Verified Answers

If an answer to your question is correct, click on "Verify Answer" under the "More" button.  The answer will now appear with a checkmark.  Please be sure to always mark answers that resolve your issue as verified.  Your fellow Community members will appreciate it!  Learn more.

  • State Verified Answer
  • Replies replies
    7
  • Subscribers subscribers
    4
  • Views views
    556
  • Users 0 members are here
  • Locked Locked
Related
Options
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Email alerts, when virus is found

davidkrotil
 

Hi,

customer is complaining about three things.

1 )  Email alert is useless, because it doesn't show that virus XY was found on Device name / IP , but only that SOMETHING is happening . Subsequent emails are only trash, because there is no helpful information. Only, that somewhere was another virus found. There should be link to infected workstation. 

2 )  It takes ages between event, that virus was found and email, which alerts administrators. This need to be fixed ASAP, looks like information flows very slow with major delays. Like

Virus found -> waiting for regular client server communication -> waiting for Christmas to send virus info to admin

OT should think about ZAV as critical part of ZEN Suite not as some add-on. Unpatched workstation is possibly dangerous, workstation with virus is very dangerous. 

3 ) UI is not helpful, when looking for infected workstations, there are many mouse clicks , which should be repeated again and again. I don't care that there is 99 % of workstations OK, customer need the information about problem workstation quickly .

Anyone got already virus and battled with it ?

David

Parents
  • 0  

    I don't remember for sure, but I don't think these even show up in  the CEF logs.  I know various other security items don't such as mobile device enroll or un-enrollment events. 

    I'd argue CEF logs are even more important than email since CEF logging allows us to integrate with SIEM systems for automation of security events.

    Rodney

    If you found this post useful, give it a "Like" or click on "Verify Answer" under the "More" button.   This helps others.

Reply
  • 0  

    I don't remember for sure, but I don't think these even show up in  the CEF logs.  I know various other security items don't such as mobile device enroll or un-enrollment events. 

    I'd argue CEF logs are even more important than email since CEF logging allows us to integrate with SIEM systems for automation of security events.

    Rodney

    If you found this post useful, give it a "Like" or click on "Verify Answer" under the "More" button.   This helps others.

Children

Resources

Support
Documentation
Learning Services
Partner Programs
Privacy
Compliance
Help
Company
Privacy Policy
Terms of Use
Cookies Preferences
Accessibility
Anti-Slavery Statement
Support
Contact Us
Careers
Code of Business Conduct and Ethics
The opinions expressed above are the personal opinions of the authors, not of OpenText. By using this site, you accept the Terms of Use. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.), Hewlett Packard Enterprise Company, or Micro Focus. As of January 31, 2023, the Material is now offered by OpenText, a separately owned and operated company. Any reference to the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks is historical in nature and the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks are the property of their respective owners.