Responding to alerts

Article
12/30/2009

Applies To: Forefront Client Security

It is recommended that you research the cause of as many alerts as possible, if not all alerts generated by Client Security. When you view an alert in the MOM Operator console, use the information and URLs provided on the Properties tab to learn about the events triggering the alert. For general guidance about how to resolve the type of alert you're investigating, see the information on the Product Knowledge tab. The Resolutions section on that tab includes a general process to use to resolve the type of alert you're investigating.

This guide also presents information about how to resolve Client Security alerts.

Alert title	Topic providing alert resolution details
Computer Infected - Failed Response	Working with an infected computer
Computer Infected - Successful Response	Working with an infected computer
Malware On Network - Failed Response	Addressing "Malware On Network" alerts
Malware On Network - Successful Response	Addressing "Malware On Network" alerts
Protection Turned Off	Resolving disabled real-time protection
Re-Infected Computer	Very infected and re-infected computers
Scanning Failed	Resolving scan failures
Security State Assessment Failed	Resolving scan failures
Service Update Failed	Ensuring that updates were deployed
Definition Update Failed	Ensuring that updates were deployed
Very Infected Computer	Very infected and re-infected computers
Malware Outbreak	Addressing "Malware On Network" alerts
Flooding Detected	Responding to flooding detection

Responding to alerts

Additional resources