"Fast Pathing" is a feature that it allows an organization to set a relatively long heartbeat interval to minimize traffic without losing up to date information about the security of clients.
Without this, important events like viral infections would only be uploaded during a heartbeat. Waiting for a heartbeat to forward events to the SEP Manager could slow down an organizations response time to an emerging threat.
Priority Upload Configuration.
-There is a checkbox to enable/disable this in the communications settings on SEPM
This setting is per group and inheritable.
-There is a new option for the damper on security event related SEPM notifications: “None”.
Setting this causes this notification to be evaluated every minute, to ensure up-to-date information.
With "Fast Pathing" enabled, the client checks if there are new detections (*) or new network security events every minute. If one of these critical events is found, the SEP client uploads all threat-detection and network security related information for the events from the logs (AVMan.log and seclog.log) but not any other log information.
* Excluding System Change events and Tracking Cookies
The “None” Damper:
Any SEPM notification with a damper of “None” is set to be checked for each minute.
The “None” damper setting allows notifications about priority event to happen quickly.
Priority Heartbeat process flow:
•Every minute, if applicable.
•Connects - Uploads Security and AV logs (No commands, No OpState, No definition information, No updates).
Rate this Article
This is machine translated content
Login to Subscribe
Please login to set up your subscription.
Didn't find the article you were looking for? Try these resources.