Endpoint Protection

 View Only
  • 1.  Symantec doesnt detect virus

    Posted May 10, 2016 08:35 PM

    Hi,

    We have an issue with regards to virus detection. One of the employees received a virus attachment from email. However, Symantec didnt detect this and some viruses can be detected by symantec when we open such attachment.

    Is there any way that symantec can detect the virus even if the user doesnt open the attachment or a file downloaded from the internet? Or symantec can only detect viruses if the user open such files? I have doubt in symantec because it cannot detect all the viruses so if the behavior of this AV can only detect opened files, there's a possibility that a virus will infect our network if a user open a virus and Symantec cant detect this.



  • 2.  RE: Symantec doesnt detect virus

    Posted May 10, 2016 08:38 PM

    It's possible it didn't have a signature to detect it, submit the sample here:

    https://www.symantec.com/security_response/submitsamples.jsp

    You should also be filtering these types of attachments at your mail gateway. SEP will only detect the malicious attachment once opened, unless you have SEP's email scanning component enabled.

    You can create an application control policy to stop execution of certain file names as well.



  • 3.  RE: Symantec doesnt detect virus

    Posted May 10, 2016 08:40 PM

    Is there any way to change how symantec detect such viruses? Is symantec can detect virus even if the user didnt open the file?



  • 4.  RE: Symantec doesnt detect virus

    Posted May 10, 2016 08:51 PM

    Enabling SEP's email protection will help:

    About SEP Auto-Protect and email scanning

    Also, make sure you run SONAR, IPS, firewall, and Download Insight. These add additional layers of protection. With traditional antivirus, these types of malware are hard to catch because they change so frequently.



  • 5.  RE: Symantec doesnt detect virus

    Posted May 10, 2016 08:55 PM

    Thanks for the info but my question is there any other way to change the behavior of how symantec viruses? Because in our case, this AV can only detect a file with virus IF and ONLY IF the user open such files. This is not about how the user get the virus, the issue is how symantec detect viruses. Or Symantec can olny detect virus if we open a infected file?



  • 6.  RE: Symantec doesnt detect virus

    Posted May 10, 2016 09:02 PM

    As I've mentioned. Look at enabling SEPs email scanning auto-protect feature. It will scan messages coming into email.