The malicious code is obfuscated, requiring execution of the script before the code is readable.The browser starts executing the Java Script embedded on the page while rendering the web page.In 2011, the year Endpoint Protection 12.1.x was released, that number had increased to 403,000,000 new variants.The number of newly discovered variants will continue to increase.Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.the reason Live Update us greyed out, is because the Client AV Protection was installed as a "Managed Client" on the PC or Workstation instead of an Unmanaged Client.This allows the Browser IPS engine to detect exploit code which would otherwise have been hidden or obfuscated from other detection methods - including the CIDS engine.
Continued virus definition updates along with the following new features will give you the best protection: Symantec Insight is a reputation-based security technology that puts files in context, using their age, frequency, location and more to expose threats otherwise missed.
Therefore the live updates are centrally downloaded by the End Point Protection Manager and pushed out to the clients.
Possible issues 1) Client firewalls 2) Old or corrupted virus definitions prevent Symantec Endpoint Protection Manager to update with new downloaded virus definitions Read this article from Symantec: Symantec Endpoint Protection Manager 11.x is not updating 32 or 64 bit virus definitions
The SEP client blocks the attack, displays a notification in the browser, and writes a log entry for the browser attack in the SEP Security log.
Download Insight is a new advanced protection feature included with the SEP 12.1.x client.