Video Screencast Help
New Company Name and Logo Announced. Learn More.
discussion comment 6 hours 56 min ago
new discussion 22 hours 19 min ago
After Symantec Endpoint Encryption client been installed no Windows Server 2012 R2 it does not appear in the menu "SEE Managed Computers -> Unassigned". All communication ports open between server and client. From previous experience with SEE clients on Windows 7 - it was there in «SEE Managed Computers -> Unassigned". Any thoughts on this issue?
discussion comment 6 hours 56 min ago
new discussion 22 hours 19 min ago
After Symantec Endpoint Encryption client been installed no Windows Server 2012 R2 it does not appear in the menu "SEE Managed Computers -> Unassigned". All communication ports open between server and client. From previous experience with SEE clients on Windows 7 - it was there in «SEE Managed Computers -> Unassigned". Any thoughts on this issue?
updated article 28 Jan 2015
Overview of IT Analytics IT Analytics provides cube based reporting (pivot tables), additional reports, and Key Peformance Indicators (KPIs) for various Symantec products: Symantec IT Management Suite (Altiris) Symantec Data Loss Prevention (DLP) Symantec Critical Systems Protection (CSP) Symantec Endpoint Protection (SEP) IT Analytics is developed by Bay Dynamics but is available as part of ...
updated article 26 Jan 2015
You’ve installed & set up the SEPM console. You’ve also deployed the SEP clients to PCs across the network. The job is done… or so you thought. While it can ‘run’ itself most of the time, there are some thing you will have to monitor the health of the computers and also the network to ensure you are fully protected. Note: This is based on SEPM v12.1.5 console. Does the clients communicate to ...
updated blog entry 30 Jan 2015
Crypto-type malware is particularly nasty to deal with because it encrypts files.  While an infected file has had code added to it which antivirus can remove, an encrypted file isn’t repairable without the unique encryption key that was used. The criminals using crypto-type malware intend to sell you the unique key, giving you access to your files for a price. For this reason, crypto-type ...
new blog entry 30 Jan 2015
Welcome to the December edition of the Symantec Intelligence report. Symantec Intelligence aims to provide the latest analysis of cyber security threats, trends, and insights concerning malware, spam, and other potentially harmful business risks. In December there were eight data breaches reported that took place within the month of December. This number is likely to rise as more data breaches ...
updated blog entry 30 Jan 2015
Hi Everyone, When we use cleanwipe, the first reboot finishes and it gets stuck in the second reboot. Even if we reboot the machine multiple times, the cleanwipe window still remains open on each logon. Even if we kill the process,delete the cleanwipe file, it will not help. We need to go to registry and delete the below key : HKLM\Software\Microsoft\Windows\CurrentVersion\Run , in the right ...
updated blog entry 30 Jan 2015
I. BACKGROUND: We have been receiving a few scattered cases of outbreaks from a file labeled snkb00ptz.exe or snkb0ptz.exe, but it seems to be on the rise. It's normally considered poor troubleshooting to use the file name for any type of identification of a threat, but recent examples have made this practical. Even though these files were detected as many different threat names and families ...
updated blog entry 30 Jan 2015
I. BACKGROUND: In mid-2009, W32.Changeup, was first discovered on systems around the world. Over the last few years, Symantec Security Response has profiled this threat, explained why it spreads, and shown how it was created.  Since November 2012 we have seen weekly spikes the number of W32.Changeup detections and infections. The increase in detections is a result of a renewed ...
updated blog entry 30 Jan 2015
Recently we have seen a re-emergence of polymorphic file infectors, AKA viruses. Threats like W32.Sality and W32.Xpiro are using some old-school tactics to infect good files and spread through networks. As the former captain of my high school analogy team, I’m writing this informal blog to help de-mystify some of the difficulties around dealing with these kinds of threats. If we think of our ...
updated blog entry 30 Jan 2015
Security Response is aware of an alert from US-CERT regarding a threat they are calling Backoff. This threat family is reported to target Point of Sale machines with the purpose of logging key strokes and scraping memory for data (like credit card info) and then exfiltrating the data to the attacker. Symantec Security Response is currently investigating this threat family and is working to ...
updated blog entry 30 Jan 2015
We have been seeing a recent wave of Trojan.Shylock variants with a lot of additional functionality than the older versions we have been used to. Initially, many of these variants are detected generically as Backdoor.Trojan or Trojan Horse, but our new Shylock heuristic signatures (Trojan.Shylock!gen6 and Trojan.Shylock!gen7) should be changing this to a more accurate naming convention, and ...
updated blog entry 30 Jan 2015
I guess we need to face it. Sality is here to stay. We have been dealing with new Sality variants for more than 8 years and the Sality.AE family for a little over 5…the variants keep coming. It has become one of the most common file infectors reported by Enterprise customers. With its ability to move through shares and disable AV, it’s one of the most destructive and tricky threats we have out ...
updated blog entry 30 Jan 2015
If you want to add two filters, to separate all the front end computers (desktops/laptops) from the back end computers (servers), follow these steps. Step 1. Create two extra values for "$filOsType" that aren't used yet. I chose 0800 and 0801. Step 2. Look in \Php\Include\Util\util.php. Change lines 2637 - 2638 reading: && $filOsType!="0300" && $filOsType!="0301" && $filOsType!="0302" && ...
updated download 08 Jan 2015
To build on my last IR article: How to utilize SEP 12.1 for Incident Response - PART 6 I'm attaching a custom IPS policy which will detect the download of various filetypes via HTTP and HTTPS. The signatures are in Allow mode and set to write to the Packet log for detailed information. As of now, this policy will detect 37 different filetypes. I will update it as I add more. Feel free to use ...
download comment 05 Dec 2014
new event 29 Jan 2015
Presented by: Kevin Haley, Director, Security Technology and Response Kat Pelak, Senior Product Marketing Manager   Webcast Summary: Cybercrime remains prevalent and damaging threats from cybercriminals continue to loom over businesses and consumers. Since December 2013 thru November 2014 over 476 million identities have been exposed. Join Symantec for an in-depth look at the ...
updated event 27 Jan 2015
Attention: This User Group meeting has been canceled due to the recent snowstorm in the Philadelphia area. We will keep you posted on when this meeting is rescheduled. Apologies for any inconvenience this may have caused.
new event 12 Jan 2015
Join our upcoming webcast to learn best practices and strategies for securing, migrating and protecting your legacy environment. Learn how to solve for the upcoming Windows Server 2003 end of support, we'll cover: Recommendations and best practices for systems running Windows Server 2003 How to effectively secure systems that cannot be upgraded How to migrate to new platforms and operating ...
new event 04 Dec 2014
Presented by: Jon Oltsik, Senior Principal Analyst, Enterprise Security Group Kat Pelak, Senior Product Marketing Manager   Online activity and security threats are growing in volume, scale, and complexity.  Not a day passes that we don’t hear about another data breach.  From small and medium-size businesses to Fortune 500 companies, across every industry, no organization is ...
updated event 25 Nov 2014
Greetings Valued DLP Customers and Partners,   We respectfully request your participation at our upcoming Symantec DLP Feature Advisory Board (FAB).  We will be discussing the upcoming feature, Discover for Box Cloud Storage.  You will be among the first to see and hear about this new feature.  The meeting will be led by DLP Product Management and your feedback will shape ...
updated event 24 Nov 2014
Join Symantec at the Gartner Data Center, Infrastructure & Operations Management Conference 2014 in Las Vegas and get the information you need to deliver crucial IT services and drive improved levels of productivity and innovation at the same time. With a renewed focus on people, processes, technology and culture, you will learn how to select and prioritize I&O initiatives, manage ongoing ...
new event 14 Nov 2014
Presented by: Kevin Haley, Director, Security Technology And Response Webcast Summary: The true personal computer is in our pockets or purses today.  It’s the smart phone.  It is a computer with more processing power than in the first space capsule that sent men to the moon.  And it’s a very personal device - to work, play and share with our friends.  But like any ...
updated video 10 Dec 2014
This is lesson 6 of the Symantec DeepSight Intelilgence Portal course. This course includes a total of seven lessons, click on a link below to access the remaining lessons. Please fill out a course evaluation once you have completed this training. Contact Symantec Technical Support at 800-342-0652 if you have a technical issue. For non-technical issues, such as licensing or ...
updated video 10 Dec 2014
This is lesson 5 of the Symantec DeepSight Intelligence Portal course. This course includes a total of seven lessons, click on a link below to access the remaining lessons. Please fill out a course evaluation once you have completed this training. Contact Symantec Technical Support at 800-342-0652 if you have a technical issue. For non-technical issues, such as licensing or ...
updated video 10 Dec 2014
This is lesson 4 of the Symantec DeepSight Intelligence Portal course. This course includes a total of seven lessons, click on a link below to access the remaining lessons. Please fill out a course evaluation once you have completed this training. Contact Symantec Technical Support at 800-342-0652 if you have a technical issue. For non-technical issues, such as licensing or ...
updated video 10 Dec 2014
This is lesson 3 of the Symantec DeepSight Intelligence Portal course. This course includes a total of seven lessons, click on a link below to access the remaining lessons. Please fill out a course evaluation once you have completed this training. Contact Symantec Technical Support at 800-342-0652 if you have a technical issue. For non-technical issues, such as ...
updated video 10 Dec 2014
This is lesson 2 of the Symantec DeepSight Intelligence Portal course. This course includes a total of seven lessons, click on a link below to access the remaining lessons. Please fill out a course evaluation once you have completed this training. Contact Symantec Technical Support at 800-342-0652 if you have a technical issue. For non-technical issues, such as licensing or ...
updated video 10 Dec 2014
This is lesson 1 of the Symantec DeepSight Intelligence Portal course. This course includes a total of seven lessons, click on a link below to access the remaining lessons. Please fill out a course evaluation once you have completed this training. Contact Symantec Technical Support at 800-342-0652 if you have a technical issue. For non-technical issues, such as ...
updated video 05 Dec 2014
This is lesson 6 of the Symantec DeepSight Intelligence Portal course. This course includes a total of seven lessons: Lesson 1: DeepSight Intelligence Portal Overview - Discuss the variety of intelligence the portal provides - Set up your account and familiarize yourself with the portal - Review the analyst journals - Determine who to contact if you have a problem - ...
updated video 14 Nov 2014
Regardless of the size of the organization, if you handle Personal Health Information (PHI) you have to follow the rules of HIPAA. This can be a daunting exercise of weeding through the various technology solutions and aligning processes and procedures. Now you have to expand this exercise to your Business Associates. How exhausting. At Novacoast we understand that a one-size-fits-all solution ...
updated idea 29 Jan 2015
Since on ru6 relase, mac sep agent can be managed by SEPM I think it would be better as well if SEPM will managed sep agent for LInux. Hope that would be on the roadmap. thanks
new idea 28 Jan 2015
Hi,    I was looking for a way to find if the deployed package on a managed SEP client is having "Basic" or "Full" protection but directly from the client e.g. by reading a registry key or with a WMI query. It could be a great enhancement to be able to get that information locally from the client instead of having to generate a built-in report in the SEPM. Regards
new idea 28 Jan 2015
It may be desireable to designate a system to act as a GUP where the system has multiple network interfaces. In this case, it also may be desired that some of IP addresses associated with these interfaces NOT be included in the GUP list. The enhance request is to provide a means of designating IP addresses or subnets that should not be included in the global GUP list. For example, there may be ...
updated idea 28 Jan 2015
Would be nice to have ability for Non persistent devices to have a scan schedule or flag within the OS to flag it so that upon a reboot it doesn't automatically scan.  we are seeing scanning when associates log in even with the communication settings set as per ...
Member Name
Reward Points
All Time
Member Name
Reward Points
Last 30 Days
Member Name
ArticlesSolved
AravindKM
293
1
Brɨan
1665
18
Mithun Sanghavi
1228
59
P_K_
1131
28
SMLatCST
369
1
jjesse
56
24

A Message From Your Community Manager: Swathi Turlapaty

Welcome to the Security Community on Symantec Connect.

The Security Community covers many different security products from Symantec and provides valuable technical information for each.

Please feel free to contact me via private message with any questions you may have.

I look forward to hearing from you and answering any questions about the Community.

Login to contact the Community Manager.