Choosing between the Symantec Endpoint Protection and Symantec Endpoint Security releases

book

Article ID: 185243

calendar_today

Updated On:

Products

Endpoint Security Complete Endpoint Protection Endpoint Security

Issue/Introduction

The Symantec Endpoint Protection 14.2 RU1 (or 14.2 MP1 (cloud)) agent and later are the agent versions that Symantec Endpoint Security (Endpoint Security) manages. These agents are cloud-enabled and you can manage them from either Symantec Endpoint Protection Manager or the Integrated Cyber Defense Manager cloud console.

Resolution

 

Table: Deciding whether to use the on-premises Symantec Endpoint Protection or the cloud-managed Symantec Endpoint Security

If you want to...

Use this product

Manage clients entirely using the cloud console

Symantec Endpoint Security

The cloud only management console is Symantec Endpoint Security and the agents are version 14.2 RU1 or later. You create and deploy the client installation package from Symantec Endpoint Security. You install the client software on the devices, as before.

You manage the clients completely from the cloud, which bypasses communication with the on-premises management console, Symantec Endpoint Protection Manager.

Use this approach in the following situations:

  • You do not want the cost or overhead of installing and managing a management server and database.

  • You have multiple Symantec enterprise products and want to share management capabilities across a single management console.

  • You want unified visibility into threats, policies and incidents from multiple Symantec products, which reduces incident response times from days to minutes.

To manage your clients from the cloud, you log on to your Symantec cloud account directly and do not enroll your Symantec Endpoint Protection Manager domain in the cloud.

When you upgrade to Symantec Endpoint Security, the equivalent setting in the cloud takes precedence over the Symantec Endpoint Protection Manager setting. If there is no equivalent setting, the previous Symantec Endpoint Protection Manager setting takes precedence.

Upgrading from Symantec Endpoint Protection to Symantec Endpoint Security

Getting started with Symantec Endpoint Security

If you upgrade from Symantec Endpoint Protection Manager to the cloud, you can later revert back to managing with Symantec Endpoint Protection Manager. However, you must reinstall the management server if you uninstalled it. Make sure you make a backup of the database before you upgrade in case you need to perform disaster recovery later. You can use the smc command to convert Windows devices back to management by the Symantec Endpoint Protection Manager.

Disaster recovery best practices for Endpoint Protection

Using smc to change a device's tenant or domain

Manage clients entirely using the on-premises Symantec Endpoint Protection Manager

Version 14.2 RU1 and earlier

Both the Symantec Endpoint Protection Manager and clients are version 14.2 RU1 or earlier. You do not enroll in the cloud. You create and deploy the client installation package from the Symantec Endpoint Protection Manager.

Use this approach in the following situations:

  • Your network includes remote locations, such as an oil rig or an offshore environment

  • You work in a government environment where the network is very restricted.

  • You have a lot of clients in a dark network.

  • You want the same features as an on-premises management server, such as Linux platform support or location awareness. However,Symantec Endpoint Protection continues to add features.

Symantec Endpoint Protection Quick Start Guide

Manage both legacy clients and cloud-only managed clients

Version 14.2 RU1 and Symantec Endpoint Security (hybrid)

The Symantec Endpoint Protection Manager and the clients can be any version between 14.0.1 and 14.2 RU1. You manage 14.2 RU1 clients from Symantec Endpoint Protection 15. You manage clients earlier than 14.2 RU1 from the Symantec Endpoint Protection Manager.

Use this approach in the following situations:

  • You want to upgrade from 14.1 or 14.2 to Symantec Endpoint Protection 15 but you want to slowly move to a completely cloud-managed console.

  • You have clients on devices that use operating systems that the Symantec Endpoint Protection 15 does not support. In addition, you can find and install client software on 14.1/14.2 and earlier devices from the 14.1/14.2 cloud console but not from Symantec Endpoint Protection 15.

  • You want to use Application Control, which replaces the Application Control policy in Symantec Endpoint Protection Manager. Application Control requires a 14.2 MP1 or 14.2 RU1 client. Symantec Endpoint Application Isolation (new) requires the 14.2 RU1 (cloud only) or 14.2 RU1 client and uses the Symantec Endpoint Protection 15 cloud console.

    Application Control and Application Isolation is part of Symantec Endpoint Protection Complete.

 

Enrolling a 14.1/14.2 domain in the cloud console from the Symantec Endpoint Protection Manager console

If you upgrade to the hybrid model, and later want to revert back to Symantec Endpoint Protection Manager only, you simply unenroll the Symantec Endpoint Protection Manager domain. This option provides more flexibility; you can move fully to the cloud at a later point.

Note:

The 14.2 RU1 client functions slightly differently if the Symantec Endpoint Protection Manager manages it or the Integrated Cyber Defense Manager manages it. The 14.2 RU1 Symantec Endpoint Protection Manager controls more options on the client, while the Integrated Cyber Defense Manager controls fewer options. The Symantec Endpoint Protection Manager provides more options for the user to configure; the cloud-managed client provides fewer options.

See Comparison between an on-premises Symantec Endpoint Protection Manager 14.2 and Symantec Endpoint Security.

v130458422_v124325852