in some cases, I find malicious files which have been analysed by ATD, will not marked as KNOW MALICIOUS or MIGHT BE MALICIOUS in TIE.Does somebody know, why this accours?
0) Which TIE Version 1.X or 2.0?
1) Aree those EXE or DLL?
2) We only see .EXE Files which received feedback from the ATD that change the "Composite Reputation"
Check the rules in TIE 2.0 under Server Settings?
which extension for ATD you have installed in EPO?
Out customer has:
Yes, this are the two needed extensions. sub7, any new information about your problem?
the problem was that no DXL TAG for ATD was set in ePO in the System Tree.
Therefore not all information have been added into the TIE DB.
Added Tag: ATDDXL to the device.
This has solved problem!
do you see the "Manage ATD appliances" server task in EPO. Can you check this please?
Retrieving data ...