12
Introducing Symantec™ Critical System Protection
Components of Symantec Critical System Protection
Symantec Critical System Protection agents detect behavior by auditing and monitoring processes, files, log data, and Windows® registry settings. For example, a Symantec Critical System Protection detection policy can specify to monitor the Windows registry keys that the Welchia worm changes during infection and send an alert. As a result, Windows registry
Components of Symantec Critical System Protection
Symantec Critical System Protection includes management console and server components, and includes agent components that enforce policies on computers. The management server and management console run on Windows® operating system. The agents run on Windows and UNIX operating systems.
The major components of Symantec Critical System Protection are as follows:
Management console Coordinate, distribute, and manage policies and agents
The management console lets you manage Symantec Critical System Protection policies and agents, and perform administrative tasks such as creating user accounts, restricting the functions that they can access, modifying policies, configuring alerts, and running reports.
Management server | Store and correlate agent events and the policy library |
Agent
Authoring environment
The management server stores policies in a central location and provides an integrated, scalable, flexible, agent and policy management infrastructure. The management server coordinates policy distribution, and manages agent event logging and reporting.
Enforce policy on the endpoints
Each Symantec Critical System Protection agent enforces rules that are expressed in policies, thereby controlling and monitoring application (process) and user behavior.
Edit the policy library
The authoring environment lets users author prevention and detection policies.
