IDS and IPS Buyers Guide: Symantec Endpoint Protection shields devices using reputation technology to identify threats
Protecting the network is only one task of a modern IDS and IPS solution. But what if an attack gets passed the perimeter and lands at the device sitting on an end-user’s desk?
Symantec, a household name to end users, offers its own unique version of IDS and IPS security to enterprise-level organizations that have a special focus on the end user.
Symantec Endpoint Protection shields—you guessed it—end points while Symantec Data Center Security offers built-in IPS. Data Center Security uses a combination of host-based intrusion detection (HIDS), intrusion prevention (HIPS) and least privilege access control.
Using HIPS system administrators can restrict application and OS behavior, allowing only the behavior that’s known to be safe across data centers and endpoints. It accomplishes this feat by tracking over 1400 actions a program can take. It then correlates the behavior and if it figures out that the behavior is suspicious the file is blocked.
Symantec uses reputation-based technology which tracks a file’s reputation so it can identify suspicious files. The system, says Don Baker, senior Product Marketing Manager, leverages the data from a worldwide civilian threat intelligence network.
This network consists of telemetry data coming from 175 million endpoints and 57 million attack sensors in 175 countries. Derived from this intelligence network, the reputation technology identifies file reputation by analyzing key file attributes such as how often a file has been downloaded, how long a file has been there and where it is being downloaded from.
Pricing Model: Endpoint Protect and Data Center Security solutions are offered as perpetual licenses.
Read our reviews of leading security specialists latest tools:
⇒Cisco offers integration to prevent intrusion attacks from reaching medical devices, old and new
Helpful advice on planning your purchase of IDS and IPS tools:
- How to know if your intrusion detection and prevention solution meets HIPAA compliance rules
- 3 key factors to plan your budget for an intrusion protection system
- What to watch: IDS and IPS features to consider when comparing different vendors products