Monitoring endpoint protection
|Article:HOWTO55302|||||Created: 2011-06-29|||||Updated: 2011-12-16|||||Article URL http://www.symantec.com/docs/HOWTO55302|
Symantec Endpoint Protection collects information about the security events in your network. You can use log and reports to view these events, and you can use notifications to stay informed about the events as they occur.
Table: Tasks for monitoring endpoint protection
Review the security status of your network
The following list describes some of the tasks that you can perform to monitor the security status of your client computers.
Locate which client computers need protection
You can perform the following tasks to view or find which computers need additional protection:
Protect your client computers
You can run commands from the console to protect the client computers.
For example, you can eliminate security risks on client computers.
Configure notifications to alert you when security events occur
You can create and configure notifications to be triggered when certain security-related events occur. For example, you can set a notification to occur when an intrusion attempt occurs on a client computer.
Create custom quick reports and scheduled reports for ongoing monitoring
You can create and generate customized quick reports and you can schedule custom reports to run regularly with the information that you want to see.
Minimize the amount of space that client logs take
For security purposes, you might need to retain log records for a longer period of time. However, if you have a large number of clients, you may have a large volume of client log data.
If your management server runs low on space, you might need to decrease the log sizes, and the amount of time the database keeps the logs.
You can reduce the volume of log data by performing the following tasks:
Export log data to a centralized location
Log data export is useful if you want to accumulate all logs from your entire network in a centralized location. Log data export is also useful if you want to use a third-party program such as a spreadsheet to organize or manipulate the data. You also might want to export the data in your logs before you delete log records.
Troubleshoot issues with reports and logs
You can troubleshoot some issues with reporting.
Article URL http://www.symantec.com/docs/HOWTO55302