Screencasts - Hilfsvideos
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

SEPM 12.1 needs the "Clear Infected Status" button.

Created: 11 Dez. 2012 | 1 Kommentar
das Bild der John Cooperfields
6 Zustimmen
0 Nicht zustimmen
+6 6 Stimmen
Bitte loggen Sie sich ein, um abzustimmen

The "Clear Infected Status" button is missing from 12.1 SEPM as documented here:

http://www.symantec.com/docs/TECH193160  and here:  http://www.symantec.com/docs/TECH165846

There is now in SEPM v12 no quick way to clear the infected status (to delete the flag) for administrative purposes.     

Why is this feature needed? For example,

Responding to the threat flags (plural) on the Computer Status log. suppose I work on one remote machine, perhaps just deleting a malfile. Then I send a scan command  from the SEPM for a degree of assurance that the matter is resolved.

Now I need to clear that infected flag so  that it is out of the way (no longer a distraction) and I can work on just the flags that need my attention, with the assurance that if the scan I just invoked finds the file has returned, a new flag for that client will appear the the Comp Stat log.  

That is one typical scenario. Please vote up if you have limited staff and want your machines clean.

Additional clarification

Yes I understand that the SEP 12.1 approach is: you send the scan command and if it returns clean, THEN the flag gets cleared. One problem with that is that I need the flag to be GONE when I am done working so I can go on to the others and not have to keep re hashing my way through through all the ones I have already fixed, trying to keep track of which flags to quit reading which are old which are new -  re-opening the flag to see what the date(s) are on the detections listed there.

( A quick scan might not clear the flag. See the Solution here:   https://www-secure.symantec.com/connect/forums/how-clear-still-infected-pcs-virus-and-risks-activity-summary-sepm-121-ru1-mp1-console#comment-7670341  )

Worse, it seem that all flags will clear anyway after 12 hours or 24 hours. Home page  Security Status  > Preferences  >  first tab.  which is not good if you do not work seven days a week.  

This change was made to give “a more accurate status for how many client computers really are infected.”  So, a mere count will be more accurate but it is now harder to actually fix machines.

Thank you for your consideration.

John

Kommentare 1 CommentZum neuesten Kommentar

das Bild der Ajit Jhas

I came across the Questions like, why it has been withdrawn? If it can be available in 12.1 then please realease a Hotfix for the same.

Regard's

Ajit Jha

Technical Consultant

ASC & STS

0
Bitte loggen Sie sich ein, um abzustimmen