Messaging Gateway

 View Only

  • 1.  Bloodhound heuristics Level tuning

    Posted Nov 06, 2016 04:56 AM

    Hi,

    As per what Symantec official arcticles and admin guide says.

    Bloodhound heuristics involve a trade-off between higher virus-detection rates and the speed with which Symantec Brightmail Gateway processes mail. Lower heuristic levels may miss more viruses but require less processing power. Higher heuristic levels may catch more viruses but consume more processing power.

    What is the risk of trying to change the level from meduim to high?

    If it is only about CPU/Memory +  some additional latency seconds that's fine since we are only using about 10% of CPU.

    Does any one have an experience of changing that level from default (meduim) to high?

    Is there any risk of getting higher level of false positives ?

     

    Please share thoughts

     

     



  • 2.  RE: Bloodhound heuristics Level tuning

    Posted Nov 10, 2016 09:58 AM

    Hi,

    We use medium too, havent tried high. So cant say if there's high potential of false positives.

    But i experienced the best result using rapid release.

    Regards

    Thomas



  • 3.  RE: Bloodhound heuristics Level tuning

    Posted Nov 23, 2016 04:28 AM

    Thanks Thomas, Anyone from Symantec Team to confirm?

    it's really disappointing that none from Symantec team is active here..



  • 4.  RE: Bloodhound heuristics Level tuning
    Best Answer

    Broadcom Employee
    Posted Dec 09, 2016 03:21 PM

    Rapid Release is the best way to catch the most malware since we release those definitions multiple times per day as we see new threats emerging.