What's new in
Symantec Cloud Workload Protection

The following new features and enhancements were introduced in the recent releases of
Symantec Cloud Workload Protection
:
September 20, 2021
  • A new SEP agent version,
    SEP 14.3 RU3
    , is now available for the Windows instances of
    Symantec Cloud Workload Protection
    .Your existing SEP agents will upgrade to SEP 14.3 RU3 and your new deployments will be installed with the new SEP agent as per the following procedures:
    • New Deployments
      • AWS
        : The latest version of SEP agent will be installed when you deploy the
        Cloud Workload Protection
        agent either through the agent package downloaded from the console or through the AWS SSM Distributor Package.
      • Azure
        :  If you use Azure VM extension to deploy the
        Cloud Workload Protection
        agent, then use the new version of the Azure VM extension for Windows (recommend you to wait for the support of the new version by Symantec) to install the new SEP agent.
      .
    • Agent Upgrades
      Existing SEP agents of
      Symantec Cloud Workload Protection
      can upgrade to SEP 14.3 RU3 (from September 24, 2021 onwards) based on the configuration that you defined for the
      Client Updates Schedule
      setting of the Windows Anti-Malware policy.
      Restart the Windows instances to complete the SEP agent upgrade.
May 12, 2021
  • A new SEP agent version,
    SEP 14.3 RU2
    , is now available for the Windows instances of
    Symantec Cloud Workload Protection
    .Your existing SEP agents will upgrade to SEP 14.3 RU2 and your new deployments will be installed with the new SEP agent as per the following procedures:
    • New Deployments
      • AWS
        : The latest version of SEP agent will be installed when you deploy the
        Cloud Workload Protection
        agent either through the agent package downloaded from the console or through the AWS SSM Distributor Package.
      • Azure
        :  If you use Azure VM extension to deploy the
        Cloud Workload Protection
        agent, then use the new version of the Azure VM extension for Windows (recommend you to wait for the support of the new version by Symantec) to install the new SEP agent.
      .
    • Agent Upgrades
      Existing SEP agents of
      Symantec Cloud Workload Protection
      can upgrade to SEP 14.3 RU2 (from May 19, 2021 onwards) based on the configuration that you defined for the
      Client Updates Schedule
      setting of the Windows Anti-Malware policy.
      Restart the Windows instances to complete the SEP agent upgrade.
January 23, 2021
  • Cloud Workload Protection
    is now hosted on Google Cloud Platform. This means that all the cloud services are diconow transitioned to GCP therefore improving operational efficiency and resilience while operating from a simplified infrastructure. For more details, refer to this FAQ
  • In this release the following technologies and functionalities of
    Cloud Workload Protection
    are deprecated:
    • Agentless application discovery using VPC flow logs
      You will still be able to find information about software services from the instances on which the agent is deployed. Refer to this topic for more details.
    • DeepSight™ technology -
      Cloud Workload Protection
      is no more subscribed to this technology to consume its threat and vulnerability data for evaluating the instances and software services. This means that you will not find information on potential threats and vulnerabilities in your applications.
By January 21, 2021, you must have upgraded your Windows instances to the SEP agent as the SEP Cloud agent is being declared End of Life (EOL). If you have failed to upgrade, then your Windows instances stopped receiving updates on antimalware policy and also stopped sending events on any detected malware. It is highly recommended to upgrade to SEP agent as soon as possible. 
September 7, 2020
  • For the Windows instances, the Symantec Endpoint Protection (SEP) agent replaces the Symantec Endpoint Protection Cloud (SEP Cloud) agent for the Anti-malware capabilities. You must upgrade to the SEP agent for continued protection of the instances and the workloads. 
  • Cloud Workload Protection
    now supports agents on Ubuntu 20 and Red Hat Enterprise Linux 8.2.
February 13, 2020
January 16, 2020
  • A new Symantec single point of contact (SPOC) server URL has been introduced for the agents to receive notifications from the Symantec cloud server -
    us.spoc.securitycloud.symantec.com
    Ensure that both the existing and the new SPOC URLs are whitelisted on your firewall. See Firewall requirements in
    Cloud Workload Protection
    .
  • Cloud Workload Protection has introduced a mandatory flag field for setting up recommendation rules. While creating or editing recommendation rules, use the flag field to mark rules as mandatory or not. On asset enrollment, asset attribute changes, or software discovery on the agent, policy group recommendation is generated based on the mandatory recommendation rules.
  • Scheduled remote update of agents is enabled by default for the supported Red Hat Enterprise Linux (RHEL), CentOS, Amazon Linux, Oracle Linux, Ubuntu, SuSE Linux Enterprise Server (SLES) platforms. Based on the remote agent update scheduling configurations, the system automatically detects if a new version of the agent, CAF or kernel module is available and initiates the update process. See Scheduling remote upgrade of agents installed on Linux-based systems.
  • Cloud Workload Protection now supports agents on RHEL 8, SLES 15, and CentOS 8. See Supported platforms and kernels for the
    Cloud Workload Protection
    agent
    .
October 3, 2019
  •   Cloud Workload Protection now supports agent on SUSE Linux Enterprise Server platform.
  •   A new field is added under the
    Support
    tab of the
    Agents and Instances
    workspace of the Cloud Workload Protection console to display status of Anti-Malware Agent Installation for Windows agents only.
  •   You can now include the field
    Virus Definition Version
    during instance export in Cloud Workload Protection.
  •   Support for agent upgrade is now available for AWS instances in Cloud Workload Protection console.
September 10, 2019
  • You can now remove the system generated recommendation rules from a policy template therefore leveraging the rules that you want to apply on a specific policy group.
  •   You can now clone a policy group from the
    Policies > Policy Group
    page of the console as well as by leveraging the REST API SCWP#_clone_policy_group.
  • You can now search for the public IP addresses of the instances in the
    Assets > Instances
    page of the console
  • A new role called
    Deployment Admin
    has been introduced that lets you download the agent installation package and invoke the “read-only” REST APIs.
August 12, 2019
  • Cloud Workload Protection
    now supports ability to install and upgrade the
    Cloud Workload Protection
    agents remotely using the AWS Systems Manager Distributer. The upgrade operations can be performed through a set of new APIs.
  • In
    Cloud Workload Protection
    , for the Unix Antimalware Policy, the ability to enable or disable quarantining of files, configuring the quarantine file directory size, and setting a duration for which a file is to be quarantined has been provided.
  • Cloud Workload Protection
    now enables users to skip auto-apply of recommended policy group for workloads that already have policy group applied manually by user. The recommendation engine now prioritizes customer defined tag rules higher than AMI rules.
  • Cloud Workload Protection
    has introduced a SCWP#_export_subscription_usage to export the subscription usages.
  • Cloud Workload Protection
    now supports ability to invoke read-only APIs by user in the viewer role.
July 11, 2019
  • Trial option for
    Cloud Workload Protection
    through AWS Marketplace and Symantec site
    If you are an existing user of Symantec Integrated Cyber Defense Manager, then you can try out
    Cloud Workload Protection
    suite of product as a trial from the ICDm console. Click on the
    Hybrid Cloud
    tab in the ICDm console to explore the trial version of
    Cloud Workload Protection
    . You can avail
    Cloud Workload Protection
    using either of the two options: through the AWS Marketplace or through Symantec trial option.
  • Enhancing the Windows Anti-Malware policy
    The Windows Anti-Malware policy now supports Web protection, Application Protection, (MEM), and Network protection.
  • Support for Windows 2019
    Cloud Workload Protection now supports agent on Windows 2019 platform.
  • New build options added for the CICD plugin
    For CICD Package Discovery plugin, you can now configure Jenkins job to fail for specific situations. Situations are:
    • If any malware is detected and not remediated
    • If Jenkins node is at risk
    • If any severe vulnerability is detected
  • Cloud Workload Protection
    and its suite of products such as CWP for Storage and Cloud Workload Assurance introduces a preview of SAML 2.0 based-identity provider such as Microsoft Azure for authentication and authorization to the Symantec portal.
  • Cloud Workload Protection
    integrates with Amazon EventBridge to publish the events in EventBridge.
June 7, 2019
  • Schedule scan option is now configurable for the Unix Anti-Malware Policy
    In Cloud Workload Protection, you can now schedule scan through the Unix Anti-Malware Policy for a group of instances.
  • Support for upgrade of Windows agent on Azure VM extensions
    Cloud Workload Protection now supports Windows agent upgrade through the Azure VM Extensions. Refer the topic for supported Azure VM extensions.
  • “Reports and Templates” introduced in Cloud Workload Protection
    Cloud Workload Protection has introduced
    Reports and Templates
    workspace. You can now generate reports from the
    Get Started
    wizard, and can also generate reports with the latest data from the
    Reports and Templates
    page of the console.
  • Cloud Workload Protection trial available in Symantec Cloud Defense Manager
    If you are an existing user of Symantec Integrated Cyber Defense Manager, then you can try out Cloud Workload Protection as a trial from the ICDm console. Click on the Hybrid Cloud tab in the ICDm console to explore the trial version of Cloud Workload Protection. The
    Hybrid Cloud
    tab indicates Cloud Workload Protection’s capability to protect heterogeneous environments, both on-premise and in cloud.
May 3, 2019
  • Cloud Workload Protection integrates with Azure Log Analytics
    The Cloud Workload Protection events can be exported and published in Azure Log Analytics. Events such as Anti-Malware, Intrusion and Detection, FIM, Monitoring and so on can be exported to the Azure Log Analytics service.
  • Support for silver image on Windows instances or virtual machines
    Cloud Workload Protection now has the provision to create silver images from a golden image for the Windows instances or virtual machines.
  • New APIs in Cloud Workload Protection
    New APIs on creating a connection for Google Cloud Platform, Oracle Cloud Infrastructure, and Azure respectively are introduced in Cloud Workload Protection. APIs to update the cloud platforms are also introduced.
  • Monthly usage report is introduced
    Cloud Workload Protection now sends monthly usage report for your subscriptions
April 4, 2019
  • Configuring proxy settings through console
    In Cloud Workload Protection, now you can add the proxy settings from the console for the Cloud Workload Protection agents.
  • Golden image support for Windows
    In Cloud Workload Protection, you can now create golden images for Windows with Cloud Workload Protection agent.
  • Schedule scan for multiple Windows instances
      In Cloud Workload Protection, you can now schedule a scan for multiple Windows instances through an Anti-Malware policy.
  • New SCWP#_symantec_cloud_workload_protection added in
    Symantec Cloud Workload Protection
    The following APIs are added in Cloud Workload Protection:
    •   Adding Symantec tags to the instances:
    •   Deleting a Symantec tag from the instances
    •   Exporting the policy settings of a policy group
March 4, 2019
  • Support for Oracle Cloud Infrastructure (OCI)
    Symantec Cloud Workload Protection
    now supports the Oracle Cloud Infrastructure, and protects the compute instances against threats, vulnerabilities, and malware. Set up a connection and get instant visibility of your Oracle Cloud Infrastructure instances. Monitor the instances, evaluate threats and vulnerabilities, and enforce the right policies to protect the instances.
February 11, 2019
  • Report on discovery of instances
    Symantec Cloud Workload Protection
    has introduced a report that summarizes the initial discovery of instances after establishing a connection with AWS through the
    Get Started
    wizard. The report helps you to take a glance at the total count of instances discovered in an AWS region, the instance’s accessible permission levels, operating systems, VPC and so on.
December 20, 2018
  •   In Cloud Workload Protection, for an exported instance file, you can now view details such as the IP address, region, last agent connected time, device status, and device status reason.
November 29, 2018
  • You can now provide email IDs of non-registered users in the alert profiles of
    Symantec Cloud Workload Protection
    .
  • A new column called Container ID has been added for the
    Symantec Cloud Workload Protection
    container list to display the docker container ID
  • Symantec Cloud Workload Protection
    now provides the ability to reapply an updated policy group to all the associated instances.
  • In
    Symantec Cloud Workload Protection
    , an exported instance file now lists these - Applied Policy Group, Is Latest Policy Group, Policy Group Applied Date, and Policy Group Modified Date.
  • In
    Symantec Cloud Workload Protection
    , the Security Posture by region chart now displays the Device Security status too. This status is also displayed in the Instances Grid and for the Instance Map.
October 24, 2018
  • Agentless application discovery
    When you create an AWS connection,
    Cloud Workload Protection
    can now discover the installed applications on your instances even before you install the agent. To enable agentless application discovery, you must create the connection by using the get started wizard and enable VPC log flows in the wizard.
September 27, 2018
  • Multiple domain support
    To help you segregate organizational data among multiple partitions, Cloud Workload Protection now lets you create domains and assign users to access those domains. Configurations made in one domain are available to only the users of that domain.
  • Try Now
    Availing a free trial of Cloud Workload Protection and CWP for Storage is now easier. If you are an existing customer of any one of these products, you can click
    Try Now
    on the subscription drop-down menu on the console to avail free trial of the other product.
  • Server Threat Status widget
    To help you get a glimpse of the status of all the instances in your account, a new widget has been added in the dashboard that displays the different statuses and count of instances in each status. You can click on a particular status to get a drilled down view of the associated instances.
  • Additional search filters for instances
    You can now search instances based on
    IPS Status
    ,
    IDS Status
    , and
    Malware Protection Status
    . Type the search filters on the search bar of the
    Instances
    page.
  • Additional fields on the exported lists
    When you export the instances and the subscription and usage details lists, you get the following additional fields:
    IPS Status
    ,
    IDS Status
    ,
    Malware Protection Status
    ,
    Latest agent version
    (
    Instances
    ), and
    IPS Status
    ,
    IDS Status
    ,
    Malware Protection Status
    ,
    Instance state
    (
    Subscription and usage
    ).
  • Updates for CWP for Storage
    Free trial of 1000 GB: When you subscribe for CWP for Storage, you can now avail a free trial of 1000 GBs or 89 days, whichever is earlier. Once the trial limit is exhausted, all the protection is disabled and you can have read-only access to your account.
  • Updates for Symantec Protection Engine 8.0
    Symantec Protection Engine now has a new dashboard widget to monitor the Anti-Malware Definitions State of the scanners.
August 29, 2018
  • New widgets on the dashboard
    The
    Security Events Insight
    widget helps you view the trend of security events and the
    OS Distribution
    widget helps you view the distribution of OS platforms and versions on the instances.
  • Additional event details
    Additional details such as File Name, Threat Name, Threat Type, and Action Performed have been added for the Anti-Malware events to help you get more insight about the detected malware.
  • Updates for Symantec Protection Engine 8.0
    Symantec Protection Engine now provides the ability in the centralized management console to import an existing policy from the scanner. Two new intuitive widgets have also been added in the dashboard for monitoring the health status of the scanners and for viewing the current license status.
    Additionally, you can now import the Symantec Protection Engine events into Splunk for further analysis.
August 09, 2018
  • Cloud Workload Protection
    Account Configuration Wizard
    In addition to setting up an
    AWS
    connection, the account configuration wizard now provides the option for automated agent installation using
    AWS
    SSM Agent.
  • AWS
    Marketplace availability
    Cloud Workload Protection
    subscription is now available globally on
    AWS
    SaaS marketplace.
June 29, 2018
Integration with Symantec Protection Engine 8.0
Symantec Protection Engine 8.0 introduces the centralized management and reporting console where you can manage all your Symantec Protection Engine (SPE) installations. You can enroll and group SPE scanners, create and apply SPE scan policies to the scanner groups in a consistent manner, and create and associate storage assets to be secured by SPE scanner groups. You may also monitor SPE events, configure alerts based on the events and view the security posture in the dashboards.
Symantec Protection Engine 8.0 also introduces core capability updates like secure ICAP and flexibility to configure LiveUpdate timeslots.
For more information, see ?locale=EN_US
June 13, 2018
  • Ability to discover vulnerabilities in CI/CD packages
    Integrate
    Cloud Workload Protection
    CI/CD Package Discovery Plug-in with your Jenkins server and view the vulnerabilities associated with any of the constituent software packages discovered in continuous integration and continuous deployment (CI/CD) scripts. It also helps you locate the specific path of scripts where the software package with the vulnerability is found.
  • Support for private deployments in threat map
    In addition to the cloud instances, the threat map on the
    Cloud Workload Protection
    console now displays potential threat and vulnerabilities for your on-premises, private deployments as well.
  • API to automate AWS connection setup
    A new REST API has been added that you can use to automate the process of creating an AWS connection. For more information, see the scwp.
May 28, 2018
  • Support for deleting a user account
    You can now delete any user that was added in the
    Cloud Workload Protection
    console, except the first Administrator user and any user who is currently logged on.
  • Multiple AWS account support for Storage
    You can now configure
    CWP for Storage
    to protect S3 buckets in multiple AWS accounts.
  • Object scan status in CloudWatch logs
    CWP for Storage
    now supports logging of scan status of the S3 bucket objects in CloudWatch logs.
May 16, 2018
Additional kernel support
Support for a few additional kernels have been added for Ubuntu 16.04 LTS and Ubuntu 14.04 LTS.
The following enhancement has been made in
CWP for Storage
:
Identify non-public S3 bucket with public objects on the console
The
CWP for Storage
console now helps you identify non-public S3 buckets that has public objects. Based on the events generated for public objects, CWP for Storage marks access level of S3 bucket with an asterisk as
Not Public*
.
April 19, 2018
  • Anti-Malware policies
    Cloud Workload Protection
    now provides Anti-Malware policies for Windows and Unix to help you configure the Anti-Malware settings. You can add these policies in any policy group and configure the policy options.
    Two default Anti-Malware policy groups have also been added that contain the default Anti-Malware settings. The default Anti-Malware policy groups are automatically applied when you install the
    Cloud Workload Protection
    agent.
  • AWS
    Connection wizard
    A new configuration wizard has been added to help you quickly set up a connection between
    Cloud Workload Protection
    and
    AWS
    . Support for
    Azure
    and
    Google Cloud Platform
    will be added soon. Press
    Get Started
    on the welcome page of the
    Cloud Workload Protection
    console to launch the wizard.
  • Enhancements in the Export Instances list
    Manage your instances better with the additional information that is now provided when you press
    Export Instances
    on the
    Instances
    page. The additional information include instance type, instance size, and number of CPU cores. The CPU core information is available for instances that have the agent installed.
  • Agent version displays on the Downloads page
    When you select an agent package to download, the
    Cloud Workload Protection
    console now displays the version of the agent in the package.
    Additionally, you can use
    Cloud Workload Protection
    APIs to get a list of the latest agent versions for all platforms or to see the latest agent version for a particular platform. For more information, see our API scwp.
  • Last login time
    The
    Settings> Users
    page of the
    Cloud Workload Protection
    console now displays the last login time for each user.
  • Platform and kernel support
    We have added support for Docker version 17.09.1-CE and a few additional kernels for Ubuntu and Amazon Linux. Refer to the detailed documentation for the complete list of supported operating systems, features, and kernels.
March 07, 2018
  • Role-based access control (RBAC)
    Introducing user roles to help you control the user actions that are performed on the
    Cloud Workload Protection
    console. The RBAC feature brings two roles that you can choose for each user that you add - Administrator or Viewer.
  • Single-click agent installation for Azure instances
    With this simplified process, you can now install the
    Cloud Workload Protection
    agent on the
    Azure
    instances with just one click. Select the
    Azure
    instance from the
    Instances
    page of the
    Cloud Workload Protection
    console and click
    Install Agent
    .
  • Enhanced automated policy enforcement
    To provide instantaneous protection for your instances, the automatic policy enforcement feature has been enhanced to enforce the recommended policy group as soon as the instance is launched. Enable automatic policy enforcement from the
    General Settings
    page of the
    Cloud Workload Protection
    console.
  • Updated
    Azure
    Virtual Machine extension
    The
    Azure
    virtual machine extensions have been updated to support real-time Anti-Malware for Linux and Anti-Malware for Windows.
  • New API for threat and vulnerability
    Use the new threat and vulnerability REST API to get information about the potential threat and vulnerability.
    See the scwp.
February 21, 2018
January 30, 2018
  • Google Cloud Platform
    support
    Cloud Workload Protection
    now offers full support for
    Google Cloud Platform
    . Set up a connection and get instant visibility of your
    Google Cloud Platform
    instances. Monitor the instances, evaluate threats and vulnerabilities, and enforce the right policies to protect the instances by using
    Cloud Workload Protection
    .
  • Enhancements in the Jobs page
    To help you get the most relevant information, the Jobs page of
    Cloud Workload Protection
    now provides detailed error reporting in Job completion status.
  • Enhancements in the instance details page
    To help you manage the instances better, we have added a few additional details in the Support tab of the instance details. You can now view the associated AWS account number, connection name, the version of the installed agent, and the version of the last virus definition updates that the agent received through LiveUpdate.
    The relevant API service has also been updated. See the scwp.
  • Ability to upgrade kernel modules of the Linux agents through Yum update
    You can now upgrade kernel modules of the
    Cloud Workload Protection
    Linux agent just by using the command
    yum update sdcss-kmod
    . Then reboot the system.
  • Audit events
    A new event type has been added to help you monitor various user actions that are performed on the
    Cloud Workload Protection
    console.
  • Additional browser support
    Support for Internet Explorer 11 and Microsoft Edge have also been added in
    Cloud Workload Protection
    .
December 20, 2017
  • Anti-Malware support for Windows
    The
    Cloud Workload Protection
    Anti-Malware provides real-time protection for your Windows instances against known malware. You can also schedule or run an on-demand Anti-Malware scan.
  • Support to delete private instances
    If you have installed the
    Cloud Workload Protection
    agent on any instance that is not a part of any cloud or on-premises connection, you can now delete such instances from the console.
  • Ability to identify publicly accessible buckets and objects
    This feature is applicable for the customers who have subscribed to
    CWP for Storage
    .
    CWP for Storage
    detects and generates events if any of your S3 buckets or objects have public access. You can also view the S3 bucket access level on the console and configure alerts based on the permission assessment events, which helps you take immediate actions on the specified objects or buckets.
November 30, 2017
IDS monitoring for unsupported kernels
You can now apply the Detection capability (IDS) of
Cloud Workload Protection
policies even on unsupported kernels. Prevention capability would remain disabled for these kernels.
November 21, 2017
  • Google Cloud Platform
    support (Beta)
    Symantec Cloud Workload Protection
    now offers built-in support for
    Google Cloud Platform
    . Set up a connection and get instant visibility of your
    Google Cloud Platform
    instances. Enforce the right policies to protect and monitor the instances with
    Cloud Workload Protection
    .
    Google Cloud Platform
    support is currently available only for Beta Testing.
  • Bulk acknowledgement for notifications
    To help you manage the notifications, an enhancement has been made so that you can acknowledge multiple notifications at one go.
  • New agent status (
    IPS, RT FIM disabled
    )
    If you install the
    Cloud Workload Protection
    agent on an unsupported kernel, the agent status is now shown as
    IPS, RT FIM disabled
    .
  • Support for additional platforms and kernels
    Cloud Workload Protection
    now supports the following additional platforms:
    • CentOS 7.4
    • Red Hat Enterprise Linux 7.4
    • Amazon Linux 2017.09
    • Oracle Linux 6.7, 6.8, 6.9, 7.2, 7.3, 7.4
    Support for multiple additional kernels has been added for Amazon Linux and Ubuntu platforms.
November 13, 2017
  • Cloud Workload Protection for Storage
    You can now subscribe to our latest offering,
    Cloud Workload Protection for Storage
    , and protect data stored in AWS S3 buckets with near real-time and scheduled scanning for malware and threats. You can also monitor the security posture of your S3 buckets, configure alerts, and view events related to your S3 buckets.
  • About/Support menu option
    The new
    About/Support
    option in the user menu provides links to get various information about the product, including the product status. You can go to the
    Status
    page to see if the product is operational at the moment, and the upcoming maintenance schedule.
  • Separate tab for API Keys
    The API Keys have been moved from the
    General Settings
    tab to a new tab
    API Keys
    in the
    Settings
    page. You can now view and hide the API Keys in its tab.
October 30, 2017
  • Multiple
    AWS
    connections
    Creating multiple
    AWS
    connections with
    Cloud Workload Protection
    have been made easier. You can now create up to 100
    AWS
    connections at one go.
  • Update
    AWS
    connection name
    To make the existing
    AWS
    connections easy to distinguish, you can now edit only the name of each
    AWS
    connection, without making any other changes to the connection.
  • API documentation
    The
    Cloud Workload Protection
    API documentation has been updated with a few incident response use cases. A link to the scwp has been added in the menu.
October 16, 2017
  • Out of the box policy groups
    Cloud Workload Protection
    now offers out of the box policy groups for Windows and Unix platforms. These policy groups can be used to protect a newly created instance automatically, if custom policy groups are not configured by the user. An option has been added in the
    General Settings
    to automatically apply the out of the box policy groups.
  • Enhanced default alert profiles
    The efficiency of predefined alert profiles has been enhanced by adding rules to detect possible memory exploits, file integrity monitoring and so on.
  • Azure
    virtual machine extension for Ubuntu
    The Azure virtual machine extension for
    Cloud Workload Protection
    now supports Ubuntu 16.04 and 14.04 platforms.
  • Export instance list
    An option has been added in the
    Instances
    page to export the list of instances in CSV format.
  • Export dashboard widgets
    The dashboard widgets have been enhanced to let you export each widget as an image.
  • Instances Map filtering
    The accessibility of the Instances Map has been enhanced by adding a search functionality. You can search and filter the Instances Map based on various attributes to get the information you need.
September 14, 2017
Azure
virtual machine extension for Windows
You can now use the
Agent for
Cloud Workload Protection
(Windows)
virtual machine extension to install the
Cloud Workload Protection
agent on your Windows virtual machines in Azure.
The
Agent for
Cloud Workload Protection
(Linux)
virtual machine extension has also been updated to support Anti-Malware for the RHEL and CentOS instances.
August 23, 2017
  • Anti-Malware
    The Anti-Malware feature of
    Cloud Workload Protection
    lets you scan the instances for possible malware. Perform an on-demand scan or schedule a scan.
    Cloud Workload Protection
    scans the instances and quarantines the malware, if any. View events and configure alerts based on the scan results. You can also view the five most infected subnets in your environment and the count of detected malware from the dashboard.
  • Certificate pinning
    To enhance the security of your workloads, the
    Cloud Workload Protection
    agents now include certificate pinning that protects the agents against fraudulent certificates. However, if you are using proxy for communication between the
    Cloud Workload Protection
    agent and the server, you must disable certificate pinning.
August 16, 2017
AWS Marketplace free trial usage
When you subscribe to
Cloud Workload Protection
from AWS Marketplace, you can now avail free trial of
Cloud Workload Protection
for 20000 hours or 90 days, whichever is earlier.
For more information, you can refer to the buyer's guide for AWS Marketplace that is available at: DOC10481
July 31, 2017
Azure
virtual machine extension for Linux
To simplify the process of installing an agent, you can now use the
Agent for
Cloud Workload Protection
(Linux)
virtual machine extension from the
Azure
portal or through PowerShell. The virtual machine extension is currently available for the RHEL and CentOS platforms.
July 18, 2017
  • Export connection details: You can now export AWS and Azure connection details as a CSV file.
  • Changes in the Policy Library: The Symantec Policy Library will show only the latest versions of the policies. You can apply filter to see the older versions of the policies.
  • Reset Password link: A link to reset the password has been added in the menu.
  • Enhancements in the Instance Map: The Instance Map has been enhanced to offer a better user experience, while displaying the VPC and the subnet details on tooltip.
  • Enhancement in the Instances page: The Search/Filter on Instance page has been enhanced to show the total count of the instances.
  • Enhancements in the
    AWS
    connection setup process: When you create an
    AWS
    connection using the CloudFormation template, manual inputs are now not required for creating the stack.
June 29, 2017
  • Azure
    configuration automation
    Connecting your
    Azure
    setup with
    Cloud Workload Protection
    is now easier. You can download a PowerShell script from the
    Cloud Workload Protection
    console that'll reduce the manual steps and complexity of setting up an
    Azure
    connection.
  • Anti-Malware (Beta)
    The Anti-Malware feature of
    Cloud Workload Protection
    lets you scan the instances for possible malware. If a malware is detected,
    Cloud Workload Protection
    automatically quarantines the infected file and generates an event. This feature is currently available only for Beta Testing.
June 15, 2017
Cloud Workload Protection
provides true homogeneous security for heterogeneous data centers by protecting any server anywhere in the cloud. The newly introduced cloud bridge lets you manage security of hybrid environments with diverse platforms and patch mitigation needs for legacy platforms.
Symantec Data Center Security: Server Advanced
customers can now manage their on-premises and public cloud servers by using
Cloud Workload Protection
.
With the support of on-premises instances, you can now protect many additional platforms by using
Cloud Workload Protection
.
June 02, 2017
  • Docker support
    Cloud Workload Protection
    now supports Docker and provides continuous protection and monitoring for the containers.
  • Additional platform support:
    • Amazon Linux 64-bit 2017.03
    • Windows 2016
      Policy group recommendation is not supported for Windows 2016.
May 11, 2017
April 05, 2017
  • Publishing events from
    Cloud Workload Protection
    to Amazon CloudWatch for enhanced secure monitoring.
  • Enhancements for
    Azure
    :
    • Automated policy enforcement for
      Azure
      instances based on workload Image ID
    • Automated policy recommendations for
      Azure
      instances based on virtual machine scale set
    • View virtual machine scale sets in the Instance Map for
      Azure
      instances
March 06, 2017
  • Internationalization:
    Cloud Workload Protection
    is available in the following languages:
    • Brazilian Portuguese
    • Chinese Simplified
    • Chinese Traditional
    • French
    • German
    • Italian
    • Japanese
    • Korean
    • Spanish
  • Subtitles are available for the video tutorials in all the mentioned languages.
  • Enhancements in the instance map and threat map to improve user experience.