Example analysis using ePolicy Orchestrator 4.0

You can use the steps in this example analysis as a framework for analyzing most VirusScan Console protection scenarios using ePolicy Orchestrator 4.0.

Before you begin

You must have direct or remote access to a VirusScan Enterprise protected system to perform this example analysis.

Task

For option definitions, click ? in the interface.

  1. From ePolicy Orchestrator 4.0 console, click Reporting | Queries and the Queries list appears. From the Public Queries list select Malware Detection History and click More Actions | Run. The Malware Detection History query appears in the Queries list.
  2. To view the event that triggered the malware detection, click Reporting | Event Log and the query returns the number of recent attacks.
  3. Double-click the log event and the details page appears in the pane. You can determine the following from this output:
    • Threat Source IP Address and target are shown to help you determine what actions to take.
    • Threat Name and Threat Type describe what malware was used in the attack.
    • Threat Event Descriptions describe how the attack affected the system and what actions were taken on the threat.
  4. Use the information in the previous step to determine if the source or target system needs their virus protection settings modified or if you want to take some other action.