The solution for us is literally to TURN OFF protection.
That reject all files with 0 reputation is so unrealistic in the REAL world it's laughable. Honestly - if we all did this, then no file, ever, I mean NO file, would have a reputation. It would never be used or analyzed or checked out as we'd all reject it catagorically due to the 0 reputation.
They also need to understand that they aren't the only game in town. Even with thier marketshare - some of these files have been used by hundreds if not thousands of people around the world who do NOT use Symantec products. Say their product just isn't used by certain locations, cultures, business-types, societies or whatever, but there are valid good files out there and the few who do use the Symantec product are in a miniority in these certain parts - guess what...... Same as above - it will never reach "safe reputation".
I have to challange that thinking as it's isolationist - it's not realistic in entities such as ourselves. I have better solutions - and that is our lockdown of our images, and SEP's app control. We went through some recent "pen testing" and I wished them luck prior to starting. Their USB devices simply didn't work, and the apps couldn't get a toe-hold in here. Even the weekly scans by the appliance used to check all network devices, including printers and routers, switches, servers, etc. - get shut down by SEP so fast they don't register.
If we need to use a file that's fairly new because it's an update by a small respected company that is as aware and concerned about security as we are - we should have a way to tell SEP to ignore those files. But the problem is that this company doesn't have a lot of customers who are ALSO Symantec customers. Their files have no reputation - worse, the fore-thinking people who left us no way to exclude such files have instead of protecting us, left us with no recourse other than shut down SEP while we download the files and have our meetings.
It's nuts. I know what I'm doing, but the product is being dumbed down as if it's a MAC app with no way to tweak settings to suite our needs.
I'm just asking for the ability to tell SEP here locally - accept any file with this name PATTERN in these locations - and allow wildcards. It's that simple.
Instead, next meeting we have I must ensure SEP is disabled on dozens of computers or explain to management why their meeting failed.
Then after granting us that - tell that person who lectured you that they need to spend a week in my shoes here. They also need to be accountable to our managment when things go wrong.
A few hours at the desks of the people who posted their problems here might just see us getting some more options next release.