Authentication failure | A configurable number of logon failures in a defined period of time triggers the Authentication failure notification. You can set the number of logon failures and the time period within which they must occur to trigger the notification. |
Client list changed | This notification triggers when there is a change to the existing client list. This notification condition is enabled by default. Client list changes can include: The addition of a client A change in the name of a client The deletion of a client A change in the hardware of a client A change in the Unmanaged Detector status of a client A client mode change
This notification is enabled by default. |
Client security alert | This notification triggers upon any of the following security events: You can modify this notification to specify the type,
severity, and frequency of events that determine when these notifications are triggered. Some of these occurrence types require that you also enable logging in the associated policy. |
Download Protection content out-of-date | Alerts the administrators about out-of-date Download Protection content. You can specify the age at which the definitions trigger the notification. |
Enforcer is down | This notification triggers when the Enforcer appliance goes offline. The notification tells you the name of each Enforcer, its group, and the time of its last status. |
Forced application detected | This notification triggers when an application on the commercial application list is detected or when an application on the list of applications that the administrator monitors is detected. |
IPS signature out-of-date | Alerts the administrators about out-of-date IPS signatures. You can specify the age at which the definitions trigger the notification. |
Licensing issue Paid license expiration | This notification alerts administrators and, optionally, partners, about the paid licenses that have expired or that are about to expire. This notification is enabled by default. |
Licensing issue Over-deployment | This notification alerts administrators and, optionally, partners, about over-deployed paid licenses. This notification is enabled by default. |
Licensing issue Trial license expiration | This notification alerts administrators about expired trial licenses and the trial licenses that are due to expire in 60, 30, and 7 days. This notification is enabled by default if there is a trial license. It is not enabled by default if your license is due for an upgrade or has been paid. This notification is enabled by default. |
New learned application | This notification triggers when application learning detects a new application. |
New risk detected | This notification triggers whenever virus and spyware scans detect a new risk. |
New software package | This notification triggers when a new software package downloads or the following occurs: LiveUpdate downloads a client package. The management server is upgraded. The console manually imports client packages.
You can specify whether the notification is triggered only by new security definitions, only by new client packages, or by both. By default, the Client package setting option is enabled and the option is disabled for this condition. The New client software notification is enabled by default. |
New user-allowed download | This notification triggers when a client computer allows an application that Download Insight detected. An administrator can use this information to help evaluate whether to block or allow the application. |
Risk outbreak | This notification alerts administrators about security risk outbreaks. You set the number and type of occurrences of new risks and the time period within which they must occur to trigger the notification. Types of occurrences include occurrences on any computer, occurrences on a single computer, or occurrences on distinct computers. This notification condition is enabled by default. |
Security Virtual Appliance offline | This notification alerts administrators when a Security Virtual Appliance goes offline. Security Virtual Appliances run only in VMware vShield infrastructures. |
Server health | Server health issues trigger the notification. The notification lists the server name, the health status, the reason, and the last online or offline status. This notification is enabled by default. |
Single risk event | This notification triggers upon the detection of a single risk event and provides details about the risk. The details include the user and the computer involved, and the actions that the management server took. |
SONAR definition out-of-date | Alerts the administrators about out-of-date SONAR definitions. You can specify the age at which the definitions trigger the notification. |
System event | This notification triggers upon certain system events and provides the number of such events that were detected. System events include the following events: Server activities Enforcer activities Replication failures System errors
|
Unmanaged computers | This notification triggers when the management server detects unmanaged computers on the network. The notification provides details including the IP address, the MAC address, and the operating system of each unmanaged computer. |
Upgrade license expiration | Upgrades from previous versions of Symantec Endpoint Protection Manager to the current version are granted an upgrade license. This notification triggers when the upgrade license is due to expire. Note: | The Upgrade license expiration notification appears only after a Symantec Endpoint Protection upgrade. |
|
Virus definitions out-of-date | Alerts the administrators about out-of-date virus definitions. You can specify the age at which the definitions trigger the notification. This notification is enabled by default. |
Thank you.