An Audit Signature designed to detect usage of the SSL 3.0 protocol has been released for Symantec Endpoint Protection (SEP). Audit Signatures do not block traffic associated with these non-malicious applications, but empower SEP administrators to learn which endpoints in their network are running such software in case it is something that is not desired on the corporate network. The administrators can take action as they see fit.
https://www-secure.symantec.com/connect/forums/poodle-attack-siganture