Hi!
We're new to symantec. Given that we have shared management of our symantec settings and I'm working to find the right balance on spam filtering, I was curious if:
Does anyone know how symantec's anti-virus scanner works?
Is it unpacking and running them? Scanning them against a database?
What engine it's using? We're coming over from an on-prem Trustwave SEG, where (ironically) we were using the available Sophos AV engine to scan attachments.
I have been watching many anitivirus videos to know more about it. With symantec being added to Sophos, some of the information out there is kinda separated and difficult to split. Other info seems simply nonexistent. Currently, our MSP has set most attachments to get quarantined, but we deal A LOT with those with our customers, and I'm trying to figure it how much faith I can place in Reflexion's AV scanning in order to possibly pass more of those (non-executable) office-type attachments to users' inboxes.
Thank you.