Symantec today unveiled its retooled enterprise desktop security product and management console and announced the phased retirement of existing standalone security products.

Windows-based Symantec Endpoint Protection 11.0 adds network-access control functionality  to a product that already combines antivirus, host intrusion prevention, device control and a firewall. In launching its new flagship product, which was code-named “Hamlet,” Symantec also made clear that older desktop security products and the management console Symantec Systems Center are officially slotted for retirement.

“We now stop selling standalone antivirus and network-access control to the enterprise,” says CJ Desai, Symantec’s senior director of endpoint security. Symantec’s current enterprise products, including AntiVirus Enterprise Edition, Client Security, Network Access Control and Sygate Enterprise Protection, are officially being phased out, Desai says. However, Symantec will continue to offer standalone-style products to the consumer and home-office market.

The phase-out of Symantec’s standalone enterprise security products won’t happen overnight, Desai adds.

“We’re giving people three to five years to do this,” he says. In the meantime, to encourage migration to Symantec Endpoint Protection 11.0, Symantec is offering it at no cost to customers of the products slated for retirement.

That offer holds appeal for Glendale, Ariz., healthcare organization Touchstone Behavioral Health, which plans to migrate from Symantec’s standalone security products to the Endpoint Protection 11.0 integrated software for its 200 users.

“Our contract’s financial terms make that an easy upgrade path,” says Steven Porter, IT director at Touchstone Behavioral Health. “The common agent is one of the factors that excites me, rolling all this functionality into the product.” Porter says he has been interested in trying NAC, and this will be a way to do it under a limited IT budget.

To help customers migrate from the Symantec System Center management console to the new Symantec Endpoint Protection Manager, the security firm is providing migration tools. In addition, management tools such as IBM Tivoli, Microsoft SMS and HP OpenView also can be used for the job.

With Symantec Endpoint Protection 11.0, Symantec is introducing integrated agent software where network-access control is based on both an 802.1X and DHCP-based approach, says Desai. “If part of the network is 802.1X-ready and the other part is not, we have NAC.”