Symantec Endpoint Protection Arm64 Work !!exclusive!! Info

Symantec Endpoint Protection on ARM64: Making It Work in a Non-x86 World

For decades, the cybersecurity industry has been dominated by the x86 and x64 architectures. Most endpoint protection platforms (EPPs), including Symantec Endpoint Protection (SEP), were engineered to run on Intel and AMD processors. However, the computing landscape is shifting dramatically. With the rise of energy-efficient, high-performance ARM64 (also known as AArch64) processors—championed by Apple’s M-series chips, Qualcomm’s Snapdragon X Elite, Amazon’s Graviton, and various IoT devices—security teams now face a critical question: How well does Symantec Endpoint Protection work on ARM64?

The short answer is that Broadcom (the current owner of Symantec) has made significant strides, but "making it work" still requires careful planning, the right version, and an understanding of where native support ends and emulation begins.

This article provides a comprehensive guide to deploying, managing, and troubleshooting Symantec Endpoint Protection in an ARM64 environment. symantec endpoint protection arm64 work

Symantec Endpoint Protection: The Official ARM64 Status

As of the latest release cycles (SEP 14.3 RU8 and SEP 15.x, now part of Broadcom’s enterprise portfolio), the official position is as follows:

4. LiveUpdate Fails on Windows ARM64

• Problem: Virus definitions won’t update; error “Unable to connect to server.”
• Cause: The emulated LiveUpdate component may mishandle ARM64 TLS certificates.
• Fix: Download the latest Symantec_Endpoint_Protection_14.3_RU8_Win64-bit_Client_EN.zip directly from Broadcom. Install over the top. Then, set the LiveUpdate policy to use “Broadcom Public Cloud” instead of a private internal server.

4. Required Workarounds for Production Use

If you must deploy SEP on ARM64 (e.g., for compliance), apply these measures: Symantec Endpoint Protection on ARM64: Making It Work

The Future: Symantec’s Roadmap for Native ARM64

Broadcom (owner of Symantec) has been publicly quiet about native Windows on ARM64. However, industry trends force their hand.

• Q4 2024 - Q2 2025 (Speculative): Expect a beta of SEP with native ARM64 drivers for Windows. This is driven by Qualcomm’s Snapdragon X Elite chips, which are threatening Intel’s market share.
• Alternative: Broadcom may push customers to Symantec Integrated Cyber Defense (ICD), which abstracts the endpoint agent from the architecture via a lighter-weight sensor.
• Recommendation: Do not wait. If ARM64 is strategic to your org, test Microsoft Defender for Endpoint (which has native ARM64 support today) alongside SEP.

What Should IT Do Today?

If you are deploying Arm64 laptops (Surface Pro, Lenovo, or Dell XPS Arm) in your Symantec-managed environment, follow these guidelines: Symantec Endpoint Protection: The Official ARM64 Status As

1. Test First: Do not push SEP to all Arm64 devices simultaneously. Use a pilot group.
2. Use SEP 14.3 RU9 or newer: Older builds (pre-RU6) have severe emulation stability issues on Arm.
3. Adjust Scan Settings: To mitigate emulation overhead, set scheduled full scans to run during lunch breaks or overnight. Disable “scan on network read” for mapped drives.
4. Monitor CPU: On the SEPM console, create a custom view for Arm64 devices (based on OS architecture). Watch for persistently high WOW64 (Windows-on-Windows 64) process usage.
5. Consider a Hybrid: For high-performance users (developers, video editors), consider using Windows Defender with Symantec’s Network Threat Protection only, reducing the emulated workload.

❓ Still not working?

Consider these alternatives on ARM64:

• Microsoft Defender for Endpoint (native ARM64, fully supported)
• CrowdStrike Falcon (native ARM64)
• SentinelOne (native ARM64)

Broadcom (Symantec) has not announced a native ARM64 SEP client as of 2025.