Configuring FIM in SEP is a multi-step process involving creating the "known good" list and then enforcing it.
Symantec Endpoint Protection does offer File Integrity Monitoring capabilities, although it may not be enabled by default. The feature is part of the SEP's Advanced Threat Protection (ATP) module, which provides a range of advanced security features to detect and prevent sophisticated threats.
In older legacy versions, an add-on called Symantec Critical System Protection provided FIM-like capabilities, but this has largely been deprecated or replaced. Configuring FIM in SEP is a multi-step process
When a change is detected, SEP can trigger various actions, such as:
A critical distinction in Symantec Endpoint Protection FIM is how the checks are performed. In older legacy versions, an add-on called Symantec
If you decide to utilize SEP for File Integrity Monitoring, follow these guidelines for maximum efficiency:
Is it enough for your organization?
SONAR creates a baseline of "trusted" files.
No, not as a dedicated, native feature.
Session expired
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.