This little service provides configurable actions trigged by certain Symantec Endpoint Protection 12.1.x Events.
Please Note: This is neither supported or endorsed by Symantec and is it to be used at the user's own risk.
Use Cases
The software that we have uploaded here is a trial licence and will display a dialog window every 20 minutes. To get the full version, please contact me here or use info@niwis.com.
niwis consulting gmbh Ulf Spangenberg
Germany
Symantec AntiVirus User Group Germany
NSEPEM 2.5 has a new switch which can change the action triggered for IPS alerts.
For example, if the IPS engine logs an event with a prefix of "Web attack" NSEPEM does not trigger. But if the IPS engine detects an event with a prefix of "System infected" it triggers a predefined action, like performing a full scan and placing the SEP client into a quarantine location.
NSEPEM 2.0.1 now also works with Windows 10, Windows Server 2016 and Symantec Endpoint Protection 14.x. We have added support für IPS Alerts as well.