How about a Symantec Incident Center for real time incident monitoring?
In line with the Symantec Protection Center, is it possible to some sort of "Symantec Incident Center" that monitors incidents detected by Symantec software, in real-time (or near real-time), and shown in numbers and/or graphs.
It should combine incidents from various sources, such as Symantec Messaging Gateway, Symantec Endpoint Protection, Symantec Mail Security for Microsoft Exchange or Data Loss Prevention.
NOTE: this is not a request for combined reports, but for actual real-time data.
SNMP has its limitations for e.g. SMG. Syslog has yet other limitations.
E.g. Numbers for 'Messages processed' should be shown with verdicts for:
o Bad reputation
o Virus
o Content violations
o Spam
The idea is to have a customized 'Managed Security Services', specific to a company and built with data modules delivered by Symantec Security Software.
Comments
... suggestion sounds to be a
... suggestion sounds to be a strategical one. If Symantec customers are asked by their corresponding management to deliver the data, time to delivery may get shortened by providing the data by SNMP, Syslog, or even allowing to access the control-center database where these numbers are found.
I think a tiny version of
I think a tiny version of Realtime monitoring is already available as 'ThreatCon'. Check out this website http://www.symantec.com/business/security_response/index.jsp and it should show you a 'Threat Level' indicator depending upon the spread and sabotage of malware on the various networks.
Would you like to reply?
Login or Register to post your comment.