: The number of URLs required for client-to-server communication through firewalls has been significantly reduced.
Based on Broadcom's best practices for upgrading on-premises SEPM from version 14.3 RUx to RU10, organizations should follow a methodical approach:
In the 14.3 RU10 Refresh build, administrators can navigate to the panel inside SEPM and uncheck the global required password box. This modification allows IT teams to execute automated, hands-off uninstallations across hundreds of target endpoints using PowerShell or native command-line parameters without sacrificing baseline console security. Hardened Core Infrastructure Components
It enforces the modern standard established in RU6, dropping legacy 32-bit operating systems entirely to optimize performance on x64 architectures. Direct Architectural Comparison: RU10 vs. Older 14.3 Builds symantec endpoint protection 143 ru10 better
Cloud-console dependency required for behavioral monitoring. inside native SEPM. LOTL Mitigation Basic cloud-based analytics blocklists. MITRE Heat Maps tracking interactive threat prevalence. Server OS Matrix Up to Windows Server 2022 compatibility. Full Windows Server 2025 optimization and integration. Bulk Administration High friction; hard-locked manual deployment requirements. Scripted uninstallation via administrative toggle. Upgrading to Symantec 14.3 RU10
Importing or exporting security policies and communication settings (Sylink.xml).
directly within the on-premises management console, rather than relying solely on the cloud. This update focuses on blocking "Living Off the Land" (LOTL) attacks and enhancing administrative control over client security. Broadcom TechDocs Key Enhancements in RU10 On-Premises Adaptive Protection : The number of URLs required for client-to-server
: By bringing cloud-level intelligence (like Adaptive Protection heat maps) to the on-premises console, RU10 reduces "swivel-chair" management, letting admins view prevalence behaviors and correlated MITRE techniques in one place.
Why is this a big deal? Adaptive Protection uses a rich behavioral analysis engine powered by global threat intelligence to defend against sophisticated, targeted attacks. It helps you proactively reduce your attack surface by managing potentially risky behaviors of trusted applications.
Still not a lightweight AV by modern standards, and the UI is still dated. But if you’re already on SEP, RU10 is the version to standardize on . inside native SEPM
content. RU10 uses RU9 definition monikers to save space, and excluding the RU9 definitions will leave clients unprotected. Broadcom support portal 6. Enhance Reporting and Communication Syslog Security:
. Developed under Broadcom, this release addresses modern infrastructure demands by introducing critical native OS compatibility, script defense mechanisms, and administrative automation updates.
: It uses a rich analysis engine to block "Living Off the Land" (LotL) attacks by correlating behaviors with the MITRE ATT&CK framework. 2. Strengthened Client Security and Tamper Protection
Symantec Endpoint Protection 14.3 RU10 (Release Update 10) is a maintenance and feature update for Broadcom's flagship endpoint security suite. It consolidates antivirus, anti-malware, firewall, and intrusion prevention technologies into a unified architecture. This release focuses on stability, operating system compatibility, and cloud integration. Key Improvements in RU10 1. Enhanced Threat Detection and Mitigation