Endpoint Protection

 View Only
  • 1.  Top Sources of Attack Report in SEPM

    Posted Jan 08, 2010 03:45 PM
    Is there a way to get more info on this report other than just the machine name? I would like to see what it's infected with and how / what it's doing that it's considered an attack.


  • 2.  RE: Top Sources of Attack Report in SEPM
    Best Answer

    Posted Jan 08, 2010 03:52 PM
    You might need to drill down the NTP ( firewall + IPS ) logs to find out what type of attack these machines launched

    http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2009081410460448