Views:

Security feature mapping

Feature name
Standard Endpoint Protection module
Server & Workload Protection module
Endpoint Sensor feature
Anti-Malware
  • Anti-malware Scans
  • Behavior Monitoring
  • Predictive Machine Learning
  • Scan Exclusions
  • Real-time scans
  • Scheduled scans
  • Manual scans
  • Scan now
Manual scans and Scan now are part of the Anti-Malware features. Access to Manual scans and Scan now is configured in Agent Interface settings.
  • Anti-malware Scans
  • Security configuration
    • Behavior monitoring
    • Machine learning
  • Exclusions
  • Real-time scans
  • Scheduled scans
  • Manual scans
Manual scans are part of the Anti-Malware features. Access to Manual scans is configured in Agent Interface settings.
-
Web Reputation
Web Reputation
Web Reputation
-
Intrusion Prevension
Vulnerability Protection
Intrusion Prevention
-
Application Control
Application Control
Application Control
-
Device Control
Device Control
Device Control
-
Firewall
Agent Configurations > Additional Service Settings > Firewall Service
Firewall
-
Advanced Risk Telemetry
-
-
Advanced risk telemetry
Endpoint Sensor
-
-
Endpoint sensor detection and resposne
Sandbox Submission
Sample Submission
-
-
Exclusions
Windows policies:
  • Exception Lists
macOS policies:
  • Scan Exclusions
  • Trusted Program List
Exclusions
-
Browser Extension
-
-
Browser extension feature in Endpoint detection and response
Agent Interface
Agent Configurations > Privileges and Other Settings
(Policy/Computer) > Settings
Agent console
Some features are currently unsupported. Support for these features is under development.

Unsupported features

Protection Manager
Feature
Notes
Standard Endpoint Protection
Network Content Inspection Engine for Standard Endpoint Protection
Enrolling in Endpoint Security Policies enables the Network Content Inspection Engine by default, but cannot be configured.
Support for configuring the feature is coming soon.
Spyware/Grayware Approved List
 
Data Loss Prevention
Enrolling in Endpoint Security Policies disables Data Loss Prevention.
Support for Data Loss Prevention is coming soon as a feature of Data Security Sensor.
Server & Workload Protection
Activity Monitoring
Activity monitoring is upgraded to Endpoint Sensor and does not follow Activity Monitoring settings in Server & Workload Protection. Enabling Endpoint Sensor disables Activity Monitoring override settings for targeted endpoints.
If Endpoint Sensor is disabled, Activity Monitoring can be enabled in Server & Workload Protection.
Anti-malware scan inclusions
 
Anti-malware scheduled real-time scan
 
Integrity Monitoring
Enrolling in Endpoint Security Policies disables Integrity Monitoring.
Integrity Monitoring in Endpoint Security Policies is coming soon.
Log Inspection
Enrolling in Endpoint Security Policies disables Log Inspection.
Log Inspection in Endpoint Security Policies is coming soon.
SAP Scanner
Enrolling in Endpoint Security Policies disables SAP scanner.
SAP scanner in Endpoint Security Policies is coming soon.
Spyware/Grayware Approved List
 
Feature blocking
Some features can still be configured after enrolling in Endpoint Security Policies on an endpoint level (override settings). For more information, see Features editable after enrolling a Server Workload Protection endpoint group.
Other features missing support
Local Smart Protection Service support for Anti-malware and Web Reputation
Local Smart Protection Service for Service Gateway is coming soon.
Dynamic Intelligence Mode
Enrolling in Endpoint Security Policies enables Dynamic Intelligence Mode by default, but cannot be configured.
Support for configuring the feature is coming soon.