Video Screencast Help
As we strive to continually improve your experience on our site, please help us by taking this survey and tell us about your satisfaction level using Symantec Connect. One lucky winner will receive 500 Connect points! * Take the survey.
updated article 29 Sep 2016
Introduction By popular demand, below is an index of my Connect articles.  Illustrated, semi-formal and mildly amusing, I hope they assist admins and individuals along their neverending quest to find a safe path in this ever more dangerous world.... Security Series The first article, Using SEPM Alerts and Reports to Combat a Malware Outbreak, demonstrated how to use ...
new discussion 29 Sep 2016
Hi, is it possible to check if other key exists, which names i don't have, under an existing key? Let's say i want to find out if there are other keys in: HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\test like HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\test\56346 a registry key exists condition like HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\test\* does not work. Any other ways to test this?
new discussion 29 Sep 2016
Buongiorno a tutti, all' interno della nostra architettura Exchange 2013 abbiamo due SMG esterni che hanno il ruolo di AntiSpam. SMG Scanner and Control Center Versione 10.6.1-4 SMG Scanner Versione 10.6.1-4 Vi chiedo se c'è un modo, per la posta esterna in entrata, di far verificare ai due SMG l' esistenza o meno degli indirizzi di posta interni; o meglio, preferisco ...
new discussion 29 Sep 2016
Hi, is it possible to check if other key exists, which names i don't have, under an existing key? Let's say i want to find out if there are other keys in: HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\test like HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\test\56346 a registry key exists condition like HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\test\* does not work. Any other ways to test this?
new discussion 29 Sep 2016
Buongiorno a tutti, all' interno della nostra architettura Exchange 2013 abbiamo due SMG esterni che hanno il ruolo di AntiSpam. SMG Scanner and Control Center Versione 10.6.1-4 SMG Scanner Versione 10.6.1-4 Vi chiedo se c'è un modo, per la posta esterna in entrata, di far verificare ai due SMG l' esistenza o meno degli indirizzi di posta interni; o meglio, preferisco ...
updated article 29 Sep 2016
Introduction By popular demand, below is an index of my Connect articles.  Illustrated, semi-formal and mildly amusing, I hope they assist admins and individuals along their neverending quest to find a safe path in this ever more dangerous world.... Security Series The first article, Using SEPM Alerts and Reports to Combat a Malware Outbreak, demonstrated how to use ...
updated article 28 Sep 2016
This document will guide you through the suggested steps in order to setup Symantec Email Quarantine. The document contains links to cheatsheets and videos to help explain the steps if further assistance is required.
updated article 27 Sep 2016
IT Analytics DLP pack offers several predefined cubes out-of-the-box.  As part of the DLP pack, the custom attribute name and custom attribute value dimension are included.  These two dimensions contain data for custom attributes defined within DLP, however they need to be used hand-in-hand for the data in the cubes to make any sense.  For users who leverage custom attributes in ...
updated article 27 Sep 2016
Use this document to learn more about how and when you might use the Troubleshooting Tools which have been made available in the Email Security.cloud administration portal.
updated article 27 Sep 2016
On this page partners and customers of the Symantec ATP:Email solution will be able to discover what enhancements have been made to the solution and where they can make configuration changes. The documents are fully interactive and should walk the reader through the various locations where changes can be made to the default settings.
updated article 27 Sep 2016
Introduction This is the fifteenth in my Security Series of Connect articles.  For more information on how to keep your enterprise environment secure using often-overlooked capabilities of Symantec Endpoint Protection (and the OS upon which it functions), see Mick's Greatest Hits: Index of Helpful Connect Security Articles. This article shares some tips and actions that can be taken to ...
updated article 20 Sep 2016
Introduction This is the second in my Security Series of Connect articles.  For more information on how to keep your enterprise environment secure using often-overlooked capabilities of Symantec Endpoint Protection (and the OS upon which it functions), see Mick's Greatest Hits: Index of Helpful Connect Security Articles. This second article deals with a few possible ways how to prevent ...
new blog entry 28 Sep 2016
擬似乱数的なパスコードを使い、デバイスをロック解除不能な状態にして身代金の支払いを求める、Android.Lockscreen の新しい亜種が登場しています。これまでのバージョンは、画面をロックしたうえで、ハードコードされたパスワードを使っていましたが、解析によってそのコードをリバースエンジニアリングすれば、ロック解除のパスコードを被害者に提供できました。攻撃者は、デバイスのロック画面に独自のロック画面を組み合わせ、被害者にとってのハードルをさらに高くしています。これまでに確認された他のモバイルマルウェアと同じように、Android.Lockscreen も直接モバイルデバイス上で作成したうえで拡散されているトロイの木馬です。シマンテックは、この脅威を Android.Lockscreen ...
new blog entry 28 Sep 2016
Android.Lockscreen新变体开始使用伪随机密码生成技术,目的是防止受害者在不支付赎金的情况下便可将设备解锁。该勒索软件在之前版本可以锁定屏幕并使用硬编码密码,但分析软件可帮助受害者逆向还原代码,并为用户提供解锁设备的密码。网络攻击者还将自定义锁屏和设备锁屏相结合,为那些受感染的计算机创造了又一个障碍。这种木马病毒与我们发现的其它手机病毒相似,都是先在手机上直接创建后再进行传播。赛门铁克检测这些木马病毒为Android.Lockscreen。 伪随机密码 设备受此木马病毒入侵后,将创建一个自定义系统错误窗口,我们曾在之前的博文中做以讨论。这种窗口强加于受入侵设备中所有可见的用户界面上端,该恶意软件在窗口中展示恐吓信息,要求用户输入网络攻击者提供的密码(图1)。 图1. ...
updated blog entry 27 Sep 2016
New variants of Android.Lockscreen are using pseudorandom passcodes to prevent victims from unlocking devices without paying the ransom. Previous versions of these threats locked the screen and used a hardcoded passcode, but analysts were able to reverse engineer the code to provide victims with the passcode to unlock their devices. Attackers have also combined a custom lockscreen with the ...
updated blog entry 27 Sep 2016
Contributors: Zhe Liu and QuBo Song  With each new iOS release, a large number of users wait eagerly for the corresponding and inevitable jailbreak solution. Although jailbreaking compromises the security of the device, users resort to it because it allows them to install a wider variety of apps—including those that are not vetted by Apple—and often uses restricted APIs. Symantec ...
new blog entry 26 Sep 2016
iOS の新しいバージョンがリリースされるたびに、そのバージョンに対応するジェイルブレイクの方法を当然のように待ちわびるユーザーがたくさんいます。ジェイルブレイクを実行すると、デバイスのセキュリティが低下します。にもかかわらず、そうした手段に出るのは、インストールできるアプリの幅が広がり(Apple の認証を受けていないアプリも含まれる)、制限されている API を使えることも多いからです。 シマンテックのモバイル研究者が、いち早くジェイルブレイクを実装しようとするユーザーにつけ込む詐欺を発見しました。詐欺師は、iOS のジェイルブレイクを扱う人気の Web サイト「TaiG」に偽装し、最新のオペレーティングシステムである iOS 9.2.1 をジェイルブレイクできるツールのベータ版があると謳っています。ユーザーは、実際には寄付ページに誘導され、紛らわしい Web ...
updated download 11 Aug 2016
Symantec DCS Policy Utility v1.0.0.11 For Windows OS (Note .NET Framework 4.5 is required) Designed to help you tune your policy by processing the log files from an Agent. There's a getting started tab that explains the best steps to get the logs and events you need to troubleshoot your policy. The program does not make any changes to the machine or policy. It parses the sisidsevents and ...
new download 17 Jun 2016
Ever had the CCS Agent registered with wrong name or agent IP changed? In some situations it can be pain to fix this as it requires going to agent and running the registration again (imaging you do not have access to agent server and you have to raise ticket to 3rd party supplier and he asks you to raise a change request). Well with these two simple scripts, you can change both agent name and ...
new download 16 May 2016
To make use of stop-words for russian language, download attached file, unzip it and place to the "Protect\config\stopwords" subfolder in the Symantec DLP installation directory. Then go to the "Advanced settings" page of selected detection server and set the variable "Lexer.StopwordLanguages" to "en,ru". Do it for every detection server you have.
updated download 01 Apr 2016
When a customer is using the forensics software "Encase 7" with our Symantec Endpoint Encryption Full Disk 8.2.0 software, the customer will need the appropriate DLLs so that the Encase product can successfully work with our Full Disk product. The DLLs required are attached here and can also be located within the original product download under the subfolder "utilities". The DLLs required in ...
updated download 01 Apr 2016
At times, a customer may require the details for creating a batch file (startup script) to assist in the uninstallation of a Symantec Endpoint Encryption Device Control client that was installed via GPO. You cannot use the automatic uninstall feature in the GPO software installation package because the Device Control uninstall procedure is password protected. To uninstall Device Control you ...
new event 26 Sep 2016
Date: October 18, 2016 Time: 10:00 AM (PST) / 1:00 PM (EST) Anatomy of a Ransomware Attack Did you know that just opening a compromised web page could allow dangerous code to install on a PC or smartphone? You don’t have to click “accept” for a download or software update to install malware on your machines and trigger an infection and the consequences can be enormous. Why you need to build 24 ...
new event 23 Sep 2016
Webinar: November 10, 2016 Time: 10:00 AM PST / 1:00 PM EST Today, targeted attacks and Zero-Day vulnerabilities are the two most common advanced threats.  Attacks are designed to enter your environments from many different vectors so an endpoint security solution that detects and blocks threats at all points in the attack chain is critical. Join the 451 Analyst, Adrian Sanabria and ...
new event 22 Sep 2016
(These two groups -- Midwest DLP and Chicago Security -- will meet together again. Agenda and details coming in early 2017.)
updated video 19 Sep 2016
In this quick demo, Pat McPherson of ITS Partners, shows how Data Loss Prevention Form Recognition allows organizations to detect sensitive information that is contained on forms in a variety of image formats. Watch the HD version here: https://vimeo.com/183016027 Learn more at: https://www.itsdelivers.com/solutions/it-risk-mana...
updated video 12 Aug 2016
This video forms part of a series which describes the actions that administrators will need to take in order to setup the Symantec Email Quarantine when they are using the Symantec Email Security.cloud service. This video looks at the Quarantine options in ClientNet itself and the various options available for quarantine administrators to configure.
updated video 13 Jul 2016
In this quick update our risk management expert, John Higday, highlights the updates in ATP 2.0.2 which  provides IT security teams with the best visibility in their endpoint environment.   Advanced Threat Protection - Expose, prioritize, and remediate sophisticated advanced attacks across endpoints, networks, and email, from one single console.   Download our ATP whitepaper at ...
updated video 19 May 2016
This video will help new customers to provision their domains and inbound routes once they have access to the administration portal. If you want a desktop aid to provide a step by step guide as to the tool, then please download that here.
new video 17 May 2016
Bay Dynamics recently announced the availability of the standalone IT Analytics Server 2.1, which includes an enhanced web based cube browser. This video walks you through how as an existing Symantec Endpoint Protection customer, you can leverage IT Analytics Server to visualize your cube data and take advantage of its benefits.
new idea 28 Sep 2016
I recieved a PDF containing a link to a fraudulent site that looked like a login for Office365.  I tried to sumit it to Symantec via the normal submissions process, but they rejected it because it did not contain a malicious payload, only a link to a dangerous site!  So the technician was unable to help me in any way other than point me to this idea site. I don't know if this ...
new idea 28 Sep 2016
It would be helpful if CCS could scan for text file content across multiple text based files also located inside compressed files like zip, rar, jar, etc. Also full regular expression support is required.
new idea 27 Sep 2016
Download Insight complained about a file.  It provided the file name but not the path.  In order for a user to make an informed decision full info is needed on the file please. 
updated idea 27 Sep 2016
Symantec End Point Protestion Cloud.  As an MSP, we are receiving an enormous amount of logs, virus alerts and warning, that are flooding our email system.  We would like to have a way to select which alerts are sent.  Most of the emails are reporting the viruses are resolved and no interaction needed.  Can only the manual intervention needed be emailed? Thanks
updated idea 27 Sep 2016
As I understand, Endpoint Protection.cloud  has a potential security lapse. If anyone is able to access the redistributable installer or access the password of cloud, he can play havoc with the whole lot of installations. As such he can add new clients or delete existing clients. This should be protected by two step authentication through a link which can be sent to email id or some other ...
updated idea 27 Sep 2016
After speaking to support, we have found there is no way to perform vulnerability scanning of Microsoft Windows based computers running Symantec endpoint .cloud without disabling major components of the security toolset until the vulnerability scanning is complete - thus putting our machines at risk. Leaving SEP fully functional during the scan causing inconsistent or incomplete ...
updated idea 27 Sep 2016
Please add the option to disable all system tray notifications (such as idle scan taking place, etc...) into the Symantec Endpoint Protection Small Business Edition Cloud.
updated idea 27 Sep 2016
Please add the functionality to bypass scanning of files with valid signatures from well-known vendors. This would dramatically reduce the number of false positives with Heuristic, SONAR, or Insight scans. For example, there should be no reason to categorize as malware a .cab file that's been signed by Microsoft or Citrix and the hash verified. This would also improve performance since ...
updated idea 26 Sep 2016
Dear Sir, right now the one way to search for a client in the Symantec EndPoint Protection Management (SEPM 12.1.6-MP6) is openning "Search Clients" and add a common criteria (such as Computer_Name" Like xxxx). but I have an Idea to improve the search clients in the list. you have to add this idea to your strong and solid product. and it is: let to finding as typing the computer_name in the ...
Member Name
Reward Points
All Time
Member Name
Reward Points
Last 30 Days
Member Name
ArticlesSolved
Mithun Sanghavi
1,256
60
SMLatCST
416
1
jjesse
80
24
ℬrίαη
2,500
21

A Message From Your Community Manager: Jami

Welcome to the Security Community on Symantec Connect.

The Security Community covers many different security products from Symantec and provides valuable technical information for each.

Please feel free to contact me via private message with any questions you may have.

I look forward to hearing from you and answering any questions about the Community.

Login to contact the Community Manager.