Endpoint Protection

 View Only
  • 1.  What is sonar

    Posted Feb 01, 2013 04:05 AM
    In 12.x version, what is sonar function and how it work


  • 2.  RE: What is sonar
    Best Answer

    Posted Feb 01, 2013 04:12 AM

    About SONAR

     

    Article:HOWTO81392  |  Created: 2012-10-25  |  Updated: 2012-10-27  |  Article URL http://www.symantec.com/docs/HOWTO81392

    Re-Edit

    Managing SONAR

     

    Article:HOWTO55215  |  Created: 2011-06-29  |  Updated: 2011-12-17  |  Article URL http://www.symantec.com/docs/HOWTO55215

    Configuring TruScan proactive threat scan settings for legacy clients

     

    Article:HOWTO55255  |  Created: 2011-06-29  |  Updated: 2011-12-17  |  Article URL http://www.symantec.com/docs/HOWTO55255

    About adjusting TruScan settings for legacy clients

     

    Article:HOWTO55257  |  Created: 2011-06-29  |  Updated: 2011-12-17  |  Article URL http://www.symantec.com/docs/HOWTO55257

    Find the attach thread for your knowledge

    https://www-secure.symantec.com/connect/forums/sep-121-sonar-definitions

    https://www-secure.symantec.com/connect/forums/manually-update-sonar-definitions

    https://www-secure.symantec.com/connect/forums/where-are-truscan-logs-sepm-12

     

     



  • 3.  RE: What is sonar

    Posted Feb 01, 2013 04:14 AM

     

    SONAR is the abbreviation for Symantec Online Network for Advanced Response

    TruScan Proactive Threat Protection has been replaced by SONAR in SEP 12.1

     

    Symantec Endpoint Protection 12.1 SONAR - Proactive Threat Protection or Download Insight False Positive Corrections

    Article:TECH168849  | Created: 2011-09-05  | Updated: 2011-12-13  | Article URL http://www.symantec.com/docs/TECH168849
     

     

    Migration from Symantec Endpoint Protection (SEP) 11.x to SEP 12.x - TruScan and SONAR exceptions

    Article:TECH185225  |  Created: 2012-03-29  |  Updated: 2012-07-28  |  Article URL http://www.symantec.com/docs/TECH185225
     

    Check this artical

    https://www-secure.symantec.com/connect/articles/information-symantec-endpoint-protection-scans



  • 4.  RE: What is sonar

    Trusted Advisor
    Posted Feb 01, 2013 04:21 AM
    It's symantecs new version of Proactive Threat Protection instead of downloading the defs to you machine to save space symantec now use a larger cloud based database with billions of definitions that it can refer to. Better protection for you machines.


  • 5.  RE: What is sonar

    Posted Feb 01, 2013 04:22 AM

    Hi,

     

    SONAR is the real-time protection that detects potentially malicious applications when they run on your computers. SONAR uses heuristics as well as reputation data to detect emerging and unknown threats. SONAR provides "zero-day" protection because it detects threats before traditional virus and spyware detection definitions have been created to address the threats. 

     



  • 6.  RE: What is sonar

    Trusted Advisor
    Posted Feb 01, 2013 04:26 AM

    Hello,

    SONAR is a real-time protection that detects potentially malicious applications when they run on your computers. SONAR provides "zero-day" protection because it detects threats before traditional virus and spyware detection definitions have been created to address the threats.

    SONAR uses heuristics as well as reputation data to detect emerging and unknown threats. SONAR provides an additional level of protection on your client computers and complements your existing Virus and Spyware Protection, intrusion prevention, and firewall protection.

    SONAR uses a heuristics system that leverages Symantec's online intelligence network with proactive local monitoring on your client computers to detect emerging threats. SONAR also detects changes or behavior on your client computers that you should monitor.

    Reference: http://www.symantec.com/docs/HOWTO81392

    Hope that helps!!



  • 7.  RE: What is sonar

    Posted Feb 01, 2013 06:09 AM

    About SONAR

    Article:HOWTO80968  |  Created: 2012-10-24  |  Updated: 2013-01-30  | 

    Article URL http://www.symantec.com/docs/HOWTO80968

     

    Managing SONAR

    Article:HOWTO80929  |  Created: 2012-10-24  |  Updated: 2013-01-30  |  Article URL http://www.symantec.com/docs/HOWTO80929

     

    Handling and preventing SONAR false positive detections

    Article:HOWTO80987  |  Created: 2012-10-24  |  Updated: 2013-01-30  |  Article URL http://www.symantec.com/docs/HOWTO80987

     

    Adjusting SONAR settings on your client computers

    Article:HOWTO80972  |  Created: 2012-10-24  |  Updated: 2013-01-30  |  Article URL http://www.symantec.com/docs/HOWTO80972

     

    Monitoring SONAR detection results to check for false positives

    Article:HOWTO80749  |  Created: 2012-10-24  |  Updated: 2013-01-30  |  Article URL http://www.symantec.com/docs/HOWTO80749

     



  • 8.  RE: What is sonar

    Broadcom Employee
    Posted Feb 01, 2013 08:05 AM

    Hi,

    SONAR is a real-time protection that detects potentially malicious applications when they run on your computers. SONAR provides "zero-day" protection because it detects threats before traditional virus and spyware detection definitions have been created to address the threats.

    SONAR uses heuristics as well as reputation data to detect emerging and unknown threats. SONAR provides an additional level of protection on your client computers and complement your existing Virus and Spyware Protection, intrusion prevention, and firewall protection.

     Legacy clients do not support SONAR; however, legacy clients use TruScan proactive threat scans to provide protection against zero-day threats. TruScan proactive threat scans run periodically rather than in real time.

    Go through the following helpful articles:

    About SONAR

    http://www.symantec.com/business/support/index?page=content&id=HOWTO55254

    Managing SONAR

    http://www.symantec.com/business/support/index?page=content&id=HOWTO55215

    Adjusting SONAR settings on your client computers

    http://www.symantec.com/docs/HOWTO55258

    Handling and preventing SONAR false positive detections

    http://www.symantec.com/docs/HOWTO55273