Video Screencast Help

Alerts for Disabled Endpoint Components

Created: 07 May 2012 | 3 comments
6 Agree
0 Disagree
+6 6 Votes
Login to vote


We can define number of occurences for virus outbreaks to get the notify from SEPM If found any attack.

If possible to get notification or alert from SEPM for number of endpoint where there components (Autoprotect, Tamper Protection, Scan Engine and other) are disabled by any reasons.

The alerts will help us to take immediate action on those systems to prevent virus or any attacks.




Comments 3 CommentsJump to latest comment

Tibo's picture

I agree.

There should be a possibility to create a notification to send a mail with a list of clients that have some components disabled (AV, PTP, Firewall, Download insight, NTP etc...)

There is currently a report that shows this but there is no possibility to have a notification sent by mail currently. This functionality should exist by default.



Login to vote
Scott4122's picture

I am completely dumbfounded that Symantec offers a security application that is lax in security.  In my scenario, I have a 3rd party vendor that services a few of my P.O.S. devices with SEP enabled.  The vendor  knows that they are the reason why I have SEP installed, and I recently found out that they are circumventing the SEP application so they can connect USB storage drives to my computers to deliver updates and fixes.

How did this slip through Symantec's fingers??????  On what world does Symantec think that its customers do not need an immediate alert anytime the service has been stopped?

I do not care about those instances where Symantec was stopped because the user turned off their computer for the day.  I care baout those users that are unknowingly spreading malware and viruses because they want to connect a USB memory stick and print a photo on the company color laser printer.

I mean what is the point of having the SEP application if people can disable it and SEPM not say anything?  Your entire customer base needs this fixed ASAP.

Login to vote
.Brian's picture

I agree with you but I'm curious to know why users are allowed to stop the SEP client?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Login to vote