What's new for Symantec Endpoint Protection 14.3 RU3?
This section describes the new features in this release.
- Enhanced protection against living-off-the-land tools. For more information, see: How Symantec Endpoint Protection protects against ransomware threats and living-off-the land tactics
- Enhanced Protection against known Ransomware threats such as REvil, with expanded inspection technologies for emerging threats. Detect suspicious behavior common to targeted attacks and lock down files and processes before encryption is executed
- Improved protection for threats on Linux using machine learning and cloud analytics. To leverage this capability, in theVirus and Spyware Protection policy,clickLinux Settings>Global Scan Options.
- Symantec can now release new detection capabilities with Auto-Protect much faster.
- Enhanced Browser Extension reporting to identify computers with disabled protection or out-of-date content in the Symantec Endpoint Protection Manager:
- TheClientspage >Clientstab >Protection technologyview displays whether the browser extensions are enabled or disabled. Select the client and clickEdit Properties>Clientstab. TheBrowser IE Enabled Status,Browser FF Enabled Status, andBrowser Chrome Enabled Statusfields show either theEnabled,Disabled, orNot reportingstatus.Browser Extension Definitionsshow the version number for the definitions.
- On theHomepage, underEndpoint Status, select the clients that have theDisabledstatus, and clickDetails. In the report, view the browser extensions that are enabled or disabled.
- Enhanced reporting of clients with the browser extension disabled. On theHomepage, underFavorite Reports, theSymantec Endpoint Protection Weekly Statusreport displays which clients have the extensions that are enabled or disabled.
- TheProtection Content Versionsquick report shows when the Chrome browser extension definitions were last updated. Click theReports>Quick Reports>Computer Statusreport type >Protection Content Versionsreport, and clickCreate Report. Click theSecurity Status Summaryreport to see how many clients have the browser extensions that are disabled or malfunctioning.
- The Computer Status log displays columns forIE Browser Protection Enabled,Firefox Browser Protection Enabled, andChrome Browser Protection Enabled. On theMonitorspage, clickLogs>Computer Statuslog >View Log. On theLogstab, clickDetailsfor the revision number forBrowser Extensions Definitions. Use this information to make sure the browser extension content is downloaded to the client.
- The client System log displays an event every time that the Chrome browser extension is enabled, disabled, installed, uninstalled, or removed.
Symantec Endpoint Protection Manager updates
- Symantec Endpoint Protection Manager now supports Windows Server 2022.
- Greater flexibility over Windows client upgrades using the Client Upgrade policy with settings for location awareness. The policy also allows the upgrade to occur any day of the week, be distributed over multiple days, and to be retried if it did not start as scheduled.
- If the client detects it has outdated content, Windows clients provide continuous protection by checking for updates at a regular interval. If the definitions are missing, the client logs an event once every 30 minutes. Legacy clients attempt remediation a set number of times before stopping for the day and logging an error. You control this setting with the Virus and Spyware Protection policy >Miscellaneous>Notificationstab >Remediation attempts before a warning appears in Symantec Endpoint Protectionoption.
- The following third-party components were upgraded or added: AjaxSwing, Apache HTTP Server, libcurl, libxml2, OpenJDK, OpenSSL, and PHP.
Client and platform updates
- The Windows client is supported on Windows 11, Windows Server 2022, Windows 11 Embedded and Windows 10 Embedded.
- If a Symantec Endpoint Protection Manager domain is enrolled in the cloud, a troubleshooting page appears with the names of the policies that the cloud console manages. To access this page, clickHelp>Troubleshooting>Hybrid Management.
- Debug log: When you enable the clientdebug.login theHelp>Troubleshooting>Debug Logspanel, you also enable thecve.log. You do not need to restart the client or run the following commands for any changes in the debug log to take effect:smc -stoporsmc -start. The client debug logs help troubleshoot client-to-Symantec Endpoint Protection Manger communication problems and client functionality problems. You find the communication logs (cve.log,cve-actions.log) inC:\ProgramData\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\Logs.
- Added support for macOS 12.
- The size of the Mac client installer has been reduced to 100 MB.
- The number of'At Risk'alarms has been reduced and optimized.
- To enhance performance, multiple scans can no longer run simultaneously. If a scan is running, other scans are queued.
- As of version 14.3 RU3, the Mac client installer does not allow installing an earlier version of the client.
- The Linux Agent command-line tool (sav) has been enhanced with options for showing versions, running LiveUpdate, and starting and stopping a scan. For more information, see:
- Linux now supports TCP for SEPM-managed computers.
- Defect fixes.
- The Symantec Endpoint Protection Manager APIs are in a PDF file on the following location:
For more information, see: