Management features

To find out more about how management features differ in an on-premises
Symantec Endpoint Protection
(SEP) 14.x and
Symantec Endpoint Security
(SES) Complete, see the following topics:

Management console

Symantec Endpoint Security
replaces the management server (
Symantec Endpoint Protection Manager
) with a global cloud console, Integrated Cyber Defense Manager (ICDm).
An upgrade wizard is available to migrate
Symantec Endpoint Protection Manager
policies to
Symantec Endpoint Security
.
Management console: SEP vs. SES
On-premises
Symantec Endpoint Protection
Symantec Endpoint Security
cloud console
Symantec Endpoint Protection Manager
(SEPM)
Integrated Cyber Defense Manager (ICDm).
  • My Tasks
    >
    Tasks
    page: Collect actions and display tasks based on their status, severity, and which feature they belong to. When the admin completes a task, the task moves from the pending to the completed category.
  • My Tasks
    >
    Playbooks
    page: Run preconfigured workflows on-demand on multiple devices.

Management server

The management server lets you manage the installation, domains, sites, replication, servers, and licenses.
Management server: SEP vs. SES
On-premises
Symantec Endpoint Protection
Symantec Endpoint Security
cloud console
Management server
Install
Symantec Endpoint Protection Manager
.
Deprecated.
You install an agent, but not the management server.
Domains
You can:
  • Add a domain.
  • Remove a domain.
  • Edit a domain.
For hybrid management, you enroll a SEPM domain in
Integration
>
Enrollment
(14.0.1 and later).
For cloud-only management, you can use the following domains:
  • Default (production) domain (paid subscription): Create, rename, or delete. Go to
    Settings
    >
    Domain Management
    or use the
    Domain
    drop-down menu.
  • Testpad (trial subscription): A trial version of the software is only available through your account representative.
  • Launchpad (for prereleased features): Deprecated in January 2020. Existing customers should contact Support.
You can:
  • Add a domain.
  • Remove a domain.
  • Edit a domain.
Sites
Supported.
Deprecated. No need.
Replication
Supported.
Deprecated. No need.
Databases
Supported.
Deprecated. No need.
Servers
Supported.
Deprecated. No need.
Licenses
  • Activate license.
  • Edit Partner Information.
  • Purchase additional licenses.
The trial license is 90 days.
Subscriptions.
  • Cloud console:
    Endpoint
    tab >
    Settings
    >
    Subscriptions
    or
    Endpoint
    tab >
    Home
    >
    Activate Subscription
    .
  • Client:
    Troubleshooting
    >
    Licensing entitlement
    (14.2 RU1). The licensing is similar to SEPM.
The SEPM licenses (through Oracle) are automatically uploaded and extended to the cloud console and appear in the cloud (through the
Try Now
option).
The trial subscription is hidden but converts to a paid subscription.
Symantec Endpoint Security
-enabled devices that have been offline for more than 30 days are automatically deleted from the cloud.

APIs (integrations)

You can manage integrations through APIs.
APIs (integrations) SEP vs. SES
On-premises
Symantec Endpoint Protection
Symantec Endpoint Security
cloud console
For more information, see:
For more information, see:

Administrators

You can manage administrator accounts, access rights, and logons.
Administrators: SEP vs. SES
On-premises
Symantec Endpoint Protection
Symantec Endpoint Security
cloud console
General
  • Add, rename, edit, and delete an administrator.
  • Change the admin password.
  • Lock the account after the specified number of unsuccessful logon attempts.
  • Lock the account for the specified number of minutes.
  • Send an alert to the administrator when the account is locked.
  • Add, rename, edit, and delete an administrator.
  • Change the admin password.
Access Rights
Roles
  • System Administrator
  • Administrator (Domain)
  • Limited Administrator
    • View reports
    • Manage groups (Remotely run commands > Run commands on read-only groups)
    • Site rights
    • Manage installation packages
    • Manage policies > Do not allow editing of shared policies
Access rights have been renamed Roles. Go to the
Settings
>
Administrator & Roles
page.
  • Endpoint Console Super Administrator (create, edit, and delete for all domains)
  • Endpoint Console Domain Administrator (create, edit, and delete for 1 domain)
  • Limited Administrator (create, edit for all domains)
    • Yes, but no assets.
    • No commands.
    • No policies.
  • Viewer (read-only for all domains)
Authentication for
Symantec Endpoint Protection Manager
logon
  • Symantec Endpoint Protection Manager
    authentication
  • Directory authentication
  • Two-factor authentication (new in 14.2)
  • RSA authentication
  • Smart card (PIV/CAC) authentication (new in 14.2)
Two-factor authentication is used.
Applies to all products in the cloud console, and can be found under
Settings > Access and Authentication
.
Identity Provider:
  • Symantec Security Cloud sign-on
  • Microsoft Azure
  • SAML 2.0-based identity provider

Home page

The
Home
page is the My Tasks page in the cloud console.
Home page: SEP vs. SES
On-premises
Symantec Endpoint Protection
Symantec Endpoint Security
cloud console
Location
Go to the
Home
page to manage the commands on your product.
Go to the
My Tasks
page.
Some actions are available through the allow list and deny list.
You can create a custom dashboard view that becomes the default view when you sign on.
Preferences
Supported.
Not available.

Virtualization

You can manage how you virtualize your product.
Virtualization: SEP vs. SES
On-premises
Symantec Endpoint Protection
Symantec Endpoint Security
cloud console
VDI
Available.
Shared Insight Cache
Deprecated.
vShield-enabled (12.1.6 and earlier)
TBD