Symantec Protection Center Product Community

 View Only

  • 1.  Additional Workflows in SPC

    Posted Mar 05, 2012 05:03 PM

    What Workflow processes could you find useful in SPC? Currently, SPC has 4 Workflows for SEP, and 2 Workflows that monitor the Zero Day Vulnerability Monitor and National Threat Level. The Workflow team is brainstorming and actively gathering process ideas! Please submit any processes you see beneficial to your company.



  • 2.  RE: Additional Workflows in SPC

    Posted Mar 07, 2012 03:10 AM

    We have just started to look at the SPC 2.1 to see if we can use it in our environment.

    About the Workflows I dont really understand what workflow shall be visible in SPC because it differs between the documentation and the reallity.

    In our installed SPC 2.1 I can only see the follwing:

    NationalThreatLevelMonitor
    Update Virus Definitions And Scan Endpoint
    Update Virus Defenitions On Endpoint
    ZeroDayVulnerabilityMonitor

    If I understand corect the two in the middle belongs to SEP.

    In the documents likeymantec Endpoint Protection and Symantec Protection Center Integration Guide 

    Symantec Endpoint Protection and Symantec Protection Center Integration Guide there are two more workflows like Move Endpoint and Quarantine Endpoint.

    This two would be helpful I think but I cant find anywhere how to enable this.
    Do I need the SNAC installed in SEP to enable this?

    // LGL



  • 3.  RE: Additional Workflows in SPC
    Best Answer

    Broadcom Employee
    Posted Apr 19, 2012 12:04 AM

    Greeting LGL,

    I would recommend that you give support a call, or send me a private PM so that we can work on this.

    I have tried modifying my permissions on multiple accounts and I am unable to make the listed Workflows I have disappear.

    Also, as a point of fact, the items that you are referring to are the setup options for the workflows. These tell the system where to send the reports, as well as how to handle other event data.

    When you are using the workflows you would be viewing the reports in Protection Center (Endpoint Summary > Endpoint List > Specific Endpoint would get you there (or go directly to Specific Endpoint after you select the report and input an Endpoint name).

    On the Specific Endpoint report you have the option for the following:

    Quarantine using SEP
    Update definitions
    Move to a different SEP Group
    Update definitions and scan

    Please use this area to give suggestions about workflows you would like to see.

    For General questions about SPC, please use the Symantec Protection Center 2 forum at:
    https://www-secure.symantec.com/connect/security/forums/symantec-protection-center-spc

    The SPC 2 forum is monitored by our Support Staff and you will receive excellent information there.

    We have a special forum for Developers available at:

    https://www-secure.symantec.com/connect/ogdeveloper/symantec-protection-center-spc 
    (Sign-up and Approval required)

    Thank you!