Video Screencast Help
new discussion 28 Aug 2015
While tracking down an unrelated issue, I happen to look at the list of processes that should not start (Global Options > General > Global Poliy Lists) and I noticed that every entry has a Signature Flag of 'Q01'.  Does anyone have an idea of why this flag is present?  It seems to be some kind of bogus entry.  If, for example, I try to launch fpt.exe, I will never see the Q01 ...
updated blog entry 28 Aug 2015
Scammers have moved quickly to take advantage of the Ashley Madison data breach and Symantec telemetry shows a spike in spam email campaigns mentioning the infidelity website. The breach and subsequent leak of user data has created a market opportunity for scammers seeking to take advantage of people affected by the breach. Immediately after the leak of a database of the site’s customers on ...
updated discussion 28 Aug 2015
Hi All, So I have upgraded SEPM to 12.1.6 RU6 MP1. I now get "This program cannot display web page" for the Home, Monitors and Reports pages in the SEPM management console. So far I have : Checked the DSN connection this is fine. Checked and imported the cert into the trusted root certificates Added : localhost, server_name, IP address to the trusted sites. Ran netstat which shows that the ...
new discussion 28 Aug 2015
While tracking down an unrelated issue, I happen to look at the list of processes that should not start (Global Options > General > Global Poliy Lists) and I noticed that every entry has a Signature Flag of 'Q01'.  Does anyone have an idea of why this flag is present?  It seems to be some kind of bogus entry.  If, for example, I try to launch fpt.exe, I will never see the Q01 ...
updated discussion 28 Aug 2015
Hi All, So I have upgraded SEPM to 12.1.6 RU6 MP1. I now get "This program cannot display web page" for the Home, Monitors and Reports pages in the SEPM management console. So far I have : Checked the DSN connection this is fine. Checked and imported the cert into the trusted root certificates Added : localhost, server_name, IP address to the trusted sites. Ran netstat which shows that the ...
new discussion 28 Aug 2015
Recently we have received a few email attacks on internal users. Basically our company email addresses are being spoofed, they are being sent in externally with the same TO and FROM address which relates to an internal users email address. For example me@mydomain.com will be in the from and the to address. We are using Microsoft Exchange, is there anything we can do with Symantec Mail Security ...
updated article 26 Aug 2015
Introduction This is the sixth of an informal series on how to keep your enterprise environment secure using often-overlooked capabilities of Symantec Endpoint Protection (and the OS upon which it functions). The first article, Using SEPM Alerts and Reports to Combat a Malware Outbreak, demonstrated how to use reporting features of SEP 12.1's SONAR component to identify Suspicious ...
updated article 25 Aug 2015
There is an introduction about the Symantec Protection Engine (SPE): https://www-secure.symantec.com/connect/articles/introduction-symantec-p... SPE can work with NetApp Filer to run virus scan for the shared files. Here are the steps to configure the SPE to work with NetApp Filer: 1. Create a user in AD, this user will be used to run the service of SPE, and also will be added into the group ...
updated blog entry 28 Aug 2015
Scammers have moved quickly to take advantage of the Ashley Madison data breach and Symantec telemetry shows a spike in spam email campaigns mentioning the infidelity website. The breach and subsequent leak of user data has created a market opportunity for scammers seeking to take advantage of people affected by the breach. Immediately after the leak of a database of the site’s customers on ...
new blog entry 28 Aug 2015
出会い系サイト「アシュレイ・マディソン」のデータ漏えいに、詐欺師はいち早く飛び付きました。シマンテックの遠隔測定では、このサイトを題材にしたスパムメール活動の急増が確認されています。利用者のデータが侵害され、続いて漏えいしたことで、データ侵害の影響を受ける利用者の弱みにつけ込もうとする詐欺師にとっては、またとないチャンスになりました。 8 月 18 日にサイト利用者のデータベースが漏えいした直後から、このデータ侵害に関係するスパム活動が急増しました。たとえば 8 月 19 ...
updated blog entry 27 Aug 2015
シマンテックは、トロイの木馬 Regin について調査を続けるなかで、サイバースパイ活動のツールに光を当て、この脅威を支えている幅広い機能と複雑なインフラストラクチャを明らかにしてきました。 Regin は昨年シマンテックによって発見されましたが、これまでに発見されたスパイツールのなかでも、いまだに特に高度なもののひとつです。Regin は 2008 年後半に出回り始め、政府機関、インフラ事業者、企業、研究者、個人一般など多岐にわたる標的に対して使われています。 新しいモジュール Regin は 5 つのステージから成る脅威で、ステージごとに次のステージがロードされて復号されます。モジュラー構造になっているため、管理者は標的に応じて特定の機能を追加したり削除したりすることが可能です。ネットワークや、Regin ...
updated blog entry 27 Aug 2015
Enterprise data is everywhere: on-premises (inside your network perimeter), on mobile devices, and in the cloud. And your employees access this sensitive corporate data with multiple devices, often with their personal mobile devices. While cloud and mobile applications create greater freedom for employees to work anywhere, IT executives need to re-imagine an information strategy that ...
updated blog entry 27 Aug 2015
Editor’s Note: This previously published article has been updated and includes a new link to the recorded webinar.  Threats on the rise, organizations overwhelmed For most organizations, it’s not a question of “if” but “when” a security breach will happen. Advanced attackers can attack from anywhere, at anytime. They're infiltrating networks and evading detection by ...
updated blog entry 27 Aug 2015
Symantec’s continuing investigation into the Regin Trojan has cast new light on the cyberespionage tool, revealing a wider range of capabilities and a complex infrastructure supporting the threat.  Regin was uncovered last year by Symantec and remains one of the most advanced spying tools discovered to date. The malware has been in circulation since at least 2008 and has been used ...
blog entry comment 27 Aug 2015
updated download 11 Aug 2015
I created this scrpt to address systems that have run our of disk space for various reasons and are no longer updating AV definitions. The only external utility you need is Psexec to remotely execute one of the scripts. To clean a single system you would use: CleanMark2.cmd Systemname To clean multiple systems, place all the systemnames in the BatchClrMk2.lst file and run the BatchClrMk2.cmd ...
updated download 11 Aug 2015
We encountered a problem at one point where a problem in our configuration caused a number of updates to sit on the manager unable to be posted using the BCP utility to the SQL database. The result of this was the details the console was showing us didn't represent what the reality was, clients loagging behind vastly on their updates when we knew that they were updating properly. I put ...
updated download 17 Jul 2015
The script below is intended to detect data leakage in helthcare environments. Files detecting by this script is widely used in a variety of medical diagnostic systems and may include personal ...
updated download 18 Jun 2015
updated download 18 Jun 2015
new event 24 Aug 2015
Please join us for the next Midwest Data Loss Prevention User Group Meeting on Thursday, September 24, 2015, from 12:00pm to 4:00pm at Maggiano's. Lunch will be served! AGENDA     * Lunch & Networking     * Symantec Introduction     * Roundtable Discussion     * Feedback Survey, Prize Drawings & Conclusion           o Happy ...
updated event 17 Aug 2015
Please join us for the next Twin Cities Data Loss Prevention User Group meeting on September 17th from 11am to 3pm at Target Plaza Commons. Lunch will be served! Agenda: Welcome & Introductions Lunch & Networking Presentations  How Target Uses Symantec DLP - Ligia Forgaciu, Target DLP Consultant Roundtable Conclusion, Prize Drawings & Feedback Location Target Plaza ...
updated event 12 Aug 2015
Please join us for the next New York Metro Data Loss Prevention User Group meeting on Tuesday, September 15, 2015, from 1 p.m. to 5:30 p.m at Goldman Sachs. Lunch will be served and Happy Hour to follow! Agenda     * Lunch & Networking     * Introductions     * Symantec Presentation     * Customer Presentation     * Roundtable ...
new event 11 Aug 2015
Getting ready to rollout Strong Authentication? Consider these 3 key elements! Thursday, August 20 at 11 a.m. (est) Are you implementing with Compliance in mind, aiming to protect information? Will it go beyond VPN and embrace the mobile workforce? How do you avoid burdening the IT staff or end users?   The consequences of inadequate security are pretty well understood ...
updated event 11 Aug 2015
Attention members of Symantec Security & Compliance User Groups! There is a webinar coming up on Wed, April 18 at 11:00 am (PDT) that you may be interested in. Get the inside scoop on how best to implement Symantec’s new Endpoint Protection 12.1. This 1-hour technical webinar will be delivered by Symantec’s Support Backline Engineers as well as Systems engineers. Topics: The new ...
updated event 11 Aug 2015
Presenter: Kevin Stultz, Sr. Product Manager This session will focus on utilizing asset inventory to create highly relevant CCS dashboards and reports as well as automating CCS rights management. Learn the tips and tricks on configuring this integration, to get the most out of it. We will demonstrate: Configuring integration with an inventory spreadsheet and/or CMDB   Configuring ...
updated event 11 Aug 2015
Wednesday, September 21, 2011 @ 10:00 AM PT / 1:00 PM ET Advanced Persistent Threats:  Cutting Through the Hysteria Presented by: Kevin Rowney, Director of Breach Response   We’ve all seen the term Advanced Persistent Threat or APT splashed across the headlines this year.  Major corporations claim that they were the victim of APTs.  Many companies have used the ...
updated event 11 Aug 2015
This session focused on deploying and configuring the integration connector between Symantec™ Control Compliance Suite (CCS) and Symantec™ Data Loss Prevention (DLP). The integration provided by this connector helps customers implement differentiated configuration standards based on the information Data Loss Prevention finds on the asset.  Information on data protection ...
updated event 11 Aug 2015
Join us on Thursday, June 9th for the third installment of the bimonthly compliance webinar series. This session will focus on deploying and configuring the integration connector between Symantec Control Compliance Suite (CCS) and Symantec Data Loss Prevention (DLP). The integration provided by this connector helps customers to implement differentiated configuration settings base on ...
updated event 11 Aug 2015
Did you know that Symantec now hosts a quarterly interactive online community forum newly named The SSIMUI? (Symantec Security Information Manager User Interface - Group) Participants in our first event in September thought the presentation delivered by CIGNA was excellent and characterized the roadmap discussion delivered by Mark Bagley, Symantec Group Product Manager, as ...
updated video 17 Aug 2015
Learn how to ensure that your Symantec Endpoint Protection Manager (SEPM) server meets installation requirements, locate and register your Symantec Endpoint Protection software license, and download the Symantec Endpoint Protection software. Check next videos of this series: Video 2# Title: Install Symantec Endpoint Protection Manager Description: Learn how to install Symantec Endpoint ...
updated video 17 Aug 2015
Learn how to install Symantec Endpoint Protection Manager (SEPM), activate your SEPM license, and create groups for deploying software to Symantec Endpoint Protection clients.
updated video 17 Aug 2015
Learn how to prepare client computers for deployment, deploy Symantec Endpoint Protection client software using the Client Deployment Wizard, and ensure that clients are communicating with Symantec Endpoint Protection Manager (SEPM).
updated video 10 Aug 2015
This is the first of a series of three videos about IT Analytics for SEP v2.1. In this episode we discuss the benefits and features of ITA. 
updated video 10 Aug 2015
This is the last episode in a serie of 3 videos about IT Analytics for SEP. In this video we discuss the first configuration you need to make to retrieve envents from a SEPM. We also cover how to create custom reports using report builder and the cube view.
updated video 10 Aug 2015
This is the second episode of a series of 3 videos about IT Analytics for SEP. This episode covers the system requirements, implementation and initial configuration of ITA. 
updated video 27 Jul 2015
This training module aims to walk you through how to setup a new business partner in the Encryption module of the Management Portal. Watch more Videos in the Self-serve TLS video series: Self-serve TLS: Moving domains from one Business Partner to another Self-serve TLS: Getting visibility into your enforcements Self-serve TLS: Enforcing TLS encryption between you and the Email Security ...
updated video 27 Jul 2015
In this video you will be walked through the on-screen administration of Self-serve TLS, paying particular attention to configuring enforcements between your own domains and Symantec.cloud. The video will then show you how to test the domain to ensure that all is working as expected.
updated video 27 Jul 2015
This training module aims to walk you through configuring your services to ensure that all emails sent between you and the Email Security Service pass through an encrypted TLS channel.
new idea 28 Aug 2015
Hello SMG-SP doesn't support the "custom filter" module that allows us to block some undesired emails based on a spefic conditions like headers, subject, body, , "Envelope to", etc. Thus, can you please add this missing module in your future SMG-SP updates Regards Daniel Dawalibi
updated idea 27 Aug 2015
Hi All, I have been supporting Symantec Endpoint Protection for few years now, having said that, I have always felt it hard to identify the location that a client uses, from the SEPM Console. I know that this is fetchable from "Client Activity" logs or so, however, this is not very useful as this does not help us get the "Location" information for all clients. So, I would be, as an ...
new idea 26 Aug 2015
We tested the Disarm function in SMG 10.5.1 and every email coming in with a PDF attachment was flagged with "PDF Other". Since we don't really know what that removes from the file we were not able to use the Disarm feature for PDF all together. Would it be possible to make it a choice to enable this disam or not but leave the other PDF content types as an option?
new idea 26 Aug 2015
In the full definition notifications, it should be possible to distinguish between the content types. In most cases, it's only necessary to warn for big Antivirus/Antispyware files (500 MB and more). Other full content files as IPS signatures are far smaller and no bandwidth problem, but they are triggering unnecessary alerts and E-mails.
updated idea 25 Aug 2015
Dear Product Management Team, Please accept the following enhancement request (which is really a defect that should be addressed): In SEP 12.1, the Remote Push functionality from the Server-managed console worked really well. You could purchase brand new "almost"-virgin Windows 7 computers from Dell, add them to your network, and the use the product's Remote Push functionality to install the ...
updated idea 25 Aug 2015
In my support case 09204755 , I indicated that after my LUA hard disk filled and I received a one shot alarm email, but then on the subsequent daily failures, no more email at all. If I miss the first 1 or 2 emails, the subsequent errors can remained unnoticed until after 1 month all clients report "Contents out of date" to all client computers. Three messages involved : 1) OK : If the taks ...
new idea 25 Aug 2015
It would great if I could filter email by senders' display name. I can do it if I enable "Text in this specific part of the message" "contains" "from: address" and then typing sender's name. What I can't do, is to use a dictionary of senders's display name.
new idea 24 Aug 2015
When editing policies in Data Center Security (DCS), the state of the Basic/Advanced button should be persistent between editing sessions if a person wants it to be that way.  So, it shouldn't be something like 'remember the state of this button'.  But rather it should be a check box indicating if the setting should be persistent or not.
new idea 24 Aug 2015
We have blocked all USB devices and whitelisted mouse/keyboards from there. Now as more and more USB devices needs to be whitelisted, current method is not that easy. What we would like to see is that when user plugs USB device to computer, there would be popup showing couple options. A) Leave it like it is B) Request to IT-department to whitelist device And by hitting B -option, it would ...
Member Name
Reward Points
All Time
Member Name
Reward Points
Last 30 Days
Member Name
ArticlesSolved
AravindKM
293
1
Mithun Sanghavi
1245
60
SMLatCST
400
1
jjesse
61
24
ᗺrian
1956
19

A Message From Your Community Manager: Turls

Welcome to the Security Community on Symantec Connect.

The Security Community covers many different security products from Symantec and provides valuable technical information for each.

Please feel free to contact me via private message with any questions you may have.

I look forward to hearing from you and answering any questions about the Community.

Login to contact the Community Manager.