Hi Query,

  Downadup use microsoft vulnerability & also uses admin $ share to attack.. Web security might not help much but  waht you need is the update the microsoft patches & updated antivirus.

Note :  even if you have every thing updated on your machine & still getting the POP of the Downadup  then this means that there is dome other machine which is effected & that is attacking your machine. 

So you mean to say downadup cannot detect by Symantec web security, All I want is , before the downadup enter to our network it will filter the downadup, so it will not propagate into our internal network is Symantec have a solution like this? if you say that  downadup is came from a share file yes it possible but why the downadup is detected from temporary internet files. any suggestion to block the downadup from the firewall level. the number of downadup detected on our network is morethan hundred thousand eventhough SEP can detect it but cannot block it

Symantec Web Security protects an organization’s HTTP/FTP

gateway against viruses and other threats to promote

secure, productive Internet access. Using scalable,

integrated antivirus and content filtering technologies that

Symantec develops and supports, Symantec Web Security

simultaneously scans for both viruses and inappropriate

Web content.

Secures Web traffic with high-performance, integrated

virus scanning and content filtering of HTTP and FTP

traffic at the gateway

So this will detect the Downadup at the gateway level..

Symantec NAC can check if  MS08-067 patch is installed or not, plus check if SEP or other antivirus product is installed or not . Based on this you can stop infected and non-compliant machines from connecting to your network.

HI vikram so it means symantec web security can detect the downadup, since the web secrurity product is end of life what is the alternative or recommended solution in the proxy level?

any updates

Symantec Antivirus for Gateway applicance