Outbreak Criteria and Notifications

Define an outbreak by the number of security risk detections and the detection period. After defining the outbreak criteria, configure OfficeScan to notify you and other OfficeScan administrators of an outbreak so you can respond immediately.

You can receive notifications through:

Configure administrator notification settings to allow OfficeScan to successfully send notifications through email, pager, and SNMP Trap. For details, see Administrator Notification Settings.

  1. In the Criteria tab, specify the number of detections and detection period for each security risk.

  2. OfficeScan sends a notification message when the number of detections is exceeded. For example, if you specify 100, OfficeScan sends the notification after it detects the 101st instance of a virus/malware.

  3. Enable OfficeScan to monitor the network for firewall violations and shared folder sessions. Under Shared Folder Sessions, click the number link to view the computers with shared folders and the computers accessing the shared folders.

  4. In the Email, Pager, SNMP Trap, and NT Event Log tabs:

    1. Enable notifications for virus/malware and spyware/grayware detections.

    2. For email notifications, specify the email recipients and accept or modify the default email subject. Optionally select additional virus/malware and spyware/grayware information to include in the email. You can include the client/domain name, security risk name, date and time of detection, path and infected file, and scan result.

    3. Accept or modify the default notification messages.

    4. Use token variables to represent data in the Message and Subject fields.

      Token variables for outbreak notifications



      Virus/Malware outbreaks


      Total number of viruses/malware detected


      Total number of computers with virus/malware

      Spyware/Grayware outbreaks


      Total number of spyware/grayware detected


      Total number of computers with spyware/grayware

      Firewall violation outbreaks


      Log type exceeded


      Number of firewall violation logs


      Time period when firewall violation logs accumulated

      Shared folder session outbreaks


      Number of shared folder sessions


      Time period when shared folder sessions accumulated


      Time period, in minutes

  5. Click Save.

See also: