Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.

Report: TruScan Proactive Threat Protection Definitions

Created: 07 Aug 2009 • Updated: 14 Jun 2010 | 9 comments
fmav_admin's picture
28 Agree
0 Disagree
+28 28 Votes
Login to vote
Status: On Roadmap

As it currently stands, I see no way of determining the PTP definition dates of my clients, aside from right-clicking each client and checking the properties. The information is obviously there (Current TruScan Definitions) but there are no reports or logs that return this info.

I would like to be able to search for all clients with TruScan defs older than X, and get some sort of list or report back.

Perhaps this truly IS possible, and someone out there knows of a way to do it.

Comments 9 CommentsJump to latest comment

peterc's picture

Consistency is lacking here.
TruScan Definitions should be under the Virus Definition Distribution section on the Home tab, also under the Security Status section, and available when searching the computer status logs.

+3
Login to vote
AravindKM's picture

I think it is better to get an option in logs to create a report which will tell us what is the PTP definitions present in each client. So that we can export it to some file and we can sort how we require.

Please don't forget to mark your thread solved with whatever answer helped you : ) Thanks & Regards Aravind

+1
Login to vote
bfordz's picture

Now that's what I'm here looking for, I couldn't be the ONLY one that wants that information.
I totally agree with fmav_admin, peterc AND AravindKM, we need that capability in BOTH places.

I'm currently having issues with PTP updating, I'd like to see how many are up to date and how many aren't just like the AV/AS does but I'd also like to generate a report so I know exactly which ones I need to deal with.

It's WAY too time consuming to right-click each client to find that information BUT that's what I did today.

Gee, I can see graphs about all my clients software OS's, processors, memory, etc ... CAN'T see which ones PTP aren't up to date.

+1
Login to vote
James Lawson's picture

Having a view in the client view to show all the definitions date would be helpful.  Right now the only definitions shown on the Protection Technology is the Anti-virus definitions - Have a view showing all the different definition date on 1 view would be great

+2
Login to vote
STF's picture

I agree this is definetly needed. Right now we have no way of telling if the Truscan defs are out of date.

+2
Login to vote
fmav_admin's picture

So, it seems like nothing came out of this, unless I'm mistaken.

We need the ability to find out what TruScan defs our clients are running. Manually clicking on each and every client is not an acceptable way to find out who has out-of-date defs.

How many people need to request (or "Agree" with) this before something changes?

+1
Login to vote
TFS-Keith's picture

I agree completely.  We not only need this information, but we also need to see which clients do NOT have TruScan installed/configured.  In the event that a server package (that is configured without TruScan cause it doesn't support it) is inadvertly deployed to a desktop, we need a way to see that it is out of date or has no date or has no engine, or something.

Not quite sure what 'Amber' is, but if they're not going to be protecting the Endpoint as well as they have been, then this may not be a product we'll want to use.

0
Login to vote
JimW's picture

Well. For Amber we are removing the need for these "definitions" so they need will no longer be the future. The idea behind the TruScan definitions is for keeping FP's low not for detection of malware.

Jim Waggoner Director Product Management, Symantec Endpoint Protection, Enterprise Security Group, Symantec

0
Login to vote
fmav_admin's picture

I am aware that the "definitions" are not directly related to malware detection, but that doesn't translate to management very well. They see a big red "X" or an outdated definition and want the "problem" taken care of. While I don't completely agree with them, they are partially correct in that a client that is having trouble downloading a new TruScan def (whitelist or not) generally has a greater underlying problem.

Being able to search for out of date definitions of ALL types would make everything easier. If you are completely ditching TruScan definitions in the next release, than that is fine.

0
Login to vote