Purchased SEP just because of this review. Thanks Umbra. I hope I can set up everything just fine. I currently use Comodo Free Firewall.
- Status
RamGuy
New Member
- Apr 2, 2016
- 1
I've been using Symantec Endpoint Protection for some time. Both in unmanaged and managed by running Symantec Endpoint Manager on my Windows Server and I couldn't really see much of a difference other than the centralised management.
But there is one thing that is really nagging me with Symantec Endpoint Protection. Why is there no easy way to restore and exclude false positives? Every time Sonar or Download Insight is removing files there is no easy way for me to mark it as a false positive and get the file back..
A lot of times there might be a option to restore, but there is no easy way to exclude it so it will simply get grabbed again two seconds later... The only way is to go to the exclusion settings and add files manually which might be hard if the file has already been removed. Why is there no easy and logical way to do a simple restore and exclude within the sonar and download insight prompts themselves?
Running managed installations things get even worse where you have to login to the Management Server in order to exclude false positives. It's really annoying and unless you have Sonar and Download Insight on very low settings you will get quite a few false positives every now and then. And that's just fine, but it gets really annoying after a while when there is no easy way to restore and exclude in a efficient way.
But there is one thing that is really nagging me with Symantec Endpoint Protection. Why is there no easy way to restore and exclude false positives? Every time Sonar or Download Insight is removing files there is no easy way for me to mark it as a false positive and get the file back..
A lot of times there might be a option to restore, but there is no easy way to exclude it so it will simply get grabbed again two seconds later... The only way is to go to the exclusion settings and add files manually which might be hard if the file has already been removed. Why is there no easy and logical way to do a simple restore and exclude within the sonar and download insight prompts themselves?
Running managed installations things get even worse where you have to login to the Management Server in order to exclude false positives. It's really annoying and unless you have Sonar and Download Insight on very low settings you will get quite a few false positives every now and then. And that's just fine, but it gets really annoying after a while when there is no easy way to restore and exclude in a efficient way.
Umbra,
Unmanaged Client - I see Low Risks under Sonar, Suspicious, etc... is log only, should I set it to block/prompt or FPs will increase?
Unmanaged Client - I see Low Risks under Sonar, Suspicious, etc... is log only, should I set it to block/prompt or FPs will increase?
Umbra,
64Bits installs in programfiles x86, right?
And if I have 12.1.3, can I download & upgrade with 12.1.6?
Or I have to install all i.e 12.1.4, 12.1.5 & then the latest 12.1.6?
And I have excluded AX64 from all the scans. Should I also exclude the backup folder in the other partition?
64Bits installs in programfiles x86, right?
And if I have 12.1.3, can I download & upgrade with 12.1.6?
Or I have to install all i.e 12.1.4, 12.1.5 & then the latest 12.1.6?
And I have excluded AX64 from all the scans. Should I also exclude the backup folder in the other partition?
Last edited by a moderator:
Excellent guide to SEP. It's really valuable, and when configured right can provide very good protection.SEP (managed), FireEye, an IDS and best practices should render you near bulletproof short of someone determined. Fair statement?
Rezart
Level 1
- Jan 26, 2017
- 14
I have Symantec Endpoint Security 14 and Kaspersky Internet Security 2017 installed on my 2 Laptops x64.
When I test online the Firewall security, the results are almost the same. I dont see any difference regarding firewall and web security.
I configured SEP Unmanaged as described by @Umbra in post 1 and twiked all the settings for maximum protection.
As described in this thread , if well configured, SEP should be better in tests than KIS.
Can anyone explain this situation ?
When I test online the Firewall security, the results are almost the same. I dont see any difference regarding firewall and web security.
I configured SEP Unmanaged as described by @Umbra in post 1 and twiked all the settings for maximum protection.
As described in this thread , if well configured, SEP should be better in tests than KIS.
Can anyone explain this situation ?
Attachments
If your systems are behind a NAT router, then you have to set up port forwarding to accurately test the firewalls using those type tests.
Alternatively you can setup a LAN behind the NAT to test the firewalls.
Rezart
Level 1
- Jan 26, 2017
- 14
Thank you for the answer.
I understood many things about SEP and I needed exactly a professional opinion from someone who has entered deeply into SEP and know what is talking.
Finally after the help and opinions of the users in this wonderful forum, I have decided to go with Kaspersky Internet Security 2018 as my safe guard.
Thanks for everything
- Status
Similar threads
