The types of security policies

You use several different types of security policies to manage your network security. Most types of policies are automatically created during the installation. You can use the default policies or you can customize policies to suit your specific environment.
Security policy types
Policy type
Description
Virus and Spyware Protection policy
The Virus and Spyware Protection policy provides the following protection:
  • Detects, removes, and repairs the side effects of virus and security risks by using signatures.
  • Detects the threats in the files that users try to download by using reputation data from Download Insight.
  • Detect the applications that exhibit suspicious behavior by using SONAR heuristics and reputation data.
    The
    Virus and Spyware Protection policy
    finds behavior anomalies through its SONAR technology.
Download Insight and SONAR technology are available only on Windows clients.
For more information, see:
Firewall policy
The Firewall policy provides the following protection:
  • Blocks the unauthorized users from accessing the computers and networks that connect to the Internet.
  • Detects the attacks by hackers.
  • Eliminates the unwanted sources of network traffic.
Firewall policies can be applied only to Windows clients.
For more information, see:
Intrusion Prevention policy
The Intrusion Prevention policy automatically detects and blocks network attacks and attacks on browsers as well as protects applications from vulnerabilities. See:
Application and Device Control
The Application and Device Control policy protects a system's resources from applications and manages the peripheral devices that can attach to computers. See:
Application Control policy can be applied only to Windows clients. The Device Control policy applies to Windows and Mac computers.
Host Integrity
The Host Integrity policy provides the ability to define, enforce, and restore the security of client computers to keep enterprise networks and data secure. You use this policy to verify that the clients that access your network run the antivirus software, patches, and other application criteria that you define. See:
LiveUpdate policy
The LiveUpdate Content policy and the LiveUpdate Settings policy contain the settings that determine how and when client computers download content updates from LiveUpdate. You can define the computers that clients contact to check for updates and schedule when and how often client computers check for updates. See:
Memory Exploit Mitigation
The Memory Exploit Mitigation policy stops exploit attempts against both known and unknown vulnerabilities on software using mitigation techniques such as DLL hijacking, heap spray mitigation, and Java exploit prevention. See:
This policy type was added for 14.0.1. Version 14 added this functionality in the Intrusion Prevention policy under the name of Generic Exploit Mitigation.
Web and Cloud Access Protection
Web and Cloud Access Protection
sends network traffic to a Symantec Web Security Service (WSS). The WSS solution protects users and organizations by categorizing applications and web sites, and then allowing or denying access to them based on policy.
Web and Cloud Access Protection
was renamed from Network Traffic Redirection in 14.3 RU2.
Web and Cloud Access Protection
For more information, see:
Exceptions
The Exceptions policy provides the ability to exclude applications and processes from detection by the virus and spyware scans and by SONAR.
You can also exclude applications from application control. See:
More information