Malware Infection - No Action
I recently upgraded FSPM to 12.40 installed over Ubuntu 14.04.
All agents are composed of Windows systems both client and servers.
Now, there are multiple computers with infection such as Trojan:W97M/MaliciousMacro.GEN, Trojan-Downloader:W97M/Locky.I, etc.) which F-secure did not perform any action (quite alarming).
So, I revisited the settings and it has the ff. Action on infection:
1. Quarantine Automatically
2. Report Only
I did observed the behavior of this incident and I noticed that most of the workstations which F-secure did not do anything where found in client's mailbox.
I changed Report Only to Rename automatically. Will this ensure that F-secure will do something in case the default action is false? Can you guys share your best practice to ensure that F-secure will not ignore this kind of alerts moving forward.