the unmanaged detector works on a local network and looks at ARP traffic on that subnet to determine whether or not a client is running SEP. If its not running SEP, we report it back to the SEPM and it will appear in the security report (you can also configure notifications for this). Two things to bear in mind:1. This works on a per subnet basis - you need a detector in each subnet your company has to guarantee coverage2. This won't detect clients that have SEP installed but are not managed by your SEPM (either "unmanaged" SEP clients or other companies SEP clients because we look to see if SEP is *installed* There are things we can potentially do in the future, depending on how the feature evolves and what customers request.hth, if you need any more information please ask - I will double check the docs and if this truly isn't present I'll raise a defect for the documentation to be updated.
Principal Product Manager, Symantec Endpoint Protection
Endpoint twitter feed: http://twitter.com/symc_endpoint
Thank you for the clarification.
I cant find the report that shows me the clients which not is updated to SEP... Right now I am only testing it on 10 machines - the rest of our 500 boxes is still on SAV 10.x.... Should the "detector" report on this ?
What do you exactly need to configure for this to work ? I have only enabled the feature on some clients (on diffrent subnets) - do I need to configure anything else ?
I don't know if there is a report (couldn't find it), but found that after I added an unmanaged detector, SEPM automatically created a notification for me for unmanaged computers. I found an old post that shows how to enable that notification:
Open and login to the SEPM
Click Notification Conditions
Select Unmanaged computers
It could be nice if it was possible to exclude some MAC addresses from the Unmanage detector, to excluse all Routers and Switches from being scanned and being noticed about.
You can do this! Click on Clients, find your unmanaged detector, click on it, then in tasks, click on configure unmanaged detector, click add, then you can exclude by IP address range or MAC address.
Thanks Rick - But I still dont get any information....
Could someone explain more tehcnical how this Unmanaged Detector is working ?
Is the whole package of the SEP client needed for the feature to work ?
Also I would really like a feature where you could enable, if it detects an unmanged computer it should force install a managed SEP client on the computer ofc only those that are inside the right OU container in Active directory.
This is EXACTLY what I want too.
Glitch: Have you found any good way to deploy SEP clients to your computers?