- Customize notifications symantec endpoint manager how to#
- Customize notifications symantec endpoint manager manual#
- Customize notifications symantec endpoint manager software#
- Customize notifications symantec endpoint manager windows#
There isn't enough information to help us with what we're looking for and why we are looking for it with this query. AMP doesn't realize that and the file fetch fails, then you're left wondering what's going on." "I would like to see integration with Cisco Analytics." "In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. But, one of these other programs has already gotten it, so the file has already been quarantined by another endpoint protection system. What winds up happening is, e.g., if I get an alert for a potential incident or malware and want to pull the file, I'll go to fetch the file to analyze it. So, we have a bunch of different things that do the same thing.
Customize notifications symantec endpoint manager windows#
For instance, we have AMP, but we also have Microsoft Windows Defender, System Center Endpoint Protection, and Microsoft Malware Protection Engine deployed. "The one challenge that I see is the use of multiple endpoint protection platforms. What you would do otherwise would be very risky and tedious." If you can do that in a secure sandbox environment, that's an invaluable feature.
We're trying, for example, to determine, when people send information in, if an attachment is legitimate or not. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems." "The ability to detonate a particular problem in a sandbox environment and understand what the effects are, is helpful.
Customize notifications symantec endpoint manager how to#
You don't want to be spending time working out how to block something. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want.
Customize notifications symantec endpoint manager software#
It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP." "The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open.
It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us." "The entirety of our network infrastructure is Cisco and the most valuable feature is the integration." "The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great." "If somebody has been compromised, the question always is: How has it affected other devices in the network? Cisco AMP gives you a very neat view of that." "The most valuable feature is signature-based malware detection." "Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. We're no longer looking at digging into information or wading through hundreds of incidents.
Customize notifications symantec endpoint manager manual#
We can then choose to take any manual actions, if we want, or start our investigation. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. "Any alert that we get is an actionable alert.