For an endpoint security solution like SEP, which hooks deeply into the operating system for real-time scanning, running natively is crucial. 2. Symantec Endpoint Protection (SEP) ARM64 Compatibility
This article provides a technical deep dive into SEP’s ARM64 journey, covering version history, architecture support, deployment methods, known limitations, current hotfix status, and best practices for organizations adopting Windows on ARM.
Pull down the consolidated executable stub to a local staging environment. 3. Automated Fleet Deployment
remains unsupported on these devices as well. Managing the Transition symantec endpoint protection arm64 hot
Then came the ARM64 revolution.
The ecosystem has evolved from an experimental feature in SEP 14.3 RU7 to a production‑ready offering in SEP 16 (ESA) and client‑only patches.
Advanced attack surface reduction and Endpoint Detection and Response (EDR) capabilities monitor process behaviors. By mapping activities directly against the MITRE ATT&CK framework natively on ARM64, Symantec detects living-of-the-land techniques, process hollowing, and credential theft attempts unique to ARM payloads. Performance and Deployment Advantages For an endpoint security solution like SEP, which
A native ARM64 agent is required to interact directly with the ARM processor and OS kernel for optimal security and efficiency.
For large enterprise environments, use the Symantec IT Management Suite (ITMS) to push the client. ITMS natively accommodates Windows on ARM deployment targets, letting engineers group systems dynamically, push the security installer silently, and monitor enrollment metrics without manually interacting with individual client systems. Enterprise Benefits: Coexistence and Strategy
Migrate to the SES cloud console to manage the ARM64 fleet, as on-premises SEPM lacks support. Pull down the consolidated executable stub to a
Last updated: October 2025. This article reflects the current state of Symantec Endpoint Protection as distributed by Broadcom Inc.
The Windows agent requires a 64-bit environment. is fully supported. Broadcom has dropped support for all 32-bit legacy operating systems, meaning older Windows 10 ARM installations must be upgraded before deployment. 3. Native Security Requirements