quarantine server running with the later versions of IE need to have this change:
Under the properties of your quarantine server (highlight it and right-click) you need to go to the web communication tab and UNcheck secure submission and secure download.
Then it will function.
Yes, in the configuration - go to the antivirus policy, edit it, choose the submissions menu button on the left from that list of options, then you can configure from there to let it submit quarantined samples. If it doesn't quarantine something, you can manually quarantine it, and manually submit it - but it must be done from the workstation. (tell a social worker who already hates computers that's what they must do.........)
SEP submitting from the client appears to do nothing at all. at least I never get any email or feedback, the client never knows if it went ot worked. Never get any info back, no feedback, nothing as to what it was, defs needed, etc. - it's pretty worthless to the customer - PLUS, our users are not computer people so don't even think you are going to have THEM submit a sample. They think pushing the button on the monitor shuts off their computer for the night.......... and changing from plain paper to letterhead requires a page of explanation. So it's really pretty lame to figure the users or clients are going to submit.
Even for ME, using that process is a hassle.
What I have to end up doing is to have the client SEP submit to the quarantine server, then I use the q-server, restore the sample to the local server drive and manually submit it via web. Otherwise, you are simple sending them file and get no feedback at all - and why bother if you arne't going to get info about what you submitted, what it is, how it works, and what defs will catch it or clean it?
----------editorial content below--------------------------------
This:
>>The symantec line is that it shouldn't be used in an environment of less that 10,000 machines,<<
Is the biggest line of BS I've seen come out of support, sorry and no offense, but whoever says that is clueless and has obviously never WORKED on the real world where we have to support many computers - just ONE person has to support hundreds of computers and deal with viruses on a DAILY basis. Their numbers are way off. It's useful and needed for only 300 computers.
Guys we are in the trenches and need automation and most of all, INFORMATION. Information is how we learn what's there and how we prepare our defenses - plus, it's what the boss wants to know!
-----------------------------------------------------------------
(and yes those watching over my shoulders now - I'm not going to drop this - not until someone in the company gets a clue as to what we have to do in the real world, not just in a lab)
We are short-staffed and in the U.S. economy, it's not getting better. IT is seen as a necessary evil, so management wants as few of us around as possible anyway. We have to support hundreds of computers at times with just 1 or 2 IT staff. We must automate and centralize management where we can, however we can, using whatever is available. We need an updated quarantine server, not to see it killed off.