WelcomeEnterpriseSmall BusinessHome & Home OfficePartnersAbout Symantec

Enterprise Security Manager Security Response Policy for Nimda on Windows NT and Windows 2000

Enterprise Security Manager security response policies
09/21/2001
Enterprise Security Manager's security response policies are configured by members of the Symantec Security Response team to respond to recent security incidents and newly-detected security vulnerabilities without waiting for scheduled module Security Update releases.

Security response policy names are identified and sorted by "R-" prefixes in the Policies branch of the ESM Enterprise tree in the ESM Console.

The Nimda NT-W2K security response policy checks Windows NT 4.0 workstations and servers, and Windows 2000 professional systems and servers, to determine whether these systems are infected by or vulnerable to the W32.Nimda.A@mm worm.

Symantec also recommends that you install the ESM best practice policies for IIS Web Servers on your Windows NT and Windows 2000 Web servers. The IIS best practice policies perform additional Nimda-related audits that are needed only on IIS servers. Best practice policies provide a high level of protection against future Nimda-style outbreaks.

Please see the release notes for additional information.

Download Nimda NT - W2K ESM Security Response Policy Release Notes
Download Nimda NT - W2K ESM Security Response Policy Installer

Note: These security response policies require that ESM SU8 be installed on the ESM Manager and Agents that will use these policies.