Video Screencast Help
updated article 28 Aug 2016
This document lists out the precautions you need to take before deploying ATP. I will list out in detail the issues I face over here: 1. Never keep the management IP address and the inline IP address of the scanner in the same subnet. This jeapordizes the topology of the network. Symantec Engineering details how to create this error in a lab scenario: Steps to reproduce in a test lab ...
updated discussion 28 Aug 2016
Hello all, I have Office 365 email setup that is currently setup to foward outbound emails to Symantec Email Security.cloud. I have planned to deploy a Network Prevent for Email server in DMZ and I am planning to analyze the outbound emails using this Network Prevent for Email server. I am planning to create an outbound connector in Office 365 to send the mails to Network Prevent for ...
updated discussion 28 Aug 2016
Hi everyone I have been searching for this for quite a while now, but did not fine anything which is clear to me so far. Therefore, I decided to ask oyu guys inhere: As the SEP client uses various sets of signatures and definitions, they all are grouped in packs: Virus and Spyware definitions SONAR heuristic signatures TruScan proactive threat scan commercial application list Intrusion ...
updated discussion 28 Aug 2016
Hi all, need solution for this problem. Our company using Symantec WDE 10.3.2 MP11 to encrypt HDD on laptop, desktop & external disk. Recently one of our user that using USB HDD Western Digital Passport 1TB are getting error "D:\ is not accessible, the parameter is incorrect.” When open with Symantec Encryption Desktop Software 10.3.2 MP11 the drive become un-encrypted (can see on image ...
new blog entry 28 Aug 2016
黑客们在目标性攻击中开始对苹果iOS移动操作系统的三个零日漏洞进行利用。这三个漏洞总称为“Trident”,黑客可利用这些漏洞将苹果iOS设备远程越狱并安装恶意软件。 问:这些漏洞是如何发现的? 答:加拿大Citizen Lab(公民实验室)于8月24日披露了这些漏洞,在此之前该实验室发现有人企图攻击阿联酋人权斗士Ahmed Mansoor。Mansoor的iPhone手机不久前曾接收到可疑短信息,之后他便将手机交给Citizen Lab调查。 问: ...
new discussion 28 Aug 2016
Hello all, Trying to setup below mail flow and integrate On premise DLP server with to monitor outbound email traffic from office 365 to symantec security.cloud. Below is the flow. Outbound mails from my org -> Office 365 -> Network Prevent for Email (my org's DMZ) -> Office 365 -> Symantec Email Security.cloud -> Internet  What are the IP addresses that I have to ...
updated discussion 28 Aug 2016
Hello all, Outbound mails from my org -> Office 365 -> Network Prevent for Email Server (my org's DMZ) -> Symantec Email Security.cloud -> Internet I have few questions here. 1. Is this possible? 2. If yes? Can I do this in Reflect Mode or is it only possible in Forward mode? 3. What are the settings I have to perform in Symantec Security.cloud to accept mails from Network Prevent ...
updated discussion 28 Aug 2016
One of my users ran this file from a flash drive "00Peuple_congolais,Ceci_nous_concerne_tous-By_IntelLiMaX.Spdf.vbe" now it created a folder on C: called Win32System and in the folder a vbscript called Win32System. It also added a startup key to starts this vbs script on startup that starts a process Windows-security.exe. Every time a device is plugged in the file is replicatred to it. The ...
updated discussion 28 Aug 2016
Hello all, I have Office 365 email setup that is currently setup to foward outbound emails to Symantec Email Security.cloud. I have planned to deploy a Network Prevent for Email server in DMZ and I am planning to analyze the outbound emails using this Network Prevent for Email server. I am planning to create an outbound connector in Office 365 to send the mails to Network Prevent for ...
updated discussion 28 Aug 2016
Hi everyone I have been searching for this for quite a while now, but did not fine anything which is clear to me so far. Therefore, I decided to ask oyu guys inhere: As the SEP client uses various sets of signatures and definitions, they all are grouped in packs: Virus and Spyware definitions SONAR heuristic signatures TruScan proactive threat scan commercial application list Intrusion ...
updated discussion 28 Aug 2016
Hi all, need solution for this problem. Our company using Symantec WDE 10.3.2 MP11 to encrypt HDD on laptop, desktop & external disk. Recently one of our user that using USB HDD Western Digital Passport 1TB are getting error "D:\ is not accessible, the parameter is incorrect.” When open with Symantec Encryption Desktop Software 10.3.2 MP11 the drive become un-encrypted (can see on image ...
new discussion 28 Aug 2016
Hello all, Trying to setup below mail flow and integrate On premise DLP server with to monitor outbound email traffic from office 365 to symantec security.cloud. Below is the flow. Outbound mails from my org -> Office 365 -> Network Prevent for Email (my org's DMZ) -> Office 365 -> Symantec Email Security.cloud -> Internet  What are the IP addresses that I have to ...
updated discussion 28 Aug 2016
Hello all, Outbound mails from my org -> Office 365 -> Network Prevent for Email Server (my org's DMZ) -> Symantec Email Security.cloud -> Internet I have few questions here. 1. Is this possible? 2. If yes? Can I do this in Reflect Mode or is it only possible in Forward mode? 3. What are the settings I have to perform in Symantec Security.cloud to accept mails from Network Prevent ...
updated discussion 28 Aug 2016
One of my users ran this file from a flash drive "00Peuple_congolais,Ceci_nous_concerne_tous-By_IntelLiMaX.Spdf.vbe" now it created a folder on C: called Win32System and in the folder a vbscript called Win32System. It also added a startup key to starts this vbs script on startup that starts a process Windows-security.exe. Every time a device is plugged in the file is replicatred to it. The ...
updated article 28 Aug 2016
This document lists out the precautions you need to take before deploying ATP. I will list out in detail the issues I face over here: 1. Never keep the management IP address and the inline IP address of the scanner in the same subnet. This jeapordizes the topology of the network. Symantec Engineering details how to create this error in a lab scenario: Steps to reproduce in a test lab ...
updated article 25 Aug 2016
Introduction This is the tenth in my Security Series of Connect articles.  For more information on how to keep your enterprise environment secure using often-overlooked capabilities of Symantec Endpoint Protection (and the OS upon which it functions), see Mick's Greatest Hits: Index of Helpful Connect Security Articles. This article gets down to some practical particulars on how to take ...
new blog entry 28 Aug 2016
黑客们在目标性攻击中开始对苹果iOS移动操作系统的三个零日漏洞进行利用。这三个漏洞总称为“Trident”,黑客可利用这些漏洞将苹果iOS设备远程越狱并安装恶意软件。 问:这些漏洞是如何发现的? 答:加拿大Citizen Lab(公民实验室)于8月24日披露了这些漏洞,在此之前该实验室发现有人企图攻击阿联酋人权斗士Ahmed Mansoor。Mansoor的iPhone手机不久前曾接收到可疑短信息,之后他便将手机交给Citizen Lab调查。 问: ...
new blog entry 26 Aug 2016
Past week was totaly covered with ransomware samples. We came across 2 incidences. While one case had a totaly new sample of binaries, other was not. Actual ransomware binary was getting detected but the downloader was not. Attack vector used in theses cases was a spear phishing email with a MS office macro enabled word document as an attachment. While this method isn't new and is widely used, ...
new blog entry 26 Aug 2016
Three zero-day vulnerabilities in Apple’s iOS mobile operating system are being exploited in the wild in targeted attacks. The vulnerabilities, collectively dubbed “Trident”, can be exploited by attackers to remotely jailbreak Apple iOS devices and install malware. Q: How were the vulnerabilities discovered? A: The vulnerabilities were disclosed on August 24 by Citizen Lab, who discovered an ...
updated download 11 Aug 2016
Symantec DCS Policy Utility v1.0.0.11 For Windows OS (Note .NET Framework 4.5 is required) Designed to help you tune your policy by processing the log files from an Agent. There's a getting started tab that explains the best steps to get the logs and events you need to troubleshoot your policy. The program does not make any changes to the machine or policy. It parses the sisidsevents and ...
new download 17 Jun 2016
Ever had the CCS Agent registered with wrong name or agent IP changed? In some situations it can be pain to fix this as it requires going to agent and running the registration again (imaging you do not have access to agent server and you have to raise ticket to 3rd party supplier and he asks you to raise a change request). Well with these two simple scripts, you can change both agent name and ...
new download 16 May 2016
To make use of stop-words for russian language, download attached file, unzip it and place to the "Protect\config\stopwords" subfolder in the Symantec DLP installation directory. Then go to the "Advanced settings" page of selected detection server and set the variable "Lexer.StopwordLanguages" to "en,ru". Do it for every detection server you have.
updated download 01 Apr 2016
When a customer is using the forensics software "Encase 7" with our Symantec Endpoint Encryption Full Disk 8.2.0 software, the customer will need the appropriate DLLs so that the Encase product can successfully work with our Full Disk product. The DLLs required are attached here and can also be located within the original product download under the subfolder "utilities". The DLLs required in ...
updated download 01 Apr 2016
At times, a customer may require the details for creating a batch file (startup script) to assist in the uninstallation of a Symantec Endpoint Encryption Device Control client that was installed via GPO. You cannot use the automatic uninstall feature in the GPO software installation package because the Device Control uninstall procedure is password protected. To uninstall Device Control you ...
updated event 24 Aug 2016
Please join us for the next Houston Security User Group meeting on Wednesday, October 26 from 11:00 a.m. to 1:30 p.m. at Memorial Hermann, 950 Frostwood, in Houston. Our meeting will happen at the same time and place as the *Houston Endpoint Management User Group* – just in a different room. So you’ll be able to network with both groups. Lunch will be served! Agenda:  Welcome & ...
new event 17 Aug 2016
How quickly are you able to identify and remediate today’s threats across the entire organization? When: Tuesday, September 20th (11:30 am – 2:00 pm) Where: Morton’s Steakhouse Today’s threat environment is evolving at a remarkable rate as cyber criminals improve their ability to change and adapt.  With today’s growing number of targeted attacks, it has become ...
updated event 12 Aug 2016
Please join us for the next Chicago Security / Midwest DLP User Group meeting on Wed., Sept. 21, 2016, from 11:30 am to 3:30 pm at Wildfire – in Schaumburg, IL. Lunch will be served! Agenda 11:30 – 12:00 Welcome, Introductions & Customer Lunch (Customer lunch during the first panel) 12:00 – 1:00  Customer Panel: Security – Discover, Johnson Controls, Cuna Mutual – followed by a ...
updated event 10 Aug 2016
Please join us for the next Twin Cities Data Loss Prevention User Group meeting on Thursday, Sept. 29 from 11:00 am to 2:30 pm at Target’s Brooklyn Park campus. Lunch will be served! Agenda Welcome and Introductions – Jeremy Sneeden, User Group Director Product update by Symantec (DLP mobile / cloud) – Ben Yang Lunch and Networking Customer presentation: Bill King, Target Customer ...
updated event 08 Aug 2016
Please join us for the kickoff meeting of the Phoenix Security User Group on Thursday, Sept. 1 from 11:00 a.m. to 2:00 p.m. at Seasons 52, Biltmore Fashion Park, 2502 E. Camelback Rd., Phoenix. Lunch will be served! Agenda 11:00 – 11:30: Welcome and Introductions – Steve Jensen, Symantec and John Taylor, ITS (sponsor) 11:30 – Lunch served during the first presentation 11:30 – 12:30: ...
updated event 08 Aug 2016
Join Novacaost for a live webinar September 7th for your complete Data Loss Prevention strategy. With the cost per breach now averaging $4 million, it is imperative to ensure you have a the best data loss prevention strategy in place.  There are so many options, how do I choose? Every company is unique so you should weigh your options on which DLP ...
new event 04 Aug 2016
The Symantec Data Center Security: Server Advanced 6.0 course is an introduction to implementing and managing a Symantec Data Center Security: Server Advanced 6.0 deployment. The architecture and individual components of the SDCS:SA 6.0 solution are detailed and explained. Agent installation and configuration are taught along with deployment and management of SDCS:SA agents and policies ...
updated video 17 Aug 2016
Symantec Data Loss Prevention version upgrade from v14.0 to 14.5. Click here for detailed process.
updated video 12 Aug 2016
This video forms part of a series which describes the actions administrators will need to take in order to setup the Symantec Email Quarantine when they are using the Symantec Email Security.cloud service. This video focusses on creating the correct user permissions in the ClientNet portal to ensure that the quarantine administrator may take all necessary actions.
updated video 12 Aug 2016
This video forms part of a series which describes the actions that administrators will need to take in order to setup the Symantec Email Quarantine when they are using the Symantec Email Security.cloud service. This video looks at the Quarantine options in ClientNet itself and the various options available for quarantine administrators to configure.
updated video 13 Jul 2016
In this quick update our risk management expert, John Higday, highlights the updates in ATP 2.0.2 which  provides IT security teams with the best visibility in their endpoint environment.   Advanced Threat Protection - Expose, prioritize, and remediate sophisticated advanced attacks across endpoints, networks, and email, from one single console.   Download our ATP whitepaper at ...
updated video 19 May 2016
This video will help new customers to provision their domains and inbound routes once they have access to the administration portal. If you want a desktop aid to provide a step by step guide as to the tool, then please download that here.
new video 17 May 2016
Bay Dynamics recently announced the availability of the standalone IT Analytics Server 2.1, which includes an enhanced web based cube browser. This video walks you through how as an existing Symantec Endpoint Protection customer, you can leverage IT Analytics Server to visualize your cube data and take advantage of its benefits.
new idea 26 Aug 2016
Currently unable to find infected files located in a .wim file.  Need to be able to scan within these files as you can any other archive, without having to mount to a folder.
updated idea 26 Aug 2016
Problem: The SEP 12.1 IPS component is enabled on a Nessus vulnerability scanning server and it detects and blocks all outgoing traffic that matches its IPS signature database, which then produces inaccurate vulnerability reporting: Current Solution: Symantec's current recommendation is to either disable the IPS component before running a scan (re-enable after scan completion) or remove the ...
new idea 25 Aug 2016
Hello, The idea is to reduce day time traffic between wan slow links. In my experience with SEP (since SAV8 so it's been a while) many improvments have been done but in terms of bandwidth use, it has been a lot more subtile. The idea is to replicate (by a php / perl / python script for example) the content folder from SEPM to a very basic apache web server running on a linux box. On the ...
new idea 24 Aug 2016
I really need a technical resource to encourage Symantec to author a Data Identifier to locate unique/unknown email addresses. We are seeking to identify a method within DLP 14.5 on the ability to match unique email addresses (for us).  There does not appear to be a method to do so as of this moment.   Currently if you use a regular expression to detect email addresses, it will ...
updated idea 22 Aug 2016
Please add the functionality to bypass scanning of files with valid signatures from well-known vendors. This would dramatically reduce the number of false positives with Heuristic, SONAR, or Insight scans. For example, there should be no reason to categorize as malware a .cab file that's been signed by Microsoft or Citrix and the hash verified. This would also improve performance since ...
updated idea 19 Aug 2016
Currently the MAC client is extremely limited. The policy does not allow actions to be performed and defaults all finding to "Leave Alone". There needs to be the option to Quarantine, Clean, and delete. In addition, there are not any options for cleaning or removing from the console. We have 500+ MACs in our environment and requiring the technician to clean each machine manually is not ...
updated idea 18 Aug 2016
Provide a cloud agent feature for communication between internal SEPM server and mobile computers SEP client connected anytime anywhere on the Internet (outside corporate LAN). Valuable for situations where mobile users are out of office and connected to the regular Internet, not on corporate LAN or a VPN for extended periods of time. This could allow ...
Member Name
Reward Points
All Time
Member Name
Reward Points
Last 30 Days
Member Name
ArticlesSolved
Mithun Sanghavi
1,256
60
SMLatCST
410
1
jjesse
79
24
ℬrίαη
2,473
21

A Message From Your Community Manager: Jami

Welcome to the Security Community on Symantec Connect.

The Security Community covers many different security products from Symantec and provides valuable technical information for each.

Please feel free to contact me via private message with any questions you may have.

I look forward to hearing from you and answering any questions about the Community.

Login to contact the Community Manager.