256 as defined in RFC 5289TLS ECDHE RSA WITH AES 128 GCM SHA256 as defined in RFC 5289TLS ECDHE RSA WITH AES 256 CBC SHA384 as defined in RFC 5289TLS ECDHE RSA WITH AES 256 GCM SHA384 as defined in RFC 5289TLS ECDHE ECDSA WITH AES 128 CBC SHA256 as defined in RFC 5289TLS ECDHE ECDSA WITH AES 256 CBC SHA384 as defined in RFC 5289TLS ECDHE ECDSA WITH AES 128 GCM SHA256 as defined in RFC 5289
TLS ECDHE ECDSA WITH AES 256 GCM SHA384 as defined in RFC 5289]and no other cipher suite.FCS TLSC EXT.1.2The application shall verify that the presented identifier matches the reference identifier according toRFC 6125.FCS TLSC EXT.1.3The application shall establish a trusted channel only if the peer certificate is valid.FCS TLSC EXT.4 TLS Client ProtocolFCS TLSC EXT.4.1The application shall present the supported Elliptic Curves Extension in the Client Hello with thefollowing NIST curves: [secp256r1, secp384r1, secp521r1] and no other curves.5.2.2 User Data Protection (FDP)FDP DEC EXT.1 Access to Platform ResourcesFDP DEC EXT.1.1The application shall restrict its access to [network connectivity, [mouse and keyboard]].FDP DEC EXT.1.2The application shall restrict its access to [system logs].FDP NET EXT.1 Network CommunicationsFDP NET EXT.1.1The application shall restrict network communication to [: respond to [SEP Manager policy updates and scan commands as well as LiveUpdate definitionupdates],[uploading status information and detection events to SEP Manager]]FDP DAR EXT.1 Encryption of Sensitive Application DataFDP DAR EXT.1.1The application shall [not store any sensitive data] in non-volatile memory.5.2.3 Identification and Authentication (FIA)FIA X509 EXT.1 X.509 Certificate ValidationFIA X509 EXT.1.1The application shall [invoked platform-provided functionality] to validate certificates in accordance15
with the following rules: RFC 5280 certificate validation and certificate path validation.The certificate path must terminate with a trusted CA certificate.The application shall validate a certificate path by ensuring the presence of the basicConstraintsextension and that the CA flag is set to TRUE for all CA certificates.The application shall validate the revocation status of the certificate using [a CertificateRevocation List (CRL) as specified in RFC 5280 Section 6.3].The application shall validate the extendedKeyUsage field according to the following rules:o Certificates used for trusted updates and executable code integrity verification shallhave the Code Signing purpose (id-kp 3 with OID 1.3.6.1.5.5.7.3.3) in theextendedKeyUsage field.o Server certificates presented for TLS shall have the Server Authentication purpose (id-kp1 with OID 1.3.6.1.5.5.7.3.1) in the extendedKeyUsage field.o Client certificates presented for TLS shall have the Client Authentication purpose (id-kp2 with OID 1.3.6.1.5.5.7.3.2) in the extendedKeyUsage field.o S/MIME certificates presented for email encryption and signature shall have the EmailProtection purpose (id-kp 4 with OID 1.3.6.1.5.5.7.3.4) in the extendedKeyUsage field.o OCSP certificates presented for OCSP responses shall have the OCSP Signing purpose (idkp 9 with OID 1.3.6.1.5.5.7.3.9) in the extendedKeyUsage field.o Server certificates presented for EST shall have the CMC Registration Authority (RA)purpose (id-kp-cmcRA with OID 1.3.6.1.5.5.7.3.28) in the extendedKeyUsage field.FIA X509 EXT.1.2The application shall treat a certificate as a CA certificate only if the basicConstraints extension ispresent and the CA flag is set to TRUE.FIA X509 EXT.2 X.509 Certificate AuthenticationFIA X509 EXT.2.1The application shall use X.509v3 certificates as defined by RFC 5280 to support authentication for[HTTPS, TLS].FIA X509 EXT.2.2Wh
TOE Identifier Symantec Endpoint Protection (SEP) TOE Software Version Version 14.2 TOE Developer Symantec Corporation Key Words Endpoint Security, Client, Application, Cyber Defense Table 1 TOE/ST Identification 1.2 TOE Overview The Symantec Endpoint Protection client (hereafter referred to as the TOE or SEP) is a multifaceted endpoint threat .
3. Symantec Endpoint Protection Manager 4. Symantec Endpoint Protection Client 5. Optional nnFortiClient EMS For licenses to Symantec Endpoint Protection, please contact Symantec’s respective sales team. NOTE: This guide is pertinent to the integration between the relevant portions of the FortiGate, the FortiClient, and Symantec Endpoint .
clients and is configured with Symantec Endpoint Protection Manager Console. The Symantec Endpoint Protection client is installed on the scan nodes, which are used to protect the file data that resides on SONAS. Symantec Endpoint Protection Manager Console lets users centrally manage Symantec Endpoint Protection clients, known as . scan nodes
Installing Symantec Endpoint Protection Manager on the Amazon EC2 platform Symantec Endpoint Protection Manager is installed by deploying the Symantec Endpoint Protection Manager AMI (Amazon Machine Image) from AWS Marketplace. Symantec Endpoint Protection Manager AMI can be
Keywords: Symantec , antivirus, endpoint protection 1.2 Overview The TOE is Symantec Endpoint Protection Version 11.0, which delivers a comprehensive antivirus/endpoint security solution with a single agent and a single, centralized management console. Symantec Endpoint Protection
Endpoint Protection Manager (SEPM) operations from a remote application, such as Symantec Advanced Threat Protection (ATP) and Symantec Web Gateway (SWG). You use the APIs if you do not have access to Symantec Endpoint Protection Manager. If you use the Symantec Endpoint Protection
Symantec Endpoint Protection . Endpoint Protection Manager: v11.600.550 Symantec Endpoint Protection: v11.6000.550 . Sophos Endpoint Security and Data Protection . Enterprise Console: v4.0.0.2362 Endpoint Security and Control: v9.05 . Trend Micro Worry-Free Business Security: Standard Edition . Worry-Free Business Security: v6.0 SP2 build 3025
1. Open Symantec Endpoint Protection Manager. The Symantec Endpoint Protection Manager window appears. 2. On the left side of the Symantec Endpoint Protection Manager window, select the Clients icon. 3. In the Tasks list in the lower left area of the window, select Install a client. The Client Deployment Wizard dialog box appears.
Archaeological Research & Consultancy at the University of Sheffield Research School of Archaeology West Court 2 Mappin Street Sheffield S1 4DT Phone 0114 2225106 Fax 0114 2797158 Project Report 413h.1 Archaeological Evaluation of the Upper Loading Bay, Castle Market, Sheffield April 2002 By Glyn Davies and James Symonds With Contributions by Chris Cumberpatch, Jennie Stopford, Hugh Willmott .
