For many organizations, the deployment of FIM is not optional; it is mandated by regulatory frameworks.
File Integrity Monitoring (FIM) is a critical security control for detecting unauthorized changes to files and system configurations. Within Symantec Endpoint Protection (SEP), FIM provides organizations with the ability to monitor critical operating system, application, and data files. This paper explores the architecture, configuration, use cases, and operational benefits of SEP’s FIM capability, along with best practices for deployment.
SEPM policies define:
CEF:0|Symantec|SEPM|14.3|FIM_1001|File modified|5| cs1Label=FileName cs1=config.xml cs2Label=Path cs2=C:\inetpub\wwwroot cn1Label=ProcessID cn1=3948 cn2Label=User cn2=DOMAIN\jdoe
Add monitored items:
Note: As product features evolve, consult the latest Symantec Endpoint Protection documentation from Broadcom for current capabilities and configuration options.
Symantec Endpoint Protection File Integrity Monitoring -
For many organizations, the deployment of FIM is not optional; it is mandated by regulatory frameworks.
File Integrity Monitoring (FIM) is a critical security control for detecting unauthorized changes to files and system configurations. Within Symantec Endpoint Protection (SEP), FIM provides organizations with the ability to monitor critical operating system, application, and data files. This paper explores the architecture, configuration, use cases, and operational benefits of SEP’s FIM capability, along with best practices for deployment. symantec endpoint protection file integrity monitoring
SEPM policies define:
CEF:0|Symantec|SEPM|14.3|FIM_1001|File modified|5| cs1Label=FileName cs1=config.xml cs2Label=Path cs2=C:\inetpub\wwwroot cn1Label=ProcessID cn1=3948 cn2Label=User cn2=DOMAIN\jdoe For many organizations, the deployment of FIM is
Add monitored items:
Note: As product features evolve, consult the latest Symantec Endpoint Protection documentation from Broadcom for current capabilities and configuration options. For many organizations