Video Screencast Help
Search Video Help Close Back
to help

Endpoint Security Blog

Showing posts in English
The Necessary Evolution of Endpoint Security Software
dschrader | 03 Feb 2011 | 5 comments

 

In one of Alan Shimmel's recent posts to his excellent The Ashimmy Blog, "Do you really need desktop AV anymore?" he states that surfing in safe neighborhoods and practicing safe computing (or safe-hex, as one of his readers posted in the comments section) can provide adequate protection. He is wrong. There are no safe neighborhoods on the internet.  Millions of legitimate web pages are hijacked every year and used to distribute malware. In the past we have seen newspapers, government sites, even the FBI’s home page hijacked – sometimes the networks serving ads to those and thousand of other legitimate sites have been taken over. Worse, malware or links to infected sites are often distributed through sources of trust such as...

Read more
Gartner on Endpoint Security
dschrader | 29 Dec 2010 | 0 comments

Gartner just released their annual report on endpoint security (see: Magic Quadrant for Endpoint Protection Platforms, Gartner, 2010)

As you can read in the report, Symantec extended its lead both in terms of vision and ability to execute.  What is really notable, however, is the strong statement Gartner made about the future of endpoint security.  The reports starts with an indictment, "Malware effectiveness continues to accelerate, while vendors are busy polishing increasingly ineffective solutions and doing little to fundamentally reduce the attack surface and protect users."

Gartner goes on to state, "Signature-based malware detection has been limping along on life support for...

Read more
Forefront Endpoint Protection 2010 - the new SEP?
dschrader | 31 Dec 2010 | 10 comments

Today Microsoft introduced Forefront Endpoint Protection 2010.  4 years after Symantec they finally introduced Integration with Configuration Manager, Vulnerability Shielding and Firewall Management – the equivalents of which have all been in Symantec Endpoint Protection for the past 4 years.   

The new version of Forefront still lacks functions we consider essential to endpoint security, including:

  • Device control
  • Application inventory or application control (outside of AppLocker)
  • Access control self enforcement
  • Mac & Linux support – only a promise that sometime next year “details on the timing of the Mac/Linux release will be available”
  • Optimizations for virtual environments - no resource leveling – no way to prevent av storms in virtual environments
  • Bootable recovery disk or a tool equivalent to Symantec’s Power Erasure

A few additional thoughts:...

Read more
Tis the Season to be....Mobile? Survey Results: Mobile Security Habits During the Holiday Season
Hear4U | 27 Sep 2012 | 0 comments

The holiday season is upon us and, as usual, many people are planning on taking time off from work. But with the proliferation of mobile devices such as smartphones, “time off” doesn’t exactly mean what it used to. Symantec recently conducted a survey to uncover enterprise mobile device users’ expected smartphone habits and usage patterns – particularly those that relate to mobile security and management – while out of the office over the holiday season and in general. Here is a look at the key findings:

The interesting thing about this finding is that 62 percent of respondents do not simply plan to access confidential data on their smartphones, but expect they will need to access this sensitive data while away from the office during the holiday season. Sure, respondents might access and view this data in the privacy of their home, but in all...

Read more
Building Customer Trust with Information Protection Best Practices
Blake M | 27 Sep 2012 | 0 comments

With all of the options in the marketplace today, small businesses must secure customer trust and loyalty to remain competitive. Regardless of the industry, their customers are looking for the best quality, value and service and they will quickly move on if their needs are not met. They also want to know that their personal information, like their credit card numbers and bank account information, is protected when they deal with a small business.

Today, so much of our valuable information resides on computers. It’s how we work. So it is expected that small businesses would be concerned about keeping their customers’ personal and financial information safe. In fact, according to the recent Symantec 2010 SMB Information Protection survey, almost three-quarters of SMBs are somewhat/extremely concerned about the loss of crucial business information. This does not come as a surprise when you consider that 42 percent have actually lost confidential or proprietary...

Read more
Tips for reducing the impact of SEP in VDI infrastructures
dschrader | 03 Nov 2010 | 0 comments

Garrett Bechler, a Security Solutions Architect at Symantec has put together a valuable list of tips to reduce the impact of SEP in VDI infrastructures.  With his permission, I thought I would post them here.  These are approaches that have been used in some larger (15-20K node) VDI instances to help ensure that SEP has minimal impact.

1)      Upgrade VDI devices (And SEPM) to latest build of SEP in order to take advantage of the new Resource Leveling settings introduced in SEP 11 06, including Scan Randomization and Content Randomization.

2)      Use the content randomizer in the client communication settings to randomize definition and signature delivery. Based on client density we have found the following to be a pretty decent guideline based on a 1 hour client pull based heartbeat:

a.      25-30 VDI instances per host – 2 hour randomization

b.  ...

Read more
PassMark puts Symantec and competitor endpoint security products through performance test
Art G | 26 Oct 2010 | 1 comment

Marketers love to boast about the performance of their products.  However, it is not always clear what is meant by “performance”.  Are we talking scan speed?  Memory use?  CPU utilization?  Impact on boot up times?  Impact on opening files? . . . .  
 
It turns out there is no one definition of performance.  The impact on the user’s experience due to any piece of software will vary based on the user’s systems, what they are running or doing, time of day, phases of the moon – you get the idea, lots of variables.
 
Symantec has been grappling with how to measure performance for quite a while.  Historically, our development team pegged a few key metrics (scan speed, memory, …) and thought they had a handle on the performance issue.  Some of our users seemed to have a different experience.  So we went out and found experts on performance testing –...

Read more
Critical Infrastructure Protection Providers’ Networks are being Attacked
Justin.Somaini | 05 Oct 2010 | 0 comments

We recently surveyed 1,580 private businesses worldwide that are involved in industries termed critical infrastructure providers, i.e., their industries are of such importance that if their cyber networks were successfully attacked and disabled, it would result in an actual threat to national security.

Our survey measured the awareness among private companies of efforts by governments to institute critical infrastructure programs, whether or not companies would be willing to cooperate with governments in those efforts, and the state of readiness of companies to ward off nation-wide attacks targeted at specific industries. A recent example of this type of attack is the Stuxnet worm and how it targeted energy companies around the world.

The survey revealed that critical infrastructure providers’ networks are being attacked. Fifty-three percent of respondents...

Read more
Banking, Breaches, and Brands – Three Ways Cybercriminals Can Put You Out of Business
Hear4U | 27 Sep 2012 | 0 comments

 

“It can’t happen to me”

Hunters and gatherers. Most people think of cybercrime against business to be the work of hunters such as cybercriminals who target then infiltrate a company to steal from it. Reading the newspaper, it’s easy to convince yourself that these hunters are after big game and a small business does not have to worry about these targeted attacks. Maybe; however, we’ll talk more about that later. The majority of cybercriminals can best be described as gatherers. They throw wide nets and take advantage of whatever victims land in those nets. Small businesses really must watch out for the gatherers.

Because the barrier of entry is low, there are many gatherers. A gatherer doesn’t have to be a criminal genius. They don’t even need advanced computer skills. They really don’t need to know much at all—except where to buy a toolkit. Toolkits allow criminals with...

Read more
Unlock Local Admin password ( MS Windows 2000, XP , Vista and maybe Win 7 )
riva11 | 03 Sep 2010 | 4 comments

Forgot the local admin password ? If you don't have any other chance try to recover it. There are some ways to recover a password, I found a safe and quick tool to perform this hack job... the NTPWEdit tool loaded in a bootable USB key.

NTPWEdit is a free tool ( GPL ) that allows to change or remove passwords for local system accounts. This tools supports Windows NT based systems (like Windows 2000, XP and Vista), but could be used also to reset the password of a Windows 7 systems.

Some methods for use this program:

1. Boot Windows PE or BartPE environment from CD-ROM and launch NTPWEdit.
2. If system partition formatted in FAT filesystem - boot DOS from floppy disk, copy SAM file to floppy, edit this file on another computer and copy it back.
3. If system partition formatted in NTFS file system - copy file...

Read more