Day: April 1, 2011

A good example you want to do this is You a central AV policy that locks down the option “User-defined Exceptions” to restrict your users excluding any of the locations from SEP AV Scanning However, when you have one of such restricted client affected  by risks you require to research the affecting risk and it’s files but you definitely don’t want to connect this PC to the network to unlock this feature via the central policy. Thus need an option to unlock this setting locally without connecting to the network. From an exhaustive research on this possibility, I discovered below […]

A SEP client with Application Learning feature enabled will track each and every application running on it and forward this information to the SEPM. The SEPM processes this data and inserts parts of it into two different database tables: COMPUTER_APPLICATION and SEM_APPLICATION. The SEM_APPLICATION table is essentially a list of all learned applications (file hash, executable file name, file path, file size, version etc). The COMPUTER_APPLICATION table contains data on the “who”, ”what”, and “when” of Learned Applications. Essentially it is a list of when what machines encountered what applications. Application Learning is not designed to be deployed across an […]

While configuring SEP AV policy, opt for enabling “Allow client computers to manually submit quarantined items to Symantec Security Response” setting in SEP AV policy, this will allow you to manually submit the quarantined items to Symantec Security Response from any of the risk affected client computers. This setting helps in submitting quarantined items to Symantec for further investigation.