Endpoint Protection

 View Only

  • 1.  SEPM and Oracle exceptions

    Posted Apr 16, 2009 10:35 PM
    G'day,

    one of our department heads has requested that we place a centralised exception in SEPM for his Oracle database server, specifically this path: d:\oracle\product\10.2.0. He states that his clients are experiencing slow responses since SEPM was installed.
    I've done a bit of searching on the net and so far haven't come up with many reasons not to do this. Does anyone know of any Oracle vulnerabilities that we may be open to if this goes ahead?
    Thanks in advance,
    SpaceChimp.



  • 2.  RE: SEPM and Oracle exceptions

    Posted Apr 16, 2009 11:15 PM

    hi,

    SAV/SEP does not scan Database. For this you must have different product from Symantec.

    Further, you can exclude the DB files of Oracle.

    Rgrds,
    SAM



  • 3.  RE: SEPM and Oracle exceptions

    Posted May 18, 2009 03:12 PM
    You mentioned that the clients are experiencing slow responses since SEPM was installed. SEPM does not have a scanning functionality.
    You will need to have a SEP client to have scans on the server.

    I agree with SAM. You can create centralized exceptions on the server for the Oracle DB files.

    Also, on a server OS, you should install only AV/AS part of a SEP client.

    Cheers,
    Aniket



  • 4.  RE: SEPM and Oracle exceptions

    Posted May 18, 2009 08:02 PM

    How about modyfing the File System Auto-Protect to only scan specific file extensions, make sure that the Firewall and IPS policies have everything you'd need. And tell us how it went. :)



  • 5.  RE: SEPM and Oracle exceptions

    Posted May 18, 2009 11:43 PM
    Can we capture task manager when the user is accessing the DB?