This section lets you configure the two types of alerts generated by the AdaptiveDefense 360 local protection.
These are the alerts displayed by the agent on the affected computer when malware, intrusion attempts or unallowed devices are detected.
These are the alerts emailed to the administrator by the AdaptiveDefense 360 agent. These alerts contain information about the malware found on the affected computers as well as any violation of the policies defined in the device control module.
Select the Send email alerts checkbox to configure the alert message to be sent to the administrator:
Message subject: Enter a message subject to allow administrators to add filters to their email client to sort the alert messages received.
Email address: You can enter multiple email addresses separated with a semicolon character (;).
SMTP server to send the alert: Enter the IP address of the company's mail server. This address must be accessible from the AdaptiveDefense 360 local protection.
The server requires authentication: If the mail server is not an open relay for the company's internal IP addresses, it will be necessary to enter the appropriate credentials to send the alerts. These credentials are submitted via the ESMTP protocol, AUTH LOGIN extension.
The email sent by the local protection to the administrator will contain the following basic information:
Malware type: Malware category.
Affected computer: Name of the computer where the malware was found.
Path (if applicable).
File (if applicable): Name of the file where the threat was detected.
Action: Remediation action taken automatically by the local protection.
An alert will be sent every time any of the following events occur:
Malware detection.
The Device Control module detects an unauthorized action on a device.
To avoid flooding the administrator's mailbox, Adaptive Defense 360 will enter 'epidemic mode' if it detects more that 20 events pertaining to the same malware or the same device in less than a minute.
From then on, a single message will be sent every five minutes with a summary of the events detected. To exit the epidemic mode, it will be necessary that two or more events of the aforementioned type do not occur within the same minute.
Related topic