Video Screencast Help

Symantec Endpoint Network Activity Tool

Created: 22 Jul 2010 • Updated: 09 Sep 2010 | 6 comments
sandeep_sali's picture
+5 5 Votes
Login to vote
Symantec single video player.

This video describes the utility and configuration of the Symantec Endpoint  Network Activity Tool. This tool is useful to monitor the network traffic activity.

Please Note:
This video is best viewed in full screen by selecting the square icon in the lower right corner of the video player

Comments 6 CommentsJump to latest comment

Zahid.Haseeb's picture

This will be good if the below snap screen shows DNS name of remote site with IP Address. because for example if four session is established with yahoo site we can understand that DNS name shows yahoo links but you cannot pick with the IPs that all IPs are of Yahoo Site.

With DNS name support we can find that all four session are with Yahoo site
.

Any comment will be appreciated. Mark as Solution if your query is resolved
__________________
Thanks in Advance
Zahid Haseeb

zahidhaseeb.wordpress.com

+2
Login to vote
Pramono's picture

Thank you very much Mr. Sandip & Mr. Zahid

0
Login to vote
Sumit G's picture

Thanks for sharing. It's very helpfull.

Regards

Sumit G.

0
Login to vote
Zahid.Haseeb's picture

Always Welcum and thanks for Motivation too. 

Any comment will be appreciated. Mark as Solution if your query is resolved
__________________
Thanks in Advance
Zahid Haseeb

zahidhaseeb.wordpress.com

0
Login to vote
JUSTICE's picture

I believe in this more than netstat - and of course the ability to identify and terminate C&C connections. Using Symantec Endpoint Protection's Network Activity Tool to Identify Suspicious Processes (Article: TECH92950)

Marcus Sebastian Payne
"So cyberspace is real. And so are the risks that come with it."
- President Barack Obama

0
Login to vote
JUSTICE's picture

But then again, SEP 12.1.5 and SEP 12.1.6 which are on the scene should have resolved any and all teefer.sys/Network Threat Protection (NTP) issues and problems because without NTP and the Firewall - this will NOT be a reality.

Symantec Endpoint Protection 12.1 Teefer driver version is not reflected in the driver file name or display name

(Article: TECH161111)(Check the version tab of the Teefer.sys file properties)

Configuring peer-to-peer authentication for Host Integrity enforcement (Article: HOWTO80751)

Using Symantec Endpoint Protection's Network Activity Tool to Identify Suspicious Processes (Article: TECH92950)

Symantec Endpoint Network Activity Tool

Slow Network Copy Caused by SEP Firewall (Most Recent)

SEP Network Threat Protection blocking network unexpectedly

Network Threat Protection blocks Traffic when PC is connected with WWAN Module to internet

Network Threat Protection: Slow network share

Network Threat Protection always slows down - true?

network threat protection and slowness

Teefer Removal Tool for SEP12.1

Differences in MR4 (“Teefer was removed from the list, since it could be disabled by admin users and was a security risk”)

Teefer2 Miniport ? (“The Teefer driver is responsible for capturing all network traffic entering or leaving a particular interface ( via the associated miniport driver), so that the packets may be passed to the personal firewall component of the SEP 11.0 client for analysis.”)

Teefer.PNG

Marcus Sebastian Payne
"So cyberspace is real. And so are the risks that come with it."
- President Barack Obama

0
Login to vote