Endpoint Protection

 View Only

  • 1.  Proactive and Network threat protection.

    Posted Sep 19, 2010 03:32 AM

    Team,

    I had the sep client installan and when i click on the client machine its shows me the proactive threat protection off . On the antivirus and antispyware policy . I had enable the Scan for trojans and worms option and scan for keyloggers option under Truscan proactive Threat Scans .

    Also want to know if i exclude the both the option Network and Proactive threat protection  from client installation package . What will be  the security risk on the network .



  • 2.  RE: Proactive and Network threat protection.

    Posted Sep 19, 2010 04:04 AM

    What is the OS on the  the machine? Is it 32/or 64 bit??

    Proactive Threat Protection status shows "OFF" in the client interface

    http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/ab34d2881a1747038825745100790376?OpenDocument

     Network and Proactive threat protection   add extra to the protection that SEP provides.

     http://seer.entsupport.symantec.com/docs/331231.htm

    Network Threat Protection

    Network Threat Protection provides a firewall and intrusion prevention protection to prevent intrusion attacks and malicious content from reaching the computer that runs the Symantec Endpoint Protection client. The firewall allows or blocks network traffic based on various criteria that the administrator or end user sets.

    The client also analyzes all the incoming and the outgoing information for the data patterns that are typical of an attack. It detects and blocks malicious traffic and attempts by outside users to attack the client computer. Intrusion prevention also monitors outbound traffic and prevents the spread of worms.

     

    Proactive Threat Protection

    Proactive Threat Protection provides protection against zero-day attack vulnerabilities in your network. Zero-day attack vulnerabilities are new vulnerabilities that are not yet publicly known. Threats that exploit these vulnerabilities can evade signature-based detection (such as antispyware and antispyware definitions). Zero-day attacks may be used in targeted attacks and in the propagation of malicious code.

    Proactive Threat Protection includes the following:

    • TruScan proactive threat scans

    • Application and Device Control Policies


  • 3.  RE: Proactive and Network threat protection.

    Posted Sep 19, 2010 03:51 PM

    Hi prachand ,

     

    Proactive Threat Protection status shows "OFF" in the client interface on both the 32 bit as well as on 64 bit OS also .

    On server the antivirus and antispyware policy . Under that proactive threat protection is set to be on and that policy is assign on the group . So its still showing off on the client machine in the group . But does the server will able to detect the  threat . if any system is effected worms , trojan , please reply  



  • 4.  RE: Proactive and Network threat protection.

    Posted Sep 20, 2010 12:16 AM

    Which is your OS ?If it is a server OS also it will show the status as OFF.......



  • 5.  RE: Proactive and Network threat protection.

    Posted Sep 20, 2010 12:35 AM

    Have a look at this KB

    Is TruScan compatible with Windows Server operating systems?

     



  • 6.  RE: Proactive and Network threat protection.

    Posted Sep 20, 2010 03:44 AM

    Hi Arvind ,

     

    Thanks for the response . If my server OS either 32 or 64 bit shows proactive threat settings off . And alraedy done the settings at server end for the scan of worms and trojans . Under truscan proactive threat scans . Does that will protect  my server from zero day atacks . secure from worms trojans and keyloggers

    Problem


    You want to install the Symantec Endpoint Protection 11.0.x or 12.x SBE client software, including TruScan/Proactive Threat Protection, on a system running Windows Server 200x or any 64-bit Windows operating system. Will this feature function normally on these operating systems?
     

    Solution


    In Symantec Endpoint Protection 11.x and 12.x Small Business Edition, TruScan (also known as Proactive Threat Protection, or PTP) is not compatible with any version of Windows Server operating system. Symantec recommends omitting TruScan/PTP when installing the product on these operating systems; if installed, the product status will be displayed as OFF.

    TruScan/Proactive Threat Protection can be installed and run on all 32-bit non-server operating systems such as Windows 2000/XP/Vista/7 (x86) and 64-bit Windows XP/Vista/7


    References
    For additional information, please refer to the "Readme.txt" available on the SEP CD, or contact Symantec Technical Support for assistance.


     

    /apps/media/inquira/resources /resources
     

     

     


    Article URL http://www.symantec.com/docs/TECH96243


    Terms of use for this information are found in Legal Notices

     
     
     
     

     

     

    Please Sign In

     
     
     
     
     
     
     
     

    You are logged in as:

    Zubair Shaikh | Logout

    Update SymAccount Profile

     
     
     
     
     
     
     
     
     

    Knowledge Base Search

     
     
     
     
     
     
     
     

    Knowledge Base Search

     
     
     
     
     
     
     
     
     

    My Support

     
     
     
     
     
     
     
     

    My Support

     
     
     
     
     
     
     
     
     

    Contacting Support

     
     
     
     
     
     
     
     

    Contacting Support

     
     
     
     
     
     
     
     
     
     
     
     
     
    Rate this Article
     
     
     
     
     
    Help us improve your support experience.
     
     
     
     
     
     
     
     
     



  • 7.  RE: Proactive and Network threat protection.

    Posted Sep 20, 2010 04:44 AM

    Do you have any more queries? 



  • 8.  RE: Proactive and Network threat protection.

    Posted Sep 20, 2010 04:50 AM

    Hi Arvind ,

     

    Thanks for the response . If my server OS either 32 or 64 bit shows proactive threat settings off . And alraedy done the settings at server end for the scan of worms and trojans . Under truscan proactive threat scans . Does that will protect  my server from zero day atacks . secure from worms trojans and keyloggers



  • 9.  RE: Proactive and Network threat protection.

    Posted Sep 20, 2010 05:42 AM

    Proactive and network threat protection

    Hi Arvind ,

     

    Thanks for the response . If my server OS either 32 or 64 bit shows proactive threat settings off . And alraedy done the settings at server end for the scan of worms and trojans . Under truscan proactive threat scans . Does that will protect  my server from zero day atacks . secure from worms trojans and keyloggers. Please reply



  • 10.  RE: Proactive and Network threat protection.

    Broadcom Employee
    Posted Sep 20, 2010 05:47 AM

    truscan will not work on server OS. Even on systems which are compatible with with Truscan, zero day blocking is not completely achieved. Howvere it still adds security layer to the machine.



  • 11.  RE: Proactive and Network threat protection.

    Posted Sep 20, 2010 05:59 AM

    << If my server OS either 32 or 64 bit shows proactive threat settings off>>>>

    ---It is normal.In Server os even it is 32 also PTP will show the status as off.

    Form the KB which I pointed "TruScan (also known as Proactive Threat Protection, or PTP) is not compatible with any version of Windows Server operating system. Symantec recommends omitting TruScan/PTP when installing the product on these operating systems; if installed, the product status will be displayed as OFF." >it means in  Server OS even it is 32 bit OS also this feature will be OFF.

     

    <<<And alraedy done the settings at server end for the scan of worms and trojans . Under truscan proactive threat scans . Does that will protect my server from zero day atacks . secure from worms trojans and keyloggers>>>

     

    ---It will not protect you from zero day attacks

     

    SEP will protect you only from the threats which is having already signature in place.