Message Image

Skip main navigation (Press Enter).

Symantec Developer Group

View Only

Back to discussions

Expand all | Collapse all

SEP scanning process

Migration UserJan 18, 2018 10:29 PM

Hi there, One of my customer now is planning to upgrade to SEP 14.1. As our SEP 14.1 is very ...

ℬrίαηJan 19, 2018 06:24 AM

This is the best document I've seen Symantec provide: http://www.symantec.com/docs/HOWTO101774 ...

1. SEP scanning process

0 Recommend
Migration User
Posted Jan 18, 2018 10:29 PM

Reply Reply Privately
Hi there,

One of my customer now is planning to upgrade to SEP 14.1. As our SEP 14.1 is very powerful and bundled with quite a number of good features, ie File Reputation Lookup, Advanced Machine Learning, Memory Exploit Mitigation, Emulator, Application Control, Emulator, etc.... The customer would like to ask below quesitons:

Question 1 - What is the scan sequence when a client starts downloading a file from Internet or copy a file from USB thumb drive? Which feature will kick start first?

Question 2 - What is the scan sequence when a client starts open a file? Which feature will kick start first?

Question 3 - Will it be a chance that the SEP endpoint cannot communicate with SEPM and then skip some scanning process? If yes, may I ask is there any report or log showing such information?

thanks a lot

David
2. RE: SEP scanning process

0 Recommend
ℬrίαη
Posted Jan 19, 2018 06:24 AM

Reply Reply Privately
This is the best document I've seen Symantec provide:

http://www.symantec.com/docs/HOWTO101774

The client doesn't rely on SEPM communication for scanning. It needs to talk to it for updates, grabbing policy changes, and uploading logs. If communication were to drop, it should still function as expected.

Copyright 2019. All rights reserved.

Powered by Higher Logic