Symantec Endpoint Protection combines technologies from previous Symantec products in a new interface. These technologies are:
* Antivirus and Antispyware
Antivirus and Antispyware scan for both viruses and for security risks. Some examples of security risks are spyware, adware, and other files that can put a computer or a network at risk.
* Personal Firewall
The Symantec Endpoint Protection firewall provides a barrier between the computer and the Internet. The firewall prevents unauthorized users from accessing the computers and the networks that connect to the Internet. It detects possible hacker attacks, protects personal information, and eliminates unwanted sources of network traffic.
* Intrusion Prevention
The intrusion prevention system (IPS) is the Symantec Endpoint Protection client's second layer of defense after the firewall. The intrusion prevention system is a network-based system. If a known attack is detected, one or more intrusion prevention technologies can automatically block it.
* Proactive Threat Scanning
Proactive threat scanning uses heuristics to detect unknown threats. Heuristic process scanning analyzes the behavior of an application or process to determine if it exhibits characteristics of threats, such as Trojan horses, worms, or keyloggers. This type of protection is sometimes referred to as zero-day protection.
* Device and Application Control
Device-level control is implemented using rule sets that block or allow access from devices, such as USB, infrared, FireWire, SCSI, serial ports, and parallel ports. Application-level control is implemented using rule sets that block or allow the applications that try to access system resources.