Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Symantec Reporting and Notifications

Created: 16 Jan 2013 | 3 comments

Good Afternoon Everyone,

I am new to this software and needing some insite on how everything will work. The software seems to be good at what it is supposed to be. I am a new hire at a fairly large company and hired as a Technical Security Analyst. I have a few questions if someone is able to help out on that would be great.

1- For out-of-date virus definitions, is there a way to only see those connected directly to our domain?

           The reason for this question is most of the end users are in sales. They will hop on the VPN to get files, etc and hop off. I am not needing to capure this information right now. Also, we have a corporate office, plant, and warehouse. Could these also be split in the reporting?

2-What are some of the best reports and notifications to setup with this software?

           I have set up a daily risk report to show me risk that have been detected, quaranteened, active, and deleted. I have also set up a notification for the same critiria for cat3 or above for risk. I have a weekly network compliance report and a weekly out-of-date definition report(which i hope to be able to cut out sales that vpn in)

 

I want to thank for anyones reply in advance. Hopefully be seeing you around here more offten responding once I get a hang of everything!

 

Comments 3 CommentsJump to latest comment

.Brian's picture

1- For out-of-date virus definitions, is there a way to only see those connected directly to our domain?

Yes, you can split them out by the clients in different groups, ex. VPN group, Corporate Group, etc and than when you create reports, you just add the group name under the advanced settings

2-What are some of the best reports and notifications to setup with this software?

On the Monitors page, Select the Notifications tab and click Notification Conditions

From here you can add different notifications to be sent to you. I would add alerts for out of date defs, risk outbreak alert, single risk alert, NTP events, etc. It's up to you what you want to add but have a look.

This article can also help to give you an idea:

About the different types of Symantec Endpoint Protection Manager Reports

Article:TECH95538  |  Created: 2009-01-14  |  Updated: 2009-01-14  |  Article URL http://www.symantec.com/docs/TECH95538

 

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

SebastianZ's picture

Here some more information about the different types of available preconfigured notifications in SEP:

http://www.symantec.com/docs/HOWTO55128

...and documentation how to manage them:

http://www.symantec.com/docs/HOWTO55083

kbucksot's picture

Thank you both for the information you have shared. Will get this going.

Technical Security Analyst