1. Manuals
  2. Brands
  3. Symantec Manuals
  4. Software
  5. 10490452 - Mail Security 8220
  6. Administration manual

Interpreting Events In The Information Manager - Symantec 10490452 - Mail Security 8220 Administration Manual

Administration guide
Hide thumbs
Table of Contents

Advertisement

224 Integrating Symantec Mail Security with Symantec Security Information Manager

Interpreting events in the Information Manager

Interpreting events in the Information Manager
managed by the Information Manager. The Information Manager provides you
with an open, standards-based foundation for managing security events from
Symantec clients, gateways, servers, and Web servers.
SSIM Agents collect events from Symantec security products and send the
events to the Symantec Security Information Manger which uses a sophisticated
set of rules to filter, aggregate, and correlate the events into security incidents
and allows for full tracking and response. The Symantec Security Information
Manager allows you to manage and respond to incidents from threat and
vulnerability from discovery through resolution.
The Symantec Incident Manager evaluates the impact of incidents on the
associated systems and assigns incident severities. A built-in Knowledge Base
provides information about the vulnerabilities that are associated with the
incident. The Knowledge Base also suggests tasks that you can assign to a help
desk ticket for resolution.
Symantec Security Information Manager is purchased and installed separately.
The appliance must be installed and working properly before you can configure
Symantec Mail Security to log events to the SSIM.
For more information, see the Symantec Security Information Manager
documentation.
SSIM provides extensive event management capabilities, such as common
logging of normalized event data for Information Manager-enabled security
products like Symantec Mail Security for SMTP. The event categories and
classes include threats (such as viruses), security risks (such as adware and
spyware), content filtering rule violations, network security, spam, and systems
management.
For more information about interpreting events in the Information Manager
and on the event management capabilities of the Information Manager, see the
Symantec Security Information Manager documentation.
Symantec Mail Security for SMTP can send the following types of events to the
Information Manager:
Firewall events
Definition Update events
Message events
Administration events

Advertisement

Table of Contents
loading

Related Manuals for Symantec 10490452 - Mail Security 8220

Related Content for Symantec 10490452 - Mail Security 8220

This manual is also suitable for:

Mail security

Table of Contents