Symantec Endpoint Protection 14 [ 99% Safe ]

One of the most common complaints regarding endpoint protection is CPU usage during scans. SEP 14 is smarter than its predecessors, but it needs direction.

Best Practices for Performance:

Exclusions are Critical: Work with your application owners to exclude high-I/O directories (like SQL database files, Exchange logs, or heavy developer build folders). Scanning these in real-time will degrade application performance.

Randomize Scheduled Scans: If you have 500 endpoints, do not schedule a Full Scan for all of them at 12:00 PM on Friday. This will crash your storage network. Use the randomization feature in the scheduled scan settings.

SEP 14 was a major release; its most notable advancements include: symantec endpoint protection 14

Specifically blocks heap spray, ROP (Return Oriented Programming), and SEH (Structured Exception Handling) overrides. This stops memory-only exploits that never write a file to disk. One of the most common complaints regarding endpoint

SONAR monitors process behavior in real-time. For example: A Word document spawning PowerShell, then calling cmd.exe, then encrypting .docx files. SONAR 5 rolls back the changes (file remediation) and kills the parent process. Exclusions are Critical: Work with your application owners