Symantec Endpoint Protection (SEP) supports Windows ARM64 devices
, but only through specific management methods. As of version 14.3 RU7,
on-premises Symantec Endpoint Protection Manager (SEPM) does not support ARM64 devices Compatibility & Management
To secure ARM64 devices like the Microsoft Surface Pro X, you must use one of the following methods: Cloud-Managed (Symantec Endpoint Security): Symantec Security Cloud console to manage the agent on ARM64 hardware. Unmanaged (Self-Managed):
You can install an unmanaged package from the "Full_Installation" download of SEP. Key Features for ARM64
While some features vary by platform, ARM64 agents typically include: Multilayered Protection: AI-driven detection, behavioral analysis, and Adaptive Protection Performance:
A lightweight agent designed to minimize impact on system productivity. Modern Support:
Explicit support for ARM-based processors like the Apple M1, M2, and M3 series (for macOS) and Windows 10/11 ARM devices. Implementation Steps
Symantec Endpoint Protection (SEP) provides native support for ARM64 devices, specifically targeting Windows 11 on Arm. However, this support is strictly limited to cloud-managed (Symantec Endpoint Security/SES) or unmanaged (self-managed) clients. Management and Deployment
No On-Premises Management: The standard on-premises Symantec Endpoint Protection Manager (SEPM) does not support managing ARM64 devices.
Management Required: You must use the Symantec Endpoint Security (SES) cloud console to manage ARM64 endpoints.
Unmanaged Option: ARM64 packages are also available as unmanaged clients for standalone installation. Feature Availability and Limitations
While most core protection features work, there are significant gaps compared to x64 clients. Unsupported features on ARM64 include: Exploit Protection and Application Control. Threat Defense for AD. Web and Cloud Access Protection. Custom Application Behavior.
Legacy Browser Protection: This includes older Internet Explorer or Firefox-based protection under the Intrusion Prevention Policy. Operating System & Hardware Requirements
Windows: Support is focused on Windows 11 (builds 21H2, 22H2, 23H2, and 24H2).
Processors: Tested on Qualcomm Snapdragon (7c and later) and Ampere Altra processors.
Mac: ARM support (Apple Silicon M1, M2, M3) is available as of version 14.3 RU2 and later.
Linux: While Linux ARM64 support was noted on the roadmap in earlier years, recent documentation confirms management of Windows 11 ARM devices while emphasizing that SEPM still lacks managed support for these clients. Known Issues
Update Compatibility: Some versions (14.3 RU7) on Windows 11 ARM may show "Virus and Spyware Protection is disabled" due to specific Windows updates; this typically requires upgrading to the latest Windows or SEP refresh.
Management Conflicts: The cloud console may cancel policy imports if SEPM has groups with the same name but different capitalization (e.g., "GroupName" vs "groupname"), as the cloud console is more restrictive. If you're planning a rollout, I can help you:
Identify the exact SEP/SES version needed for your hardware. symantec endpoint protection arm64 work
Detail the steps to export an ARM64 package from the cloud console. Compare cloud-managed vs. unmanaged pros for your team.
Symantec Endpoint Protection (SEP) and the newer Symantec Endpoint Security (SES) do work on ARM64 processors
, but with specific management limitations and feature gaps. Broadcom support portal ARM64 Support & Performance
Broadcom provides native support for ARM64 (specifically Snapdragon processors like those in the Microsoft Surface Pro X or Pro 9 5G) through unmanaged or cloud-managed agents. Microsoft Learn Symantec Endpoint Security Reviews, Pros and Cons
Broadcom has expanded Symantec Endpoint Protection (SEP) and Symantec Endpoint Security (SES) to support the ARM64 architecture, specifically targeting Windows 11 devices like the Surface Pro X and other Snapdragon-powered PCs. Core Support and Management
Symantec’s ARM64 support is currently focused on specific management models:
Management Options: Support is available for cloud-managed (Integrated Cyber Defense Manager - ICDm) and unmanaged (self-managed) clients.
On-Premises Limitation: There is currently no support for managing ARM64 endpoints via an on-premises Symantec Endpoint Protection Manager (SEPM).
OS Requirements: Native support requires Windows 11 GA builds (such as 21H2 and 22H2). Supported Features
The ARM64 agent provides a wide array of protection features nearly identical to those on standard x64 workstations:
Endpoint Detection and Response (EDR): Fully integrated for threat hunting and incident response.
Network Security: Includes the standard Firewall and Intrusion Prevention.
Compliance: Host Integrity checks are supported to ensure devices meet security standards before accessing network resources. Feature Gaps
Due to the unique nature of the ARM64 architecture, certain legacy or specialized features are not currently supported: Application Control and Exploit Protection. Threat Defense for Active Directory (AD).
Custom Application Behavior and Web/Cloud Access Protection. Legacy browser protection for Internet Explorer or Firefox. Technical Specifications
For deployment, the ARM64 version follows a similar lightweight footprint to its x64 counterparts, requiring roughly 245 MB of disk space for the client installation. The agent is designed to be highly efficient, leveraging Qualcomm Snapdragon 7c and later compute platforms for optimal performance.
Symantec Endpoint Protection (SEP) provides native support for ARM64 architectures across Windows, macOS, and Linux, primarily starting with version 14.3 RU7. However, management and feature availability vary significantly by platform. Windows on ARM Support
Broadcom introduced native ARM64 support for Windows in SEP 14.3 RU7.
Management Limitations: Native ARM support is currently limited to unmanaged (self-managed) or cloud-managed clients (via the Integrated Cyber Defense Manager or ICDm). There is no support for managing ARM endpoints through an on-premises Symantec Endpoint Protection Manager (SEPM).
Operating Systems: Supported on Windows 11 GA builds (21H2, 22H2). The Verdict: SEP will "work" on Windows 11
Unsupported Features: While most protection features work, the following are not supported on Windows ARM: Custom Application Behavior Threat Defense for Active Directory (AD) Web and Cloud Access Protection Exploit Protection
Legacy Browser Protection (IE/Firefox-based) in Intrusion Prevention Policies Application Control macOS (Apple Silicon) Support
Symantec offers robust support for Apple’s M-series chips, with compatibility added incrementally by processor generation: Supported From Apple M1 SEP 14.3 RU2 Apple M2 SEP 14.3 RU5 Apple M3 SEP 14.3 RU8 Apple M4 / M5 SEP 14.3 RU9
Unlike Windows ARM, the Mac agent can be managed by either on-premises SEPM or the cloud console. Linux ARM64 Support
Broadcom provides ARM64/aarch64 installers for specific Linux distributions, managed through the seplpkg (SEP Linux Packager) tool.
Supported Platforms: RHEL 8, RHEL 9, and Ubuntu (16, 18, 20) support ARM64/aarch64 architecture.
Kernel Support: SEP for Linux relies on specific kernel modules. From 14.3 RU8, cloud-managed agents use LiveUpdate to automatically upgrade these modules.
Discontinued Support: As of version 14.3 RU9, support for older distributions (RHEL 6, CentOS 6, Ubuntu 14, Debian 9, SLES 12) has been removed. Installation Notes
ARM-Specific Packages: For Windows, ARM packages are available within the "Full_Installation" download of SEP. For cloud users, you must specifically select the Windows ARM architecture when downloading the agent package from the console.
Prerequisites: For Windows 10/11 versions starting with 14.3 RU8, ensure Microsoft Trusted Signing (formerly Azure Code Signing) is installed for the client to function correctly.
Symantec Endpoint Protection ARM64 Support and Implementation
Symantec Endpoint Protection (SEP) and Symantec Endpoint Security (SES) have evolved to support the ARM64 architecture
, primarily focusing on Windows on ARM devices (such as the Microsoft Surface Pro X and Surface Pro 9) and Apple silicon (M1, M2, M3, and M4 processors). 1. Core Architecture Support
Broadcom introduced official support for Windows ARM devices starting with Symantec Endpoint Protection 14.3 RU7 Windows on ARM
: Support is available for Windows 11 GA builds (21H2, 22H2, and later) on Qualcomm Snapdragon ARM processors. Apple Silicon
: Support for macOS on ARM (Apple M-series) began earlier, with M1 support in 14.3 RU2 and subsequent updates for M2 (RU5) and M3 (RU8). 2. Management and Deployment Requirements
A critical distinction in ARM64 support is the management infrastructure. No On-Premises SEPM Support
: The on-premises Symantec Endpoint Protection Manager (SEPM) manage ARM64 devices directly. Management Options Cloud-Managed : Devices must be managed via the Symantec Endpoint Security (SES) cloud console (Integrated Cyber Defense Manager - ICDm).
: You can use "self-managed" or unmanaged installation packages for standalone protection. 3. Feature Availability for Windows ARM
While the ARM64 agent provides core security, some legacy or specialized features are not supported on this architecture. Supported Features Unsupported Features Antimalware & Malware Protection Application Control Behavioral Analysis & Adaptive Protection Custom Application Behavior Firewall & Intrusion Prevention (IPS) Web and Cloud Access Protection Endpoint Detection and Response (EDR) Exploit Protection (Legacy) Host Integrity Threat Defense for Active Directory Memory Exploit Mitigation Granular Device Control (Allow/Deny only) 4. Implementation Steps Threat Defense for AD
To deploy Symantec to an ARM64 environment, follow these requirements: Obtain Correct Package : Download the specific Windows ARM architecture
installer from the SES cloud console or the "Full_Installation" download of SEP for unmanaged use. Environment Check
: Ensure the target device is running a compatible Windows 11 ARM build or a supported macOS version. : If moving from on-premises, use SEP 14.3 RU5 build 8282 or later as the bridge version for migration to the cloud console. or help navigating the SES Cloud Console to generate these ARM64 packages?
Symantec Endpoint Protection for Windows does NOT currently ship a native ARM64 driver for the Windows kernel. However, the user-mode components and the core antivirus engine can run via Microsoft’s emulation layer on Windows 11 ARM64 (version 22H2 and later).
To understand how SEP works on ARM64, one must understand the shift in operating system security models.
For most enterprise use cases, the current x64 version of Symantec Endpoint Protection installs and operates successfully on Windows 11 Arm64 systems.
In controlled testing on a Snapdragon 8cx Gen 3 device:
The Verdict: For standard malware defense, SEP on Arm64 in emulation mode is currently production-viable for most general-purpose business users.
If you are deploying Arm64 laptops (Surface Pro, Lenovo, or Dell XPS Arm) in your Symantec-managed environment, follow these guidelines:
WOW64 (Windows-on-Windows 64) process usage.To answer the original query: Symantec Endpoint Protection ARM64 does "work," but only in the sense of functional emulation.
If your enterprise is standardizing on Windows on ARM, you have a decision to make: accept the performance tax of running SEP under emulation, or migrate to a security stack that has already invested in native ARM64 development (e.g., Microsoft Defender, CrowdStrike, or SentinelOne).
For now, monitor Broadcom’s release notes for SEP 14.3 RU9 or SEP 15.1. The moment you see "Added native Windows on ARM64 (WoA) support" in bold letters, you will know the waiting game is over. Until then, proceed with caution, test rigorously on a pilot group, and always keep a lightweight, native fallback option available.
Need to verify your specific environment? Use the sysinfo command on your ARM64 device and cross-reference the build number with Broadcom’s official "SEP Client Compatibility Matrix" (updated quarterly). Do not assume later builds automatically support ARM64—always check the release notes for the phrase "Windows 11 ARM64."
Symantec Endpoint Protection and ARM64 Compatibility As ARM64 architecture continues to expand from mobile devices into professional laptops like the Microsoft Surface Pro and Apple’s M-series Macs, enterprise security must adapt. Symantec Endpoint Protection (SEP) now provides specific support for ARM64 across Windows, macOS, and Linux, though management requirements vary by platform. Windows ARM64 Support
Symantec supports Windows 11 on ARM64 processors (such as the Snapdragon X Elite) with specific version and management constraints.
Management Requirements: ARM64 endpoints cannot be managed by an on-premises Symantec Endpoint Protection Manager (SEPM). They must be managed via the Symantec Endpoint Security (SES) Cloud Console or remain unmanaged.
Operating Systems: Support includes Windows 11 GA builds (21H2 through 25H2).
Feature Limitations: While most core protections work, certain advanced features like Custom Application Behavior, Threat Defense for AD, and Exploit Protection are currently unsupported on Windows ARM architecture. Apple Silicon (macOS ARM64)
Symantec has robust support for Apple’s M1, M2, M3, and M4 chips.
Note: As of mid-2026, Broadcom (the owner of Symantec) has a specific, limited support model for ARM64, which differs significantly from x86/x64.