What's new for Symantec Endpoint Protection 14.3 MP1 (

This section describes the new features in this release.
14.3 MP1 (refresh):
Added support with Google Cloud Platform for cloud-enrolled Symantec Endpoint Protection Managers and cloud-managed Symantec Agents. You do not need to upgrade if you continue to use the on-premises Symantec Endpoint Protection Manager to entirely manage your clients. See
14.3 MP1:
  • A REST API enhancement lets you copy over settings in the
    General Settings
    policy to other groups. If you do not have inheritance for groups enabled, you can use the API call to change settings for multiple groups. For example, you can set the heartbeat and download randomization values, enable Tamper Protection, and configure Server control options.
  • External Logging adds a new Syslog entry containing PII filtered policy changes. This change adds a second log line containing the policy payload when a policy change is made and recorded in the Audit log.
  • External Logging forwards information about the type of scan to Syslog servers. This information includes whether the scan was a full scan or active scan and a manual or scheduled scan. This change adds a new SCAN_TYPE column in External Logging for scan events. You can use this information to track regularly scheduled scans on your client computers.
  • The Symantec Endpoint Protection Manager Administrative Log displays the administrator's user name and the source and destination group names after a client moves from one group to another.
  • Added command-line scan support for the Windows Subsystem for Linux (WSL) processes. Dependent on SDS 1.12 or later. See:
  • The database schema includes the following table changes:
    • SEM_AGENT: TDAD_GLOBAL_DATA_PROCESSING_DONE_TIME (Timestamp for when the agent is done processing the TDAD policy).
    • SERVER_POLICY_LOG_1 and 2: EVENT_CONTENT (Stores the policy contents when added, edited, or deleted after Audit Log option is enabled.)