Endpoint Protection components required for Host Integrity functionality.


Article ID: 169836


Updated On:


Endpoint Protection


Need to know which Symantec Endpoint Protection (SEP) components are required for Host Integrity (HI) functionality.


Microsoft Windows

Symantec Endpoint Protection 12.1 RU5 and newer.


In order to make use of the Host Integrity feature on a Windows SEP client the following requirements must be met:

  • SEP client 12.1 RU5, or newer, installed on a supported Microsoft Windows system.
  • SEP client must be installed with Core Files and Virus and Spyware Protection, at a minimum.
    • Additional SEP client components are required for quarantine functionality with an associated quarantine policy (e.g. The Quarantine Firewall policy requires the SEP Firewall component be installed).
  • A Host Integrity policy must also be configured with the necessary compliance check rules.
    • Once configured the policy must be assigned to the group(s) that require Host Integrity compliance.



  • These requirements make the assumption that Symantec's Network Access Control (SNAC) product is not being used.
    • 12.1 RU5 was the first release of SEP that included Host Integrity without the need for a SNAC license.
  • Keep in mind that if using Advanced Threat Protection, SEP client isolation functionality requires Host Integrity and a quarantine Firewall policy. As such, the SEP Firewall component must be installed in addition to Core Files and Virus and Spyware Protection.