OPERATIONAL DEFECT DATABASE
...
...
Note: As of May 2022, Dell Endpoint Security Suite Enterprise has reached End of Maintenance. This article is no longer updated by Dell. For more information, reference the Product Life Cycle (End of Support / End of Life) Policy for Dell Data Security. If you have any questions on alternative articles, either reach out to your sales team or contact endpointsecurity@dell.com.Reference Endpoint Security for additional information about current products. Affected Products: Dell Endpoint Security Suite Enterprise Caution: This configuration is done in configuration files, if you are unfamiliar or uncomfortable modifying these files. Dell offers fee-based services which can assist.
Not Applicable
This data comes from the Dell Client Security Framework that delivers data to the Dell Data Protection Server or the Dell Security Management Server. By default these devices poll every 6 hours. This policy can be modified to a lower value, though the suggested value varies based on the environment and resources on the server. Dell does not recommend polling more frequently than in one-hour increments, as this can overwhelm the network or server in environments with many devices. The email addresses supplied leverages the email settings that have been configured within the Server Configuration Tool for Dell Security Management Server, and leverages the email configuration in Advanced Configuration -> Email Configuration for Dell Security Management Server Virtual. The application.properties file within the Core Server folder must be modified, to enable the configuration, and set the Types that are forwarded to the email addresses provided. The Default location for this in Dell Security Management Server is C:\Program Files\Dell\Enterprise Edition\Core Server\application.properties for Dell Security Management Server Virtual, the default location is /opt/dell/server/core-server/Application.properties. Note: Enabling the service is done by setting the value of: atp.email.enable= To trueatp.email.enable=true Several commented lines are displayed below this setting. This lists out the threat types that can be forwarded. Threat TypeValuesThreatFound1ThreatBlocked2ThreatTerminated4 MemoryViolationBlocked8MemoryViolationTerminated16MemoryViolation32ThreatRemoved64ThreatQuarantined128ThreatWaived256ThreatChanged512ProtectionStatusChanged1024 Note: To set the types to be forwarded, we must add them to the property: atp.email.event.list=An example of having ThreatFound, ThreatBlocked, ThreatTerminated, ThreatQuarantined all forwarded would be:Atp.email.event.list=1,2,4,128 All values can be entered if desired, but as a caution this results in a high influx of email. To set the users or administrators that get these email messages, we must modify a property within the Security Server's application.properties file. The default location for this in Dell Data Protection | Enterprise Edition is C:\Program Files\Dell\Enterprise Edition\Security Server\conf\application.properties for Dell Data Protection | Virtual Edition, the default location is /opt/dell/server/security-server/conf/Application.properties. Note: The property to modify is atp.email.address.list=This is a comma separated value that can handle numerous email messages or distribution lists.An example showing email messages going to user@domain.com, administrator@domain.com, and ITSupport@domain.local:atp.email.address.list=user@domain.com,administrator@domain.com,ITSupport@domain.local For these changes to take effect, both the Dell Core Server service and the Dell Security Server services must be restarted within the Service pane on Dell Security Management Server. Dell Security Management Server Virtual servers should Stop Application under Basic Configuration, and then once all services are stopped, press Escape to return a screen, and then select Start Application within Basic Configuration. This restarts all services for the Dell Security Management Server Virtual. To contact support, reference Dell Data Security International Support Phone Numbers.Go to TechDirect to generate a technical support request online.For additional insights and resources, join the Dell Security Community Forum.
Click on a version to see all relevant bugs
Dell Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
