To enable or disable client submissions to Symantec Security Response

1. In the console, select Computers then click the Policies tab.

2. In the Policies page, click Edit Settings for Tamper Protection and Submissions.

3. Click the Submissions tab.

4. If you want to enable your client computers to submit data for analysis, check Let computers automatically forward selected anonymous security information to Symantec.

5. To disable submissions for the client, uncheck Let computers automatically forward selected anonymous security information to Symantec.

   If you disable submissions for a client and lock the settings, the user is unable to configure the client to send submissions. If you enable, select your submissions types and lock the settings, the user is not able to change your chosen settings. If you do not lock your settings, the user can change the configuration as desired.

   Symantec recommends that you submit threat information to help Symantec provide custom threat protection. You may need however, to disable this feature in response to network bandwidth issues or a restriction on data leaving the client. You can check the Client Activity to view log submissions activity if you need to monitor your bandwidth usage.

   See Viewing logs.

6. Select the types of information to submit:

   • File reputation

     Information about files that are detected based on their reputation. The information about these files contributes to the Symantec Insight reputation database to help protect your computers from new and emerging risks.

     Note:

     Unmanaged clients require a paid license to enable the submission of file reputation data. See Licensing an unmanaged client.

   • Antivirus detections

     Information about virus and spyware scan detections.

   • Antivirus advanced heuristic detections

     Information about the potential threats that are detected by Bloodhound and other virus and spyware scan heuristics.

     These detections are the silent detections that do not appear in the Risk log. Information about these detections is used for statistical analysis.

   • SONAR detections

     Information about the threats that SONAR detects, which include high or low risk detections, system change events, and suspicious behavior from trusted applications.

   • SONAR heuristics

     SONAR heuristic detections are silent detections that do not appear in the Risk log. This information is used for statistical analysis.

7. Check Allow Insight lookups for threat detection to allow Symantec Endpoint Protection to use the Symantec Insight reputation database to make decisions about threats.

   Insight lookups are enabled by default. You can disable this option if you do not want to allow Symantec Endpoint Protection Small Business Edition to query the Symantec Insight reputation database.

   Download Insight, Insight Lookup, and SONAR use Insight lookups for threat detection. Symantec recommends that you allow Insight lookups. Disabling lookups disables Download Insight and may impair the functionality of SONAR heuristics and Insight Lookup.