Symantec Intrusion Prevention add-on
Intrusion Prevention System (IPS)
After your computer updates to Symantec Endpoint Protection 12.1 you may see the message show at the bottom of their Internet Explorer 9 browser window when you first launch it:
The 'Symantec Intrusion Prevention" add-on from 'Symantec Corporation' is ready for use. [Enable] [Don't enable]
What is it?
IPS technology prevents malicious files from getting to your hard drive in the first place.
Unlike antivirus, which looks for known malicious files, IPS scans the network traffic stream in order to find threats using known exploits and attack vectors. IPS does not detect specific files, but rather specific methods that can be used to get malicious files onto your network. This allows IPS to protect against both known and unknown threats, even before antivirus signatures can be created for them.
IPS is very good at detecting "drive-by" downloads of malware and fake antivirus scanner web pages, which Auto-Protect cannot prevent. In today's complex threat environment, this technology is an effective complement to antivirus technology, and its usage should be considered a necessity on any network that is connected to the Internet.
So, should I click "Enable"?
In our humble opinion, yes!
What if I accidentally clicked "Don't enable"?
- Open Internet Explorer 9
- Click the gear icon (in the top right)
- Click "Manage add-ons"
- Click "Symantec Intrusion Prevention"
- Click "Enable"