Table: What you can do with Symantec Protection Engine
Configure protocols to pass files to Symantec Protection Engine for scanning
You can change the communication protocol that Symantec Protection Engine uses to communicate with the client applications for which it provides scanning services. The features that are available through Symantec Protection Engine differ depending on the protocol that you use.
You can use any of the following protocols:
From version 7.0, Native protocol has been deprecated. Symantec recommends the use of either ICAP or RPC protocol.
After you select a protocol, you must provide protocol-specific configuration information. The configuration options differ depending on the protocol that you select.
You can configure Symantec Protection Engine to scan files and email messages for threats, such as viruses and Trojan horses. You can establish policies to process the documents that contain threats. You can also quarantine the infected files that cannot be repaired.
Symantec Protection Engine can detect security risks such as: adware, dialers, hacking tools , joke programs, remote access programs, spyware, and trackware. You can also quarantine the infected files that cannot be repaired.
If your client uses ICAP, you can apply Uniform Resource Locator (URL) filtering to block access to sites that contain unwanted content. Symantec Protection Engine uses Symantec URL categories and Child Abuse Image Content (CAIC) URL categories to scan and block the unwanted URLs.
Symantec Protection Engine lets you customize messages to users to notify them when a file has been infected, repaired, or deleted. You can add the text to the body of an infected MIME-encoded message or to the body of a replacement file for a deleted attachment.
Symantec Protection Engine can send events to several logging destinations. You can activate logging to each available destination when you select the logging level that you want for that destination. You can then choose the logging levels for which Symantec Protection Engine generates log messages.
Use the Symantec Protection Engine reporting functionality to view your log data and statistics.
Symantec Protection Engine can send alerts through Simple Mail Transfer Protocol (SMTP) and Simple Network Management Protocol (SNMP).
You also can activate outbreak alerts. Symantec Protection Engine can issue alerts when a certain number of the same types of threat or violations occur in a given time interval. Outbreak alerts provide an early warning of a potential outbreak so that you can take the necessary precautions to protect your network.
You can monitor Symantec Protection Engine to ensure that it operates at an optimal level for your environment. Continual monitoring ensures that you can make the necessary adjustments as soon as you detect a degradation in performance.
You can update your content for Symantec Protection Engine. Content updates ensure that your network is up-to-date with the most current risk and URL definitions. You also can update Symantec Protection Engine with the latest definitions without any interruption to scanning or filtering operations.
The command-line scanner acts as a client to Symantec Protection Engine through the Symantec Protection Engine API. Use the command-line scanner to send files to Symantec Protection Engine to be scanned for threats.
The command-line scanner also lets you take the following actions:
Repair infected files and delete those files that are unrepairable
Recursively descend into the subdirectories to scan multiple files
Provide output information about the command-line scanner and protection engine operation.
Imported Document ID: HOWTO79591
Subscribing will provide email updates when this Article is updated. Login is required.