Video Screencast Help

Additional Workflows in SPC

Created: 05 Mar 2012 • Updated: 28 May 2012 | 2 comments
NancyM's picture
This issue has been solved. See solution.

What Workflow processes could you find useful in SPC? Currently, SPC has 4 Workflows for SEP, and 2 Workflows that monitor the Zero Day Vulnerability Monitor and National Threat Level. The Workflow team is brainstorming and actively gathering process ideas! Please submit any processes you see beneficial to your company.

Comments 2 CommentsJump to latest comment

LGL's picture

We have just started to look at the SPC 2.1 to see if we can use it in our environment.

About the Workflows I dont really understand what workflow shall be visible in SPC because it differs between the documentation and the reallity.

In our installed SPC 2.1 I can only see the follwing:

NationalThreatLevelMonitor
Update Virus Definitions And Scan Endpoint
Update Virus Defenitions On Endpoint
ZeroDayVulnerabilityMonitor

If I understand corect the two in the middle belongs to SEP.

In the documents likeymantec Endpoint Protection and Symantec Protection Center Integration Guide 

Symantec Endpoint Protection and Symantec Protection Center Integration Guide there are two more workflows like Move Endpoint and Quarantine Endpoint.

This two would be helpful I think but I cant find anywhere how to enable this.
Do I need the SNAC installed in SEP to enable this?

// LGL

rscovel's picture

Greeting LGL,

I would recommend that you give support a call, or send me a private PM so that we can work on this.

I have tried modifying my permissions on multiple accounts and I am unable to make the listed Workflows I have disappear.

Also, as a point of fact, the items that you are referring to are the setup options for the workflows. These tell the system where to send the reports, as well as how to handle other event data.

When you are using the workflows you would be viewing the reports in Protection Center (Endpoint Summary > Endpoint List > Specific Endpoint would get you there (or go directly to Specific Endpoint after you select the report and input an Endpoint name).

On the Specific Endpoint report you have the option for the following:

Quarantine using SEP
Update definitions
Move to a different SEP Group
Update definitions and scan

Please use this area to give suggestions about workflows you would like to see.

For General questions about SPC, please use the Symantec Protection Center 2 forum at:
https://www-secure.symantec.com/connect/security/forums/symantec-protection-center-spc

The SPC 2 forum is monitored by our Support Staff and you will receive excellent information there.

We have a special forum for Developers available at:

https://www-secure.symantec.com/connect/ogdeveloper/symantec-protection-center-spc 
(Sign-up and Approval required)

Thank you!

Russ Scovel
Inside Systems Engineer

Altiris SOS – Endpoint Management and Mobility
Symantec Corporation 
www.symantec.com