Filter
Top Products
12 Introducing Symantec™ Critical System Protection
Components of Symantec Critical System Protection
Symantec Critical System Protection agents detect behavior by auditing and
monitoring processes, files, log data, and Windows
® registry settings. For
example, a Symantec Critical System Protection detection policy can specify to
monitor the Windows registry keys that the Welchia worm changes during
infection and send an alert. As a result, Windows registry security-related
events can be put into context and appropriate measures taken.
Components of Symantec Critical System
Protection
Symantec Critical System Protection includes management console and server
components, and includes agent components that enforce policies on
computers. The management server and management console run on Windows®
operating system. The agents run on Windows and UNIX operating systems.
The major components of Symantec Critical System Protection are as follows:
Management console Coordinate, distribute, and manage policies and agents
The management console lets you manage Symantec Critical
System Protection policies and agents, and perform
administrative tasks such as creating user accounts, restricting
the functions that they can access, modifying policies,
configuring alerts, and running reports.
Management server Store and correlate agent events and the policy library
The management server stores policies in a central location and
provides an integrated, scalable, flexible, agent and policy
management infrastructure. The management server
coordinates policy distribution, and manages agent event logging
and reporting.
Agent Enforce policy on the endpoints
Each Symantec Critical System Protection agent enforces rules
that are expressed in policies, thereby controlling and
monitoring application (process) and user behavior.
Authoring
environment
Edit the policy library
The authoring environment lets users author prevention and
detection policies.