Yes it is possible to do this.

I enabled it, it is somewhere in one of the posts in the last month or so.

 

 

hi

 

you can set up in monitors-notifications-notification conditions

Thanks for the replies ..

 

Are these email messages sent real time or is there a delay using the SEPM..?

 

Why I question that is because I dont understand the "Time Ranges" symantec is using:

 

- Past 24 hours

- Past week

- Past month

- Current month

- Past three months

- Past Year

- Set specific Dates

 

close to real time, I had a virus infected PC and had the email in about 5 min.

5 minutes...!?!?!  Yikes.. A lot of damage can be done in 5 minutes if it isnt something that Symantec can block or stop.

So I am still stumped on how to get this all setup.  I am not sure of Symantec's logic in their setup of this type of notification.

This should do what you're asking for...

Monitors -> Notifications Tab -> Notification Conditions -> Add... -> Risk Outbreak

 

Outbreak Type: Occurrances on any computer

Notification Condition: 1 Occurrenaces within: 1 minutes

 

The help file describes other fields that you can customize.

notifications is based on the clients detecting security risks and uploading them to the manager.  What you want is for the client to send an email out if it detects a virus, which we can't do.

 

In terms of "realtime" then 5 minutes isn't bad... what you need to consider is this: if you get a notification by whatever means from the SEP client or manager, it means we have DETECTED the virus and no matter what we could or couldn't do, it has been blocked from doing whatever it was trying to do.

 

No antivirus product can notifiy you about a threat that it didn't detect, for whatever reason.