Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog
Showing posts tagged with Endpoint Protection (AntiVirus)
Showing posts in English
Rafeeq | 15 Sep 2009 | 5 comments

Before I would begin , I know few of you would have these questions.

What is Social Engineering?

In simplest terms its gaining trust and misleading users.

Well..Does it really work?

Can the smartest people be easily mislead?

the answer is YES!! 

Kevin Mitnick the famous hacker said that "SE helped him a lot to gain access to most critical systems".

If so, Are we protected?

In this world where we all are connected through internet.Banking, stocks, sport updates,Face book,Twitter, everything is connected.As we are depeneding on computers for our daily work, even computers are depended on us.The more we depend the more vulberable we become. The attackers / creators mislead users by some means and gain access to the systems whichleads to financial loss.

SE in Email:

I'm sure we all would have received emails like I'm the only descendant of a rich African who recently passed...

Aniket Amdekar | 14 Sep 2009 | 0 comments

The Symantec ThreatCon rating is a measurement of the global threat exposure, delivered as part of Symantec DeepSight Threat Management System.

We always see the Threatcon level indicator on the website as well as the Endpoint Protection Manager.

Following is the description for each one of the levels:

Threatcon Level 1

ThreatCon Level 1

Low : Basic network posture
This condition applies when there is no discernible network incident activity and no malicious code activity with a moderate or severe risk rating. Under these conditions, only a routine security posture, designed to defeat normal network threats, is warranted. Automated systems and alerting mechanisms should be used.


Hinata Uzumaki | 11 Sep 2009 | 1 comment

Symantec Endpoint Protection offers Home/Student Use licenses that are intended to allow customers to deploy a limited number of copies of the client onto the home machines of employees (or faculty and staff) at a significant discount over a normal new license purchase (SEP 11.0 standard license). The installation, configuration, and management method for these agents is at the discretion of the customer (the company or the school).

Support is not sold for Home/Student Use licenses. Support is shared with the Support agreement covering the associated standard license. The customer is responsible for providing support to the home-user; issues requiring escalation are submitted normally via the customer's registered technical contacts and maintenance agreement.

In short: Home or student users must contact their company or school to get downloads or technical assistance.


Hinata Uzumaki | 09 Sep 2009 | 4 comments

Customers who have Symantec Endpoint Protection 11.0 have the following downgrade options to Symantec Antivirus 10.x:

1. If customer has Symantec Endpoint Protection 11.0 BUSINESS PACK, customer can have a downgrade license file for Symantec Antivirus 10.x.

For renewals, this can be obtained by registering the serial number  (for recent orders, Symantec has now started sending out certificates with the license files attached to it so you can skip the registration part)  in the License Portal.

For new purchases and if no license file was generated after registration, Customer Care can provide downgrade license files.

2. If customer has Symantec Endpoint Protection 11.0 (volume license), customer's downgrade option is to download Symantec Antivirus Corporate Edition 10.x, this version of Symantec Antivirus is the one that doesn't need a license file but it has the same features as the one which has the license file.

If customer doesn't... | 03 Sep 2009 | 5 comments

I paid for renewal and recieved the certificate pdf file for endpoint 11.0. I used that serial# to registar and it said no license file needed  how do i renw my old symc endpoint protection 11.0 with the new serial number

Pascal KOTTE | 28 Aug 2009 | 2 comments

Here you will find a 1,5 year old presentation regarding some explain regarding the Zombie problem on the Web...
I build this presentation to explain (try) what are the risks to non IT people.
Reuse for free - Most people must understand this problem.

We should Just add this presentation the information that Antivirus, all the same updated, with a true firewall, are not enough to protect any PC to turn a Zombie.

The 2 files are same content, in PDF + PPT format (about 1MB size)

Peterpan | 26 Aug 2009 | 2 comments
In year 2007, I am newbie in IT industry, I was graduated as an IT in the same year, having a basic knowledge in this field, After I graduated I am seeking a job related to my profession, and there are lots of company where I applied for any position that fit to my skills, with my guts to have a job, I didn’t stop seeking, then finally I was hired as a Technical Support Engineer in one company which is a Reseller of Symantec products particular in IT Security and High Availability solution.
During my first few days I was orient with my Technical Head on what products that we could handle and manage, he also give me an idea on what is our main responsibility and roles, since the company’s nature of business is a reseller, we need to do a Proof of Concept in the client, during this days I have no idea and how and where to start that kind of task, I was assigned to focus in IT security solution. so I could absorb and learn the functionality...
hemu | 25 Aug 2009 | 1 comment

Dear Friends please find attached SQL query for DB report.....

use sem5
select pat.version as vd_version,i.MAC_addr1, i.CURRENT_LOGIN_USER, i.computer_name, i.ip_addr1_text,OPERATION_SYSTEM,
dateadd(s,convert(bigint,i.TIME_STAMP)/1000,'01-01-1970 00:00:00'),
dateadd(s,convert(bigint,CREATION_TIME)/1000,'01-01-1970 00:00:00'),i.DELETED,
dateadd(s,convert(bigint,LAST_UPDATE_TIME)/1000,'01-01-1970 00:00:00') lastupdatetime,agent_version, as group_name from
sem_agent as sa with (nolock) left outer join pattern pat on sa.pattern_idx=pat.pattern_idx
inner join v_sem_computer i on i.computer_id=sa.computer_id
inner join identity_map g on
inner join identity_map p on
inner join identity_map s on
inner join identity_map q on where
(sa.agent_type='105' or sa.agent_type='151') and sa.deleted='0'
and (sa.major_version >...

thaller | 24 Aug 2009 | 0 comments
Hello Everyone,

So like I said in my last blog post, whenever something interesting or useful happens to me with regards to my dealing with SEP, I'll post about it, so here is the latest.

Last week we had an interesting "incident" with one of our clients.

The Client:

The client is a Windows XP SP2 Machine, that was on our Guest Network (Removed from the Corporate Network by Firewalling).
It was running SEP MR4 MP1 as an unmanaged client.

The client was set to auto-update from symantec every 4 hrs, and do a daily full scan.

The Problem:

We first noticed a problem when an end-user was complaining about "spyware" like symptoms, browser hijacking, popups, etc...

upon inspection SEP had not found anything, and the logs showed it was behaving as normal.

Upon furth investigation (using "other" tools) we found out that the machine was infected with Win32.XiaJian.bk Trojan.

As part of our incident response (Which I suggest every business create one...
Shaizad | 23 Aug 2009 | 1 comment

Issue                 :-  SEP Client Install roll back  on Windows Vista Enterprise Machine . (SEP 11)

Sep Install log :-  MSI (c) (8C:24) [12:02:40:166]: Invoking remote custom action. DLL: C:\Users\ADMINI~1.TEA\AppData\Local\Temp\MSI6C91.tmp, Entrypoint: CheckInstallPath
Action ended 12:02:40: CheckInstallPath. Return value 3.
Info 2896.Executing action CheckInstallPath failed.
Action ended 12:02:40: InstallWelcome. Return value 3.
MSI (c) (8C:34) [12:02:40:201]: Doing action: SetupCompleteError
Action 12:02:40: SetupCompleteError.
Action start 12:02:40: SetupCompleteError.
Action 12:02:40: SetupCompleteError. Dialog created

In Windows Vista

Open Control Panel
Open Regional and Language Options
Under 'Current Formats' select 'US English'
Click OK

Should be able to install Sep 11