Video Screencast Help
As we strive to continually improve your experience on our site, please help us by taking this survey and tell us about your satisfaction level using Symantec Connect. One lucky winner will receive 500 Connect points! * Take the survey.
new discussion 01 Oct 2016
Hi, I'm trying to decrypt disk 0 with the pgpwde command (10.3.2, build 15238).  I used: pgpwde --decrypt --disk 0 --passphrase "..." and it came back with the standard message Request sent to Start decrypt disk was successful Unfortunately the hard drive activity light doesn't suggest much is happening.  So when I check it with: pgpwde --status I get: Disk 0 is instrumented by ...
updated article 30 Sep 2016
Nos dias de hoje há muita especulação sobre a capacidade de um software Antivírus conseguir de maneira efetiva assegurar que um ambiente esteja seguro e isto veem se tornando cada vez mais um desafio para empresas que fornecem tais tecnologias. Atualmente segundo ultimo relatório anual de ameaças Symantec ISTR há mais de 1 milhão de malwares “passeando” por ai diariamente e este numero ...
new discussion 01 Oct 2016
Hi, I'm trying to decrypt disk 0 with the pgpwde command (10.3.2, build 15238).  I used: pgpwde --decrypt --disk 0 --passphrase "..." and it came back with the standard message Request sent to Start decrypt disk was successful Unfortunately the hard drive activity light doesn't suggest much is happening.  So when I check it with: pgpwde --status I get: Disk 0 is instrumented by ...
updated discussion 30 Sep 2016
Hello team -  is it possible to detect data flowing out of network when the internet browser is Chrome= on 12.5?  Thanks for the support.
discussion comment 30 Sep 2016
updated article 30 Sep 2016
Nos dias de hoje há muita especulação sobre a capacidade de um software Antivírus conseguir de maneira efetiva assegurar que um ambiente esteja seguro e isto veem se tornando cada vez mais um desafio para empresas que fornecem tais tecnologias. Atualmente segundo ultimo relatório anual de ameaças Symantec ISTR há mais de 1 milhão de malwares “passeando” por ai diariamente e este numero ...
updated article 29 Sep 2016
Introduction By popular demand, below is an index of my Connect articles.  Illustrated, semi-formal and mildly amusing, I hope they assist admins and individuals along their neverending quest to find a safe path in this ever more dangerous world.... Security Series The first article, Using SEPM Alerts and Reports to Combat a Malware Outbreak, demonstrated how to use ...
updated article 28 Sep 2016
This document will guide you through the suggested steps in order to setup Symantec Email Quarantine. The document contains links to cheatsheets and videos to help explain the steps if further assistance is required.
updated article 27 Sep 2016
IT Analytics DLP pack offers several predefined cubes out-of-the-box.  As part of the DLP pack, the custom attribute name and custom attribute value dimension are included.  These two dimensions contain data for custom attributes defined within DLP, however they need to be used hand-in-hand for the data in the cubes to make any sense.  For users who leverage custom attributes in ...
new blog entry 29 Sep 2016
Webinar: Phishing Readiness: Is Your Team Ready? Time: 10:00 AM (PST) / 1:00 PM (EST) Date: November 15, 2016 Speaker: James Griffin, Product Manager, Cyber Security Services Overview: Phishing continues to be one of the most prevalent and effective threats to organizations.  Combating hackers that are determined to compromise your users requires a unique blend of tools, strategy and ...
updated blog entry 29 Sep 2016
We are at an inflection point. The Internet is transitioning from controlling information to controlling physical things, which has profound implications for both the global economy and the future of insurance. In this post, I will provide 7 predictions for how the Internet of Things (IoT) will change the insurance industry, although ultimately these predictions only scratch the surface ...
new blog entry 28 Sep 2016
擬似乱数的なパスコードを使い、デバイスをロック解除不能な状態にして身代金の支払いを求める、Android.Lockscreen の新しい亜種が登場しています。これまでのバージョンは、画面をロックしたうえで、ハードコードされたパスワードを使っていましたが、解析によってそのコードをリバースエンジニアリングすれば、ロック解除のパスコードを被害者に提供できました。攻撃者は、デバイスのロック画面に独自のロック画面を組み合わせ、被害者にとってのハードルをさらに高くしています。これまでに確認された他のモバイルマルウェアと同じように、Android.Lockscreen も直接モバイルデバイス上で作成したうえで拡散されているトロイの木馬です。シマンテックは、この脅威を Android.Lockscreen ...
new blog entry 28 Sep 2016
Android.Lockscreen新变体开始使用伪随机密码生成技术,目的是防止受害者在不支付赎金的情况下便可将设备解锁。该勒索软件在之前版本可以锁定屏幕并使用硬编码密码,但分析软件可帮助受害者逆向还原代码,并为用户提供解锁设备的密码。网络攻击者还将自定义锁屏和设备锁屏相结合,为那些受感染的计算机创造了又一个障碍。这种木马病毒与我们发现的其它手机病毒相似,都是先在手机上直接创建后再进行传播。赛门铁克检测这些木马病毒为Android.Lockscreen。 伪随机密码 设备受此木马病毒入侵后,将创建一个自定义系统错误窗口,我们曾在之前的博文中做以讨论。这种窗口强加于受入侵设备中所有可见的用户界面上端,该恶意软件在窗口中展示恐吓信息,要求用户输入网络攻击者提供的密码(图1)。 图1. ...
updated blog entry 27 Sep 2016
New variants of Android.Lockscreen are using pseudorandom passcodes to prevent victims from unlocking devices without paying the ransom. Previous versions of these threats locked the screen and used a hardcoded passcode, but analysts were able to reverse engineer the code to provide victims with the passcode to unlock their devices. Attackers have also combined a custom lockscreen with the ...
updated download 11 Aug 2016
Symantec DCS Policy Utility v1.0.0.11 For Windows OS (Note .NET Framework 4.5 is required) Designed to help you tune your policy by processing the log files from an Agent. There's a getting started tab that explains the best steps to get the logs and events you need to troubleshoot your policy. The program does not make any changes to the machine or policy. It parses the sisidsevents and ...
new download 17 Jun 2016
Ever had the CCS Agent registered with wrong name or agent IP changed? In some situations it can be pain to fix this as it requires going to agent and running the registration again (imaging you do not have access to agent server and you have to raise ticket to 3rd party supplier and he asks you to raise a change request). Well with these two simple scripts, you can change both agent name and ...
new download 16 May 2016
To make use of stop-words for russian language, download attached file, unzip it and place to the "Protect\config\stopwords" subfolder in the Symantec DLP installation directory. Then go to the "Advanced settings" page of selected detection server and set the variable "Lexer.StopwordLanguages" to "en,ru". Do it for every detection server you have.
updated download 01 Apr 2016
When a customer is using the forensics software "Encase 7" with our Symantec Endpoint Encryption Full Disk 8.2.0 software, the customer will need the appropriate DLLs so that the Encase product can successfully work with our Full Disk product. The DLLs required are attached here and can also be located within the original product download under the subfolder "utilities". The DLLs required in ...
updated download 01 Apr 2016
At times, a customer may require the details for creating a batch file (startup script) to assist in the uninstallation of a Symantec Endpoint Encryption Device Control client that was installed via GPO. You cannot use the automatic uninstall feature in the GPO software installation package because the Device Control uninstall procedure is password protected. To uninstall Device Control you ...
new event 30 Sep 2016
(Last meeting was 9/29/16. This next meeting will be planned in early 2017, so look for details coming then!)
new event 29 Sep 2016
Time: 10:00 AM (PST) / 1:00 PM (EST) Date: November 15, 2016 Speaker: James Griffin, Product Manager, Cyber Security Services, Symantec Phishing continues to be one of the most prevalent and effective threats to organizations.  Combating hackers that are determined to compromise your users requires a unique blend of tools, strategy and training. Join our webinar to learn about: •How to ...
updated event 29 Sep 2016
Please join us for the next Twin Cities Data Loss Prevention User Group meeting on Thursday, Sept. 29 from 11:00 am to 2:30 pm at Target’s Brooklyn Park campus. Lunch will be served! Agenda Welcome and Introductions – Jeremy Sneeden, User Group Director Product update by Symantec (DLP mobile / cloud) – Ben Yang Lunch and Networking Customer presentation: Bill King, Target Customer ...
updated event 29 Sep 2016
NetX a Symantec Authorized Training Partner (ATP) delivers Instructor-led Training Classes either on-site or remotely.  We offer over 20 different Symantec Classes, for a complete list please visit netxinc.com/training Attend from your home, office or one of our convenient locations.   Our training classes are Guaranteed to Run, We Never Cancel!  Symantec Endpoint ...
new event 26 Sep 2016
Date: October 18, 2016 Time: 10:00 AM (PST) / 1:00 PM (EST) Anatomy of a Ransomware Attack Did you know that just opening a compromised web page could allow dangerous code to install on a PC or smartphone? You don’t have to click “accept” for a download or software update to install malware on your machines and trigger an infection and the consequences can be enormous. Why you need to build 24 ...
new event 23 Sep 2016
Webinar: November 10, 2016 Time: 10:00 AM PST / 1:00 PM EST Today, targeted attacks and Zero-Day vulnerabilities are the two most common advanced threats.  Attacks are designed to enter your environments from many different vectors so an endpoint security solution that detects and blocks threats at all points in the attack chain is critical. Join the 451 Analyst, Adrian Sanabria and ...
new event 22 Sep 2016
(These two groups -- Midwest DLP and Chicago Security -- will meet together again. Agenda and details coming in early 2017.)
updated video 19 Sep 2016
In this quick demo, Pat McPherson of ITS Partners, shows how Data Loss Prevention Form Recognition allows organizations to detect sensitive information that is contained on forms in a variety of image formats. Watch the HD version here: https://vimeo.com/183016027 Learn more at: https://www.itsdelivers.com/solutions/it-risk-mana...
updated video 12 Aug 2016
This video forms part of a series which describes the actions that administrators will need to take in order to setup the Symantec Email Quarantine when they are using the Symantec Email Security.cloud service. This video looks at the Quarantine options in ClientNet itself and the various options available for quarantine administrators to configure.
updated video 13 Jul 2016
In this quick update our risk management expert, John Higday, highlights the updates in ATP 2.0.2 which  provides IT security teams with the best visibility in their endpoint environment.   Advanced Threat Protection - Expose, prioritize, and remediate sophisticated advanced attacks across endpoints, networks, and email, from one single console.   Download our ATP whitepaper at ...
updated video 19 May 2016
This video will help new customers to provision their domains and inbound routes once they have access to the administration portal. If you want a desktop aid to provide a step by step guide as to the tool, then please download that here.
new video 17 May 2016
Bay Dynamics recently announced the availability of the standalone IT Analytics Server 2.1, which includes an enhanced web based cube browser. This video walks you through how as an existing Symantec Endpoint Protection customer, you can leverage IT Analytics Server to visualize your cube data and take advantage of its benefits.
new idea 29 Sep 2016
Would like to see Yubikey support added for two-factor and token support within the SEE 11.x product.  Our company is looking at two-factor authentication options and it would be handy to see this added.
updated idea 29 Sep 2016
Implement RFC 7489 (DMARC - Domain-based Message Authentication, Reporting, and Conformance - https://dmarc.org/) in Symantec Messaging Gateway. A DMARC policy allows a sender to indicate that their emails are protected by SPF and/or DKIM, and tells a receiver what to do if neither of those authentication methods passes – such as junk or reject the message. DMARC removes guesswork from ...
updated idea 29 Sep 2016
Up to version 10.5.4 of Symantec Messaging Gateway it is not possible to define sender-based exclusions for Disarm Content (Malware Policies). Using Policy Groups only internal recipient groups can be handled differently for various policies. Please implement filter conditions (as it is possible for Content Filtering Policies) for Malware Policies to define exclusions based on various ...
new idea 28 Sep 2016
I recieved a PDF containing a link to a fraudulent site that looked like a login for Office365.  I tried to sumit it to Symantec via the normal submissions process, but they rejected it because it did not contain a malicious payload, only a link to a dangerous site!  So the technician was unable to help me in any way other than point me to this idea site. I don't know if this ...
new idea 28 Sep 2016
It would be helpful if CCS could scan for text file content across multiple text based files also located inside compressed files like zip, rar, jar, etc. Also full regular expression support is required.
new idea 27 Sep 2016
Download Insight complained about a file.  It provided the file name but not the path.  In order for a user to make an informed decision full info is needed on the file please. 
updated idea 27 Sep 2016
Symantec End Point Protestion Cloud.  As an MSP, we are receiving an enormous amount of logs, virus alerts and warning, that are flooding our email system.  We would like to have a way to select which alerts are sent.  Most of the emails are reporting the viruses are resolved and no interaction needed.  Can only the manual intervention needed be emailed? Thanks
updated idea 27 Sep 2016
As I understand, Endpoint Protection.cloud  has a potential security lapse. If anyone is able to access the redistributable installer or access the password of cloud, he can play havoc with the whole lot of installations. As such he can add new clients or delete existing clients. This should be protected by two step authentication through a link which can be sent to email id or some other ...
updated idea 27 Sep 2016
After speaking to support, we have found there is no way to perform vulnerability scanning of Microsoft Windows based computers running Symantec endpoint .cloud without disabling major components of the security toolset until the vulnerability scanning is complete - thus putting our machines at risk. Leaving SEP fully functional during the scan causing inconsistent or incomplete ...
Member Name
Reward Points
All Time
Member Name
Reward Points
Last 30 Days
Member Name
ArticlesSolved
Mithun Sanghavi
1,256
60
SMLatCST
416
1
jjesse
80
24
ℬrίαη
2,504
21

A Message From Your Community Manager: Jami

Welcome to the Security Community on Symantec Connect.

The Security Community covers many different security products from Symantec and provides valuable technical information for each.

Please feel free to contact me via private message with any questions you may have.

I look forward to hearing from you and answering any questions about the Community.

Login to contact the Community Manager.