Video Screencast Help
Search Video Help Close Back
to help
Not able to make it to Vision this year? Get a sampling in the Best of Vision on Demand group.

Security Community Blog

Showing posts tagged with Symantec Information Manager remove filter
Rule review an important task
Milan_T | 18 May 2012 | 0 comments

For Security rule requirements may very with respect to time. Like rule implemented once need to be modified or changed or must be reviewed piriodically.

If any new recuirements come to the picture it must be reviwed. I have SSIM in my organisation implemented before few years rules was as it is. Now security purpose and engineering approch needed to update it. so accordingly older rules must be updated, and if necessary it must be added new once for provideing better services.

Read more
TCP split handshake Attack ...(New spoofing attack ) :)
pratik mahadik | 20 Mar 2012 | 3 comments

Everyone know what is TCP 3 way handshake .But many of us not ware of the TCP split handshake ,it is also called as five step TCP handshake ..This can be use as an new spooffing technique for the attack smiley

 

How it work :--

  1. First, a client sends a SYN packet to the server, as normal with random initial number.

  2. Next, the server responds with a packet with the acknowledgement number incremented, and a random sequence number, but without the SYN flag set; only the ACK flag is set on the initial response from the server.

  3. The client silently accepts this packet, as is expected1. In step three, the server sends a SYN packet with a newly generated sequence number and the correct...

Read more
Orchestration and Automation Enable Security in the Virtual Data Center
Deb Banerjee | 17 Feb 2012 | 0 comments

Traditionally information security has been reasoned in terms of assets, vulnerabilities and threats. A mature info-sec program has visibility into its critical assets, a compliance program for reducing its attacks surfaces and vulnerabilities therein, and in detecting and blocking threats.  A rich set of patterns and practices have emerged in supporting these for the physical (and static) data center. These include segmentation as a key practice for isolating higher-trust workloads (eg. PCI) from lower-trust workloads (e.g. test, VDI).  Another important aspect is change control  that surfaces through multi-step provisioning cycles and  change management processes. While these practices are important to ensuring compliance and minimizing attack surfaces, there have impacted IT's ability to respond to changing business requirements.  For example, physically segmented workloads create challenges in resource utilization e.g. ...

Read more
Status update from the Symantec LUA product team
GrahamA | 11 Jan 2012 | 0 comments

Happy new year to you all!

The Symantec LUA team released version 2.3.1 in Dec. Just a quick status update for you in relation to how things have been going since then.

We've seen over 200 successful customer installs/upgrades of LUA 2.3.1 so far and feedback has been very positive.

As a recap, 2.3.1 introduced the following enhancements:

  • The LUA web server service will now automatically restart if it crashes or terminates unexpectedly.
  • LUA will now automatically install and utilise an optimised private Java Runtime Environment (version 1.6 update 27). This also means it is no longer necessary to separately install a public JRE for use by LUA.
  • It is now possible for LUA to automatically run multiple specified distribution tasks after a download task completes.
  • New quick link added to the user interface which allows customers to quickly and easily capture all LUA-related troubleshooting...
Read more
Symantec Nominated for 12 SC Magazine Awards!
Pamela Reese | 09 Nov 2011 | 3 comments

Symantec received a finalist nomination in 12 catagories of the upcoming SC Magazine 2012 Awards, representing Symantec's broad portfolio of superior security offerings. SC Magazine will announce the winners at a dinner event during RSA 2012. Symantec looks forward to attending! 

Best Anti-Malware Gateway(Symantec Web Gateway 5.0)

Best Cloud Computing Security(Symantec Endpoint Protection.cloud)

Best Data Leakage Prevention (DLP)(Symantec Data Loss Prevention)

...

Read more
Big boys increase in SIEM space
Tariq Naik | 06 Oct 2011 | 0 comments

IBM and Intel's security arm, McAfee, have bought themselves SIEM capabilities with IBM buying Q1 Labs, and McAfee is purchasing NitroSecurity. This follows HP's aqquisiton of Arcsight last year.

Read more
Domo Arigato Mr. Morto.....or........Helllooo? Morto?
Brandon Noble | 01 Sep 2011 | 0 comments

Over the weekend, Microsoft and F-secure issued warnings about a new global threat called “Morto”, and The Internet Storm Center has been seeing a large spike in traffic on Port 3389.

The spike looks to have been caused by the RDP (Remote Desktop) portion of the worm calling around looking for RDP connections. Once it finds one, it uses a small list of weak passwords and  ..pwnage ensues.

Symantec detects this threat as W32.Morto and Security Response and will continue to perform deeper analysis throughout the next several days. So far, they have uncovered several dozen different MD5s that are all part of this same threat family.

 

Signs of Morto in your environment

As we learned with W32.Downadup:
Brute force attacks + Small list of passwords = Account lockouts....

Read more
Search Assets Database by IP Address
awgtek variq | 22 Jul 2011 | 0 comments

Problem:

You would like to search the Assets and Policies database for an IP using an Advanced (SQL) Query.

Solution:

In your advanced query enter the following SQL. Then replace [ipnum] with your IP address (i.e. dotted quad IP).

SELECT SYMCMGMT.SYMC_SIM_POLICY.NAME,  SYMCMGMT.SYMC_SIM_ASSET.* FROM SYMCMGMT.SYMC_SIM_ASSET_POLICY_MAP RIGHT JOIN SYMCMGMT.SYMC_SIM_ASSET
on SYMCMGMT.SYMC_SIM_ASSET_POLICY_MAP.ASSET_ID = SYMCMGMT.SYMC_SIM_ASSET.ID
LEFT JOIN SYMCMGMT.SYMC_SIM_POLICY ON SYMCMGMT.SYMC_SIM_ASSET_POLICY_MAP.POLICY_ID = SYMCMGMT.SYMC_SIM_POLICY.ID
 WHERE SYMCMGMT.SYMC_SIM_ASSET.IP = (

SELECT CASE WHEN  (IPNumber - 2147483648) > 0 THEN IPNumber -(2*2147483648) ELSE IPNumber END AS IPNUMBER2  FROM  ( SELECT     16777216 *
CAST(LEFT(IPNumber1, LOCATE('.', IPNumber1, 1)-1) AS BIGINT)     +  65536 * CAST(...

Read more
Process Orchestration – The Key to Improving Security Response
Sean Yarger | 08 Jun 2011 | 1 comment

 

Let’s pretend for a moment that you’re on a business trip. You hear the boarding call for your flight and reach down to grab you laptop – only your laptop isn’t there. Whether it was left at security or snagged by another traveler in the terminal, your laptop is gone and your company data is at risk.

 

So what do you do? Typically you’ll need to make a call to the office, notifying your IT department of the incident. This call will initiate a chain reaction of events set into place to ensure measures are taken to secure the files and equip you with a new device to keep business running as usual. This process typically involves a series of forms, approvals, signatures, etc.

 

While it may sound simple, enforcing processes with effectiveness is one of hardest things for companies to do. With multiple people involved and steps required, any number of things can go wrong, slowing down the process –...

Read more
Job Opportunity: Symantec Security Consultant
Chad Dupin | 01 Jun 2011 | 0 comments

ITS Partner is looking to hire a few Symantec Security Consultants / Engineers.

 

Location

West Michigan / Grand Rapids, MI Area.

Job Summary

This position will be focused on the implementation of Symantec security products within various customer environments. Job responsibilities include assessing customer needs and expectations, designing solutions to meet those needs, and then implementing the design. In addition to these activities the consultant will participate in the sales process (proposal creation, presentations, sales calls, demos, etc.). This position has the opportunity to grow into a leadership role within ITS to help guide and direct the security team.

Preferred Technical Qualifications

  • Symantec Endpoint Protection
  • Symantec Endpoint Encryption
  • Symantec Data Loss Prevention
  • Control Compliance Suite
  • PGP

Technical Knowledge

...
Read more

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
269,999