Screencasts - Hilfsvideos

Central Quarantine is there a future?

Created: 13 März 2012 • Aktualisiert: 20 März 2012 | 18 Kommentare
das Bild der ScottM 2s
4 Zustimmen
0 Nicht zustimmen
+4 4 Stimmen
Bitte loggen Sie sich ein, um abzustimmen
Status: Teilweise implementiert

This week I hope to install a new Central Quarantine due to hardware changes and I find I need to load the system with Windows 2003 server, 32-bit. I was planning on doing this on March 14th, 2012. So I'm curious if the technology is going to be advanced?

  • Support for newer server operating systems, 64-bit.
  • Ways to directly submit false positives (I posted this in another thread)
  • A way to submit code for further analysis to the retail portal, the platinum portal, virustotal or threat expert. Bonus points for the ability to submit to competitor's portals. Why? Because it is us against the bad guys plus defense in depth means some of us have other products installed as well.
  • Integration with the SEP console.
  • Ability to restore files to original source

Kommentare KommentareZum neuesten Kommentar

das Bild der Elishas

Thanks for your suggestion.  At this point we have no specific plans to update the Central Quarantine Server.  However we may add some of these features into SEPM.

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der ScottM 2s

That would be great. Anything so that I don't have to "touch" malicious programs.

One more thing on the FP submission, while I'm asking for future wish list stuff. A raw code submission is good but if we could bundle, automatically, everything Security Response needs to make an informed & quick decision in the submission. Yea, that would be something, it would say Symantec has a commitment to get these things resolved! 

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der Elishas

The Central Quarantine Server will be supported on Windows 2008 64bit in the next release of SEP.  Planned for SEP 11 RU7 MP2 and SEP 12.1 RU1 MP1.

+2
Bitte loggen Sie sich ein, um abzustimmen
das Bild der MaRRuT@CCs

Great to hear that! Germans love CQ! =)

It would be wonderful when CQ and the GUP Content Distrubution Monitor tool would be added directly into SEPM and not as added tools.

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der ScottM 2s

I just heard, good news.

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der Serengetis

Hi - how good is the general experience with central quarantine server in a large environment (1000's clients) and is it only supported from SEP 12.1 RU1 MP1? (we have RU1).

 

Thanks

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der ScottM 2s

MP-1 will be out this month, right?

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der Elishas

SEP 12.1 RU1 MP1 is due out at the end of the month.

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der ScottM 2s

Looking forward to it.

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der MaRRuT@CCs

A Combination of LUA + CQ is great for larger Enterprise Infrastructures. I'm using the tool for a very long time already

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der Mick2009s

Confirmed: a new feature of SEP 12.1 Release Update 1, MP1 is that its Quarantine Server is supported on the Windows 64-bit operating system.

  • SEP 11 RU7 MP2 is available now. (note above indicates that its QServer is also 64-bit compatible)
  • SEP 12.1 RU1 MP1 is expected to become available next week.

 

With thanks and best regards,

Mick

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der MaRRuT@CCs

Thats fantastic! great to hear that =)

+1
Bitte loggen Sie sich ein, um abzustimmen
das Bild der Mick2009s

Note that upgrading SEP or the SEPM does not automatically upgrade the Central Quarantine.  Be sure to upgrade that component to the new Qserver in the Tools folder/Tools CD.  The version is "3.6.7180.64"

With thanks and best regards,

Mick

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der ScottM 2s

Anything new in the new Qserver? 

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der FbacchinZFs

I agreed 100% whit every suggestion from ScottM 2 in this post.

Thumbs up !

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der Zebbelins

I downloaded the "SEP 12.1.1 MP1 Part2 Tools" from fileconnect, but it seems to be not 64bit capable. Also the readme.txt shows version 3.1, but in this threat it seems that there is a version 3.6

http://www.symantec.com/connect/forums/central-quarantine-64-bit

 

How do I get it? Why is it not included to the Part2 download?

Thanks!

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der Elishas

Cnetral Quarintine 3.6 is included in SEP 12.1.2 (RU2) which is due out later this month (November 2012).

0
Bitte loggen Sie sich ein, um abzustimmen
das Bild der Zebbelins

Just downloaded the Symantec_Endpoint_Protection_12.1.2_Part2_Tools_EN.exe, but there is still Version 3.1 included. How do I get 3.6?

Thanks!

*edit*

The readme.txt says that it is 3.1, but when you install it, it is 3.6 and it works on a 64-Bit machine.

Unfortunately you cannot install the QConsole 3.6 on a 64-Bit OS..what a pity!
 

0
Bitte loggen Sie sich ein, um abzustimmen