Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Virus
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Symantec AV reporting metrics.

from [Howe, Paul H] Network Security [Permanent Link]
Subject: RE: Symantec AV reporting metrics.
Date: Mon, 5 Jun 2006 13:02:36 -0500 
Or the expensive way.....

I pull the log files from the various parent servers, import into
MS/Access and generate reports.

Serge - your metrics seem less than usfull.  Engine version, dat updates
etc are rarely very far out of compliance at our site (10K+ desktops).
I post #s on how many different viruses are circulating, # of different
PC infected during the period (not the number of infections, since the
AV reports every infected file).  BTW: the usual 80/20% rule applies....
80 % of our PC infections are the same 20% of the users.

Are you looking at reporting on gateway filtering effectivness?


-----Original Message-----
From: paul@murgatroyd.org.uk [mailto:paul@murgatroyd.org.uk] 
Sent: Monday, June 05, 2006 10:17 AM
To: focus-virus@securityfocus.com
Subject: re: Symantec AV reporting metrics.


resending to due to evil HTML email...

------------------------------

what version of SAV are you running?

Depending on version I can give you ideas on several 
different reporting solutions.

I'm not trying to sell our products or services... just want 
to let you know whats available if you dont want to do this 
the hard way.

Paul Murgatroyd
Symantec Professional Services

 -------- Original Message --------

From: "Serge Vondandamo" <serge.vondandamo@wanadoo.fr>
Sent: Monday, June 05, 2006 2:32 PM
To: focus-virus@securityfocus.com
Subject: Symantec AV reporting metrics.

All,

I have been tasked to develop Symantec AV reporting metrics. The 
metrics should help provide visual information (graphs, 

tables, etc) 

to Senior management on weekly, monthly, quarterly and annual basis 
per region and WW if needed.

I am focusing on providing the followings:

- Number of AV clients per region,
- Number of AV engines, versions, per region,
- Information on AV defs per region, frequency of updates, 

versions of 

AV definitions, age of AV definitions (i.e. two weeks old, 

two months 

old, very old, etc).
- Status of AV clients per region - i.e. auto-protect enabled or 
disabled, threat found, old definitions, etc.
- Any other information that will be useful for big boss not 
interested on technical data.


I am looking for pointers, idea and suggestion from those who have 
already done so; I will not try to re-invent the wheel ;)

Thanks for your inputs.

Regards,
Serge Vondandamo, HND, CISSP, CCNA.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Symantec AV reporting metrics., Benny Czarny
Next by Date:  RE: Symantec AV reporting metrics., paul
Previous by Thread:  RE: Symantec AV reporting metrics., Shabbar Arsiwala
Next by Thread:  RE: Symantec AV reporting metrics., paul
Indexes:  [Date] [Thread] [Top] [All Lists]