About outbreak management

Article:HOWTO82430  |  Created: 2012-11-30  |  Updated: 2014-06-25  |  Article URL http://www.symantec.com/docs/HOWTO82430
Article Type
How To


Subject


About outbreak management

An outbreak situation occurs when an excessive number of threats or events that exhibit virus-like behavior occur on a network. When an outbreak occurs, prompt identification of the situation and notification of administrative staff is critical.

Outbreak management lets you configure Mail Security to send alerts whenever a certain threshold of duplicate messages, which are sent within a period of time, is reached. In some instances, a large number of duplicate messages can indicate an active virus outbreak or a problem within your Exchange server. You can monitor different type of conditions and receive timely alerts as they occur. An outbreak condition does not necessarily indicate that there is a problem. Sometimes the duplicate messages threshold is met by normal email flow and that depends on your settings and the amount of email flow passing through the Exchange server.

When you configure outbreak settings, it is recommended that you consider the following:

  • Threat potential of the event category that is being monitored

  • Amount of email that is typically processed

  • Size of your mail system

  • Stringency with which you want to define an outbreak

As your outbreak triggers are tested, you can fine-tune the values that you use.

Mail Security lets you manage outbreaks with the following options:


Legacy ID



SMSID0EIXHK_v82634657


Article URL http://www.symantec.com/docs/HOWTO82430


Terms of use for this information are found in Legal Notices