Introduction to Symantec DeepSight Threat Management System 7.0
| Article:TECH112914 | | | Created: 2005-01-21 | | | Updated: 2006-01-14 | | | Article URL http://www.symantec.com/docs/TECH112914 |
Problem
This document provides general information about Symantec DeepSight Threat Management System 7.0.
Solution
Symantec DeepSight Threat Management System provides information and alerts about threats to computer security, spyware, and adware. The product provides information to help you prioritize information technology (IT) resources to better protect critical information assets against an attack.
The new set-up wizard in version 7.0 enables you to receive alerts and information within minutes after installation.
Key benefits include the following:
- Detailed notifications that provide timely information about vulnerabilities, threats, and security risks. The product provides expert analysis of data that is collected from thousands of worldwide sources and that includes data from active global attacks.
- Threat mitigation strategies that enable you to provide better prioritization, allocation, and deployment of security staff and resources.
- Customizable delivery options that include automated notifications.
New features in version 7.0 include the following:
- Vulnerability alerts on more than 35,000 product versions from over 4,200 vendors.
- Alerts and warning information about spyware and adware. The information includes risk ratings, detailed technical descriptions about code behavior, and mitigation and removal instructions.
- Domain Threat alerts that notify you when a specified domain is named in the payload of malicious code.
- A set-up wizard that automates the configuration process.
- Custom reports for data mining, tracking, and other reporting. The reports include options to customize reports by the source IP addresses or by the target ports.
References
Related information
Introduction to Symantec DeepSight Threat Management System 7.0
Differences between Symantec DeepSight Alert Services and Symantec DeepSight Threat Management System
Features of Symantec DeepSight Threat Management System 5.0
Configuring Symantec DeepSight Alert Services
Symantec DeepSight Alert Service activation codes
Contents of the Readme file for Deepsight Extractor for Symantec Network Security 7100 Series
Support for XML in Symantec DeepSight Alert Services
Suspending email notifications for Symantec DeepSight Threat Management System
Suspending email notifications for Symantec DeepSight Alert Services
Problems
Most of the following problems have been seen in versions prior to 7.0.
Mobile phones and SMS devices no longer receive DeepSight alerts
E-mail from Symantec Deepsight Alert Services includes wrong URL
Cannot receive XML alerts from Symantec DeepSight
XML file attachments are missing from the Symantec DeepSight Alert Services alerts
Status notes are missing from the Symantec DeepSight Alert Services alerts
Technical Information
Symantec DeepSight Alert Services provides "pre-emptive" attack information. This information is used before an active attack to help secure a network against known threats and vulnerabilities. Symantec DeepSight Alert Services sends alerts when a system is shown to be vulnerable to a newly discovered threat, exploit, or product vulnerability.
The Symantec DeepSight Threat Management System provides near real-time intelligence. This information is used during an active attack to help mount a rapid, accurate, and efficient defense against a rapidly advancing threat.
|
|
Legacy ID
2005122114390453
Article URL http://www.symantec.com/docs/TECH112914
Terms of use for this information are found in Legal Notices
Thank you.