Products
Applications
Support
Company
How To Buy
Skip to main content (Press Enter).
Sign in
Skip auxiliary navigation (Press Enter).
Register
Skip main navigation (Press Enter).
Toggle navigation
Search Options
Home
My Communities
Communities
All Communities
Application Networking and Security
Enterprise Software
Mainframe Software
Software Defined Edge
Symantec Enterprise
Tanzu
VMware Cloud Foundation
Blogs
All Blogs
Enterprise Software
Mainframe Software
Symantec Enterprise
Events
All Events
Enterprise Software
Mainframe Software
Symantec Enterprise
VMware
Water Cooler
Betas
Flings
Education
Groups
Enterprise Software
Mainframe Software
Symantec Enterprise
Members
Endpoint Protection
View Only
Community Home
Threads
Library
Events
Members
Back to discussions
Expand all
|
Collapse all
sort by most recent
sort by thread
Bloodhound Question
Jump to
Best Answer
Migration User
Dec 01, 2009 01:52 PM
Watching Symantec's threat meter, I occassionally see posts that a new heuristic technology has been ...
Migration User
Dec 01, 2009 02:19 PM
Best Answer
If you increase the Proactive threat protection sensitivity you will see the false alarms. However ...
Migration User
Dec 01, 2009 02:23 PM
I've had Proactive Threat Protection on high for both settings for 250 computers for a long time with ...
Migration User
Dec 03, 2009 11:37 AM
The original RTM version of SEP was code named Hamlet. RU5 was named Jade :D
Migration User
Dec 03, 2009 11:42 AM
Well...how did that go against William Shakespeare
1.
Bloodhound Question
0
Recommend
Migration User
Posted Dec 01, 2009 01:52 PM
Reply
Reply Privately
Options Dropdown
Watching Symantec's threat meter, I occassionally see posts that a new heuristic technology has been added with a the following description. "Symantec’s antivirus products contain an highly sensitive detection technology designed to detect entirely new malware threats without traditional signatures. This technology is aimed at detecting malicious software that has been intentionally mutated or morphed by attackers." Is this type of technology available using the default bloodhound setting or do we have to ramp it up to maximum? We've had several occurrences where Network Threat Protection has blocked outgoing communication from an executable in the temporary internet temp directory and have located malicous files that the AV engine misses (we submit to Symantec of course). But I've never seen any of these new heuristic technologies pick up on these type of files even at the maximum bloodhound level. Proactive Threat Protection doesn't complain about them either. Is there a way to confirm that heuristics is working so as a test file solely meant to test heuristics and not definition based threats?
2.
RE: Bloodhound Question
Best Answer
0
Recommend
Migration User
Posted Dec 01, 2009 02:19 PM
Reply
Reply Privately
Options Dropdown
If you increase the Proactive threat protection sensitivity you will see the false alarms.
However even if Bloodhound is set to max i havent come across any false positives.
There isn't any Heuristic Test file available as far i as i know.
3.
RE: Bloodhound Question
0
Recommend
Migration User
Posted Dec 01, 2009 02:23 PM
Reply
Reply Privately
Options Dropdown
I've had Proactive Threat Protection on high for both settings for 250 computers for a long time with only one detection (Fedex software). It says it's on and up2date, but it never catches anything. So either we run a tight shop or something doesn't work right.
4.
RE: Bloodhound Question
0
Recommend
Migration User
Posted Dec 03, 2009 11:37 AM
Reply
Reply Privately
Options Dropdown
The original RTM version of SEP was code named Hamlet. RU5 was named Jade :D
5.
RE: Bloodhound Question
0
Recommend
Migration User
Posted Dec 03, 2009 11:42 AM
Reply
Reply Privately
Options Dropdown
Well...how did that go against William Shakespeare
×
New Best Answer
This thread already has a best answer. Would you like to mark this message as the new best answer?
Copyright 2019. All rights reserved.
Powered by Higher Logic