Quantcast
Channel: Symantec Connect - Endpoint Protection - Discussions
Viewing all articles
Browse latest Browse all 10484

Reports to Baseline "normal" behavior of SEP clients in your environment

$
0
0
I need a solution

 Hello,

We are trying to determine how to stop virus outbreak before it happens. In our environment, we maybe get one or two each year, and it is easily contained.

I am trying to determine the type of reports I should create to baseline normal behavior of SEP client. Normal meaning that there are no virus outbreaks, and anything that looks different means there is a sign there may be an outbreak on the horizon.

There are seven report types that are available

1. Application and Device Control

2. Audit

3. Computer Status

4. Network Threat Protection

5. Risk

6. Scan

7. System

 

So far, I narrowed it down to three reports we may want to look at

 

1. Network Threat Protection

2. Risk

3. Scan

 

But, I am stumped on how to break it down further. For instance Network Threat Protection: Traffic has many options (see attached).

Are there recommended metrics to use? Perhaps Symantec wrote about this, or there may be case studies on other organizations that have baselined their environment to detect when they are few steps away from a virus outbreak.

Any guidance is greatly appreciated.


Viewing all articles
Browse latest Browse all 10484

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>