search cancel

Creating notifications for Host Integrity within SEPM

book

Article ID: 163480

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

SEP Admin wants to be notified of failure events via email

Environment

SEPM environment with Host Integrity policy in place.

Resolution

With the release of 12.1 RU5 Host Integrity has become a staple without the necessity to purchase separate Network Access Control license. As part of a complete security best practice, it is vital that a SEP Admin be notified of failure events via email. Below are the steps necessary to create a custom notification for Host Integrity (HI) failure events.

1. From within the SEPM, click on "Monitors", select the "Notifications" tab and then click on the "Notification Conditions" button.

2. Within Notification Conditions, click on "Add...", then select "Client security alert".

3. Give the notification a meaningful name and customize the additional settings. Ensure that "Compliance events" is selected as this triggers on HI failure events.

4. Click "OK" to save.

As with any change, it is always recommended to perform testing to ensure a failure event does in-fact trigger an email notification. It is also important to test the notification using different settings to ensure failure events are reported with the desired level of visibility, as required for your environment.