Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog
Showing posts tagged with Endpoint Protection (AntiVirus)
Showing posts in English
khaley | 25 Mar 2010 | 2 comments

I recently ran a survey on password management.  You can see my original blog and even take the survey yourself here.   At best, I thought 20 or so of you would take the time to fill out the survey…and that would include most of my close relatives.  However, instead we got more than 400 responses in a few short days (not even including my relatives).  So, thank you to all who took the time to complete the survey.  I’ve posted the results below. 
I want to comment on some of the results.  It may be a stretch to draw too many definitive conclusions from the data, but it will be fun nonetheless.  If anyone wants to comment, correct or vehemently disagree with any of my conclusions please feel free to do so.

Let’s get started!

1. On how many different...
anil4urhelp | 18 Mar 2010 | 1 comment

I wana block all the machines which are not the member of our domian. | 17 Mar 2010 | 0 comments

Best Practices with Symantec Endpoint Protection (SEP) Group Update Providers (GUP)
New features and functionality in Symantec Endpoint Protection Release Update 5 (SEP RU 5) Group Update Provider (GUP)

riva11 | 15 Mar 2010 | 1 comment

If you don't have password generator tool or enough fantasy for a good, strong password, a good help is the RandomKeyGen website. Just open this site , choose one of randomly generated keys shown in this page. For new passwords simply press F5 for a new refresh keys page.

Here the different keys generated :

  • Decent Passwords
  • Strong Passwords
  • Ft. Knox Passwords
  • CodeIgniter Encryption Keys
  • 160-bit WPA Key
  • 504-bit WPA Key
  • 64-bit WEP Keys
  • 128-bit WEP Keys
  • 152-bit WEP Keys
  • 256-bit WEP Keys

Link : RandomKeyGen

Read also the Test your password ! blog for information about how is strong your password.


sandeep_sali | 10 Mar 2010 | 1 comment

Symantec is undoubtedly the world leader in protecting systems and networks from security threats. It also handles the most complicated tasks of avoiding false positive detection and cleaning/deleting the encountered security threat.

Lately, there has been a rise in other antivirus programs catching false positive's and posing them as actual security threats!  As a result, it might give a customer the sense that SEP isn't doing what it was designed to do.  Our response team performs a herculean task of analyzing a number of suspected files submitted to us. 

When I say "Security Threat," I mean Trojans, worms, and hoaxes. Symantec endpoint has a different approach to handle them. Needless to say, the customers data security and software stability is our prime objective, which at times is not targeted by the free antivirus software. Symantec has been known for detecting the lowest percentage of False Positive threats....

OCCK | 09 Mar 2010 | 1 comment

We are trying to feed the client log entries from the Endpoint Protection to a Security and Information event Management (SIEM) system.   In order for us to size the SIEM, it is necessary to determine number of client logs per hour coming in to the SEP manager.   Does everyone know to figure out this number?  Thanks.

riva11 | 09 Mar 2010 | 7 comments

Hi all,
Does any removal tool exist to find and delete the " XP Internet Security 2010 " rogue virus ?


v16 | 06 Mar 2010 | 18 comments

While searching the web for iPhones, a fake security malware infected my laptop. Although I use Firefox and Symantec Endpoint, the trojan slipped through my XP SP3 system. When I ran a full scan, the March 5 r of Symantec did not identify the problem.  After researching the web, I found a blog at "," which fully described the problem and the solution. I used MalwareBytes' AntiMalware to remove the infected registries and files. Note that the rogue has other names, such as Vista Internet Security 2010, Win 7 Internet Security 2010, and several others.  This rogue must be disabled before it allows other executable files to run. I used FixExe.reg.

Variants of the files infected are as follows.

%UserProfile%\Local Settings\Application Data\av.exe

%UserProfile%\Local Settings\Application Data\WRblt8464P


Warrior6945 | 23 Feb 2010 | 0 comments

 Client install package shows wrong Server details

You have a Primary SEPM and a secondary SEPM installed.
When you create an install package from the secondary SEPM, the sylink file will show the details of the Primary SEPM
After installing the SEP Client with the created install package, the clients reports to the Primary SEPM
Client shows up in the secondary SEPM however with a red arrow
Open the SEP Manager Console
Go to Clients tab and select the group.
Click on the Policies tab of the selected group
Go to Communication Settings
Change the MSL which has the details of the Secondary SEPM
Create the install package again.
Now the sylink file of the package should have the details of the Secondary Server
Hear4U | 08 Feb 2010

It'll take you about :30 seconds, really!  Thank you for your inputs and help!