Video Screencast Help

SSIM and SEP

Created: 23 Jul 2013 | 1 comment

Hello

I want to know which computers in my network didn't upload SEP updates. In my network I use SEP for antivirus protection

I have got two collectors for SEP but I didn't understand which of them better in this case

Or, may be, I can solve this problem in another way?

Operating Systems:

Comments 1 CommentJump to latest comment

Shahnawaz K's picture

Yes you are correct, there are 2 collectors available for the SEP product viz SEP Event Collector and SEP State Event Collector.

SEP Event Collector provides you the information related to the infection that was captured is 

 

Corrected
Partially Corrected
UnCorrected
Infected
Blocked
Delayed
Deleted
Quarantined
Unknown
 
Where as , SEP State Event Collector provides you the information like
 
SEP AV Engine Status Check
SEP Firewall Status Check
SEP Host Integrity Status Check - Enabled?
SEP Infection Status Check
SEP License Expiry Status Check
SEP Tamper Protection Status Check
 
Data Scan Start
Data Scan End
Data Scan Cancel
Generic Content
Compliance Conclusion
Baseline Audit
 
Free Memory Available
 
RtvScan Running Status UNKNOWN
RtvScan Running Status is OFF
RtvScan Running Status is ON
 
Based on the difference between both you can choose the one suits your requirement.
 
For more information you can doenload the collector files and refer the SEC files which comes along with the package which gives a brief description of the collector.