Worry-Free Business Security Services Events

Table 1. Threat Events

Event Category

Details

Event Status

Antispyware

Spyware/Grayware detections exceed

: The detected spyware/grayware count exceeds the configured threshold within 1 hour (as configured on the managed product console)

Threats unresolved

: Displays the number of endpoints infected with spyware/grayware that the managed product was unable to completely clean and may require the customer to perform additional action

Antivirus

Real-time Scan disabled

: Security Agents with Real-time Scan disabled cannot protect endpoints from virus/malware in newly created or executed files

Threats unresolved

: Unsuccessful actions indicate that a virus or malware has successfully circumvented antivirus defenses and has infected the endpoint.

Note:

Remote Manager assumes that computers with an unsuccessfully cleaned, quarantined, or deleted virus or malware are infected.

Virus detections exceed

: The detected virus/malware count exceeds the configured threshold within 1 hour (as configured on the managed product console)

Application Control

Application Control violations exceed

: The detected Application Control violation count exceeds the configured threshold within 1 hour (as configured on the managed product console)

Behavior Monitoring

Behavior Monitoring violations exceed

: The detected Behavior Monitoring violation count exceeds the configured threshold within 1 hour (as configured on the managed product console)

Data Loss Prevention

Data Loss Prevention incidents exceed

: The detected Data Loss Prevention incident count exceeds the configured threshold within 1 hour (as configured on the managed product console)

Device Control

Device Control violations exceed

: The detected Device Control violation count exceeds the configured threshold within 1 hour (as configured on the managed product console)

Network virus

Network virus detections exceed

: The detected network virus count exceeds the configured threshold within 1 hour (as configured on the managed product console)

Outbreak Defense

Outbreak Defense enabled

: Outbreak Defense enabled on desktop/server platforms in response to abnormal threat activity

Outbreak Defense disabled

: Outbreak Defense disabled on desktop/server platforms and normal network conditions restored

Predictive Machine Learning

Unknown threat detections exceed

: The detected unknown threat count exceeds the configured threshold within 1 hour (as configured on the managed product console)

URL Filtering

URL violations exceed

: The detected URL Filtering violation count exceeds the configured threshold within 1 hour (as configured on the managed product console)

Web Reputation

URL violations exceed

: The detected Web Reputation violation count exceeds the configured threshold within 1 hour (as configured on the managed product console)

Table 2. System Events

Event Category

Details

Event Status

Smart Protection Services

Agents disconnected

: Security Agents cannot connect to the Smart Protection Network

Update

Outdated agents

: Security Agents with outdated patterns after two hours of antivirus pattern release exceeded threshold