Video Screencast Help
new discussion 03 May 2016
I get the following error text when I open Microsoft Exchange Server      “The action cannot be completed. The connection to the Microsoft Exchange Server is unavailable. Your network adapter does not have a default gateway” or “Your Microsoft Exchange Server is unavailable”. I looked around and found a few solutions, but nothing worked for me.
new idea 03 May 2016
We receive Cyber Threat Bulletins containing IOC lists, possibly containing many hundreds of file hashes.  It is an arduous task to vet these using VirustTotal, to see if Symantec currently addresses the hash in question, and then submitting them to Symantec - Upload a suspected infected file site, one at a time. It would be helpful to allow bulk hash uploads ...
new discussion 03 May 2016
I need help to configure a policy inside Symantec Endpoint Protection (v. 12.1.6) which needs to block .exe files from running in a specific network drive. Let me explain it further: When I create a user in my AD, it automatically creates a "profile folder" for each user, so they can store useful files and access from any computer inside the company. This folder has a hard quota with only ...
new discussion 03 May 2016
I get the following error text when I open Microsoft Exchange Server      “The action cannot be completed. The connection to the Microsoft Exchange Server is unavailable. Your network adapter does not have a default gateway” or “Your Microsoft Exchange Server is unavailable”. I looked around and found a few solutions, but nothing worked for me.
new discussion 03 May 2016
I need help to configure a policy inside Symantec Endpoint Protection (v. 12.1.6) which needs to block .exe files from running in a specific network drive. Let me explain it further: When I create a user in my AD, it automatically creates a "profile folder" for each user, so they can store useful files and access from any computer inside the company. This folder has a hard quota with only ...
updated article 02 May 2016
  Symantec DLP v14.0  upgrade Document   Symantec Data Loss Prevention Upgrade Phases Phase Action Description Phase 1 Upgrade Database to Oracle 11g (11.2.0.4). Upgrade your database to ensure continued security fixes. Phase 2 Prepare the system for upgrading. This Preparation includes backing up the Oracle database and detection server ...
new article 28 Apr 2016
At times it may become necessary to troubleshoot Symantec Endpoint Encryption Device Control. The attached comprehensive pdf will allow an end user and administrator alike, to test communication thoroughly. If further assistance is required please contact Symantec support.
article comment 22 Apr 2016
updated blog entry 02 May 2016
投稿人: Gavin O’Gorman 网络间谍团队使用自行开发的定制恶意软件(Backdoor.Daserf)长时间将目标瞄准日本各种机构。据赛门铁克所知,这个名为蒂克的团队行事低调,其暗中进行网络间谍活动的历史至少有十年之久。 在最近的间谍活动中,为了使大量新受害者受病毒感染,蒂克团队使用了鱼叉式钓鱼电子邮件并入侵了大量日本网站。该团队作案手法极其精密,而且似乎只有在确定某机构为预定目标时才会使用所有工具攻击。蒂克团队还使用大量黑客工具确定受害者网络的位置,从而获取更高权限。 Daserf的主要用途是信息窃取。这种木马能够收集受感染电脑的信息,之后将这些信息传回网络攻击者控制的服务器。蒂克团队最近的攻击对象主要是日本科技部门、水生工程部门和广播部门。 最近的攻击 赛门铁克发现蒂克团队于2015年6月份进行了新一波攻击,该团队利用Flash ...
new blog entry 01 May 2016
寄稿: Gavin O’Gorman 長期にわたって活動を続けているサイバースパイグループが、カスタム開発した独自のマルウェア(Backdoor.Daserf)を利用して、主に日本の企業を狙い始めました。このサイバースパイグループ(シマンテックは「Tick」と呼んでいます)は、目立たずに存在し続け、発見される前に少なくとも 10 年間は活動を続けていたようです。 ごく最近では、Tick はスピア型フィッシングメールを利用して、複数の日本企業の Web サイトに侵入し、新たな被害者を生み出しました。Tick の攻撃はきわめて限定的であり、侵入先の企業が意図した標的だったと確定して初めて、あらゆるツールを動員するようです。Tick グループはさまざまなハッキングツールを使って、被害者のネットワークマップも特定し、さらに権限の昇格を狙います。 トロイの木馬 Daserf ...
updated blog entry 29 Apr 2016
Contributor: Gavin O’Gorman A longstanding cyberespionage campaign has been targeting mainly Japanese organizations with its own custom-developed malware (Backdoor.Daserf). The group, known to Symantec as Tick, has maintained a low profile, appearing to be active for at least 10 years prior to discovery. In its most recent campaign, Tick employed spear-phishing emails and ...
updated blog entry 28 Apr 2016
When we talk about innovation in the enterprise, it is often associated with R&D teams. And while innovation is a necessity for R&D, I believe all teams need to look for new ways to develop and improve stellar customer experiences. In fact, everyone at every level of an organization can and should innovate. Everyone can make things better. I’d like to share my thoughts on how to innovate ...
new blog entry 28 Apr 2016
檢閱此攻擊團體的入侵指標。 許多重視安全的組織,會利用程式碼簽章,針對軟體及檔案提供多一層的安全性及真實性。程式碼簽章的執行,使用了數位憑證,也就是所謂的程式碼簽章憑證。程式碼簽章程序可以驗證合法軟體的真實性,確認應用程式來自其簽章的組織。程式碼簽章憑證固然提供了更高的安全性,但也可能存在不為人知的一面,反而為攻擊團體提供掩護,例如 Suckfly 進階持續性滲透攻擊 (APT) 團體。 賽門鐵克在 2015 ...
new blog entry 28 Apr 2016
查看针对该攻击组织的失窃迹象。 许多具有安全意识的组织会利用代码签名来为其软件和文件提供更多一层的安全性和真实性。代码签名通过使用一种称作代码签名证书的数字证书来执行。代码签名过程可通过确认应用程序是否来自签署它的组织来确认合法软件的真实性。虽然代码签名证书可以提供更高的安全性,但也可能具有意想不到的不为人知的一面,即为Suckfly ...
new blog entry 27 Apr 2016
賽門鐵克最近的研究報告指出,名為 Suckfly 的中國進階威脅團體,已經鎖定程式碼簽章憑證相關的私有金鑰,在兩年期間散佈惡意軟體。這項發現再次確認,網路攻擊者透過合法檔案及應用程式散佈惡意軟體的趨勢,持續增加。 為什麼網路攻擊者要鎖定程式碼簽章憑證的私有金鑰?問題在於程式碼簽章的兩大目標,以及傳統程式碼簽章實務的監管。 程式碼簽章的關鍵目標在於 a) 驗證內容的完整性,確保並未遭到竄改,以及 b) ...
updated download 22 Apr 2016
Symantec DCS Policy Utility v1.0.0.11 For Windows OS (Note .NET Framework 4.5 is required) Designed to help you tune your policy by processing the log files from an Agent. There's a getting started tab that explains the best steps to get the logs and events you need to troubleshoot your policy. The program does not make any changes to the machine or policy. It parses the sisidsevents and ...
updated download 01 Apr 2016
When a customer is using the forensics software "Encase 7" with our Symantec Endpoint Encryption Full Disk 8.2.0 software, the customer will need the appropriate DLLs so that the Encase product can successfully work with our Full Disk product. The DLLs required are attached here and can also be located within the original product download under the subfolder "utilities". The DLLs required in ...
updated download 01 Apr 2016
At times, a customer may require the details for creating a batch file (startup script) to assist in the uninstallation of a Symantec Endpoint Encryption Device Control client that was installed via GPO. You cannot use the automatic uninstall feature in the GPO software installation package because the Device Control uninstall procedure is password protected. To uninstall Device Control you ...
new download 01 Mar 2016
Symantec Data Loss Prevention- Triggering Endpoint Response Rules Video
new download 01 Mar 2016
Oracle 11g Symantec DLP Installation
updated download 16 Feb 2016
This script is intended for use in Symantec Data Loss Prevention and provide an ability to sort incidents not only by file name but also by separate subfolders in it's path. You need to create following Custom Attributes: FPath_Drive_Letter FPath_Root_Folder FPath_SubFolder_1 FPath_SubFolder_2 FPath_SubFolder_3 FPath_SubFolder_4 ''' Created on 8 feb 2016 @author: Stepanov Alexander ...
updated event 03 May 2016
REGISTER TODAY New York Cyber Security Forum has been created based on the complexity of today’s global threat environment. As IT no longer rules the roost, device and data explosion coupled by being ever targeted by data breaches and battered attacks continue to make cyber security grow. This all revolves around the balance between privacy, anonymity, technology and ...
updated event 03 May 2016
REGISTER TODAY New York Cyber Security Forum has been created based on the complexity of today’s global threat environment. As IT no longer rules the roost, device and data explosion coupled by being ever targeted by data breaches and battered attacks continue to make cyber security grow. This all revolves around the balance between privacy, anonymity, technology and ...
updated event 02 May 2016
Please join us for the next South Florida Security User Group meeting on Wednesday, June 22 from 11:30 am to 2:00 pm at Bokamper's in Miramar. Lunch will be served! Agenda  Welcome – Raul Documet Presentation – Gary Bishop: ATP / DLP Lunch & Networking Presentation – Javier Sola – ATP / DLP Customer Roundtable Conclusion, Prize Drawings & Feedback
updated event 29 Apr 2016
Please join us for the next Pittsburgh Security User Group meeting on May 25th from 2pm to 5pm at the Reed Smith Centre. Lunch will be served! Agenda 2:00 – 5:00 pm Welcome & Introductions Customer Presentation: PNC Bank - DLP Program – Chris Benz, VP Data Protection Symantec Presentation and Panel Discussion: CASB - Adam Licata, Product Solution ...
new event 21 Apr 2016
Friday, April 22 at 11 am EST Join Navin Deen, Privacy Architect with ITS Partners on this webcast, to review the various Symantec DLP modules and address key considerations for design and sizing the DLP system in your environment.  Learn more about core detection technologies and implementation best practices derived from years of experience. Designing and Architecting ...
updated event 20 Apr 2016
Presenter(s): Jeff Barto – Symantec Trust Strategist Date/Time: May 25 2016 2:00 pm Australia - Sydne                 Every year Symantec releases its Website Security and Threat Report (WSTR). A report based on data Symantec collects, compiles, and analyzes for you. Data that is gathered from over 57.6 million attack sensors in 157 countries. This ...
updated event 13 Apr 2016
Every year Symantec releases their Internet Security and Threat Report (ISTR). A report based on data Symantec collects, compiles, and analyzes for you. Data that is gathered from over 63.8 million attack sensors in 157 countries. This years report spanned 81 pages with extra supplemental data for your reading enjoyment. No matter if you're in financial, healthcare, retail, or even ...
updated video 18 Apr 2016
This module covers incident remediation and workflow, including managing roles and users. This video is part of a larger series on the administration of Data Loss Prevention 14. The entire series can be found on this index page: Data Loss Prevention 14: Administration – Training Videos.
updated video 18 Apr 2016
  Data Loss Prevention 14: Administration – Training Videos Introduction, Reporting, and Navigation. Lesson 1: Introduction to Symantec Data Loss Prevention Lesson 2: Navigating and Reporting Lesson 2 - Demo: Dashboard Creation and Distribution Lesson 3: Incident Remediation and Workflow Lesson 3 - Demo: Incident Remediation Lesson 4: Policy Management Lesson 4 - Demo: Exporting ...
updated video 15 Apr 2016
In this report, Symantec Messaging Gateway Critical Response Team Sr. Manager Tom Anderson notes that turning off SSL version 3 and earlier protects against the DROWN vulnerability as long is SSL is not essential to a business’ operations. CVE-2016-0800, known as DROWN, threatens the SSL and TLS protocols and services using them. Music by blauesZimmer http://soundcloud.com/blauesZimmer
updated video 15 Apr 2016
In this report, Symantec Messaging Gateway Critical Response Team Sr. Manager Tom Anderson explains CVE-2016-0800 which is more commonly known as the DROWN vulnerability. While SMG gateways are not inherently vulnerable, the cross protocol attack elevates the risk in some environments. Music by blauesZimmer http://soundcloud.com/blauesZimmer
updated video 15 Apr 2016
This video describes the changes necessary to the default Smart Firewall rules to enable File and Printer sharing and ping responses from local network computers. *************************************************************************************************************** SCRIPT: Welcome to this program with tips for your first Endpoint Protection Firewall policy. In this video, you will ...
updated video 15 Apr 2016
This video contains captions. This video describes the changes necessary to the default Smart Firewall rules to enable File and Printer sharing and ping responses from local network computers. *************************************************************************************************************** SCRIPT: Welcome to this program with tips for your first Endpoint Protection Firewall ...
updated video 05 Apr 2016
In April 2016 Symantec will introduce the Email Troubleshooting Tool. This tool acts as a wizard that runs you through some of the most common questions asked of support and then runs the same tests that, traditionally a support agent would complete. The results of the tests highlight the next steps that are necessary to resolve the issue, helping you get an answer to your question quicker ...
updated video 04 Apr 2016
Data Loss Prevention 14: Administration – Training Videos Introduction, Reporting, and Navigation. Lesson 1 Introduction to Symantec Data Loss Prevention Introduction to Symantec Data Loss Prevention Lesson 2 Navigation and Reporting Navigation and Reporting Dashboard Creation And Distribution - Demo Lesson 3 Incident Remediation and Workflow Incident Remediation and Workflow Incident ...
new idea 03 May 2016
We receive Cyber Threat Bulletins containing IOC lists, possibly containing many hundreds of file hashes.  It is an arduous task to vet these using VirustTotal, to see if Symantec currently addresses the hash in question, and then submitting them to Symantec - Upload a suspected infected file site, one at a time. It would be helpful to allow bulk hash uploads ...
new idea 02 May 2016
We recently migrated from SEP SMB on-prem to the cloud version and have noticed that the ability to monitor a scan that has been started from the portal is no longer available. Once a scan has been started from the Hosted Endpoint Portal the only control for that scan is on the workstation. With SEPM, an administrator could monitor and even cancel and scan that had been started.I would really ...
new idea 02 May 2016
The Set User Information Collection dialog box says "You can collect information from the user when a package is installed." yet if you turn this collect user information on, it actually gets deployed to the entire organization NOT just when a package is installed.  This is misleading.  Remove the when a package is installed" from the dialog box.
updated idea 29 Apr 2016
Entendemos que es una mejora necesaria que se pudies visualizar los eventos generados por agentes con una politica de protección en modo learning que serán bloqueados (denied) cuando la política se active a modo protección. Facilitaria la tareas de los administrtadores muchísimo. Gracias
updated idea 29 Apr 2016
Solicito se estudie la viabilidad de hacer cambios para que se pueda modificar la ruta donde los agentes almacenan los logs, desde la consola de gestión. Saludos Gracias
new idea 28 Apr 2016
Is it possible to make it easier for users to add a Bad or Good Sender when releasing spam email by selecting a checkbox, rather than having to go to User Preferences and type the email address? Not only is it more inefficient this way but it can result in typos and errors. Thank you.
updated idea 27 Apr 2016
SEP SBE Cloud client does not log what user has triggered the alert. Relying on a time stamp to identify the logged in user is not feasible in an RDS server farm environment.