Norton Security PC client v22.7 introduces our next generation antivirus engine featuring Symantec Data Scanner (SDS) technology. SDS makes its debut on Windows OS platform, with many capabilities designed for faster and smarter protection.

Background

Norton Security provides its protection in two modes: kernel and user modes (more info).

In kernel mode, Norton Security provides real-time protection by monitoring the activities of all running processes; and performs various security checks on calls made by applications running in user mode. Our antivirus engine running in kernel mode ensures that malicious codes are not making unauthorized modifications to the key areas of OS and user environment. This ensures threats like rootkits are blocked; and infected files are not getting onto the system.  In user mode, Norton Security performs the analysis of memory access and ensures safe execution of applications running in the system. The protection in user mode prevents advanced threats from executing malicious CPU instructions and making memory modifications.

Next Generation Antivirus Engine

Norton Security PC client v22.7 introduces our next generation antivirus engine featuring Symantec Data Scanner (SDS) technology as well as a newly architected real-time protection system (Auto-Protect). SDS is a user mode only solution targeting modern platforms and products. With the introduction of SDS all file scans will execute in user mode, providing improved security and better resource management.  Beyond improved security, SDS also delivers refined detection technology that enables our Response Ops team to detect threats sooner.

The new engine can monitor the activities of processes and file IOs in kernel mode and scan in user mode without trading off performance of the system. Scanning in user mode provides additional flexibility by removing memory limitations in kernel mode. This also supports other enhancements included in this release such as our enhanced emulator. Moreover, it allows flexibility to develop features that are not possible to do in kernel. Furthermore, SDS can expand the security checkpoints in-memory access by malicious processes and perform more sophisticated repairs under certain conditions.

SDS is available to all Norton Security products

SDS is shipped with the latest release of Norton Security v22.7 products (including NS, NIS, N360, and NAV) on Windows platform. Customers are not required to take any action as the LiveUpdate feature will automatically upgrade from previous versions. Upcoming versions will expand support to modern Linux and MAC platforms.