Symantec's website security capabilities came from its acquisition of the authentication business unit of Verisign in 2010. Its Verisign SSL Certificate Service was rebranded as Norton Secured Seal in 2012.
Symantec operates as a certificate authority, offering SSL/TLS certificates. According to Netcraft, just under one-third of all SSL certificates worldwide were issued by Symantec. Designed primarily for enterprises, the service offers extended website security services that include malware scanning, DDoS mitigation and performance optimisation. It provides centralised management and reporting of all certificates to ensure all certificates remain valid. A code signing service is also provided for certificates to allow organisations to verify software, file and application downloads for security. An additional service offered is Norton shopping guarantee, which is a free protection service for online shoppers.
In March 2016, Symantec launched its Encryption Everywhere service, which is an SSL certificate service aimed at hosting providers. This allows hosting providers to offer end-to-end website security services to their customers, enabling them to secure applications and data in motion for all their customers' websites. They are able to manage their customers' entire certificate lifecycle management processes, as well as offering them value-added services.
Symantec operates in more than 50 countries worldwide, with 51% of its revenues generated outside of the US. It has a large roster of sales partners worldwide, although it states that its strategy is to focus on fewer, more specialised partners. It also has a wide range of partnerships with other technology vendors, as well as OEM partners and ISPs. It is currently actively recruiting partners for its Encryption Everywhere service.
Symantec's website security products are aimed at enterprise and public sector organisations through its global sales force and partners. It has customers in almost every vertical industry.
Its Encryption Everywhere product is aimed at hosting providers worldwide. Initial hosting providers signed up after the launch include InterNetX, CertCenter and Hostpoint.
SSL certificates are valid for defined periods of time only. Symantec's website security services automate the entire lifecycle of certificates, from issuance to revocation and renewal. It helps organisations - or hosting providers in the case of Encryption Everywhere - to manage their entire inventory of certificates, managing the inventory in terms of how many there are, what type they are, where they are deployed and their expiration dates, automatically replacing certificates when they expire and revoking certificates that are no longer valid or that have expired. The certificates are used to protect websites, applications and data in motion.
Other services offered as part of the website security offering include malware scanning, DDoS mitigation and performance optimisation.
All certificates provided under the service are branded by Symantec, providing visual verification that the site is safe for visitors so that they can trust the service offered. Symantec is one of the top three leading certificate authorities worldwide, with a brand that is highly trusted.