Endpoint Protection

Hello,

I'm very new to SEP and attempting to learn how to go about creating exclusions for applications. I've only installed the following components for SEP AV, Spyware, Download Protection (basic and advanced) and Proactive Threat Protection (Sonar only). No Application and Device Control, Firewall, Mail Scanner, or Intrusion Prevention.

As for AV policy, I pretty much have all the Protection Technologies and Advanced Options enabled (with the lock icon enabled). Please let me know if anything specific is needed.

My question is with my installed components and AV policy, would SEP block any executables ? If yes, is their any reports or logs for me to review from SEPM ?

Regards, RK

Even with only AV installed SEP has a feature Tamper Protection that might block any file which is trying to tamper SEP files or registry.

You can view this log directly from the client or in SEPM it will come under SEPm - Monitors- Logs

Application Control Logs.

Any file that is considered to be a threat will be blocked by SEP. thats why we have this product:)

Kindly tell us what you are worried about? any specific application being blocked? If you could give us more details, we may be able to assist.

nothing in particular, just a reviewing the logs for anything that SEP could or would detect and block.

Open and login to the SEPM

Click Monitors

Click Notifications

Click Notification Conditions

Click Add

Select system event

check out the required option under "What settings would you like for this notification?"

Select the Severity type

Add your email id here.

Then Ok

This way you can configure all the log notification.

It is easy to read the log of all events

Have you tried the attach, any update come?