I do not need a solution (just sharing information)
Security Scenario (this is only a scenario for answers to the questions below and discussion):
Your organization has just started getting hit by a zero-day threat or ransomware or some other outbreak.
Symantec Endpoint Protection:
Your clients have a mix of current SEP versions and several previous versions of SEP.
SEP is deployed to your clients with:
- Virus and Spyware Protection
- Proactive Threat Protection
- Network Threat Protection
- Intrusion Prevention is enabled
Questions:
How are you supposed to get alerted that an attack is happening?
How does Symantec alert you?
Are you supposed to be constantly watching the SEPM Console?
Are the default SEPM Notifications enough (see picture), or are there additional Notifications that should be setup?
0