Symantec to test major revamp of corporate AV client

Symantec will kick off its annual Symantec Vision conference next week with the first public release of its next-generation corporate antivirus software, called Symantec Endpoint Protection 11.0.

Under the code name Hamlet, the product has been available to a select group of beta testers since March, but next week it will be released in a public beta, according to Symantec. Company representatives declined to reveal Hamlet's official product name, but it's listed on the Vision conference Web site. Hamlet will be a follow-up to Symantec's AntiVirus Corporate Edition, version 10.

The new software is a major advance for Symantec, which has been working for more than a year to integrate firewall, zero-day protection and network access control features into its antivirus product.

"This is the next major version of the code base," said Brian Foster, senior director of product management with Symantec's end point security group. "With this release, we're really focused on changing the game for antivirus."

In addition to performance improvements, Hamlet will be easier to use and to manage, Foster said.

Hamlet includes code from two recent Symantec acquisitions: It will include firewall capabilities based on the Sygate Enterprise Protection software Symantec acquired in 2005. Another new feature will be SONAR, (Symantec Online Network for Advanced Response), based on code that Symantec acquired as part of its 2005 purchase of Whole Security.

Although Hamlet is a step forward, antivirus vendors like Symantec are playing catch-up in the fight against malware writers, who are increasingly evading detection with a large number of low-circulation variants of their code, said Andrew Jaquith, an analyst with Yankee Group Inc.

"They still have work to do," he said. "I don't think Symantec is quite cognizant of the degree to which these variants are making their [research] labs a lot less effective."

Symantec needs to add "much more comprehensive behavior blocking," and possibly "herd intelligence" capabilities that would allow users to directly identify and share information on the latest threats, Jaquith said.

"Most of the AV labs are like fishing boats with a drift net," he added. "They are good at catching the big fish, but the bad guys are basically flooding the ocean with little minnows that are going right through the net."

Symantec competitor McAfee Inc. is planning to announce a rival product to Hamlet next week relating to the company's "Total Protection for Enterprise with ePolicy Orchestrator security management software," a McAfee spokesman said Thursday. He declined to offer further details on the announcement, however.

The commercial version of Hamlet is expected to be available later this year. Pricing has not yet been released.
Source: ComputerWorld

 

And thus, AntiBot is born...

 

If Hamlet is the followup to Symantec AntiVirus CE, then does that mean there no longer be a standalone AV?

 

I am looking forward to seeing this product in action. Before I used NOD32, I was a happy subscriber to my school's Symantec Corporate AV service.

 

Shhh....

/Edit/
Nevermind I guess:

Public beta now
http://www.symantec.com/home_homeoffice/beta/download.jsp?pvid=nab1beta

 

It seems that Symantec is back. Great as his origins.

Should we forget 2004 and 2005 releases?

Mike

 

A software firewall for corporate users? I can possibly see it for mobile end-users away from the office LAN, but "easier management"? This should be interesting.

 

This is not "new" for them in regards to the firewall, we had SCS installed on the workstations used by the DoD.
The admin console still had complete control over all aspects of the SCS bundle firewall included.

 

The DoD is a flyspeck in the ocean by sheer numbers compared to the corporate end-user. The DoD also consists of government employees and I'm guessing the rules are far more stringent or at least more uniform and adhered to.
When the corporate sales director, head of legal, marketing, or any other VIP or mahogany row user has an issue with a default install of a software firewall (blunder or intentionally done by whoever deploys it), I don't see how it will make for "easier management" for those who have to support those end users, as opposed to only an anti-malware program, that's all I'm saying. More isn't always better.

 

? "flyspeck" is not a term I would use for the number of DoD systems protected by Symantec.

Not really, the IT dept's are mainly run like large corps, different sets of rules for different user levels/needs. And if the "Brass" have an issue you will hear about it.

The administration of Symantec's firewall is pretty much the same as the Antivirus portion so how would this be any more of an issue than it already is? And if all esle fails remote disabling of the Firewall is supported. All in all Symantec has done a great job with its recent improvements to its corporate line in regards to administration and usability.

I am looking forward to having a go at 11 when it is available

 

..hmmm...
: PrevX, DefenceWall, SSM,KIS and PDM, other firewalls,Sandboxie... et al
Just no market share

Still, looks like they are still moving forward: sounds like a BIG unit to install, let alone uninstall.

 

I didn't think it was a "secret" since a bunch of tech sites were announcing the beta with links to the download (unlike NIS '08 ). I did consider this before posting and the EULA didn't mention anything about it