Symantec Endpoint Protection feature dependencies for Windows clients
Symantec Endpoint Protectionfeature dependencies for Windows clients
Some policy features require each other to provide complete protection on Windows client computers.
Symantec recommends that you do not disable Insight lookups.
Download Protection is part of Auto-Protect and gives
Symantec Endpoint Protectionthe ability to track URLs. The URL tracking is required for several policy features.
If you install
Symantec Endpoint Protectionwithout Download Protection, Download Insight has limited capability. Browser Intrusion Prevention and SONAR require Download Protection.
Automatically trust any file downloaded from an intranet websiteoption also requires Download Protection.
Download Insight has the following dependencies:
If basic Download Protection is not installed, Download Insight runs on the client at level 1. Any level that you set in the policy is not applied. The user also cannot adjust the sensitivity level.
Even if you disable Download Insight, the
Automatically trust any file downloaded from an intranet websiteoption continues to function.
If you disable Download Insight, you disable portal detections. This means that Auto-Protect and scheduled and on-demand scans evaluate all files as non-portal files and use a sensitivity level that is determined by Symantec.
Insight Lookup (12.1.x clients) and cloud protection
Insight Lookup uses the Symantec Insight reputation database in the cloud to make decisions about files that were downloaded from a supported portal.
Starting in 14:
Cloud scans and 12.1.x Insight Lookup have the following feature dependencies:
(12.1.x clients only) Cloud lookups do not apply to right-click scans of folders or drives on your client computers. However, cloud lookups do apply to right-click scans of selected portal files.
SONAR has the following dependencies:
Browser Intrusion Prevention
Download Protection must be installed. Download Insight can be enabled or disabled.
Trusted Web Domain exception
The exception is only applied if Download Protection is installed.
Custom IPS signatures
Uses the firewall.
Uses Insight lookups.
Power Eraser uses reputation information to examine files. Power Eraser has a default reputation sensitivity setting that you cannot modify. If you disable the option
Allow Insight lookups for threat detection, Power Eraser cannot use reputation information from Symantec Insight. Without Insight, Power Eraser makes fewer detections, and the detections are more likely to be false positives.
Power Eraser uses its own reputation thresholds that are not configurable in
Symantec Endpoint Protection Manager. Power Eraser does not use the Download Insight settings.
Memory Exploit Mitigation
(Generic Exploit Mitigation in version 14)
Intrusion prevention must be installed. Intrusion prevention can be enabled or disabled.