Endpoint Protection

 View Only
Back to discussions
Expand all | Collapse all

Risk Types in SAV are more detailed than in SEP?

  • 1.  Risk Types in SAV are more detailed than in SEP?

    Posted May 01, 2009 03:06 AM
    Hi Team,

    We were making our customized reports and we encountered that SEPv11's risk types are less detailed than when we were using SAV10.X.
    These data came from the logs exported in both SEP and SAV.

    Here are some examples:

    Trojan horse is detected as just viral in SEPv11 but classified as viral in SAV10.X
    W32.Sality.FDC is detected as just viral again in SEPv11 but is classified as Worm in SAV10.X.

    I could name more but this might just be enough for now. 

    Could there be a way to correct this Team so that the reports that we are doing would be more revealing?

    Thanks,

    Nel Ramos
    IT-OCC 


  • 2.  RE: Risk Types in SAV are more detailed than in SEP?

    Broadcom Employee
    Posted May 02, 2009 09:46 AM
    hi,
    checked the site

    W32.SillyFDC is a threat - worm
    w32.sality is Virus.. the one which you have mentoined does not listed  "W32.Sality.FDC "!!

    Pete!


  • 3.  RE: Risk Types in SAV are more detailed than in SEP?

    Posted May 02, 2009 11:23 PM
    Thanks for the comment...
    But in the old SVA10.X logs before we cross checked that under risk type Trojan Horse is typed as trojan while it is just typed as viral in the new SEPv11. Any thoughs team?


  • 4.  RE: Risk Types in SAV are more detailed than in SEP?

    Posted May 04, 2009 12:11 AM
    On the risk log list of SEP, you will see that the threat name is a link, it will then forward you on the a more detailed info on the Symantec Website.


  • 5.  RE: Risk Types in SAV are more detailed than in SEP?

    Posted May 04, 2009 03:50 AM
    Thank you Paul.
    I get your point. I had checked it.
    The only problem is that we need to get the info manually and with a few hundred items this would be a very long night for us. Any other work arounds team?

    Many thanks.
     


  • 6.  RE: Risk Types in SAV are more detailed than in SEP?

    Posted May 04, 2009 04:11 AM
    Hi Nel, thanks for the feedback.

    On your post above;

    "Trojan horse is detected as just viral in SEPv11 but classified as viral in SAV10.X" - Is this a typo? on SAV10 it's Trojan Horse?


  • 7.  RE: Risk Types in SAV are more detailed than in SEP?

    Posted May 04, 2009 04:20 AM
    Sorry about that..
    It is a typo error..
    What i mean to say is that in SAV it is Trojan while in SEP it is just defined as Viral... any thoughts about this paul?

    thanks.


  • 8.  RE: Risk Types in SAV are more detailed than in SEP?

    Posted May 04, 2009 04:31 AM
    Are you using the latest version of SEP. Latest version of SEP is MR4 MP1a.

    On what column when you export the log? I tried running a risk log on the console, cant see the type on log, but you can view it on the Detail button.


  • 9.  RE: Risk Types in SAV are more detailed than in SEP?

    Posted May 04, 2009 04:52 AM
    @Paul Mapacpac: We are already using MR4 MP1a... 11.0.4014..
    with regards to your other inquiry, the virus type would only be seen if you click the details... we are doing that manuallly since in SEP no virus type is included in the exported logs.
    The problem is that the details on virus type is different from that of SAV10.1...



  • 10.  RE: Risk Types in SAV are more detailed than in SEP?

    Posted May 04, 2009 05:10 AM
    Can you double check on the type, in some instances on the Symantec Website, the type of the virus is like this.

    Type: Trojan, Virus.


  • 11.  RE: Risk Types in SAV are more detailed than in SEP?

    Posted May 04, 2009 05:41 AM
    already did.
    actually we keep a file where all virus names are tagged with its virus type since SAV 10.1...
    that is why we could differentiate it.