Setting the alert level

Applies To: Forefront Client Security

The alert level you assign to a policy affects how Client Security notifies you of issues with client computers. In general, the higher you set the alert level of a policy, the more events Client Security will issue alerts for. Also, at higher alert levels, individual events receive alerts, whereas at lower alert levels, many events may be combined into a single event, such as a successful response to malware discovered on many client computers that are assigned a low alert level.

The alert level you assign to a policy should reflect the importance, or criticality, of the computers to which you deploy the policy. For example, if you intend to deploy a policy to mission-critical servers, you may want to set the policy's alert level to 5, which will provide you the highest degree of notification of issues with the servers.

For more information about alerts and alert levels, see About alerts.

To configure the alert level

  1. In the Client Security console, create or edit a policy. For details about how to create or edit a policy, see Creating, editing, copying, and deleting policies.

  2. In the New Policy or Edit Policy dialog box, click the Reporting tab.

  3. Under Alert Level, move the slider to set the alert level.

    By default, a new policy is set to alert level 3.

  4. After you finish creating or editing the policy, click OK.

  5. To apply the policy to client computers, you must deploy the policy. For information about deploying a policy, see Deploying and undeploying policies.