Endpoint Protection

Is there a work around for this?? Or is there a way to change the file format?

I would really appreciate any help or advice on this subject.

Thanks.

Nothing I've found.
OWA (Outlook Web Access) also blocks the MHT attachments as being unsafe, so I can't even view the reports from a hotel, etc...........
I hope I'm wrong and there is a way to change the file format, or get a report with the same info DIRECTLY in the email message body.
That's what I'd really prefer............

Have you seen this? http://support.microsoft.com/kb/555001 

Please keep in mind that the central ITE office handles Exchange. In fact, agencies are moving that way VERY quickly as the cost of operating your own Exchange is prohibitive with licensing, FTEs to deal with it, etc.

And even if I COULD change it, I would not - that's a universal setting, meaning that if I could open it up for me, it would open for ALL. No way I'd open it up for all OWA users.
(That's an all or none setting.) 

Asking them to change their dozen or so Exchange server registries is, well, LOL - won't say.

But doesn't matter - we have no control over it. It's not their issue - they are following best practices and security standards, it's SEP for not being configurable or for sticking with MS standards rather than open standards that all can use.
Not everyone even uses IE as a browser.............

No, the ideal solution IMO - don't treat it (the report) as an attachment - make it part of the message body like Intel did with SAV's alerting. SAV CE - that's Intel software. Symantec bought it and added their engine. But the management was Intel, the alerting was Intel.
I like SEP well enough, but for alerting, Intel (SAV) wins hands down with their verbose email alerts.

I wish the "single risk event" notification contained the path and file name as the MHT attachment for the "new risk found" notification.  Hopefully Symantec can add this in the future.

As for the original poster, for the iPhone, there's QuickOffice Files (not free) please note that I do not endorse the following software and am simply providing a solution to opening MHT files, please research if it meets your needs: http://www.quickoffice.com/quickoffice_files_iphone/ 

I haven't seen anything for the Blackberry.

Like I had similar apps on my HP PDA years ago......... good call.
Looks like there are options.
Yes, if there was more verbose info in the body like there used to be, even the file name and path, that would be GREAT.
I gotta agree with it all! ;-)

Hi Graphic3001,

Just a quick note, you may want to post this in the mobile security area.  Although the SEP area is the largest forum area on the Security community.  Rick and ShadowsPapa are very knowledgable, hence their reply.  However, by posting in the other area, you may get someone to reply that may have experienced the same issue.
https://www-secure.symantec.com/connect/security/forums/mobile-security

Best,

Eric

Hi Graphic, did you try opening the mht file using the BlackBerry Browser or Opera?

We are looking into changing the format due to both inability to read the files on mobile devices and the fact that newer mail servers tend to block them.

At this moment in time there is no way to change them though, we are also looking at adding more information to the alert emails

That is good news I have been battleing  the need for more information in the emails since SAV 10.    Makes it hard when your traveling to know what is going on and how big a problem you have.   We have a utility that we currently use that will convert some pdf and such to text that I can forward it to and then it gives me back a very crude version of the report back.

out of interest, so we can get this right (before allowing users to choose what they want)

what are the fields you would want to see in the email alert?

I heard that this might be updated soon. Will this be going out in the new release in April/May? Also can we maybe expect this is SEP 12 Small Business? Also wondering why Symantec can't release a phone app of sorts that will allow people to read the .mht files? I have to imagine this wouldn't be too hard and would keep people happy until you guys start sending the email alerts out in .txt format. Just a thought

I would like to at a minum see what the threat is, type of scan, machine, and what actions where taken.  This would give me the info I needed when I am remote to know what is going on and know who do dispatch to look at it closer.

Paul - the same things we got in AMS2.
IMO, It's really that simple.
There are reasons we need this in the trenches.
I can tell you if I have the following - WHAT sort of bug it was, and most important, HOW it arrived, such as email, network based worm, or from the web. Once I know the info below, I can devise a plan to stop it, or to determine how it got in and how much of a risk it is.
I've been relying on AMS2-type info in email alerts since 1999 - since SAV CE 7.00 literally.  I could tell from home if I needed to get in to work or not, and I could alert upper management as to what was happening and how much of a concern it was thanks to the info provided. Quite simply, the SEP alerting is a huge step backwards from AMS2.

What we need - if in doubt, echo what AMS2 used to send us in emails:
* Computer name - from the computer name, I can tell WHERE the computer is - even remote into it, or backdoor into the registry, management or the C$ share.
** File name. (this is critical - I can tell a lot from this)
** Full file path (this is critical - I can tell HOW it got in and what sort of a bug it is from this!)
** Logged on user (or most recent logged on user - in case I need to contact someone)

So basically, go back to AMS2 info and even expand upon it.
Others may have other needs, more or less.

I agree.  The same type of AMS info would be great.  And I have the same issue of not being able to open the mht files on my blabkberry.  It's very frustrating!!!!

I guess all of the available info needed, and then we will have option to disable it or not.

I'd bet that not too many folks complained that AMS2 gave them TOO much information! If they don't want the info, don't turn on email alerting...................... or do like AMS2 did, only put in the fields you want.
In this field/profession, there's no such thing as TMI -  "too much information" LOL

I was wondering if any progress has been made on this?

I know I could really use the ability to be able to actually read my alerts.

Hi ipaine,

I haven't heard or found anything that will enable mht file viewing on Blackberries.  I'm hoping the next release will add the support, but I don't know for sure.

Anyone tried to open MHT files on a Blackberry using a different browsers like Opera or similar ?

Paolo

Well this idea has been submitted in our ideas section. You can track it's development there to get a better idea of when it will be available. Don't forget to give it a positive vote, because the number of votes correlates to how visible/how fast it will be picked up. Here are a couple links:

https://www-secure.symantec.com/connect/idea/sepm-scheduled-reports-file-format
https://www-secure.symantec.com/connect/idea/report-mails-html-based-mails-instead-attachements

Cheers
Grant

I added my input into that idea.
What's wrong with how SAV's alerting worked? I already have my email app open, it can understand HTML, so why force me to click again and open yet ANOTHER app - put it in the email body, don't force me to open another application, please. I'm already viewing the email............just stick it in the body. Besides, then it's much easier to find an earlier alert to refer to! I sort them into folders in Outlook.......

This is a huge problem.  Is Symantec going to fix this anytime soon.  We are changing to McAfee for HBSS/HIPS maybe we need to change our anti-virus over to mcafee as well.