SlideShare a Scribd company logo

SYMANTEC ENDPOINT PROTECTION Advanced Monitoring and Reporting

Download as PPTX, PDF
Dsunte Wilson
Dsunte Wilson

Symantec Endpoint Protection collects information about the security events in your network. You can use log and reports to view these events, and you can use notifications to stay informed about the events as they occur.

Technology
1 of 30
MODULE 19: ADVANCED MONITORING AND REPORTING 1
MONITORING THE HOME AND MONITORS PAGE Symantec Endpoint Protection collects information about the security events in your network. You can use log and reports to view these events, and you can use notifications to stay informed about the events as they occur. You can use the reports and logs to determine the answers to the following kinds of questions: ■ Which computers are infected? ■ Which computers need scanning? ■ What risks were detected in the network? 2
MONITORING THE HOME AND MONITORS PAGE Logging on to reporting from a stand-alone Web browser You can access the Home, Monitors, and Reports page functions from a stand-alone Web browser that is connected to your management server. You can perform all the reporting functions from a stand-alone Web browser. However, all of the other console functions are not available when you use a stand-alone browser. 3
ANALYZING AND MANAGING LOGS You can generate a list of events to view from your logs that are based on a collection of filter settings that you select. Each log type and content type have a default filter configuration that you can use as-is or modify. You can also create and save new filter configurations. These new filters can be based on the default filter or on an existing filter that you created previously. If you save the filter configuration, you can generate the same log view at a later date without having to configure the settings each time. You can delete your customized filter configurations if you no longer need them. 4
ANALYZING AND MANAGING LOGS Because logs contain some information that is collected at intervals, you can refresh your log views. To configure the log refresh rate, display the log and select from the Auto-Refresh list box at the top right on that log's view. Reports and logs always display in the language that the management server was installed with. To display these when you use a remote Symantec Endpoint Protection Manager console or browser, you must have the appropriate font installed on the computer that you use. 5
ANALYZING AND MANAGING LOGS Logs contain records about client configuration changes, securityrelated activities, and errors. These records are called events. The logs display these events with any relevant additional information. Security-related activities include information about virus detections, computer status, and the traffic that enters or exits the client computer. Logs are an important method for tracking each client computer’s activity and its interaction with other computers and networks. 6
ANALYZING AND MANAGING LOGS You can use this data to analyze the overall security status of the network and modify the protection on the client computers. You can track the trends that relate to viruses, security risks, and attacks. If several people use the same computer, you might be able to identify who introduces risks, and help that person to use better precautions. You can view the log data on the Logs tab of the Monitors page. 7
ANALYZING AND MANAGING LOGS The management server regularly uploads the information in the logs from the clients to the management server. You can view this information in the logs or in reports. Because reports are static and do not include as much detail as the logs, you might prefer to monitor the network by using logs. 8
ANALYZING AND MANAGING LOGS Saving and deleting custom logs by using filters You can construct custom filters by using the Basic Settings and Advanced Settings to change the information that you want to see. You can save your filter settings to the database so that you can generate the same view again in the future. When you save your settings, they are saved in the database. The name you give to the filter appears in the Use a saved filter list box for that type of logs and reports. 9
ANALYZING AND MANAGING LOGS Viewing logs from other sites If you want to view the logs from another site, you must log on to a server at the remote site from the Symantec Endpoint Protection Manager console. If you have an account on a server at the remote site, you can log on remotely and view that site's logs. If you have configured replication partners, you can choose to have all the logs from the replication partners copied to the local partner and vice versa. If you choose to replicate logs, by default you see the information from both your site and the replicated sites when you view any log. If you want to see a single site, you must filter the data to limit it to the location you want to view. 10
ANALYZING AND MANAGING LOGS Running commands from the computer status log From the Computer Status log, you can take the following kinds of actions on client computers: ■ Run scans or cancel scans. ■ Restart the computers. ■ Update content. ■ Enable or disable several of the protection technologies. 11
ANALYZING AND MANAGING LOGS You can also right-click a group directly from the Clients page of the Symantec Endpoint Protection Manager console to run commands. From the Command Status tab, you can view the status of the commands that you have run from the console and their details. You can also cancel a specific scan from this tab if the scan is in progress. You can cancel all scans in progress and queued for selected clients. If you confirm the command, the table refreshes and you see that the cancel command is added to the command status table. 12
ANALYZING AND MANAGING LOGS If you run a Restart Client Computer command from a log, the command is sent immediately. Users that are logged on to the client are warned about the restart based on the options that the administrator has configured for that client. You can configure client restart options on the General Settings tab. 13
CONFIGURING AND VIEWING NOTIFICATIONS Notifications alert administrators and computer users about potential security problems. Some notification types contain default values when you configure them. These guidelines provide reasonable starting points depending on the size of your environment, but they may need to be adjusted. Trial and error may be required to find the right balance between too many and too few notifications for your environment. Set the threshold to an initial limit, then wait for a few days. After a few days, you can adjust the notifications settings. 14
CONFIGURING AND VIEWING NOTIFICATIONS For virus, security risk, and firewall event detection, suppose that you have fewer than 100 computers in a network. A reasonable starting point in this network is to configure a notification when two risk events are detected within one minute. If you have 100 to 1000 computers, detecting five risk events within one minute may be a more useful starting point. You manage notifications on the Monitors page. You can use the Home page to determine the number of unacknowledged notifications that need your attention. 15
CONFIGURING AND VIEWING NOTIFICATIONS How notifications work Notifications alert administrators and users about potential security problems. For example, a notification can alert administrators about an expired license or a virus infection. Events trigger a notification. A new security risk, a hardware change to a client computer, or a trialware license expiration can trigger a notification. Actions can then be taken by the system once a notification is triggered. An action might record the notification in a log, or run a batch file or an executable file, or send an email. 16
CONFIGURING AND VIEWING NOTIFICATIONS Establishing communication between the management server and email servers For the management server to send automatic email notifications, you must configure the connection between the management server and the email server. 17
CONFIGURING AND VIEWING NOTIFICATIONS Viewing and acknowledging notifications You can view unacknowledged notifications or all notifications. You can acknowledge an unacknowledged notification. You can view all the notification conditions that are currently configured in the console. 18
CONFIGURING AND VIEWING NOTIFICATIONS Saving and deleting administrative notification filters You can use filters to expand or limit your view of administrative notifications in the console. You can save new filters and you can delete previously saved filters. 19
CONFIGURING AND VIEWING NOTIFICATIONS Setting up administrator notifications You can configure notifications to alert you and other administrators when particular kinds of events occur. You can also add the conditions that trigger notifications to remind you to perform important tasks. For example, you can add a notification condition to inform you when a license has expired, or when a security risk has been detected. When triggered, a notification can perform specific actions, such as the following: ■ Log the notification to the database. ■ Send an email to one or more individuals. ■ Run a batch file. 20
CONFIGURING AND VIEWING NOTIFICATIONS Setting up administrator notifications You choose the notification condition from a list of available notification types. Once you choose the notification type, you then configure it as follows: ■ Specify filters. Not all notification types provide filters. When they do, you can use the filters to limit the conditions that trigger the notification. For example, you can restrict a notification to trigger only when computers in a specific group are affected. ■ Specify settings. All notification types provide settings, but the specific settings vary from type to type. For example, a risk notification may allow you to specify what type of scan triggers the notification. ■ Specify actions. All notification types provide actions you can specify. 21
CREATING AND REVIEWING REPORTS Configuring reporting preferences You can configure the following reporting preferences: ■ The Home and Monitors pages display options ■ The Security Status thresholds ■ The display options that are used for the logs and the reports, as well as legacy log file uploading 22
CREATING AND REVIEWING REPORTS The following categories of reports are available: ■ Quick reports, which you run on demand. ■ Scheduled reports, which run automatically based on a schedule that you configure. Reports include the event data that is collected from your management servers as well as from the client computers that communicate with those servers. You can customize reports to provide the information that you want to see. The quick reports are predefined, but you can customize them and save the filters that you used to create the customized reports. You can use the custom filters to create custom scheduled reports. When you schedule a report to run, you can configure it to be emailed to one or more recipients. 23
CREATING AND REVIEWING REPORTS A scheduled report always runs by default. You can change the settings for any scheduled report that has not yet run. You can also delete a single scheduled report or all of the scheduled reports. You can also print and save reports. 24
CREATING AND REVIEWING REPORTS Running and customizing quick reports Quick reports are predefined, customizable reports. These reports include event data collected from your management servers as well as the client computers that communicate with those servers. Quick reports provide information on events specific to the settings you configure for the report. You can save the report settings so that you can run the same report at a later date, and you can print and save reports. 25
CREATING AND REVIEWING REPORTS Saving and deleting custom reports You can save custom report settings in a filter so that you can generate the report again at a later date. When you save your settings, they are saved in the database. The name that you give to the filter appears in the Use a saved filter list box for that type of logs and reports. 26
CREATING AND REVIEWING REPORTS Creating scheduled reports Scheduled reports are the reports that run automatically based on the schedule that you configure. Scheduled reports are emailed to recipients, so you must include the email address of at least one recipient. After a report runs, the report is emailed to the recipients that you configure as an .mht file attachment. The data that appears in the scheduled reports is updated in the database every hour. At the time that the management server emails a scheduled report, the data in the report is current to within one hour. 27
CREATING AND REVIEWING REPORTS Editing the filter used for a scheduled report You can change the settings for any report that you have already scheduled. The next time the report runs it uses the new filter settings. You can also create additional scheduled reports, which you can base on a previously saved report filter. 28
CREATING AND REVIEWING REPORTS Printing and saving a copy of a report You can print a report or save a copy of a Quick Report. You cannot print scheduled reports. A saved file or printed report provides a snapshot of the current data in your reporting database so that you can retain a historical record. 29
INTRODUCING IT ANALYTICS The IT Analytics Symantec Endpoint Protection Pack is an advanced reporting solution that leverages business intelligence capabilities and robust graphical reporting to provide a unified and comprehensive view of the clients, alerts, and scan activity. 30

Recommended

Symantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Symantec Endpoint Protection Enterprise Edition Best Practices GuidelinesSymantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Symantec Endpoint Protection Enterprise Edition Best Practices GuidelinesSree Harsha Boyapati
 
Demystifying Prisma Access
Demystifying Prisma AccessDemystifying Prisma Access
Demystifying Prisma AccessHaris Chughtai
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastCloudflare
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT securitySophos Benelux
 
introduction to Azure Sentinel
introduction to Azure Sentinelintroduction to Azure Sentinel
introduction to Azure SentinelRobert Crane
 
Veeam back up and replication presentation
Veeam back up and replication presentation Veeam back up and replication presentation
Veeam back up and replication presentation BlueChipICT
 
Microsoft Azure Sentinel
Microsoft Azure SentinelMicrosoft Azure Sentinel
Microsoft Azure SentinelBGA Cyber Security
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and ComplianceDavid J Rosenthal
 

Recommended

Symantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Symantec Endpoint Protection Enterprise Edition Best Practices GuidelinesSymantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Symantec Endpoint Protection Enterprise Edition Best Practices GuidelinesSree Harsha Boyapati
 
Demystifying Prisma Access
Demystifying Prisma AccessDemystifying Prisma Access
Demystifying Prisma AccessHaris Chughtai
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastCloudflare
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT securitySophos Benelux
 
introduction to Azure Sentinel
introduction to Azure Sentinelintroduction to Azure Sentinel
introduction to Azure SentinelRobert Crane
 
Veeam back up and replication presentation
Veeam back up and replication presentation Veeam back up and replication presentation
Veeam back up and replication presentation BlueChipICT
 
Microsoft Azure Sentinel
Microsoft Azure SentinelMicrosoft Azure Sentinel
Microsoft Azure SentinelBGA Cyber Security
 
Microsoft 365 Security and Compliance
Microsoft 365 Security and ComplianceMicrosoft 365 Security and Compliance
Microsoft 365 Security and ComplianceDavid J Rosenthal
 
Professional Services for Cyber Recovery .pptx
Professional Services for Cyber Recovery .pptxProfessional Services for Cyber Recovery .pptx
Professional Services for Cyber Recovery .pptxssusercc05cf
 
Understanding Azure Disaster Recovery
Understanding Azure Disaster RecoveryUnderstanding Azure Disaster Recovery
Understanding Azure Disaster RecoveryNew Horizons Ireland
 
CrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing IntelligenceCrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing IntelligenceCrowdStrike
 
Access control
Access controlAccess control
Access controlarj_presenter
 
VDI/ VMware Horizon View
VDI/ VMware Horizon ViewVDI/ VMware Horizon View
VDI/ VMware Horizon ViewSumeraHangi
 
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...carlitocabana
 
CyberArk Interview Questions and Answers for 2023.pdf
CyberArk Interview Questions and Answers for 2023.pdfCyberArk Interview Questions and Answers for 2023.pdf
CyberArk Interview Questions and Answers for 2023.pdfinfosec train
 
CMS IT Services new ppt _j15
CMS IT Services new ppt _j15CMS IT Services new ppt _j15
CMS IT Services new ppt _j15CMS IT Training Institute
 
Managing iOS with Microsoft Intune
Managing iOS with Microsoft IntuneManaging iOS with Microsoft Intune
Managing iOS with Microsoft IntuneSimon May
 
Android Device Hardening
Android Device HardeningAndroid Device Hardening
Android Device Hardeninganupriti
 
2024 January Patch Tuesday
2024 January Patch Tuesday2024 January Patch Tuesday
2024 January Patch TuesdayIvanti
 
VMware Disaster RECOVERY
VMware Disaster RECOVERYVMware Disaster RECOVERY
VMware Disaster RECOVERYRubeschThananjeyan1
 
Slash n: Tech Talk Track 2 – Distributed Transactions in SOA - Yogi Kulkarni,...
Slash n: Tech Talk Track 2 – Distributed Transactions in SOA - Yogi Kulkarni,...Slash n: Tech Talk Track 2 – Distributed Transactions in SOA - Yogi Kulkarni,...
Slash n: Tech Talk Track 2 – Distributed Transactions in SOA - Yogi Kulkarni,...slashn
 
VMware Horizon Customer Presentation EN
VMware Horizon Customer Presentation ENVMware Horizon Customer Presentation EN
VMware Horizon Customer Presentation ENDaron Walker
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk OverviewSplunk
 
Security engineering
Security engineeringSecurity engineering
Security engineeringOWASP Indonesia Chapter
 
DNS DDoS mitigation using Amazon Route 53 and AWS Shield
DNS DDoS mitigation using Amazon Route 53 and AWS ShieldDNS DDoS mitigation using Amazon Route 53 and AWS Shield
DNS DDoS mitigation using Amazon Route 53 and AWS ShieldAmazon Web Services
 
Splunk Dashboarding & Universal Vs. Heavy Forwarders
Splunk Dashboarding & Universal Vs. Heavy ForwardersSplunk Dashboarding & Universal Vs. Heavy Forwarders
Splunk Dashboarding & Universal Vs. Heavy ForwardersHarry McLaren
 
Digital Security by Design: Security and Legacy at Microsoft - Matthew Parkin...
Digital Security by Design: Security and Legacy at Microsoft - Matthew Parkin...Digital Security by Design: Security and Legacy at Microsoft - Matthew Parkin...
Digital Security by Design: Security and Legacy at Microsoft - Matthew Parkin...KTN
 
Prolexic Routed Product Brief - DDoS defense for protecting network and data ...
Prolexic Routed Product Brief - DDoS defense for protecting network and data ...Prolexic Routed Product Brief - DDoS defense for protecting network and data ...
Prolexic Routed Product Brief - DDoS defense for protecting network and data ...Akamai Technologies
 
CCNA CheatSheet
CCNA CheatSheetCCNA CheatSheet
CCNA CheatSheetEng. Emad Al-Atoum
 
SYMANTEC ENDPOINT PROTECTION Performing Server and Database Management
SYMANTEC ENDPOINT PROTECTION Performing Server and Database ManagementSYMANTEC ENDPOINT PROTECTION Performing Server and Database Management
SYMANTEC ENDPOINT PROTECTION Performing Server and Database ManagementDsunte Wilson
 

More Related Content

What's hot

Professional Services for Cyber Recovery .pptx
Professional Services for Cyber Recovery .pptxProfessional Services for Cyber Recovery .pptx
Professional Services for Cyber Recovery .pptxssusercc05cf
 
Understanding Azure Disaster Recovery
Understanding Azure Disaster RecoveryUnderstanding Azure Disaster Recovery
Understanding Azure Disaster RecoveryNew Horizons Ireland
 
CrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing IntelligenceCrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing IntelligenceCrowdStrike
 
VDI/ VMware Horizon View
VDI/ VMware Horizon ViewVDI/ VMware Horizon View
VDI/ VMware Horizon ViewSumeraHangi
 
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...carlitocabana
 
CyberArk Interview Questions and Answers for 2023.pdf
CyberArk Interview Questions and Answers for 2023.pdfCyberArk Interview Questions and Answers for 2023.pdf
CyberArk Interview Questions and Answers for 2023.pdfinfosec train
 
Managing iOS with Microsoft Intune
Managing iOS with Microsoft IntuneManaging iOS with Microsoft Intune
Managing iOS with Microsoft IntuneSimon May
 
Android Device Hardening
Android Device HardeningAndroid Device Hardening
Android Device Hardeninganupriti
 
2024 January Patch Tuesday
2024 January Patch Tuesday2024 January Patch Tuesday
2024 January Patch TuesdayIvanti
 
Slash n: Tech Talk Track 2 – Distributed Transactions in SOA - Yogi Kulkarni,...
Slash n: Tech Talk Track 2 – Distributed Transactions in SOA - Yogi Kulkarni,...Slash n: Tech Talk Track 2 – Distributed Transactions in SOA - Yogi Kulkarni,...
Slash n: Tech Talk Track 2 – Distributed Transactions in SOA - Yogi Kulkarni,...slashn
 
VMware Horizon Customer Presentation EN
VMware Horizon Customer Presentation ENVMware Horizon Customer Presentation EN
VMware Horizon Customer Presentation ENDaron Walker
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk OverviewSplunk
 
DNS DDoS mitigation using Amazon Route 53 and AWS Shield
DNS DDoS mitigation using Amazon Route 53 and AWS ShieldDNS DDoS mitigation using Amazon Route 53 and AWS Shield
DNS DDoS mitigation using Amazon Route 53 and AWS ShieldAmazon Web Services
 
Splunk Dashboarding & Universal Vs. Heavy Forwarders
Splunk Dashboarding & Universal Vs. Heavy ForwardersSplunk Dashboarding & Universal Vs. Heavy Forwarders
Splunk Dashboarding & Universal Vs. Heavy ForwardersHarry McLaren
 
Digital Security by Design: Security and Legacy at Microsoft - Matthew Parkin...
Digital Security by Design: Security and Legacy at Microsoft - Matthew Parkin...Digital Security by Design: Security and Legacy at Microsoft - Matthew Parkin...
Digital Security by Design: Security and Legacy at Microsoft - Matthew Parkin...KTN
 
Prolexic Routed Product Brief - DDoS defense for protecting network and data ...
Prolexic Routed Product Brief - DDoS defense for protecting network and data ...Prolexic Routed Product Brief - DDoS defense for protecting network and data ...
Prolexic Routed Product Brief - DDoS defense for protecting network and data ...Akamai Technologies
 

What's hot (20)

Professional Services for Cyber Recovery .pptx
Professional Services for Cyber Recovery .pptxProfessional Services for Cyber Recovery .pptx
Professional Services for Cyber Recovery .pptx
 
Understanding Azure Disaster Recovery
Understanding Azure Disaster RecoveryUnderstanding Azure Disaster Recovery
Understanding Azure Disaster Recovery
 
CrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing IntelligenceCrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing Intelligence
 
Access control
Access controlAccess control
Access control
 
VDI/ VMware Horizon View
VDI/ VMware Horizon ViewVDI/ VMware Horizon View
VDI/ VMware Horizon View
 
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
07 - Defend Against Threats with SIEM Plus XDR Workshop - Microsoft Sentinel ...
 
CyberArk Interview Questions and Answers for 2023.pdf
CyberArk Interview Questions and Answers for 2023.pdfCyberArk Interview Questions and Answers for 2023.pdf
CyberArk Interview Questions and Answers for 2023.pdf
 
CMS IT Services new ppt _j15
CMS IT Services new ppt _j15CMS IT Services new ppt _j15
CMS IT Services new ppt _j15
 
Managing iOS with Microsoft Intune
Managing iOS with Microsoft IntuneManaging iOS with Microsoft Intune
Managing iOS with Microsoft Intune
 
Android Device Hardening
Android Device HardeningAndroid Device Hardening
Android Device Hardening
 
2024 January Patch Tuesday
2024 January Patch Tuesday2024 January Patch Tuesday
2024 January Patch Tuesday
 
VMware Disaster RECOVERY
VMware Disaster RECOVERYVMware Disaster RECOVERY
VMware Disaster RECOVERY
 
Slash n: Tech Talk Track 2 – Distributed Transactions in SOA - Yogi Kulkarni,...
Slash n: Tech Talk Track 2 – Distributed Transactions in SOA - Yogi Kulkarni,...Slash n: Tech Talk Track 2 – Distributed Transactions in SOA - Yogi Kulkarni,...
Slash n: Tech Talk Track 2 – Distributed Transactions in SOA - Yogi Kulkarni,...
 
VMware Horizon Customer Presentation EN
VMware Horizon Customer Presentation ENVMware Horizon Customer Presentation EN
VMware Horizon Customer Presentation EN
 
Splunk Overview
Splunk OverviewSplunk Overview
Splunk Overview
 
Security engineering
Security engineeringSecurity engineering
Security engineering
 
DNS DDoS mitigation using Amazon Route 53 and AWS Shield
DNS DDoS mitigation using Amazon Route 53 and AWS ShieldDNS DDoS mitigation using Amazon Route 53 and AWS Shield
DNS DDoS mitigation using Amazon Route 53 and AWS Shield
 
Splunk Dashboarding & Universal Vs. Heavy Forwarders
Splunk Dashboarding & Universal Vs. Heavy ForwardersSplunk Dashboarding & Universal Vs. Heavy Forwarders
Splunk Dashboarding & Universal Vs. Heavy Forwarders
 
Digital Security by Design: Security and Legacy at Microsoft - Matthew Parkin...
Digital Security by Design: Security and Legacy at Microsoft - Matthew Parkin...Digital Security by Design: Security and Legacy at Microsoft - Matthew Parkin...
Digital Security by Design: Security and Legacy at Microsoft - Matthew Parkin...
 
Prolexic Routed Product Brief - DDoS defense for protecting network and data ...
Prolexic Routed Product Brief - DDoS defense for protecting network and data ...Prolexic Routed Product Brief - DDoS defense for protecting network and data ...
Prolexic Routed Product Brief - DDoS defense for protecting network and data ...
 

Viewers also liked

SYMANTEC ENDPOINT PROTECTION Performing Server and Database Management
SYMANTEC ENDPOINT PROTECTION Performing Server and Database ManagementSYMANTEC ENDPOINT PROTECTION Performing Server and Database Management
SYMANTEC ENDPOINT PROTECTION Performing Server and Database ManagementDsunte Wilson
 
CCNA Access Lists Questions
CCNA Access Lists QuestionsCCNA Access Lists Questions
CCNA Access Lists QuestionsDsunte Wilson
 
Packet Tracer 101 course
Packet Tracer 101 coursePacket Tracer 101 course
Packet Tracer 101 courseKenan Spahi
 
IBM BladeCenter Fundamentals Introduction
IBM BladeCenter Fundamentals Introduction IBM BladeCenter Fundamentals Introduction
IBM BladeCenter Fundamentals Introduction Dsunte Wilson
 
Tips and Tricks of Toad for Oracle 10.6
Tips and Tricks of Toad for Oracle 10.6Tips and Tricks of Toad for Oracle 10.6
Tips and Tricks of Toad for Oracle 10.6Dsunte Wilson
 
CCNA Introducing Networks Questions
CCNA Introducing Networks QuestionsCCNA Introducing Networks Questions
CCNA Introducing Networks QuestionsDsunte Wilson
 
Computer services
Computer servicesComputer services
Computer servicesArz Sy
 
CCNA TCP/IP Questions
CCNA TCP/IP QuestionsCCNA TCP/IP Questions
CCNA TCP/IP QuestionsDsunte Wilson
 
Ccnp workbook network bulls
Ccnp workbook network bullsCcnp workbook network bulls
Ccnp workbook network bullsSwapnil Kapate
 
How to configure vlan, stp, dtp step by step guide
How to configure vlan, stp, dtp step by step guideHow to configure vlan, stp, dtp step by step guide
How to configure vlan, stp, dtp step by step guideIT Tech
 
SYMANTEC ENDPOINT PROTECTION Configuring Replication and Failover and Load Ba...
SYMANTEC ENDPOINT PROTECTION Configuring Replication and Failover and Load Ba...SYMANTEC ENDPOINT PROTECTION Configuring Replication and Failover and Load Ba...
SYMANTEC ENDPOINT PROTECTION Configuring Replication and Failover and Load Ba...Dsunte Wilson
 
CCNA 200-120 Latest Dumps
CCNA 200-120 Latest DumpsCCNA 200-120 Latest Dumps
CCNA 200-120 Latest Dumpsslotiopo
 
Network Engineer Interview Questions with Answers
Network Engineer Interview Questions with Answers Network Engineer Interview Questions with Answers
Network Engineer Interview Questions with Answers Sarmad Ali
 

Viewers also liked (17)

CCNA CheatSheet
CCNA CheatSheetCCNA CheatSheet
CCNA CheatSheet
 
SYMANTEC ENDPOINT PROTECTION Performing Server and Database Management
SYMANTEC ENDPOINT PROTECTION Performing Server and Database ManagementSYMANTEC ENDPOINT PROTECTION Performing Server and Database Management
SYMANTEC ENDPOINT PROTECTION Performing Server and Database Management
 
CCNA Access Lists Questions
CCNA Access Lists QuestionsCCNA Access Lists Questions
CCNA Access Lists Questions
 
Packet Tracer 101 course
Packet Tracer 101 coursePacket Tracer 101 course
Packet Tracer 101 course
 
Ccna notes
Ccna notesCcna notes
Ccna notes
 
IBM BladeCenter Fundamentals Introduction
IBM BladeCenter Fundamentals Introduction IBM BladeCenter Fundamentals Introduction
IBM BladeCenter Fundamentals Introduction
 
Tips and Tricks of Toad for Oracle 10.6
Tips and Tricks of Toad for Oracle 10.6Tips and Tricks of Toad for Oracle 10.6
Tips and Tricks of Toad for Oracle 10.6
 
CCNA Introducing Networks Questions
CCNA Introducing Networks QuestionsCCNA Introducing Networks Questions
CCNA Introducing Networks Questions
 
Computer services
Computer servicesComputer services
Computer services
 
CCNA TCP/IP Questions
CCNA TCP/IP QuestionsCCNA TCP/IP Questions
CCNA TCP/IP Questions
 
Ccnp workbook network bulls
Ccnp workbook network bullsCcnp workbook network bulls
Ccnp workbook network bulls
 
How to configure vlan, stp, dtp step by step guide
How to configure vlan, stp, dtp step by step guideHow to configure vlan, stp, dtp step by step guide
How to configure vlan, stp, dtp step by step guide
 
SYMANTEC ENDPOINT PROTECTION Configuring Replication and Failover and Load Ba...
SYMANTEC ENDPOINT PROTECTION Configuring Replication and Failover and Load Ba...SYMANTEC ENDPOINT PROTECTION Configuring Replication and Failover and Load Ba...
SYMANTEC ENDPOINT PROTECTION Configuring Replication and Failover and Load Ba...
 
Cisco CCNA module 10
Cisco CCNA module 10Cisco CCNA module 10
Cisco CCNA module 10
 
CCNA 200-120 Latest Dumps
CCNA 200-120 Latest DumpsCCNA 200-120 Latest Dumps
CCNA 200-120 Latest Dumps
 
Cisco CCNA module 2
Cisco CCNA module 2Cisco CCNA module 2
Cisco CCNA module 2
 
Network Engineer Interview Questions with Answers
Network Engineer Interview Questions with Answers Network Engineer Interview Questions with Answers
Network Engineer Interview Questions with Answers
 

Similar to SYMANTEC ENDPOINT PROTECTION Advanced Monitoring and Reporting

Symantec Endpoint Protection
Symantec Endpoint ProtectionSymantec Endpoint Protection
Symantec Endpoint ProtectionMindRiver Group
 
Monitoring of computers
Monitoring of computers Monitoring of computers
Monitoring of computers carlosrudy_45
 
Merged document
Merged documentMerged document
Merged documentsreeja_16
 
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docxeugeniadean34240
 
Desktop and server securityse
Desktop and server securityseDesktop and server securityse
Desktop and server securityseAppin Ara
 
Antivirus Monitoring Security Use Case Guide
Antivirus Monitoring Security Use Case Guide Antivirus Monitoring Security Use Case Guide
Antivirus Monitoring Security Use Case Guide Protect724manoj
 
O P Manager
O P ManagerO P Manager
O P Managerblakka
 
IT103Microsoft Windows XP/OS Chap14
IT103Microsoft Windows XP/OS Chap14IT103Microsoft Windows XP/OS Chap14
IT103Microsoft Windows XP/OS Chap14blusmurfydot1
 
Ekran System Forensic Monitoring Tool -BusinesstoVirtual Italy Partner
Ekran System Forensic Monitoring Tool -BusinesstoVirtual Italy Partner Ekran System Forensic Monitoring Tool -BusinesstoVirtual Italy Partner
Ekran System Forensic Monitoring Tool -BusinesstoVirtual Italy Partner BusinesstoVirtual
 
Presentation3
Presentation3Presentation3
Presentation3lovindia
 

Similar to SYMANTEC ENDPOINT PROTECTION Advanced Monitoring and Reporting (20)

Symantec Endpoint Protection
Symantec Endpoint ProtectionSymantec Endpoint Protection
Symantec Endpoint Protection
 
Windows Security
Windows Security Windows Security
Windows Security
 
Security
SecuritySecurity
Security
 
Monitoring of computers
Monitoring of computers Monitoring of computers
Monitoring of computers
 
OwnYIT CSAT + SIEM
OwnYIT CSAT + SIEMOwnYIT CSAT + SIEM
OwnYIT CSAT + SIEM
 
Merged document
Merged documentMerged document
Merged document
 
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
1RUNNING HEAD MANAGING HOST BASED SECURITY IN WINDOWS 8.1La.docx
 
Ekran system functions v. 5.0
Ekran system functions v. 5.0Ekran system functions v. 5.0
Ekran system functions v. 5.0
 
Desktop and server securityse
Desktop and server securityseDesktop and server securityse
Desktop and server securityse
 
Desktop and Server Security
Desktop and Server SecurityDesktop and Server Security
Desktop and Server Security
 
AltiGen Max In Sight Manual
AltiGen Max In Sight ManualAltiGen Max In Sight Manual
AltiGen Max In Sight Manual
 
Antivirus Monitoring Security Use Case Guide
Antivirus Monitoring Security Use Case Guide Antivirus Monitoring Security Use Case Guide
Antivirus Monitoring Security Use Case Guide
 
O P Manager
O P ManagerO P Manager
O P Manager
 
Overview and features of NCM
Overview and features of NCMOverview and features of NCM
Overview and features of NCM
 
IT103Microsoft Windows XP/OS Chap14
IT103Microsoft Windows XP/OS Chap14IT103Microsoft Windows XP/OS Chap14
IT103Microsoft Windows XP/OS Chap14
 
Proof of Concept Guide for ManageEngine OpManager
Proof of Concept Guide for ManageEngine OpManagerProof of Concept Guide for ManageEngine OpManager
Proof of Concept Guide for ManageEngine OpManager
 
Manual Sophos
Manual SophosManual Sophos
Manual Sophos
 
Total Security MAC User Guide
Total Security MAC User GuideTotal Security MAC User Guide
Total Security MAC User Guide
 
Ekran System Forensic Monitoring Tool -BusinesstoVirtual Italy Partner
Ekran System Forensic Monitoring Tool -BusinesstoVirtual Italy Partner Ekran System Forensic Monitoring Tool -BusinesstoVirtual Italy Partner
Ekran System Forensic Monitoring Tool -BusinesstoVirtual Italy Partner
 
Presentation3
Presentation3Presentation3
Presentation3
 

More from Dsunte Wilson

Introduction to oracle primavera
Introduction to oracle primaveraIntroduction to oracle primavera
Introduction to oracle primaveraDsunte Wilson
 
SYMANTEC ENDPOINT PROTECTION Interfacing the SEPM with Protection Center
SYMANTEC ENDPOINT PROTECTION Interfacing the SEPM with Protection CenterSYMANTEC ENDPOINT PROTECTION Interfacing the SEPM with Protection Center
SYMANTEC ENDPOINT PROTECTION Interfacing the SEPM with Protection CenterDsunte Wilson
 
SYMANTEC ENDPOINT PROTECTION Administration Introduction
SYMANTEC ENDPOINT PROTECTION Administration IntroductionSYMANTEC ENDPOINT PROTECTION Administration Introduction
SYMANTEC ENDPOINT PROTECTION Administration IntroductionDsunte Wilson
 
CCNA Advanced Switching
CCNA Advanced SwitchingCCNA Advanced Switching
CCNA Advanced SwitchingDsunte Wilson
 
CCNA Basic Switching and Switch Configuration Questions
CCNA Basic Switching and Switch Configuration QuestionsCCNA Basic Switching and Switch Configuration Questions
CCNA Basic Switching and Switch Configuration QuestionsDsunte Wilson
 
CCNA PPP and Frame Relay Questions
CCNA PPP and Frame Relay QuestionsCCNA PPP and Frame Relay Questions
CCNA PPP and Frame Relay QuestionsDsunte Wilson
 
CCNA Network Services Questions
CCNA Network Services QuestionsCCNA Network Services Questions
CCNA Network Services QuestionsDsunte Wilson
 
CCNA Basic Switching and Switch Configuration
CCNA Basic Switching and Switch ConfigurationCCNA Basic Switching and Switch Configuration
CCNA Basic Switching and Switch ConfigurationDsunte Wilson
 
CCNA PPP and Frame Relay
CCNA PPP and Frame RelayCCNA PPP and Frame Relay
CCNA PPP and Frame RelayDsunte Wilson
 
CCNA Network Services
CCNA Network ServicesCCNA Network Services
CCNA Network ServicesDsunte Wilson
 
CCNA Advanced Routing Protocols Questions
CCNA Advanced Routing Protocols QuestionsCCNA Advanced Routing Protocols Questions
CCNA Advanced Routing Protocols QuestionsDsunte Wilson
 
CCNA Routing Protocols Questions
CCNA Routing Protocols QuestionsCCNA Routing Protocols Questions
CCNA Routing Protocols QuestionsDsunte Wilson
 
CCNA Router Startup and Configuration Questions
CCNA Router Startup and Configuration QuestionsCCNA Router Startup and Configuration Questions
CCNA Router Startup and Configuration QuestionsDsunte Wilson
 
CCNA Router and IOS Basics Questions
CCNA Router and IOS Basics QuestionsCCNA Router and IOS Basics Questions
CCNA Router and IOS Basics QuestionsDsunte Wilson
 
CCNA Advanced Routing Protocols
CCNA Advanced Routing ProtocolsCCNA Advanced Routing Protocols
CCNA Advanced Routing ProtocolsDsunte Wilson
 
CCNA Routing Protocols
CCNA Routing ProtocolsCCNA Routing Protocols
CCNA Routing ProtocolsDsunte Wilson
 
CCNA Router Startup and Configuration
CCNA Router Startup and ConfigurationCCNA Router Startup and Configuration
CCNA Router Startup and ConfigurationDsunte Wilson
 
CCNA Router and IOS Basics
CCNA Router and IOS BasicsCCNA Router and IOS Basics
CCNA Router and IOS BasicsDsunte Wilson
 

More from Dsunte Wilson (20)

Introduction to oracle primavera
Introduction to oracle primaveraIntroduction to oracle primavera
Introduction to oracle primavera
 
SYMANTEC ENDPOINT PROTECTION Interfacing the SEPM with Protection Center
SYMANTEC ENDPOINT PROTECTION Interfacing the SEPM with Protection CenterSYMANTEC ENDPOINT PROTECTION Interfacing the SEPM with Protection Center
SYMANTEC ENDPOINT PROTECTION Interfacing the SEPM with Protection Center
 
SYMANTEC ENDPOINT PROTECTION Administration Introduction
SYMANTEC ENDPOINT PROTECTION Administration IntroductionSYMANTEC ENDPOINT PROTECTION Administration Introduction
SYMANTEC ENDPOINT PROTECTION Administration Introduction
 
CCNA Advanced Switching
CCNA Advanced SwitchingCCNA Advanced Switching
CCNA Advanced Switching
 
CCNA Basic Switching and Switch Configuration Questions
CCNA Basic Switching and Switch Configuration QuestionsCCNA Basic Switching and Switch Configuration Questions
CCNA Basic Switching and Switch Configuration Questions
 
CCNA PPP and Frame Relay Questions
CCNA PPP and Frame Relay QuestionsCCNA PPP and Frame Relay Questions
CCNA PPP and Frame Relay Questions
 
CCNA Network Services Questions
CCNA Network Services QuestionsCCNA Network Services Questions
CCNA Network Services Questions
 
CCNA Basic Switching and Switch Configuration
CCNA Basic Switching and Switch ConfigurationCCNA Basic Switching and Switch Configuration
CCNA Basic Switching and Switch Configuration
 
CCNA PPP and Frame Relay
CCNA PPP and Frame RelayCCNA PPP and Frame Relay
CCNA PPP and Frame Relay
 
CCNA Access Lists
CCNA Access ListsCCNA Access Lists
CCNA Access Lists
 
CCNA Network Services
CCNA Network ServicesCCNA Network Services
CCNA Network Services
 
CCNA Advanced Routing Protocols Questions
CCNA Advanced Routing Protocols QuestionsCCNA Advanced Routing Protocols Questions
CCNA Advanced Routing Protocols Questions
 
CCNA Routing Protocols Questions
CCNA Routing Protocols QuestionsCCNA Routing Protocols Questions
CCNA Routing Protocols Questions
 
CCNA Router Startup and Configuration Questions
CCNA Router Startup and Configuration QuestionsCCNA Router Startup and Configuration Questions
CCNA Router Startup and Configuration Questions
 
CCNA Router and IOS Basics Questions
CCNA Router and IOS Basics QuestionsCCNA Router and IOS Basics Questions
CCNA Router and IOS Basics Questions
 
CCNA Advanced Routing Protocols
CCNA Advanced Routing ProtocolsCCNA Advanced Routing Protocols
CCNA Advanced Routing Protocols
 
CCNA Routing Protocols
CCNA Routing ProtocolsCCNA Routing Protocols
CCNA Routing Protocols
 
CCNA Router Startup and Configuration
CCNA Router Startup and ConfigurationCCNA Router Startup and Configuration
CCNA Router Startup and Configuration
 
CCNA Router and IOS Basics
CCNA Router and IOS BasicsCCNA Router and IOS Basics
CCNA Router and IOS Basics
 
CCNA IP Addressing
CCNA IP AddressingCCNA IP Addressing
CCNA IP Addressing
 

Recently uploaded

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 

Recently uploaded (20)

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 

SYMANTEC ENDPOINT PROTECTION Advanced Monitoring and Reporting

  • 2. MONITORING THE HOME AND MONITORS PAGE Symantec Endpoint Protection collects information about the security events in your network. You can use log and reports to view these events, and you can use notifications to stay informed about the events as they occur. You can use the reports and logs to determine the answers to the following kinds of questions: ■ Which computers are infected? ■ Which computers need scanning? ■ What risks were detected in the network? 2
  • 3. MONITORING THE HOME AND MONITORS PAGE Logging on to reporting from a stand-alone Web browser You can access the Home, Monitors, and Reports page functions from a stand-alone Web browser that is connected to your management server. You can perform all the reporting functions from a stand-alone Web browser. However, all of the other console functions are not available when you use a stand-alone browser. 3
  • 4. ANALYZING AND MANAGING LOGS You can generate a list of events to view from your logs that are based on a collection of filter settings that you select. Each log type and content type have a default filter configuration that you can use as-is or modify. You can also create and save new filter configurations. These new filters can be based on the default filter or on an existing filter that you created previously. If you save the filter configuration, you can generate the same log view at a later date without having to configure the settings each time. You can delete your customized filter configurations if you no longer need them. 4
  • 5. ANALYZING AND MANAGING LOGS Because logs contain some information that is collected at intervals, you can refresh your log views. To configure the log refresh rate, display the log and select from the Auto-Refresh list box at the top right on that log's view. Reports and logs always display in the language that the management server was installed with. To display these when you use a remote Symantec Endpoint Protection Manager console or browser, you must have the appropriate font installed on the computer that you use. 5
  • 6. ANALYZING AND MANAGING LOGS Logs contain records about client configuration changes, securityrelated activities, and errors. These records are called events. The logs display these events with any relevant additional information. Security-related activities include information about virus detections, computer status, and the traffic that enters or exits the client computer. Logs are an important method for tracking each client computer’s activity and its interaction with other computers and networks. 6
  • 7. ANALYZING AND MANAGING LOGS You can use this data to analyze the overall security status of the network and modify the protection on the client computers. You can track the trends that relate to viruses, security risks, and attacks. If several people use the same computer, you might be able to identify who introduces risks, and help that person to use better precautions. You can view the log data on the Logs tab of the Monitors page. 7
  • 8. ANALYZING AND MANAGING LOGS The management server regularly uploads the information in the logs from the clients to the management server. You can view this information in the logs or in reports. Because reports are static and do not include as much detail as the logs, you might prefer to monitor the network by using logs. 8
  • 9. ANALYZING AND MANAGING LOGS Saving and deleting custom logs by using filters You can construct custom filters by using the Basic Settings and Advanced Settings to change the information that you want to see. You can save your filter settings to the database so that you can generate the same view again in the future. When you save your settings, they are saved in the database. The name you give to the filter appears in the Use a saved filter list box for that type of logs and reports. 9
  • 10. ANALYZING AND MANAGING LOGS Viewing logs from other sites If you want to view the logs from another site, you must log on to a server at the remote site from the Symantec Endpoint Protection Manager console. If you have an account on a server at the remote site, you can log on remotely and view that site's logs. If you have configured replication partners, you can choose to have all the logs from the replication partners copied to the local partner and vice versa. If you choose to replicate logs, by default you see the information from both your site and the replicated sites when you view any log. If you want to see a single site, you must filter the data to limit it to the location you want to view. 10
  • 11. ANALYZING AND MANAGING LOGS Running commands from the computer status log From the Computer Status log, you can take the following kinds of actions on client computers: ■ Run scans or cancel scans. ■ Restart the computers. ■ Update content. ■ Enable or disable several of the protection technologies. 11
  • 12. ANALYZING AND MANAGING LOGS You can also right-click a group directly from the Clients page of the Symantec Endpoint Protection Manager console to run commands. From the Command Status tab, you can view the status of the commands that you have run from the console and their details. You can also cancel a specific scan from this tab if the scan is in progress. You can cancel all scans in progress and queued for selected clients. If you confirm the command, the table refreshes and you see that the cancel command is added to the command status table. 12
  • 13. ANALYZING AND MANAGING LOGS If you run a Restart Client Computer command from a log, the command is sent immediately. Users that are logged on to the client are warned about the restart based on the options that the administrator has configured for that client. You can configure client restart options on the General Settings tab. 13
  • 14. CONFIGURING AND VIEWING NOTIFICATIONS Notifications alert administrators and computer users about potential security problems. Some notification types contain default values when you configure them. These guidelines provide reasonable starting points depending on the size of your environment, but they may need to be adjusted. Trial and error may be required to find the right balance between too many and too few notifications for your environment. Set the threshold to an initial limit, then wait for a few days. After a few days, you can adjust the notifications settings. 14
  • 15. CONFIGURING AND VIEWING NOTIFICATIONS For virus, security risk, and firewall event detection, suppose that you have fewer than 100 computers in a network. A reasonable starting point in this network is to configure a notification when two risk events are detected within one minute. If you have 100 to 1000 computers, detecting five risk events within one minute may be a more useful starting point. You manage notifications on the Monitors page. You can use the Home page to determine the number of unacknowledged notifications that need your attention. 15
  • 16. CONFIGURING AND VIEWING NOTIFICATIONS How notifications work Notifications alert administrators and users about potential security problems. For example, a notification can alert administrators about an expired license or a virus infection. Events trigger a notification. A new security risk, a hardware change to a client computer, or a trialware license expiration can trigger a notification. Actions can then be taken by the system once a notification is triggered. An action might record the notification in a log, or run a batch file or an executable file, or send an email. 16
  • 17. CONFIGURING AND VIEWING NOTIFICATIONS Establishing communication between the management server and email servers For the management server to send automatic email notifications, you must configure the connection between the management server and the email server. 17
  • 18. CONFIGURING AND VIEWING NOTIFICATIONS Viewing and acknowledging notifications You can view unacknowledged notifications or all notifications. You can acknowledge an unacknowledged notification. You can view all the notification conditions that are currently configured in the console. 18
  • 19. CONFIGURING AND VIEWING NOTIFICATIONS Saving and deleting administrative notification filters You can use filters to expand or limit your view of administrative notifications in the console. You can save new filters and you can delete previously saved filters. 19
  • 20. CONFIGURING AND VIEWING NOTIFICATIONS Setting up administrator notifications You can configure notifications to alert you and other administrators when particular kinds of events occur. You can also add the conditions that trigger notifications to remind you to perform important tasks. For example, you can add a notification condition to inform you when a license has expired, or when a security risk has been detected. When triggered, a notification can perform specific actions, such as the following: ■ Log the notification to the database. ■ Send an email to one or more individuals. ■ Run a batch file. 20
  • 21. CONFIGURING AND VIEWING NOTIFICATIONS Setting up administrator notifications You choose the notification condition from a list of available notification types. Once you choose the notification type, you then configure it as follows: ■ Specify filters. Not all notification types provide filters. When they do, you can use the filters to limit the conditions that trigger the notification. For example, you can restrict a notification to trigger only when computers in a specific group are affected. ■ Specify settings. All notification types provide settings, but the specific settings vary from type to type. For example, a risk notification may allow you to specify what type of scan triggers the notification. ■ Specify actions. All notification types provide actions you can specify. 21
  • 22. CREATING AND REVIEWING REPORTS Configuring reporting preferences You can configure the following reporting preferences: ■ The Home and Monitors pages display options ■ The Security Status thresholds ■ The display options that are used for the logs and the reports, as well as legacy log file uploading 22
  • 23. CREATING AND REVIEWING REPORTS The following categories of reports are available: ■ Quick reports, which you run on demand. ■ Scheduled reports, which run automatically based on a schedule that you configure. Reports include the event data that is collected from your management servers as well as from the client computers that communicate with those servers. You can customize reports to provide the information that you want to see. The quick reports are predefined, but you can customize them and save the filters that you used to create the customized reports. You can use the custom filters to create custom scheduled reports. When you schedule a report to run, you can configure it to be emailed to one or more recipients. 23
  • 24. CREATING AND REVIEWING REPORTS A scheduled report always runs by default. You can change the settings for any scheduled report that has not yet run. You can also delete a single scheduled report or all of the scheduled reports. You can also print and save reports. 24
  • 25. CREATING AND REVIEWING REPORTS Running and customizing quick reports Quick reports are predefined, customizable reports. These reports include event data collected from your management servers as well as the client computers that communicate with those servers. Quick reports provide information on events specific to the settings you configure for the report. You can save the report settings so that you can run the same report at a later date, and you can print and save reports. 25
  • 26. CREATING AND REVIEWING REPORTS Saving and deleting custom reports You can save custom report settings in a filter so that you can generate the report again at a later date. When you save your settings, they are saved in the database. The name that you give to the filter appears in the Use a saved filter list box for that type of logs and reports. 26
  • 27. CREATING AND REVIEWING REPORTS Creating scheduled reports Scheduled reports are the reports that run automatically based on the schedule that you configure. Scheduled reports are emailed to recipients, so you must include the email address of at least one recipient. After a report runs, the report is emailed to the recipients that you configure as an .mht file attachment. The data that appears in the scheduled reports is updated in the database every hour. At the time that the management server emails a scheduled report, the data in the report is current to within one hour. 27
  • 28. CREATING AND REVIEWING REPORTS Editing the filter used for a scheduled report You can change the settings for any report that you have already scheduled. The next time the report runs it uses the new filter settings. You can also create additional scheduled reports, which you can base on a previously saved report filter. 28
  • 29. CREATING AND REVIEWING REPORTS Printing and saving a copy of a report You can print a report or save a copy of a Quick Report. You cannot print scheduled reports. A saved file or printed report provides a snapshot of the current data in your reporting database so that you can retain a historical record. 29
  • 30. INTRODUCING IT ANALYTICS The IT Analytics Symantec Endpoint Protection Pack is an advanced reporting solution that leverages business intelligence capabilities and robust graphical reporting to provide a unified and comprehensive view of the clients, alerts, and scan activity. 30

Editor's Notes

  1. Symantec Endpoint Protection pulls the events that appear in the reportsfrom the event logs on your management servers. The event logs containtime-stamps in the client computers' time zones. When the management serverreceives the events, it converts the event time-stamps to Greenwich Mean Time(GMT) for insertion into the database. When you create reports, the reportingsoftware displays information about events in the local time of the computer onwhich you view the reports.
  2. If you view log data by using specific dates, the data stays the same whenyou click Auto-Refresh.
  3. If you run a scan command, and select a Custom scan, the scan uses thecommand scan settings that you configured on the Administrator-definedScanspage. The command uses the settings that are in the Virus and Spyware Protectionpolicy that is applied to the selected client computers.