Endpoint Protection

 View Only

  • 1.  previous question results not found

    Posted Oct 28, 2015 01:57 PM

    I have a few questions I'm hoping someone can answer, how can I perform the following tasks with symantec protection suite enterprise editon.

    block pages that contain malicious script when a user opens a web page

    log these visits so I can run a report

    protect documents from unauthorized change or encryption

    block processes commonly associated with ransomeware

    log c&c callbacks, see those in reports, set outbreak alerts with a threshold

    scan subnets for systems without protection, by subnet or domain

    ability for behaviour monitoring

    thank you



  • 2.  RE: previous question results not found

    Posted Oct 28, 2015 03:30 PM

    block pages that contain malicious script when a user opens a web page

    log these visits so I can run a report

    protect documents from unauthorized change or encryption

    block processes commonly associated with ransomeware

    log c&c callbacks, see those in reports, set outbreak alerts with a threshold

    scan subnets for systems without protection, by subnet or domain

    does symantec benefit from cloud sharing of information

    ability for behaviour monitoring

    • There may be IPS signatures which auto-detect malicious so there is potential here
    • Yes
    • Yes, using an application control policy
    • Yes, using an application control policy
    • Yes, using the firewall/IPS
    • Yes, using an unmanaged detector
    • Yes, Download Insight/ Reputation database
    • Yes, using application an application control policy