By default, Symantec Endpoint Protection clients and Symantec Endpoint Protection Manager submit some types of pseudonymous information to Symantec. Clients can also send non-pseudonymous data to Symantec to get customized analysis. You can control whether or not your clients or Symantec Endpoint Protection Manager submit information.
Both server data and client submissions are critical to improving the security of your network.
Server data is part of the information that helps Symantec measure and improve the efficacy of detection technologies.
Symantec Endpoint Protection Manager submits the following types of pseudonymous information to Symantec:
Licensing information, which includes the name, version, language, and licensing entitlement data
Usage of Symantec Endpoint Protection protection features
Information about Symantec Endpoint Protection configuration. The information includes operating system information, server hardware and software configuration, CPU size, memory size, and software version and features for installed packages
You can change the server submissions setting during installation, or change the setting on the server's Site Properties > Data Collection tab in the console.
Symantec always recommends that you keep server data collection enabled.
What are pseudonymous client submissions?
Symantec Endpoint Protection clients automatically submit pseudonymous information about detections, network, and configuration to Symantec Security Response. Symantec uses this pseudonymous information to address new and changing threats as well as to improve product performance. Pseudonymous data is not directly identified with a particular user.
The detection information that clients send includes information about antivirus detections, intrusion prevention, SONAR, and file reputation detections.
Mac client submissions do not include SONAR or file reputation submissions. Linux clients do not support any client submissions.
The pseudonymous information that clients send to Symantec benefits you by:
Increasing the security of your network
Optimizing product performance
In some cases, however, you might want to prevent your clients from submitting some information. For example, your corporate policies might prevent your client computers from sending any network information to outside entities. You can disable a single type of submission, such as submission of network information, rather than disabling all types of client submissions.
Symantec recommends that you always keep client submissions enabled. Disabling submissions might interfere with faster resolution of false positive detections on the applications that are used exclusively in your organization. Without information about the malware in your organization, product response and Symantec response to threats might take longer.