Endpoint Protection

 View Only

  • 1.  SEP Report confussion

    Posted Dec 09, 2010 01:55 AM
      |   view attached

    Hi,

    Today I got my everyday report from SEP. Please check the zipped file.

    I am not clear clear about the threats mentioned in the report.

    Thanks in advance...



  • 2.  RE: SEP Report confussion

    Posted Dec 09, 2010 10:10 AM

    Hi akaki,

    I am not sure what you are asking here, the report you attached shows what the targets where and how many attacks. It doesn't list anything about what the threat was.

    Are you looking to find threat names?



  • 3.  RE: SEP Report confussion

    Posted Dec 09, 2010 11:02 AM

    I do not see anything wrong in the report..



  • 4.  RE: SEP Report confussion

    Posted Dec 09, 2010 11:46 AM

    This report shows the information that appears in all the Network Threat Protection quick reports in one place.

    Your report shows the Types of Attack and the group in which the client machine is present and other details.

    Could you please explain a bit more what exactly are you looking for.



  • 5.  RE: SEP Report confussion

    Posted Dec 10, 2010 02:20 AM

    Hi,

    Sorry that I failled to clear. I just want to know is any of my user's PC under attack/threat or still there any virus attcks/exist. If yes then what kind of virus & is that virus cleanned or not? In the report: there are some info like:

    Client: marketing & IP: 180.234.28.154(atacking host?)

    I don't have any IP like this (180.X.X.X). All of my local IP start from 192.168.1.XX.

    Also the circle become yellow - means the virus still in my network system? Becoz it should be white or no color.

    Finally what is mean by : Intrusion Prevention - Critical?

    If the report format need to change, then which format I should select to get my desired info?

    ~r



  • 6.  RE: SEP Report confussion
    Best Answer

    Posted Dec 10, 2010 01:50 PM

    If this IP 180.234.28.154 is not in your network that means that this attack if coming from outside the network. You may want to block this IP using the Firewall.

    Color coding is as per the number of items present in the report. As in this report only one item so Yellow and white is Zero.

    You may need to Run a full scan on computer name "marketing" with updated definitions.

    In Intrusion Prevention - Critical, Critical is the Seveirty and means that you need to give attention to this computer as I mentioned earlier run a scan on it.



  • 7.  RE: SEP Report confussion

    Posted Dec 13, 2010 12:19 AM

    Hi,

    Thanks very much to all. Today I've found the report without any attack. Seems that now no problem at all.

    I am closing this thread.