Endpoint Protection

 View Only

  • 1.  No alerts being received when virus/etc detected

    Posted Jan 10, 2008 12:32 PM
    I have been tasked with finding out why the alerts stopped being sent/received when there is a detection of virus/attack.
     
    We're using:
    Symantec System Center
    Symantec Corporation
    Version: 10.1.5.5002
     
    What do I need to check, or start with to find out what the problem might be???


  • 2.  RE: No alerts being received when virus/etc detected

    Posted Jan 11, 2008 03:03 PM
    I assume you're using AMS for emails?
     
    1.) Open SSC
    2.) Unlock the appropriate server group
    3.) Right-click the server group -> All Tasks -> AMS -> Configure
    4.) Click the plus sign (+) by Symantec Antivirus Corporate Edition
    5.) Click the plus sign (+) by Virus Found
     
    Do you have any entries there?  What type (Send Internet Mail, Send Page, etc)
     
    If you have Send Internet Mail, make sure that each entry has:
    1.)  a valid To internet address
    2.)  a Return internet address in the format of user@domain.tld (can be real or bogus)
    3.)  a Subject
    4.)  a valid SMTP mail server/relay (even though you can use FQDN hostnames, Symantec prefers IP addresses)
     
    Click Next and make sure that you have information in the Alert Message box.  Click Finish.  Highlight the entry and then click Test Action.  You should receive an email.