Symantec | Host Integrity

If all requirements are met, the check passes. If any mandatory requirement fails, the check fails, and the device's privileges may be restricted.

Symantec Host Integrity is a powerful security solution designed to protect endpoints from various types of threats. With its advanced features, such as behavioral detection and real-time monitoring, the solution provides a comprehensive set of tools to detect and prevent threats. By implementing Symantec Host Integrity, organizations can improve their endpoint security posture, reduce the risk of breaches, and meet regulatory requirements. By following best practices and integrating Symantec Host Integrity with other security solutions, organizations can ensure a robust and effective security posture.

Symantec Host Integrity (HI) is a feature in Symantec Endpoint Protection (SEP) and Symantec Endpoint Security (SES) that ensures client computers meet specific security requirements before accessing your network. It allows you to define, enforce, and remediate security policies on Windows and Mac devices . 🛡️ Key Concepts Compliance Check: An automated scan that compares a device's current state against your defined security standards. Requirements: Specific conditions a device must meet (e.g., latest virus definitions, specific registry keys, or running services). Remediation: Automated actions taken if a device fails the check, such as running a script or downloading a missing file to bring the device back into compliance. Quarantine: If remediation fails, the device can be isolated using a strict firewall policy until it passes a subsequent check. ⚙️ Configuration Guide 1. Access the Policy Manager Log in to the symantec host integrity

Setting up Host Integrity involves creating policies in the SEPM and assigning them to specific groups or locations. For troubleshooting, administrators can use registry keys to preserve the HI scripts (normally deleted after execution) to verify exactly what checks are being performed on the endpoint. How Host Integrity works - Broadcom TechDocs

Symantec Host Integrity is a security feature within Symantec Endpoint Protection (SEP) and Symantec Endpoint Security (SES) that ensures client computers are compliant with organizational security policies before and during their connection to the network. By defining, enforcing, and restoring security standards on endpoints, Host Integrity (HI) provides a critical layer of protection against non-compliant or compromised devices. Core Functions of Symantec Host Integrity If all requirements are met, the check passes

Verifying that the operating system has critical security patches or hotfixes installed.

Note: Symantec was acquired by Broadcom Inc. in 2019. Legacy versions of Host Integrity are considered End of Life. The functionality now exists as the "Host Integrity" module within the modern Broadcom Symantec Endpoint Security product line. With its advanced features, such as behavioral detection

The primary goal of a Host Integrity policy is to verify that a device—whether Windows, Mac, or mobile—meets specific security requirements. These requirements often include: