Means for monitoring malware incidents with F-Secure software

There are various malware monitoring opportunities available provided both by F-Secure and the operating system.

Means provided by F-Secure

  • Remotely:
    • Policy Manager Console
    • Policy Manager Web Reporting
    • Alert Forwarding
    • Syslog forwarding (configured through Console > Server configuration > Syslog page)
  • On host:
    • Local User Interface
    • Logfiles
    • Logfile.log
    • Application.evt

Means provided by third partie

  • Active Directory - Computer Management / Application Event Log
  • SNMP Solutions

Note: For AD alert management to work correctly, TCP/445 and 135 must be open on the workstations to and from the management server.

Protection status monitoring is possible through the Policy Manager Console's Outbreak Manager tab. Information presented there includes:
  • Overall domain protection status
  • Threat specific information (e.g. protection status against MYDOOM.F)
  • Key host information (updated automatically):
    • Connection Status
    • Protection Status
    • AV Update Delta - the time between the last definition update and the last successful connection to PM. This is critical if the status is connected and the update delta value is high.
Pricing & Product Info

For product info and pricing please go to the F-Secure product page

Version history
Revision #:
14 of 14
Last update:
‎11-10-2019 06:48 AM
Updated by: