About the information in the Compliance reports and logs
The Compliance logs contain information about the Enforcer server, clients, and traffic, and about host compliance. The information available includes items such as the time and the event type, the name of the Enforcer involved, the site, and the server.
If you do not have Symantec Network Access Control installed, the Compliance logs and reports do not contain any data.
The table below describes some typical uses for the kind of information that you can get from Compliance reports and logs.
Report or log
Network Compliance Status
Use this report to look at overall compliance, to see if clients have failed host integrity checks or authentication, or have been disconnected.
Use this report to see the total number of clients that have either passed or failed a host integrity check in your network.
Clients by Compliance Failure Summary
Use this report to see the general reasons for control failure events, such as antivirus, firewall, or VPN.
Compliance Failure Details
Use this report to see a greater level of detail about the compliance failures. It shows the criteria and the rule that was involved in each failure. It includes the percentage of clients that have been deployed and the percentage that failed. For example, the Compliance Failure Summary can show ten client failures due to the antivirus software. In contrast, Compliance Failure Details shows the following information:
Four clients have no antivirus software currently in operation on them.
Two clients have no antivirus software installed.
Four clients have out-of-date antivirus definitions files.
Non-compliant Clients by Location
Use this report to see if some locations have more compliance problems than the others.
Enforcer Server log
Use this log to look at information about Enforcer compliance events, the name of the Enforcer involved, its site, and its server. Among other things, this log contains the following information:
Which Enforcers were unable to register with their servers
Which Enforcers have successfully received downloads of policies and the sylink.xml communication file
Whether or not the Enforcers' server has successfully received the Enforcers' logs
Enforcer Client log
Use this log to see which clients have passed or failed Host Integrity checks, were authenticated or rejected, or were disconnected from the network.
Enforcer Traffic log
Use this log to look at information about the traffic that moves through an Enforcer. The information available includes:
The direction of the traffic
The time when the traffic began and the time when the traffic ended
The protocol used
The source IP address and destination IP address that was used
The port that was used
The packet size (in bytes)
The attempted connections that were allowed or blocked
This log applies only to Gateway Enforcers.
Host Compliance log
Use this log to look at specific information about particular compliance events. Such events include the reason, the user involved, and the name of the operating system that was involved.