Symantec Endpoint Protection Integration

Version: Symantec-Endpoint-Protection Version 12.1.6 to 14.

Symantec Endpoint Protection, developed by Symantec Corporation, is an antivirus and personal firewall software for centrally managed corporate environments providing security for both servers and workstations. Netsurion Open XDR support for Symantec’s Antivirus and IDS/IPS events is now available. Symantec’s security policy will consist of specific rules enabled with logging used to capture and send to Netsurion Open XDR. These events will be auto-identified, if enabled, and parsed into the Netsurion Open XDR report tables for later review.

Netsurion Data Source Integration for Symantec Endpoint Protection allows you to monitor the following components:-

Operations – Agent created and deleted, Application blocked, Auto-protect disabled, Device disabled, Intrusion prevention disabled and Security risk detected
Security – New Risks Detected in the Network, TruScan Proactive Threat Detection Over Time, TruScan Proactive Threat Distribution, Detected Risks Not Confirmed and Permitted Applications
Compliance – Virus detected, Web attack blocked, Virus deletion failed, At Risk Computers and Confirmed Risks

Once Symantec Endpoint Protection is configured to deliver events to Netsurion Open XDR Manager; alerts, dashboards and reports can be configured into Netsurion Open XDR.

To take advantage of this data source integration and to learn more about alerts, reports, and dashboards, contact your Technical Account Manager (TAM). If you are not currently a Netsurion customer or partner, contact us to learn more.

24X7 SOC-AS-A-SERVICE

OPEN XDR PLATFORM

USE CASES

WHY NETSURION

PARTNERS

ALL CYBERSECURITY INSIGHTS

Level up your cybersecurity!

ABOUT NETSURION

XDR Hot Company

Next-Gen MDR Service

Best MDR Solution

Symantec Endpoint Protection