Symantec EndPoint Management - Enquiries on performance and reliability
Hi There,
I have few major enquiries on the SEPM and the Endpoint Client Security. Please find below :-
1)I just wonder why my network environment becomes slower upon the implementation of Endpoint Client Security to all my desktops in my environment.I frequently noticed a notifications stating an internal and external IP try to attack (Anyway It was denied by Symantec Protection) and when checked in the Logs section, there are lot of attacks in a seconds or two.
2)This is a major setback that i have encountered with Symantec Protection, in such cases whereby a pc was infected with particular virus (mostly are worms and trojan) and was scanned with Symantec unable to detedct & clean but i have tested scanned with another Anti-Virus party able to detect and cleaned it permanently.Why this is happening?
3)SEPM do have full comprenhensive report on the SEPM interface such 'Home' and 'Reports', whereby giving the notifications pc's that effected with graph's and figures but the end of the day, SEPM giving a partially information of a host trying to attack and spread malicious code.
Please assist me on this please, as I have contacted the Helpdesk of Symantec Endpoint on this matter but it was not resolved.
Thanking in advance,
mk
Comments
1.Can you tell us about your setup.How many sites,approx. no. of clients in a site ,how the clients are designed to get the updates,version of SEP?
2.
Scanning a file with a competitor's antivirus program detects a virus, but scanning with Symantec AntiVirus or Symantec Endpoint Protection does not
3.1) Log in to the SEPM
2) Click on Monitors
3) Click on the Logs tab.
4) Select Log type as “Risk”
5) Click on “View Logs” button to generate log entries.
6) Click on the “Export” option and export the “Risk_reports.txt” to the computer.
7) Rename the “.txt” file extension to “.CSV”
8) Open the file with Microsoft Excel.
For this you should enable risk tracer.
Refer this article
Worms and threats that spread across networks by network shares have become more common in recent years.--Like Downadup/Conficker
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
Hi,
Thanks for the prompt action, please find below :-
1) Can you tell us about your setup.How many sites,approx. no. of clients in a site ,how the clients are designed to get the updates,version of SEP?
- Managing one site only at the moment
- Clients are more than 300
- I have configured the definitions updates in SEPM server to push the definition using PROXY server.Definitions are updating accordingly.
- I'm currently using 11.0.6000.550
2) I have just checked the settings let monitor the following outcome.
Thanking in advance,
mk
You are speaking about your LAN network problem(slowness)?or Internet?
Also have a look at this KB
Using SEP 11's Network Activity Tool to Identify Suspicious Processes
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
Hi,
I'm looking at my LAN issues.Its something strange, example remoting to client desktops, connecting and fileserver and grabbing data.Regarding about the tool, the particular page unable to load.Any other link please?
Thanks,
mk
i am also not able to access that KB now.I am also tried may other KBs and non of them able to access.SO I believe some problem in the symantec end....
Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind
Its ok buddy let me try again later....thanks man....
Updating of client
hi,
can you tell how SEPM is able to update client directly.
thanks in advance
Would you like to reply?
Login or Register to post your comment.