This articles describes the differences between Symantec Endpoint Protection Small Business Edition (SEP SBE), both the Cloud and On-premises versions and Symantec Endpoint Protection Enterprise Edition (SEP).
|SEP SBE Cloud||SEP SBE On Premises||SEP Enterprise|
|Ideal for Businesses with||Fewer than 250 employees||Fewer than 99 employees||250+ employees|
|Operating Systems||Windows||Windows & Mac||Windows, Mac & Linux|
|Management Console||Web based||In-product||In-product|
|Management Hardware Required||No||Yes||Yes|
|Security audit custom reports||Yes||Yes||Yes|
|Antivirus and Antispyware||Yes||Yes||Yes|
|Desktop Firewall||Workstations only||Yes||Yes|
|Application and Device Control||No||No||Yes|
|USB Device Control||Yes||No||Yes|
|Advanced Protection for Virtual Environments||No||No||Yes|
|Supports Imaging (Cloning)||No||Yes||Yes|
|Supports Core Servers*||No||Yes||Yes|
*Supports Server Core installations for Windows Server 2008/2008 R2/2012/2012 R2
The CMES Portal is stored on Symantec servers and accessed at https://hostedendpoint.spn.com. It is the centralized portal for managing all policies, computer status updates, definitions, and client software updates, this takes the place of the Symantec Endpoint Protection Manager (SEPM) in previous versions and On Premises installations. Relocating this management component to the cloud allows for fewer necessary resources locally in the environment.
The Computers tab located in the top navigation bar will have all computers and groups created listed in an easy to read format. This allows administrators to manage computers and groups by role, location, duty, etc.
The Policies tab located on the navigation bar gives administrators a way to customize Symantec settings to environmental or individual computer requirements. This tab gives allows for the ability to customize schedules and settings for SEP SBE clients.
The users tab found in the CMES Portal allows the primary account administrator to manage all other users. Permissions and contact information for new and existing admins can be modified from this tab.
The CMES Portal offers reporting to help keep you informed on the security status of the computers in your environment.
The Subscriptions tab allows you to add more services if you need or to extend the services you already have. It also is where you will download the On-Premise Manager.
On Premises implementations of SEP SBE utilize the SEPM, run locally on one of the machines in the environment to distribute definitions, software updates, policies, and provide central management for the security of the environment.
SEP SBE has the ability to offer reporting on a wide range of categories that will keep you informed about the current status of systems in your environment and events that have occurred.
The SEPM offers separate policies for each security component. These policies offer slightly more options, though most businesses don't change the default settings.
Virus and Spyware Protection Policy
The Firewall for On Premises implementations of SEP SBE comes with a default policy that offers a great level of protection, while allowing most common types of communication. There are times when rules need to be written so programs can communicate properly, to facilitate this the firewall policy has an easy rule wizard that configures the firewall component to open the ports and communications protocols to meet program needs.
Network Intrusion Prevention automatically detects and blocks network attacks. Browser Intrusion Prevention automatically detects and blocks browser attacks.
Intrusion Prevention Policy:
Exceptions allow SEP SBE to ignore particular files, usually for performance reasons. Many programs, such as SQL, require some exceptions in order to work efficiently with Anti-Virus software.
The computers tab located in the On-Premise Manager is where every computer can be viewed and centrally managed. Some of the features include:
The Admin tab is for the primary administrator. The ability to control licensing, server settings, and add/manage additional users is available in this tab.
Stops targeted attacks and advanced persistent threats with layered protection at the endpoint.
Optimized for strong performance in both physical and virtual environments
Singular management console across physical and virtual platforms with granular policy control.