Endpoint Protection

I am trying to set up a notification for viruses. It only appears that SEP will send notifications on a set time schedule. I created a Notification to send an email when a virus is detected and it will send one but if another virus is set off right away we will not get notification again until the damper timer resets. This is not very cool, if we are getting attacked we do not want to wait an hour to see who else is getting attacked. Is there a way to send an email as soon as a new virus is found on a client? 

We can create 3 notification  in this senario :

New risk detected
Risk outbreak
Single risk event

for the first 2 you can set the damper to Auto so that a notification is sent immediatley after a new risk is detected.

For Single risk event you can set up the time as per your convienenec , the minimum being 1 min

It doesn't seem to happen immediately no matter what.......... it always takes several minutes for me to see any alerts - so it seems the client doesn't instantly tell the server what's going on, then the server waits to send email.
I've seen it take nearly an hour in our case.
(I have damper set to auto now, still waits to send alerts)

I'd like to see the "damper" options properly explained, and not referring to what's in the documents either, please.

The minimum value for damper is 20 mins 

 
 The "Auto" value selects the most appropriate Damper value based on the Event type -  Risk events automatically have a Damper value of 20 minutes, while less urgent events may be set to 1 hour or more.

 

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008051211553348

 I created a new single risk event and set the damper to Auto as the other options were 20 min, 30 min, 1 hr, 1.5 hr etc.
I then put Eicar on my system and got the popup notification about 30 seconds later and got the email 3 minutes later.
I then put it on my system again and got the popup right away and still never got the email after an hour.

EDIT
I got the email exactly 1 hour after the first one, so it seems that Auto is one hour.
Still even the best is 20 minutes which is not very helpful if we get attacked by a virus and it is spreading accross the network

That's been my experience also.  Email notifications are delayed for both New Risk Event and Single Risk Event.  I hope Symantec changes this in the future.

Consider this a me, too, I guess. I see the same numbers, and I've tried several different configurations.

 As it stands now we are better off not upgrading, this combined with a few other small things. I would rather stay with 10.2

Possible future enhancement:
http://www.symantec.com/connect/idea/instant-virus-alert