Me and my boss recently installed Symantec on our server for our company.
We noticed our severity level is 2 at the moment apparently this is normal at setup due to it finding viruses etc..
Any-who it tells you a definition of each severity level.
For context here is level 2 (the normal one)
ThreatCon Level 2
Medium : Increased alertness
This condition applies when knowledge or the expectation of attack activity is present, without specific events occurring or when malicious code reaches a moderate risk rating. Under this condition, a careful examination of vulnerable and exposed systems is appropriate, security applications should be updated with new signatures and/or rules as soon as they become available and careful monitoring of logs is recommended. Changes to the security infrastructure are not required.
Now here is level 4! The most dangerous level.
ThreatCon Level 4
Extreme : Full alert
This condition applies when extreme global network incident activity is in progress. Implementation of measures in this Threat Condition for more than a short period probably will create hardship and affect the normal operations of network infrastructure.
We found that hilarious - They may as well have said "The worlds IT has exploded".
On a lighter note. Symantec is a brilliant AV for business.