This article concerns the on-premises deployment of Symantec Endpoint Protection.
On-premises software (often abbreviated as on-prem software, and also called “on-premise” software) describes a software delivery model where the software product is installed and operated on the computer infrastructure that is entirely located at the premises of the organization using the software.
Off-premises software is commonly referred to as “software as a service” or “cloud computing”.
Licensing and renewal basics
Symantec Endpoint Protection is licensed per device. SEP for on-premises deployment can be purchased according to the following license models:
SEP is sold as a perpetual software license for the software product, and a separate Maintenance entitlement for a finite term (minimum 12 month term) that equals the software license quantity. Maintenance is mandatory for all new software license purchases.
The perpetual software license entitles you to use the core features and functionality delivered by the purchased version of your SEP product indefinitely, for a specified quantity based on the Use Level that is stated in the End User License Agreement (EULA).
Your maintenance entitlement provides you with access to the following benefits for the duration of your maintenance term:
Critical security content updates such as antivirus definitions
Version Upgrades (major releases) at no extra cost
Product updates (minor releases)
Break fixes, patches, and enhancements (Maintenance Packs)
24x7 Technical Support (Essential Support)
Various online support and learning resources
Learn how Maintenance price is determined for perpetually licensed software products.
Renewal: Your entitlement to access Maintenance benefits expires at the end of the Maintenance term. Prior to the expiry date, Maintenance must be renewed for continued access to benefits that sustain and maximize the original security investment, including access to critical security content, the latest product versions and technical support. To remain compliant, the Maintenance quantity being renewed must equal the aggregate software license quantity.
In some instances, Symantec sells both the SEP software license and Maintenance together for a finite term, as a subscription.
A SEP on-premises subscription entitles you to use the SEP software product and access Maintenance benefits for a specified quantity based on the Use Level that is stated in the End User License Agreement (EULA) and for a specified term.
For the duration of the subscription term, a SEP on-premise subscription provides access to:
The software features and functionality delivered by the purchased version of your SEP product
Critical security content such as antivirus definitions.
Version Upgrades (Major Releases) at no extra cost. A Major Release incorporates the last Minor Release (if one has occurred) and may include architectural changes, major feature changes, new platform support and new operating system support. It typically requires a new installation.
Product updates (Minor Releases). A Minor Release incorporates all previous Maintenance Packs and Fixes since the prior Major Release. It is tied to the preceding Major Release and may contain new features, new platform support, new operating system support, and the latest maintenance updates. It typically requires a new installation.
24/7 Technical Support.
Break fixes, patches and enhancements (Maintenance Pack). A Maintenance Pack provides cumulative bug fixes for a particular Major Release or Minor Release of Licensed Software, but contains no new features or functionality. It is generally installed as an overlay - also known as a patch.
Various online support and learning options.
Renewal: Your entitlement to use the software product and access Maintenance benefits expires after the subscription term. To ensure continued access to the software product and to Maintenance benefits, you must renew your subscription prior to the end of the subscription term.
You are responsible for managing your SEP software licenses and corresponding Maintenance entitlements on an ongoing basis as follows:
Perpetual: Maintenance for perpetually licensed SEP is purchased and renewed on a per license basis. To ensure full and continued access to your Maintenance benefits, the Maintenance quantity must always match the aggregate quantity of your software licenses (original purchased quantity plus any additional software licenses purchased subsequently). Your aggregate quantity of licenses must always match the number of endpoints that SEP is deployed on. You are reminded that Maintenance is mandatory on an ongoing basis for Symantec Software Products that require Content Updates such as SEP. Maintenance for such products must be continuously renewed.
Subscription: Where SEP is licensed by subscription, your rights to use the software and access Maintenance benefits, end on the subscription term end-date.
To avail of Maintenance benefits for software licenses not under Maintenance would be considered a breach of Symantec’s End User License Agreement. You are also reminded that use of a perpetually licensed SEP product above the specified quantity would be considered over-deployment and a breach of your license grant.
Visit Licensing Information to learn about licensing basics, license compliance and find resources to assist you. For assistance with all your non-technical licensing queries, contact Customer Support.
Value of Maintenance and the importance of renewing
The protection delivered by SEP is only as good as your most recent security update. Maintenance entitles you to automatically receive critical security content updates daily that keep you protected; it is essential to keep your Maintenance current.
SEP with current* Maintenance coverage entitles you to access a wide range of benefits:
Continuous protection with daily security content updates Leveraging the world’s largest Global Intelligence Network, Symantec proactively analyzes malicious data from over 175 million endpoints globally and 98 million attack sensors in 157 countries1 providing unique visibility and developing cutting edge security innovations to combat threats to aggressively respond to security threats. Critical security content updates that thwart malware threats and malicious attacks (e.g. virus definitions that provide new algorithms to deal with new virus strains and updated URL lists for anti-phishing) are automatically delivered to SEP every day. Without current Maintenance, your protection becomes outdated and your systems become vulnerable.
Cutting-edge product features & product reliability with Version Upgrades Symantec consistently develops advanced technology capabilities and state-of-the-art feature innovations to stay ahead of threats and maximize performance such as Advanced Machine LearningTM, Memory Exploit Mitigation and Deception:
InsightAdvanced Machine LearningTM - is only as effective as the dataset from which it learns. Symantec has the largest civilian dataset in the world with the best trained machine learning system making it the most effective
Memory Exploit Mitigation - Symantec technology designed to block attacks against known vulnerabilities in commonly used popular applications (ex. Internet Explorer, Adobe Acrobat, Microsoft Office).
SEP Deception* reveals attacker intent and tactics via early visibility, so that the information can be used to enhance security posture. SEP Deception features the most accurate and insightful detection while delivering the fastest time to value.
Running the latest SEP version provides access to such features as well as architecture changes that enable uninterrupted security protection; ongoing supportability; adherence to the latest regulatory compliance protocols, and optimization of your software investment.
Security content updates alone aren’t sufficient to address new threats; SEP itself must be kept updated to continually evolve and adapt. Continued access to new product releases and bug fixes is vital2.
Cost savings SEP customers with current Maintenance are entitled to avail of Software Version Upgrades for each qualified product at no extra cost and can benefit from long-term savings by never having to buy new versions.
Product innovation, optimization and adaptability with product updates Access to important software updates, enhancements, bug fixes, and patches that enable SEP to work optimally, adapt to technology and operating system changes and ensure ongoing product stability. The more up-to-date SEP is, the better it will function, evolve and adapt. Without current Maintenance, you are no longer entitled to important product updates.
Security compliance protocols SEP intelligently detects and constantly minimizes vulnerability windows, thereby allowing you to meet industry and government protocols and standards (e.g. SCAP 1.03, HIPAA), and support your security compliance requirements.
Cost avoidance SEP with current Maintenance offers protection against malicious attacks and associated remediation costs. It also insures you from potential revenue loss arising from lost or compromised data, downtime and damaged reputation, and helps you avoid penalties associated with regulatory non-compliance.
Rapid response and resolution from Technical Support, 365 days a year (Essential Support) Symantec’s skilled Technical Support Engineers are available around the clock, every day of the year to help with your technical questions and resolve product issues.
Global reach with 1,200 technical support professionals in 13 centers (English primarily, with commercially reasonable efforts to provide non-English language support during regional business hours, subject to our having available resources) and the safety net of Symantec security engineers, threat analysts and researchers available to lend their unparalleled expertise.
Continuous support for Severity 1 cases using a follow-the-sun model.
Case creation online using MySymantec or by phone.
No limit on the number of technical support calls or cases created.
Up to 6 designated contacts.
Prioritized handling of suspicious files by Symantec’s Security Response Team & personalized report
Various self-help options to problem-solve and assist
Product Documentation with user guides and reference documentation.
Symantec Connect forum to engage online with other customers and Symantec technicians.
Symantec Blog with latest cyber security news, recommendations, opinion and analysis.
SymDiag diagnostic and security analysis utility that provides self-help support for technical issues and best practice recommendations; gathers data for support-assisted troubleshooting as well as licensing and Maintenance status.
Symantec’s eLibrary with access to over 1500 on-demand, online training modules
* Maintenance is considered “current” when both term (start and end dates of the Maintenance term) and quantity (Maintenance quantity should match software license quantity of the product being supported) criteria are met. Customers with expired Maintenance lose their entitlements to Maintenance benefits. *Symantec consulting package is required for deployment
How to renew
On-time renewal of Maintenance is essential to safeguard the value of your SEP investment.
You should contact your reseller to arrange your renewal. For more information, consult our Renewals FAQ.
Once renewed you will need to update your software product in order to activate the new Maintenance term. Visit Getting Started for information about how to activate your renewal. Need help? Contact Symantec Customer Care.
Risks associated with not renewing
If you fail to renew Endpoint Protection Maintenance, you will no longer be entitled to access the benefits of Maintenance previously outlined.
You will be exposed to multiple threats otherwise blocked by Symantec’s 5 Layers of Protection3 1) network 2) file 3) reputation 4) behavior 5) remediation
Network: Network-based protection is a set of technologies designed to block malicious attacks before they have a chance to introduce malware onto a system. Unlike file-based protection that must wait until a file is physically created on a user’s computer, network-based protection starts to analyze the incoming data streams that arrive onto a user’s machine via network connections and blocks threats before they hit the system
File: Signature-based antivirus looks for and eradicates malware on a system to protect against viruses, worms, Trojans, spyware, bots, adware, and rootkits.
Reputation: The newest addition to the suite of protection technologies developed by STAR, reputation-based security, addresses the latest development in the threat landscape, that of micro-distributed malware. Using the combined wisdom of over 130 million contributing users, our reputation system learns which applications are good and bad based on the anonymous adoption patterns of our users. It then uses this intelligence to automatically classify virtually every software file on the planet.
Behavior: SONAR™ leverages artificial intelligence to provide zero-day protection. It effectively stops new and unknown threats by monitoring nearly 1,400 file behaviors while they execute in real-time to determine file risk.
Remediation: Power Eraser™ aggressively scans infected endpoints to locate Advanced Persistent Threats and remove tenacious malware. Remote support enables the administrator to trigger the Power Eraser scan and remedy the infection remotely from the Symantec™ Endpoint Protection management console.
Critically, you will not be entitled to receive important product and security content updates that sustain Symantec’s 5 Layers of Protection. This means that your Endpoint Protection installation and your organization’s security become vulnerable and exposed to unknown risks.
Additionally, if you choose to upgrade to a future version of the product, you will be required to repurchase your software license at a higher cost to establish your right to the latest version.
Finally, you will be denied access to technical support and will no longer be able to log technical support cases online via MySymantec.