Video Screencast Help
new idea 29 May 2015
RE: This thread... https://www-secure.symantec.com/connect/forums/mac... I'd like an alert if SEPM removes a machine.  Having a generic alert for any machine that's removed (manually or by SEPM) would work too. I've got some users offsite with laptops who aren't using their machines.  I want to know if we've still got a license on that machine, if they're actually not using their ...
updated discussion 29 May 2015
Hi, For a Customer we enabled Web Email Protection and it works. I have two questions i hope someone can help me to answer? A user receives an email, and if the user replies than the email is sent unencrypted. Is there a way to encrypt the sent email so that it´s only viewable at an email client with PGP enabled? Is posible to control which users can send email to from Web ...
new discussion 29 May 2015
We have a client who is seeing the following errors in their PacketCapture.log file on Network Monitor to the tune of 200+ per minute. 05/29/15 11:10:39 [0x2b9d2af90940] WARN  CaptureProcessor - Discarding 60 byte packet.  18125000 discarded. [CaptureProcessor.cpp(38)] 05/29/15 11:10:39 [0x2b9d2af90940] WARN  CaptureProcessor - Discarding 1514 byte packet.  18126000 ...
updated discussion 29 May 2015
Hi, For a Customer we enabled Web Email Protection and it works. I have two questions i hope someone can help me to answer? A user receives an email, and if the user replies than the email is sent unencrypted. Is there a way to encrypt the sent email so that it´s only viewable at an email client with PGP enabled? Is posible to control which users can send email to from Web ...
new discussion 29 May 2015
We have a client who is seeing the following errors in their PacketCapture.log file on Network Monitor to the tune of 200+ per minute. 05/29/15 11:10:39 [0x2b9d2af90940] WARN  CaptureProcessor - Discarding 60 byte packet.  18125000 discarded. [CaptureProcessor.cpp(38)] 05/29/15 11:10:39 [0x2b9d2af90940] WARN  CaptureProcessor - Discarding 1514 byte packet.  18126000 ...
updated discussion 29 May 2015
I have 200 mobile users with laptops that I'd like to upgrade from 12.1.4013 to 12.1.6. These users connect via VPN using their cellphones as hotspots which all draw from a shared pool of data we pay for monthly. To prevent going over our monthly data cap I plan on rolling out the upgrade over the next 3 months. I can think of 2 easy ways to do this and would like input on each. 1. Attach ...
new blog entry 29 May 2015
Scammers involved in Japanese one-click fraud continuously come up with new tactics, meaning the scam continues to evolve. For example, earlier in the year scammers came up with the idea of locking smartphone browsers in an attempt to force users into dialing a support center set up by the fraudsters. The latest tactic observed by Symantec involves the use of an Android app ...
new blog entry 29 May 2015
Hello, Symantec Data Center Security: Server Advanced (DCS:SA) is a flexible, multi-layer security solution for servers that detects abnormal system activities. It prevents and blocks viruses and worms, hacking attacks, and zero-day vulnerability attacks. DCS:SA also hardens systems, enforcing behavior-based security policies on clients and servers. DCS:SA includes a management console, server ...
new blog entry 28 May 2015
スターバックスカードの保有者が、複数のオンラインアカウントに支払い用カードを登録している場合、サイバー犯罪者によって口座の残高を引き出されてしまう危険性があります。 サイバー犯罪者は、弱いパスワードを突いて、あるいは他のデータ侵害で獲得した資格情報を利用してスターバックスのアカウントを狙っています。 パスワードの使い回しは一般的ですが、セキュリティ上は問題があります。1 つの Web サイトまたはサービスでデータ侵害が発生すると、サイバー犯罪者はそこで盗み出した資格情報を利用して他の Web サイトへもアクセスできるようになりますが、それはユーザーがパスワードを使い回す傾向を知っているからです。よく使われるパスワードも、アクセス権を取得に悪用されることがあります。 図 1. スターバックスアカウントの送金履歴 スターバックスのアカウントには強力なパスワードを使う 図 2. ...
new blog entry 28 May 2015
攻撃者がゲスト仮想マシン(VM)をすり抜け、そのシステムで稼働している他の VM とホストシステムにアクセスできる新しい脆弱性が見つかり、「VENOM」と名付けられました。VENOM を利用すると、攻撃者は侵入したシステム上のどの仮想マシンからでも重要なデータを盗み出し、昇格した権限でホストのローカルネットワークやそのシステムにもアクセスできる可能性があります。 VENOM 脆弱性(CVE-2015-3456)が存在するのは、オープンソースのハイパーバイザ QEMU 用のフロッピーディスクコントローラです。これは Xen ハイパーバイザ、QEMU クライアント、カーネルベース仮想マシン(KVM)など多くの仮想インフラストラクチャにデフォルトでインストールされます。VMware、Microsoft Hyper-V、Bochs ハイパーバイザは VENOM ...
updated blog entry 28 May 2015
Change is the only constant in cybersecurity. Organizations face a complicated balancing act between managing complex IT infrastructures and defending against threats. In fact, over half of the organizations surveyed in ESG’s recent report, The Endpoint Security Paradox, reported a cybersecurity shortage, and 80% agreed that managing endpoint security has become increasingly difficult over the ...
updated blog entry 28 May 2015
Found in version 12.1.5 and still found in 12.1.6. If you find this error in the reporting log found at: \Symantec Endpoint Protection Manager\apache\logs\reporting.log If the reporting.log contains many logs like: ERROR:Cannot apply permission checks to:  select sum(a.noofviruses) as anzahl, ha.whitelist_reason from alerts a with (nolock), hpp_application hp, hpp_alerts ha , v_virus v ...
updated blog entry 28 May 2015
Found in version 12.1.5 and still found in 12.1.6. If you create reports and find wrong OS-es, e.g. a "Windows" computer, while the computer actually is a "Linux" computer running SAVFL, then you can fix this by looking at \Inetpub\Reporting\Inventory\inventoryreport1.php lines 224 - 225 (12.1.5) or 238 - 239 (12.1.6). The report translates an unknown OS Type (R_OS_TYPE = 0) as a ...
updated blog entry 28 May 2015
Found in version 12.1.5 and still found in 12.1.6. If you find this error in the reporting log found at: \Symantec Endpoint Protection Manager\apache\logs\reporting.log If the reporting.log contains log entries like: 2015-01-09 14:24:01 ERROR:I18nInventory could not translate key: Group 2015-01-09 14:24:09 ERROR:I18nInventory could not translate key: Subnetthen you can fix this by looking ...
updated download 08 Jan 2015
To build on my last IR article: How to utilize SEP 12.1 for Incident Response - PART 6 I'm attaching a custom IPS policy which will detect the download of various filetypes via HTTP and HTTPS. The signatures are in Allow mode and set to write to the Packet log for detailed information. As of now, this policy will detect 37 different filetypes. I will update it as I add more. Feel free to use ...
download comment 05 Dec 2014
updated event 26 May 2015
Join us for our next Cleveland Security & Compliance User Group meeting on Thursday, June 11, 2015 We have excellent presentations lined up! INFOSEC Flash Forward - Changing how we think Presented by: David Kennedy, QSA, OSCE, OSCP, CISSP, ISO 27001, GSEC, MCSE Founder, Senior Principal Security Consultant TRUSTEDSEC, LLC Advanced Threat Protections Presented by: Walt Abel, Principal ...
updated event 13 Apr 2015
NetX a Symantec Authorized Training Partner (ATP) delivers Instructor-led Training Classes either on-site or remotely.  We offer over 20 different Symantec Classes, for a complete list please visit netxinc.com/training Attend from your home, office or one of our convenient locations.   Our training classes are Guaranteed to Run, We Never Cancel!  Symantec Data Loss ...
updated event 09 Apr 2015
Please note: This meeting has been rescheduled to a week later on Friday, April 17th! Due to an illness, Mike will be unable to attend and present tomorrow. We apologize for the short notice and any inconvenience this may have caused. We hope to see you there next week! Please join us for the next Twin Cities Data Loss Prevention User Group meeting on Friday, April 17th from 11:00am to 3:00pm ...
new event 10 Mar 2015
Presented by: Pete Lindstrom, Director, Security Products, IDC Research Nico Popp, Vice President Information Protection, Symantec   Webcast Summary: The cloud has changed the way we do business and is forcing us to rethink security in new ways. The fact that information flows freely outside of the enterprise walls and back again means we need to consider how we secure that information ...
updated event 09 Mar 2015
Please join us for the next Philadelphia Security & Compliance User Group meeting on Wednesday March 11th from 9:00am to 12:00pm at Dave & Buster's. The meeting will feature presentations on SEP and DLP from Symantec. Lunch will be served! Agenda: Welcome, Announcements & Introductions Roadmap of Security Solutions by Neil Christie, Symantec SEP DLP Planning, Prizes and ...
new event 03 Mar 2015
The Symantec Control Compliance Suite (CCS) 11.0 Administration course is designed for professionals who are tasked with ensuring the security of their computing enterprise and compliance with both external and internal mandates. This instructor-led course focuses on using Control Compliance Suite 11.0 to define risk and compliance objectives, develop policies and controls to govern the ...
updated video 26 May 2015
This training module aims to walk you through how to setup a new business partner in the Encryption module of the Management Portal. Watch more Videos in the Self-serve TLS video series: Self-serve TLS: Moving domains from one Business Partner to another Self-serve TLS: Getting visibility into your enforcements Self-serve TLS: Enforcing TLS encryption between you and the Email Security ...
updated video 15 May 2015
In this video you will be walked through the on-screen administration of Self-serve TLS, paying particular attention to configuring enforcements between your own domains and Symantec.cloud. The video will then show you how to test the domain to ensure that all is working as expected.
updated video 15 May 2015
This training module aims to walk you through configuring your services to ensure that all emails sent between you and the Email Security Service pass through an encrypted TLS channel.
updated video 15 May 2015
This training module will demonstrate how you can review your Encryption settings and highlight some key information points. 
updated video 15 May 2015
This training module aims to walk you through how to move a domain from under the remit of one business partner to the remit of another.
new video 04 May 2015
How to submit suspicious files with Threat Analysis Threat Analysis를 통해 탐지된 의심스러운 파일을 어떻게 판단하여 Symantec Security Response Team에 업로드 하는지 알아봅니다. 준비사항: 1. Threat Analysis by Symhelp tool 2. Threat Analysis Report Symhelp Download: http://www.symantec.com/business/support/index?page=content&id=TECH170752 Threat Analysis 사용 방법은 아래의 URL을 참고하시기 ...
updated video 29 Apr 2015
In this short video, you learn how to troubleshoot a client that is unable to communicate with the SEPM by reviewing settings and running SymHelp. You also learn how to deploy new communication settings to the client. Please watch the other videos in this series: Troubleshooting Console Issues Troubleshooting LiveUpdate Configuration Issues Troubleshooting LiveUpdate Connection ...
updated video 29 Apr 2015
In this short video, you learn how to troubleshoot and resolve a replication issue by examining Tomcat logs and other areas of the SEPM. Please watch the other videos in this series: Troubleshooting Console Issues Troubleshooting LiveUpdate Configuration Issues Troubleshooting LiveUpdate Connection Issues Troubleshooting Client Communication Issues Troubleshooting Group Update ...
new idea 29 May 2015
RE: This thread... https://www-secure.symantec.com/connect/forums/mac... I'd like an alert if SEPM removes a machine.  Having a generic alert for any machine that's removed (manually or by SEPM) would work too. I've got some users offsite with laptops who aren't using their machines.  I want to know if we've still got a license on that machine, if they're actually not using their ...
new idea 28 May 2015
In some industries and governemt agencies, specific identifiable information has to be sent encrypted. Specificaly, IP addresses and server names cannot be sent unencrypted over the Internet. It would be very handy to have an option while creating Scheduled Reports and creating Alerts if there is an option to encrypt the Alert report and the Scheduled Report. The option should be available ...
new idea 28 May 2015
Hi, we are having requests from customers that want to exclude UNC path from autoprotect, single file names (now you can only exclude files providing a full path) and filenames using wildcards.
new idea 27 May 2015
Hello, I would like you to consider implementing the below options in SEPM versions after 12.1 RU6 (in some MP or new release).. We have upgraded SEPM to version 12.1 RU6 and now we have the option to receive automatic e-mails for Full zip downloads. I want to have an option to configure such notifications to be sent if size of full zip is more that let's say 50-100 MB so we can get ...
Member Name
Reward Points
All Time
Member Name
Reward Points
Last 30 Days
Member Name
ArticlesSolved
AravindKM
293
1
Brɨan
1863
19
Mithun Sanghavi
1244
59
SMLatCST
387
1
jjesse
59
24

A Message From Your Community Manager: Swathi Turlapaty

Welcome to the Security Community on Symantec Connect.

The Security Community covers many different security products from Symantec and provides valuable technical information for each.

Please feel free to contact me via private message with any questions you may have.

I look forward to hearing from you and answering any questions about the Community.

Login to contact the Community Manager.