Endpoint Protection

 View Only
  • 1.  Email Notifications

    Posted Jun 14, 2011 04:52 AM

    What is the difference between single risk event and new risk detected? Can anyone explain this. just for know-how.



  • 2.  RE: Email Notifications
    Best Answer

    Posted Jun 14, 2011 05:36 AM

    Single Risk Event" will notify you each time a threat is detected. "New Risk Detected" refers to a risk new to the network

     Single Risk:The detection of a single risk event triggers this notification. The notification lists a number of details about the risk, which includes the user and computer involved, and the action that Symantec EndpointProtection took.

    New Risks : are calculated from the last database sweep and for the time period that is configured on the Home and Monitors tab of Preferences.

    For example, suppose your Preferences time range is set to the past 24 hours. And suppose that your database is set to sweep every week on Sunday night and delete the risks that are more than three days old. If a particular virus infects a computer in your network on Monday, that is reported as a new risk. If another computer is infected with the same virus on Wednesday, that is not reflected in this count. If this same virus infects a computer in your network on the following Monday, it is reported here as newly infected. It is reported as new because it occurred during the last 24 hours and Sunday the database was swept of entries older than three days. The previous risk detections occurred more than three days ago, so they were deleted from the database.

     You can go to following link for more information.

    https://www-secure.symantec.com/connect/forums/whats-differenc