14.3 Build 558: Symantec Endpoint Protection

Broadcom has significantly restricted legacy download access. As of 2026, you cannot find Build 558 on the public Broadcom support portal unless you have a valid support contract (entitlement ID).

The software installed on individual workstations, servers, and mobile devices to enforce security policies locally.

Broadcom provides the to verify that computers are ready for SEP installation. The tool can be downloaded from the Broadcom Support website and accessed through the Help menu on the management server and client.

Build 558 is primarily focused on stability and defect resolution. Key areas of improvement typically included in this build are: symantec endpoint protection 14.3 build 558

: Features a reduced client size and more efficient memory usage compared to previous 14.x versions.

SEP 14.3 Build 558 carries forward the integrated security approach that distinguishes Symantec endpoint products from basic antivirus solutions. Rather than acting only as a signature-based malware scanner, it combines , all of which can be managed from a single administrative console.

For endpoints running earlier 14.x versions, a direct client-only patch can be used to minimize network bandwidth consumption. Client only patch Endpoint Protection 14.3 (14.3.558.0000) Broadcom has significantly restricted legacy download access

For organizations currently running older versions of SEP 14.3 (such as Build 267 or earlier MP versions) or experiencing stability issues with 14.3 MPx, upgrading to Build 558 is recommended. It offers a stable baseline for on-premise management before organizations evaluate a migration to the cloud-based Symantec Endpoint Security solution.

Minimum 2 GHz dual-core processor, 4 GB RAM, and at least 16 GB of free disk space for management servers. Step-by-Step Deployment Workflow

Previous builds (14.3 RTM) suffered from high RAM consumption by the ccSvcHst.exe process. Build 558 introduced a new ML caching algorithm: Broadcom provides the to verify that computers are

Symantec Endpoint Protection (SEP) version 14.3 (build 558), released in May 2020, marked a significant architectural shift by separating the antivirus scan process into its own distinct service to improve performance . Because this specific build is now several years old, an "interesting" paper would likely focus on its historical role in endpoint evolution, its effectiveness against "living-off-the-land" (LotL) tactics introduced in that era, or a retrospective analysis of its long-term stability.

: Added browser intrusion prevention support for Edge, applying IPS signatures to inbound and outbound traffic.

Build 558 was the first build to fully integrate the "SEP Client" with the cloud management dashboard (though on-prem remains an option). The agent includes telemetry connectors that automatically forward file hash data to if deployed.