Video Screencast Help
new discussion 28 Jul 2016
Hey guys, I've been looking around the KB on changing IP address of our PGP Server, I cant find one that is matched for version 3.3.2MP10. Any thoughts? Thank you, Daryl
new discussion 28 Jul 2016
Hi, I have created one DLP policy for Email prevent, few days it works properly along with other polices, but suddenly e-mail violated by that policy is not getting blocked, however other pollicies are still working properly and I didn't make any changes. Can anybody help me to find the exact root cause and how to troubleshoot. In this regards I would like to inform you that I didn't find any ...
new discussion 28 Jul 2016
1. Maximum number of policy supported in a DLP setup  2. Maximum number of Rules supported in a DLP policy  3. Maximum number of Boolean expressions ("OR" and "AND") in a DLP policy / Rule  4. Maximum number of User groups supported in a DLP setup
new blog entry 28 Jul 2016
投稿人:Tommy Dong 之前,我们曾发表过相关博文,介绍谷歌电子市场(Google Play)上的恶意软件在Viber上盗取图片。其后,我们在谷歌电子市场上发现了另一个恶意应用程序,这种应用程序可将受害者的个人媒体文件(照片和视频)移至远程服务器之上。 侵占用户所有视频 在加强手机云监测功能以识别泄露个人可识别信息之应用程序(PII)的过程中,我们偶然发现谷歌电子市场上有一款很具恶意的应用程序。这款应用程序便是Sunuba 游戏公司制作的HTML源代码查看器。 该应用程序伪装成开发工具,但实际上是将设备在“/DCIM/Camera” ...
new blog entry 27 Jul 2016
寄稿: Tommy Dong 6 月のブログ記事で、Viber から写真を盗み出すマルウェアが Google Play に出回ったことをお伝えしました。それ以来、個人のメディアファイル(写真と動画)を被害者のモバイルデバイスから抜き取ってリモートサーバーに送るアプリが、Google Play ではほかにも確認されています。 キミノ ドウガハ スベテ イタダイタ モバイルインサイトは、個人情報(PII)を盗み出すアプリを特定するシマンテックのクラウドベース機能です。その強化を進める過程で、シマンテックは明らかに悪質なアプリを Google Play 上で発見しました。それは、Sunuba Gaming による「HTML Source Code ...
new discussion 28 Jul 2016
Hey guys, I've been looking around the KB on changing IP address of our PGP Server, I cant find one that is matched for version 3.3.2MP10. Any thoughts? Thank you, Daryl
new discussion 28 Jul 2016
Hi, I have created one DLP policy for Email prevent, few days it works properly along with other polices, but suddenly e-mail violated by that policy is not getting blocked, however other pollicies are still working properly and I didn't make any changes. Can anybody help me to find the exact root cause and how to troubleshoot. In this regards I would like to inform you that I didn't find any ...
new discussion 28 Jul 2016
1. Maximum number of policy supported in a DLP setup  2. Maximum number of Rules supported in a DLP policy  3. Maximum number of Boolean expressions ("OR" and "AND") in a DLP policy / Rule  4. Maximum number of User groups supported in a DLP setup
updated article 26 Jul 2016
Often times we deploy SEP 12.1 to clients and assume the components are functioning correctly. While the majority of the time this is true, it never hurts to spot check clients to ensure they're working as expected. Below are tests you can run for each component to verify functionality. Test Virus and Spyware Protection The quickest way to test this functionality is to download the EICAR file ...
updated article 22 Jul 2016
Customers Can Now Integrate Compliance Monitoring Into Their Evolving DevOps Process MOUNTAIN VIEW, Calif. – July 20, 2016 – Symantec Corp. (NASDAQ: SYMC), the global leader in cybersecurity, today announced the next version of Symantec Control Compliance Suite, the enterprise-class IT governance, risk and compliance solution. Symantec Control Compliance Suite delivers new ...
updated article 21 Jul 2016
Introduction This is the tenth in my Security Series of Connect articles.  For more information on how to keep your enterprise environment secure using often-overlooked capabilities of Symantec Endpoint Protection (and the OS upon which it functions), see Mick's Greatest Hits: Index of Helpful Connect Security Articles. This article gets down to some practical particulars on how to take ...
updated article 20 Jul 2016
Click here to visit the site on Symantec.com.
updated article 20 Jul 2016
Please click here to view the current Symantec Security Insights newsletter. Thank you!
updated article 19 Jul 2016
Introduction This is the sixth in my Security Series of Connect articles.  For more information on how to keep your enterprise environment secure using often-overlooked capabilities of Symantec Endpoint Protection (and the OS upon which it functions), see Mick's Greatest Hits: Index of Helpful Connect Security Articles. This new "Symantec Insider Tip" article aims to provide advice and ...
new blog entry 28 Jul 2016
投稿人:Tommy Dong 之前,我们曾发表过相关博文,介绍谷歌电子市场(Google Play)上的恶意软件在Viber上盗取图片。其后,我们在谷歌电子市场上发现了另一个恶意应用程序,这种应用程序可将受害者的个人媒体文件(照片和视频)移至远程服务器之上。 侵占用户所有视频 在加强手机云监测功能以识别泄露个人可识别信息之应用程序(PII)的过程中,我们偶然发现谷歌电子市场上有一款很具恶意的应用程序。这款应用程序便是Sunuba 游戏公司制作的HTML源代码查看器。 该应用程序伪装成开发工具,但实际上是将设备在“/DCIM/Camera” ...
new blog entry 27 Jul 2016
寄稿: Tommy Dong 6 月のブログ記事で、Viber から写真を盗み出すマルウェアが Google Play に出回ったことをお伝えしました。それ以来、個人のメディアファイル(写真と動画)を被害者のモバイルデバイスから抜き取ってリモートサーバーに送るアプリが、Google Play ではほかにも確認されています。 キミノ ドウガハ スベテ イタダイタ モバイルインサイトは、個人情報(PII)を盗み出すアプリを特定するシマンテックのクラウドベース機能です。その強化を進める過程で、シマンテックは明らかに悪質なアプリを Google Play 上で発見しました。それは、Sunuba Gaming による「HTML Source Code ...
updated blog entry 27 Jul 2016
Contributor: Tommy Dong Last time we blogged about malware on Google Play that stole photos from Viber. Since then we’ve discovered another app on Google Play that is moving personal media files (photos and videos) off victims’ mobile devices and onto a remote server. All your videos are belong to us In the course of enhancing our Mobile Insight cloud-based features to identify apps that leak ...
blog entry comment 27 Jul 2016
new blog entry 26 Jul 2016
サイバースパイグループ Patchwork が、政府関連に限定しない組織を標的にするようになっています。シマンテックが調査したところ、このグループは航空、放送、金融など広い範囲の業種を狙ってバックドア型のトロイの木馬を投下していることがわかりました。 Patchwork は、Dropping Elephant という名前でも知られ、シマンテックセキュリティレスポンスは、このグループについて積極的に監視を続けています。Patchwork は、中国に関連する文面でユーザーを引き付けたうえで、標的のネットワークに侵入します。セキュリティ企業 Cymmetria と Kaspersky の 2 ...
updated blog entry 26 Jul 2016
토렌트 사이트에서 불법 복제 컨텐트를 이용했다가 숨겨진 폐해를 겪을 수도 있습니다. 시만텍이 인기 토렌트 웹 사이트를 조사하던 중 PUA(잠재적으로 원치 않는 애플리케이션) 유포 캠페인이 진행 중임을 발견했습니다. 이 가짜 토렌트는 여러 사이트에서 Assassin Creed Syndicate, The Witcher 3 등과 같은 인기 게임의 이름을 미끼로 사용자를 유인한 다음 사용자 모르게 자동으로 PUA를 설치합니다. 시만텍은 이러한 PUA 유포 캠페인에서 합법적인 제휴사의 PPI(Pay-Per-Install) 프로그램을 악용하고 있다고 확신합니다. 잠재적으로 원치 않는 애플리케이션(PUA, Potentially unwanted applications) PUA는 보안, 개인 정보 보호, 리소스 ...
updated blog entry 26 Jul 2016
최신 인텔리전스 페이지가 2016년 5월에 새롭게 단장하여 사이버 보안 위협과 동향에 대한 최신 분석 및 악성 코드, 스팸, 기타 잠재적 위험성을 지닌 비즈니스 리스크에 대한 통찰력을 제공하고 있습니다. 최신 인텔리전스의 주요 내용을 간추려 소개합니다. 툴킷 기반 웹 공격 부문에서 2위 자리를 지켜온 Angler 툴킷이 5월에는 전체 툴킷 활동의 51.2%를 차지하며 선두에 올랐습니다. 4월에 1위였던 Nuclear 익스플로잇 킷은 이달에 5위권 밖으로 밀려났는데, 4월에 발표된 이 툴킷의 인프라스트럭처를 조명한 연구 결과의 공개로 인해 큰 타격을 받은 것으로 보입니다. 이에 앞서 4월에는 Spartan 툴킷이 5위권에서 사라진 바 있습니다. Spartan 툴킷도 툴킷 기반 웹 공격의 선두를 ...
updated blog entry 26 Jul 2016
지속적으로 발전하는 사이버 환경에서 공격자들이 풍부한 자금을 바탕으로 신속하게 움직이고 정교한 공격 수법을 구사하는 데 반해 이러한 공격을 탐지하는 데는 너무 많은 시간이 걸리고 있습니다. 게다가 관련 예산은 빠듯하고 사내 리소스도 부족합니다. 기업의 86%는 더욱 증가하는 사이버 보안 요구 사항을 해결하기 위한 전문 인력이 부족한 상황입니다.[1] CISO들은 이러한 문제를 최우선시하면서 질문을 던지고 그에 대한 답을 찾고 있습니다.  시만텍은 10여 년 전부터 기업의 경영진이 보안 운영의 공백을 해소할 수 있도록 지원해왔습니다. 시만텍은 전 세계를 대상으로 활동하면서 보안 관련 시장을 형성하고 향후 보안 계획에 영향을 미치게 될 동향이 무엇인지에 주목하고 있습니다. 아래와 같은 6가지 ...
updated blog entry 26 Jul 2016
시만텍이 발견한 바에 따르면, 방글라데시 중앙은행에서 8,100만 달러를 훔치고 베트남 Tien Phong Bank에서도 1백만 달러 이상을 빼내려 한 집단이 필리핀의 한 은행을 공격했습니다. 이 집단이 사용한 악성 코드가 필리핀의 한 은행에 대한 표적 공격에서도 사용되었습니다. 뿐만 아니라 여기에 사용된 일부 툴의 코드가 과거 Lazarus라는 보안 위협 그룹과 관련된 공격에 사용된 악성 코드와 유사합니다. 이러한 공격은 2015년 10월부터 발생한 것으로 보이는데, 이는 실패로 끝나긴 했지만 지금까지 발생한 침해 사고 중 가장 빠른 것으로 알려진 베트남 공격이 발생하기 2개월 전입니다. 방글라데시 중앙 은행이 공격을 받자 결제 네트워크인 SWIFT는 공격자들이 자금 이체 사기의 증거를 덮기 위해 ...
updated blog entry 26 Jul 2016
·     2016년 5월 11일 "적을 알고 나를 알면 백번 싸워도 위태로움이 없다. 나를 알되 적을 알지 못하면 한 번 이기고 한 번 지며 적과 나를 모두 모르면 싸움마다 반드시 위태롭다." 손무 손자병법은 오늘날에도 적용되는 가르침입니다. 적을 알면서 자사의 강점과 약점을 알고 있는 기업은 현재 진행 중인 사이버 보안 전쟁에서 승리할 가능성이 높습니다. 공격을 당한 후에야 보안을 강화하지 마십시오. 적극적으로 공격자에 맞서십시오.  귀사가 사이버 레질리언스를 유지하고 공격에 확실히 대비하려면 어떤 노력이 필요할까요? 시만텍은 한 해의 글로벌 보안 위협 동향을 종합적으로 조명하고 분석하는 연례 보고서, 2016년 인터넷 보안 위협 ...
new download 17 Jun 2016
Ever had the CCS Agent registered with wrong name or agent IP changed? In some situations it can be pain to fix this as it requires going to agent and running the registration again (imaging you do not have access to agent server and you have to raise ticket to 3rd party supplier and he asks you to raise a change request). Well with these two simple scripts, you can change both agent name and ...
new download 16 May 2016
To make use of stop-words for russian language, download attached file, unzip it and place to the "Protect\config\stopwords" subfolder in the Symantec DLP installation directory. Then go to the "Advanced settings" page of selected detection server and set the variable "Lexer.StopwordLanguages" to "en,ru". Do it for every detection server you have.
updated download 22 Apr 2016
Symantec DCS Policy Utility v1.0.0.11 For Windows OS (Note .NET Framework 4.5 is required) Designed to help you tune your policy by processing the log files from an Agent. There's a getting started tab that explains the best steps to get the logs and events you need to troubleshoot your policy. The program does not make any changes to the machine or policy. It parses the sisidsevents and ...
updated download 01 Apr 2016
When a customer is using the forensics software "Encase 7" with our Symantec Endpoint Encryption Full Disk 8.2.0 software, the customer will need the appropriate DLLs so that the Encase product can successfully work with our Full Disk product. The DLLs required are attached here and can also be located within the original product download under the subfolder "utilities". The DLLs required in ...
updated download 01 Apr 2016
At times, a customer may require the details for creating a batch file (startup script) to assist in the uninstallation of a Symantec Endpoint Encryption Device Control client that was installed via GPO. You cannot use the automatic uninstall feature in the GPO software installation package because the Device Control uninstall procedure is password protected. To uninstall Device Control you ...
new event 27 Jul 2016
Whether you are a large enterprise, SMB or just a regular user of the internet, cyber threats are increasing in number and sophistication. Tactics and techniques used today, will be different in another month. What can you do to bolster your security posture or simply increase personal awareness? Every year, Symantec releases it’s threat report (ISTR) which is based on data collected and ...
new event 27 Jul 2016
Topic: Microsoft + Symantec: A Next Generation Approach to Securing Users and Their Devices Speakers: Matt Reid, ITS VP of Risk Management and Troy Whittaker, VP of Systems Management Date: Thu, Aug 4, 2016 11:00 AM – 12:00 PM EST Details: Today’s cyber risks are forcing organizations to not only leverage technology, but also purchasing power through enrollments and new ...
updated event 26 Jul 2016
South Florida Cyber Security Forum has been created based on the complexity of today’s global threat environment. As IT no longer rules the roof, device and data explosion coupled by being ever targeted by data breaches and battered attacks continue to make cyber security grow. This all revolves around the balance between privacy, anonymity, technology and security.  This is a free ...
updated video 13 Jul 2016
In this quick update our risk management expert, John Higday, highlights the updates in ATP 2.0.2 which  provides IT security teams with the best visibility in their endpoint environment.   Advanced Threat Protection - Expose, prioritize, and remediate sophisticated advanced attacks across endpoints, networks, and email, from one single console.   Download our ATP whitepaper at ...
updated video 19 May 2016
This video will help new customers to provision their domains and inbound routes once they have access to the administration portal. If you want a desktop aid to provide a step by step guide as to the tool, then please download that here.
new video 17 May 2016
Bay Dynamics recently announced the availability of the standalone IT Analytics Server 2.1, which includes an enhanced web based cube browser. This video walks you through how as an existing Symantec Endpoint Protection customer, you can leverage IT Analytics Server to visualize your cube data and take advantage of its benefits.
updated video 17 May 2016
Bay Dynamics recently announced the availability of the standalone IT Analytics Server 2.1, which includes an enhanced web based cube browser. This video walks you through how as an existing Symantec customer, you can leverage IT Analytics Server to visualize your cube data and take advantage of its benefits.
new video 17 May 2016
In this video, we demonstrate how to install the new standalone IT Analytics Server v2.1 with the Symantec Data Loss Prevention content pack.
updated video 17 May 2016
This training module aims to walk you through how to setup a new business partner in the Encryption module of the Management Portal. Watch more Videos in the Self-serve TLS video series: Self-serve TLS: Moving domains from one Business Partner to another Self-serve TLS: Getting visibility into your enforcements Self-serve TLS: Enforcing TLS encryption between you and the Email Security ...
new video 13 May 2016
This video shows you the new features in Advanced Threat Protection 2.0.2.
updated video 13 May 2016
In this video, you'll see how you can use a STIX file to perform a database search in Advanced Threat Protection 2.0.2 and later.
new idea 26 Jul 2016
There currently exists only checks for whether or not older roles are installed (IIS for example), but nothing for the myriad other roles and features of Windows. I'd like to see checks for all the various roles (hyper-v, say) and features (telnet client, anyone?) available in a Windows install, so that these can be checked off against our standard.
new idea 22 Jul 2016
Can a guide be created showing multiple use cases of all the ways CCS standards can be used for.A use case guide is required providing extensive range of examples each with different examples. This helps organizations to adopt the product at the faster pace. Rather than go through the 1000 page user guide or a thin how to guide for standards with very few examples. Learning by examples is the ...
updated idea 22 Jul 2016
awooso posted: IPSEC
I am currently doing an implementation of Symantec firewall to block all intersubnet traffic except a very select few for a very select subnet. Symantec firewall does a great jo and offers a lot of really easy to configure controls except when dealing with IPsec........... Since IPsec required port 500 upd (some say IP protocol 50 and 51) it should be a simple build right? except Symantec ...
new idea 22 Jul 2016
From within the SEPM if you sync an AD container that has managed clients in a unsynched container it moves them to the synched container in the SEPM and will not allow you to move them back without breaking the client management.  This being said it would be very helpful to be able to scan AD for hosts & their client status if present with the option to deploy ...
new idea 21 Jul 2016
There needs to be a tools that will convert existing SEP policies to new versions of SEP policies that have new features. I should not have to rewrite policies everytime there is a SEP update.