Product Guide: Part 4 - Monitoring, Analyzing, and Fine-Tuning Your Protection Flashcards
Why is it important to Monitor, Analyze, and Fine-Tune VSE
Improve both the performance and protection of your VSE-protected systems?
What are the different activity logs that can be accessed on VSE managed systems?
AccessProtectionLog.txt - Displays Date, Time, Event, User, and name of file
BufferOverflowProtectionLog.txt - Displays Date, time, path to the mirror files, and any additional information
MirrorLog.txt - Date, Time, Path to the mirror files, and any additional informatin
OnAccessScanLog.txt - Date, time, detected, malware, what action was taken, and what was found
OnDemandScanLog.txt - Date, time scan occurred, any action performed, to what file, and what was found
UpdateLog.txt - Date, time update occurred, who initiated the update, and any information about the update
What is the Importance of Analysis
- Allows you to determine which kind of threats you are facing, from where, how often they are found, and which systems are being targeted
- For example, if one system is being continuously attacked, maybe that system should be moved to a more secure part of your network, and have increased security enabled to protect it.
- This analysis is also helpful when:
- -Creating reports for IT and managers
- -Capturing information used to create scripts and queries
- -Monitoring network access time and VSE update network usage
