Symantec Critical System Protection

Harden your operational technology and Internet of Things with application whitelisting control.

Secure cyber-physical systems with the world's most advanced industrial IOT solutions.

Request Consultation

Anti-malware Redefined

Building a cyber defense arsenal for IOT systems requires control points for a vast range of operating systems, device-specific threats and vulnerabilities. Our lightweight behavioral hardening engine is purpose-built to protect legacy, EOL systems and embedded devices, by adding layers of defense at the kernel level to prevent unhygenic operations to your endpoints. Naturalizing defense on fixed-function systems through our application whitelisting approach ensures security on IOT devices–freezing systems such that malicious content is unable to run. Critical System Protection isolates IOT devices from network intrusion, zero-day exploits, and other future forms of attacks.

  • Streamlined Application Whitelisting
  • Anti-exploit Techniques
  • Supports Windows 2000/XP/10 & Linux
  • Memory footprint less than 20MB
  • CPU utilization of less than 1 percent


Timeless, signatureless, policy-based endpoint security and compliance.

Built to secure devices from known and unknown zero-day exploits and cyber attacks.

Critical System Protection provides the ability to whitelist applications within policies, allowing only named applications to run. The CSP policy library contains prevention and detection policies; customize them to protect your network. The policy includes a new set of exploit prevention techniques along with:

  • System Hardening
  • Network Firewall
  • External Storage Protection
  • Application Isolation

Introducing Symantec Integrated Cyber Defense Exchange (ICDx)

Reduce complexity and cost with built-in integrations and streamlined interoperability.

ICDx simplifies product integrations and accelerates customer time to value across the Symantec enterprise portfolio and the industry’s largest partner ecosystem.

  • Remove the friction for security teams when integrating Symantec and third-party products
  • Enhance visibility from a unified view of events across Symantec products for searching, dashboards and reporting
  • Prepare higher quality cyber data to forward to SIEM and other SOC tools enhancing analytics and alerts
  • Speed responses to critical incidents with orchestrated actions targeting multiple Symantec products

Industry Recognition

Symantec wins Industrial IOT best practices award.


ICSP uses the world's most advanced threat detection engine which has won AV-Test's best protection.


Discover Our Community

View the latest product discussions in our forums.

Need help?

Technical support and more.

Legal Information

Learn more about legal terms, policies and notices.

License and Service Terms & Repository

Windows and Linux Features

Compare features and availability of Critical System Protection for both Windows and Linux Platforms.


The agent has been optimized for embedded operating systems, including:
  • Microsoft® Windows Embedded Family (multiple versions)
  • QNX® Real-Time Operating System
And non-embedded systems, including:
  • Linux
  • Microsoft® Windows (multiple versions)
  • Microsoft® Windows Server Family (multiple versions)


Agent platform support matrix.

For detailed hardware requirements, please refer to online help.