Symantec Endpoint Protection: SEP EOL

Back on April 3, 2017 Symantec announced that the SEP 12.1.x series of agents and management servers were entering into end of life support.    What exactly does this mean, and how can you plan for the future?


What Are The Stages Symantec Uses For End of Life Support

1. End of Life – When Symantec announces a product for End of Life, the announcement constitutes the first stage. The time frame starts for all the stages to be put in place.   At this point companies should start making plans for how to mitigate the reasons they are remaining on their existing version.   For SEP 12.1.x this date started on April 3, 2017


2. End of New Sale Availability – After the announcement of a product going End of Life, any new sales of a new license of copy of software is unavailable. During the period that End of New Sale Availability is announced and End of Access begins, customer may still purchase renewal license for a product.   The End of New Sale Availability Cycle started on April 3, 2017.


3. End of Access – After End of Access has been announced, no renewal licenses are submitted or able to be purchased. In the case of SEP 12.1, this date is April 3, 2018.    Any renewals for licenses must be purchased before this date.


4. End of Standard Support Life – All existing support contracts will be honored until the End of Standard Support Life stage had ended. However, support for these products is purchased at 20% premium after End of Life is announced.  Content definitions, patches, and bug fixes will still be issued until the End of Standard Support Life date has been reached.  In the case of SEP 12.1 this date April 3, 2019


5. End of Extended Support Life – After the End of Standard Support Life has ended; customers have the option of purchasing additional extended support without a discount. Usually this lasts for three-four years after the End of Life date is announced.   After the End of Extended Support Life deadline is reached, content and definitions will no longer be available for the product.  In the case of SEP 12.1, this date is April 23, 2021.



Now, What Can You Do?


There are many reasons customers have to delay upgrading to the latest version of Symantec Endpoint Protection.  Let’s go through a few of these and see how Conventus can help, and if we can’t directly help – let this be a guideline for some of your challenges.


  1. Time and Effort – Let’s face it, depending on the size of your organization, setting aside time, upgrading servers, building packages, testing packages, deploying packages can all get a little overwhelming sometimes in the lean and quick culture we live in. Unfortunately ignoring the problem doesn’t help at all when the deadline finally arrives and everything is frantic.  By working on your upgrade to SEP 14 today, it saves you the headache when panic sets in around December 2018.  Conventus has consultants that helped with upgrades and deployments as small as 20 systems.  They have also worked on deployments as larger than 500k systems.  They understand this space to assist you in the right direction for your organization.


  1. It’s Too Complicated – Features are introduced and left behind in almost every software release. At some point legacy components have to be left behind to work to the future.  Not everyone has the time to understand all the changes in the latest releases.   It does take some research and understanding of the whole system to understand how everything works together.   In this regard Conventus’ consultants will be happy to explain to you the features, assist in documentation, and offer training to your organization.


  1. Legacy Agents – This one is a big reason that many companies have for staying on SEP 12 today. SEP 14 doesn’t support any desktop operating systems older than Vista, server operating systems older than 2008, or MacOS clients older than 10.10.   Unfortunately this will be the point you have to make some hard decisions.  The first is due you truly need these systems, if you do, can you afford to leave them unprotected without new definitions?  The best course of action for legacy systems that need protected is a system hardening approach.   Many of our customers the last few years have used Symantec Data Center security to harden and secure legacy systems.   Conventus is experienced in assisting you with a new deployment of Symantec Data Center Security today.


  1. Tracking Down Assets – Finding your legacy systems can always be a chore. They might be unmanaged, just need to upgrade to the latest version, or be on a legacy-unsupported operating system.   Separating these differences out can be quite time consuming for larger organizations while they plan their upgrades.  The SOLVE/Northstar solution can assist with this to tailor reports exactly for what you are looking for.   Native reporting in SEP won’t find missing systems.   Sorting through by OS and Client revision can also get complicated in larger organizations.   With Northstar’s ability to work with different security databases, this makes tracking down and separating the reports much simpler than the way you are likely doing it today.


  1. The Current Version is Good Enough – This one is the excuse that works up until the date the definitions stop working or the license runs out. Once your clients can no longer update their definitions, they are vulnerable to new threats and no new attack vectors.  By delaying and not planning could leave your organization exposed in many ways.   The short answer to this one is – it’s not good enough and you need to upgrade.



I hope this has helped you gain some insight on what End of Life means and how you can start planning for it today.  NorthStar assists organizations of all sizes with their SEP infrastructures. Please read here for more information about how we can help YOU.

About the Author

Brent M. Gueth is a Senior Security Consultant with Conventus specializing in Symantec Endpoint Protection and Symantec Data Center Security.   He has worked in the IT Security field for over a decade including positions with Symantec and NASA.  He has consulted for many Fortune 500 companies and assisted them with their security needs.