Device Integrity Computer Status report

Device Integrity helps you maintain the client's health. Use the fields in this report to help troubleshoot the issues on these devices and to configure the policies that ensure proper operation of the client.
Device Integrity Computer Status report
Operating System
The operating system that runs on the device, which can be Windows, Mac, or Linux.
Overall Status
Use this field to find the cloud-managed devices on which you need to take action.
The statuses from the most secure to the least secure are:
  1. Secure
  2. Initializing
  3. Not Computed
  4. At Risk
  5. Compromised
For more information, see:
Unknown: Devices that the
Symantec Endpoint Protection Manager
You can filter the devices based on their status on the
page >
Managed Devices
Client Type
Symantec Endpoint Protection
No other values appear.)
Agent Version
Displays the build number of the client software. Use this option to find which devices have an older version of the software installed. Use the client upgrade settings in the System policy to configure LiveUpdate to automatically upgrade the client software. See:
Group Name
The name of the device group. All devices in one group get the same policy and security settings. See:
Login User
Sign-on username on the device. If you find a high number of threats from certain users, they may need a higher level of security.
  • Antimalware
  • Behavioral Analysis
  • Exploit Prevention
  • Intrusion Prevention
  • Firewall
  • Endpoint Detection Response
The client installation package downloads the engines and definitions (called content) for each technology automatically using a LiveUpdate server.
Use the following statuses to troubleshoot any issues initially installing each technology on to the device:
  • Installed
    Most secure: The LiveUpdate server successfully downloaded the technology content to the device.
  • Not Installed
    Least secure: The LiveUpdate server did not successfully download the technology to the device.
    If you have a subscription for the Basic Server, LiveUpdate downloads Antimalware by default, and all other technologies show Not Installed.
  • Client not reporting status
    • For the devices that the ICDm manages: When that particular technology malfunctions on the device or the cloud did not yet receive the status from the client yet.
  • For the devices that the
    Symantec Endpoint Protection Manager
    manages: This column always displays
    Client not reporting status
You cannot configure which technologies are installed. But you can enable or disable the default policy for a particular group.
Managed By
  • Cloud
    : The devices that you manage entirely from the ICDm. The clients connect to the cloud directly.
  • Endpoint Protection Manager
    : Devices that you manage from the cloud but that you can also manage from
    Symantec Endpoint Protection Manager
    Symantec Endpoint Protection Manager
    is enrolled in the cloud.
    Devices that are managed by a
    Symantec Endpoint Protection Manager
    domain that is enrolled in the
    Integrated Cyber Defense Manager
    . You can manage these devices either by ICDm or by
    Symantec Endpoint Protection Manager
Device Creation Time
The date and time that a managed device was enrolled in the cloud console. Use this field to find out if the client package was properly enrolled. If this field is empty, either one of the following scenarios may have happened:
  • A device may have the client installation package installed on it, but the device hasn't been enrolled in the cloud yet.
  • You may have also deleted the device, which means it is no longer enrolled.
IP Addresses
MAC Addresses
DNS Addresses
Use these fields to provide information to Symantec Support to help troubleshoot an issue.
Device Description
Derived from the
Computer description
field on the device's
System Properties
Computer Name
  • CPU Type
  • CPU Clock
  • Total Memory (MB)
  • Free Disk (MB)
  • Total Disk (MB)
Use these columns to see whether the CPU information or lack of memory or disk space on the device can cause the client installation package from being installed.
Virtual Machine
Values are: True/False for Yes/No. Clients can sometimes run slower on a virtual machine.
Operating System Language
Operating System Version
Displays the language and the build number of the operating system that runs on the device.
Antimalware Content Version
Antimalware Content Sequence No.
Displays the format of the virus definitions for the Antimalware policy:
  • Antimalware Content Version
    : xxxx-xx-xx-xxx (Year - Month - Day- definitions revision number). For example: 2019-05-23 rev. 022
  • Antimalware Content Sequence No.
    : xxxxxxxxx For example: 190523022
    Use the Antimalware Content Sequence format to write scripts.
To stay secure, the devices should be running the most recent version of the product and have the most up-to-date security content. Use the following page to compare the latest revision with what is on your device:
  • Last Scan Time
  • Last Virus Detection Time
  • Last Update Time
Use these fields to determine whether the Antimalware scans functions properly on the device.
  • Last Scan Time
    The last day and time that a scan was performed on the device. Compare the time with what is enabled for a daily scan and weekly scan in the Antimalware policy.
  • Last Virus Detection Time
    The last day and time that the client detected a threat on the device.
  • Last Update Time
    The last day and time that the virus definitions were last downloaded to the device. If the date for virus definitions is older than 7 days, the virus definitions are outdated. First check whether LiveUpdate ran during that time period.
: implies that the device was never scanned.
Time Zone Offset
Displays the client's time using the UTF offset. The UTC offset is the difference in hours and minutes from the Coordinated Universal Time (UTC) for a particular place and date. For example, UTC-8:00, UTC+5:30. GMT is a time zone and UTC is a time standard. Use the offset to help you pinpoint the time that an event occurred on the client