Symantec Advanced Threat Protection

Symantec Advanced Threat Protection

Uncover, prioritize, investigate and remediate complex attacks across endpoint, network and email from one console

Download the Data Sheet Watch the Video

Uncover Advanced Threats Across Endpoint, Network and Email

Uncover the stealthiest threats that would otherwise evade detection by using global intelligence from one of the world’s largest cyber intelligence networks combined with local customer context

  • Best detection and accuracy in protecting against advanced persistent threats*
  • Identify whether your organization is under targeted attacks and automatically search for Indicators-of-Compromise with Dynamic Adversary Intelligence
  • Detect and investigate suspicious events via unique sandboxing and payload detonation capability

*Source: Dennis Lab Report, Dec 2015.

Prioritize What Matters Most

Aggregate intelligence across multiple control points to identify and prioritize those systems that remain compromised and require immediate remediation

  • “Zero in” on the most critical incidences
  • Correlate threat events by aggregating intelligence across endpoint, network and email
  • Significantly reduce the number of incidents that security analysts need to investigate

Remediate Complex Attacks in Minutes

Contain and remediate all the instances of a threat with a single click of a button

  • Provides in-depth threat visibility across IT environments in one place, without requiring any manual searching
  • Instant search for Indicators-of-Compromise and visualize all related events of an attack, e.g. all files used in an attack, email addresses and malicious IP addresses involved
  • Click once to remediate any attack artifact everywhere – across Symantec-protected endpoint, network and email
  • Quickly isolate any compromised system from the enterprise network

Maximize Your Existing Investments

Leverage your existing investments in both Symantec and non-Symantec products

  • Optimize and customize your incident response flow with public API and integration with Splunk and ServiceNow  
  • Add Endpoint Detection and Response (EDR) capability without new endpoint agent to deploy
  • Add advanced protection to Symantec Email Security.Cloud and get detailed visibility into threats
  • Export rich security intelligence into third-party security information and event management systems (SIEMs)
  • Monitor Symantec Advanced Threat Protection with Symantec Managed Security Services

Discover Our Community

View the latest product discussions in our forums.

Need help?

Technical support and more.


Customer Success

Other Resources

Legal Information

Learn more about legal terms, policies and notices.

License and Service Terms & Repository


Browser Clients for the UI
  • Microsoft Internet Explorer 11 or later
  • Mozilla Firefox 26 or later
  • Google Chrome 32 or later

Server Specifications

  8880-30 8840* VMWare ESXi
Form Factor 2U Rack Mount 1U Rack Mount Virtual Machine
CPU 2 x Intel Xeon E5-2697 v4, 2.3 Ghz, 18 Core, 145 W Intel Xeon E3-1270 v5, 3.6 Ghz, 4C/8T, 80W 12 CPUs
Memory 192 GB 32 GB 48 GB
Hard Drive RAID 10. 4 x 300 GB 15K SAS, RAID 10. 4 x 1.8 TB 10K SAS 2 x 1 TB 7.2K RPM NLSAS, 12 Gbps 2.5" (400-ALUN) 500 GB (should be extended for an additional 1 TB to support Endpoint Activity Recording)
Network Interface Card 4 x 1 Gigabit Ethernet Ports, 4 x 10 Gigabit Ethernet Ports with Bypass 2 x 1 Gigabit Ethernet Ports, 2 x 10 Gigabit Ethernet Ports with Bypass 2 x 1 Gigabit Ethernet Ports
Power Supply 2 x 750W Redundant Power Supply 2 x 350W Redundant Power Supply n/a

Purchasing Options Buy Via Partner