Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog
Showing posts tagged with Endpoint Protection (AntiVirus)
Showing posts in English
Sumit G | 11 Feb 2013 | 0 comments

Here are the Best Practices and Troubleshooting articles which are related to GUP.

Group Update Provider: Sizing and Scaling Guidelines

http://www.symantec.com/business/support/index?page=content&id=TECH95353

Best Practices with Symantec Endpoint Protection (SEP) Group Update Providers (GUP)

http://www.symantec.com/business/support/index?page=content&id=TECH93813

Configuring the Group Update Provider (GUP) in Symantec Endpoint Protection 11.0 RU5

http://www.symantec.com/business/support/index?page=content&id=TECH96419&locale=en_US

Guide to create the GUP...

Sumit G | 11 Feb 2013 | 1 comment

In this Blog, I have mentioned the number of articles links which can help and guide about ADC policy.

Best Practices for Deploying Symantec Endpoint Protection's Application and Device Control Policies

http://www.symantec.com/docs/TECH145973

Symantec Endpoint Protection Manager - Application and Device Control - Policies explained

http://www.symantec.com/docs/TECH104431

White Paper on Application and Device Control

http://www.symantec.com/avcenter/security/ADC/Configuring_Application_Control_1.1.pdf

How to configure Application Control in Symantec Endpoint Protection 11.0 : Configuring Application Control Policies

http://www....

Sumit G | 09 Feb 2013 | 0 comments

Hi Friends,

In this blog i have added some Troubleshooting Articles which can help for Client level Diagnose

Proactive Threat Protection definitions will not update, showing "Waiting for updates" or initial install definitions
http://www.symantec.com/docs/TECH171458

PTP Services is not working in SEP
https://www-secure.symantec.com/connect/downloads/ptp-services-not-working-sep

Proactive Threat Protection in a Symantec Endpoint Protection client is disabled in client user interface and "Event ID 74 TruScan has generated an error: code 14: description: CAL Failure" shows in the Windows Application log
http://www.symantec.com/docs/TECH106159

 
Proactive Threat Protection is not enabled or is...

Sumit G | 09 Feb 2013 | 1 comment

Hi Friends,

In this blog i have added some Troubleshooting Articles which can help to Repairing the Corrupted Definition

How to clear corrupt Virus Definitions from SEPM
https://www-secure.symantec.com/connect/articles/how-clear-corrupt-virus-definitions-sepm

Using the "Rx4DefsSEP" utility
http://www.symantec.com/docs/TECH93036

Using the "Rx4Defs64" utility
http://www.symantec.com/docs/TECH105038

Drive Space used by Virus Definitions Updates
http://www.symantec.com/docs/TECH141811

Disk Space Management procedures for the Symantec Endpoint Protection Manager
http://...

Syed saied | 07 Feb 2013 | 0 comments

How To Create a GUP

First Installed SEP client on that machine which you want to create as a GUP. and then follow the below mention steps.

1. Login in to SEPM Console.

2. Click on Policy.

3. Then Click on Live Update.

4. Click on Add a LiveUpdate Settings Policy.

5. Then Given the Policy name and discriptions. and check mark on "Enable this Policy"

6. Click on Server Setting under Windows Setting.

7. Check mark on Use a Group update Provider and then click on Group Update Provider tab.

* If you want to create a single GUP:-

Click on Single Group Update Provider IP address or Host.

...

Vikram Kumar-SAV to SEP | 04 Feb 2013 | 0 comments

Symantec keeps tab on the changing Threat Landscape and incorporates relevant security on its products.Same is the story with SAV to SEP to now SEP 12..

When we had SAV in the market what our customer needed was just a Antivirus to protect their system from downtime..here antivirus was looked more as a Availability facilitator than a core security product..till early 2000.

Even though we had SCS (firewall and IPS) seclected people used the other features.

Starting from 2006-2007 that was a high rise in malware being created and vulnerabilities being exploited..slowly the trend changed and it all came down to money making malwares..

FakeAntivirus, Downadup, Various Blackmailing Trojans etc..here the audience was not high profile..and SEP 11 very well detect and blocks and does whatever it can..Slowly people started using IPS, ADC and found much more can be done with SEP and they are doing it..

However in last few years there has been targetted...

SebastianZ | 02 Feb 2013 | 0 comments

A small compilation from the Symantec Portfolio including Data Sheets of several Symantec Security Products.

- Symantec™ Endpoint Protection 12.1.2 (10/12)
http://www.symantec.com/endpoint-protection/data-s...

- Symantec Endpoint Protection Small Business Edition 2013 (11/12)
http://www.symantec.com/endpoint-protection-small-...

- Symantec™ Protection Suite Enterprise Edition - Comprehensive, powerful endpoint, messaging, and Web protection, for less
money (06/11)
...

dotlike | 28 Jan 2013 | 0 comments

Today i had a strange problem regarding a HP Software installation. The client had Symantec Endpoint Protection 12.1 installed.

The windows event log had the following entry:

SYMANTEC TAMPER PROTECTION ALERT 
Target: C:Program FilesSymantecSymantec Endpoint Protection12.1.671.4971.105BinccSvcHst.exe 
Event Info: Open Process 
ActionTaken: Blocked 
Actor Process: C:HP_LJM2727_FULL_SOLUTION_AM_EMEA1SETUPHPZSHL01.EXE (PID 4192) 
Time: Sonntag, 11. März 2012 16:47:26
 

So the Tamper protection blocked the installation of the HP software.

To fix this you can adapt the 'Exeception Policy' and add an entry for the installation folder of the HP Software. Another way would be to disable tamper protection till the installation is done (remember to update the policy or wait for the policy to be updated)

.Brian | 15 Jan 2013 | 0 comments

Symantec Endpoint Protection (SEP) Manager is prone to a remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary PHP code in the context of the application.

This issue is fixed in the following versions:

Symantec Endpoint Protection 11.0 RU7-MP3
Symantec Endpoint Protection 12.1 RU2

Versions affected:

Symantec Endpoint Protection 11.0 RU7 MP1 0
Symantec Endpoint Protection 11.0 RU6-MP3(11.0.6300) 0
Symantec Endpoint Protection 11.0 RU6-MP2(11.0.6200) 0
Symantec Endpoint Protection 11.0 RU6-MP1(11.0.6100) 0
Symantec Endpoint Protection 12.1 RU1-MP1
Symantec Endpoint Protection 12.1 MP1
Symantec Endpoint Protection 12.1
Symantec Endpoint Protection 12.0
Symantec Endpoint Protection 11.0 RU7 MP2
Symantec Endpoint Protection 11.0 RU7 MP1
Symantec Endpoint Protection 11.0 RU6-MP3(11.0.63...