Video Screencast Help
Search Video Help Close Back
to help

Security Community Blog

Showing posts tagged with Symantec Security Information Manager
Showing posts in English
Status update from the Symantec LUA product team
GrahamA | 18 Jan 2012 | 0 comments

Happy new year to you all!

The Symantec LUA team released version 2.3.1 in Dec. Just a quick status update for you in relation to how things have been going since then.

We've seen over 200 successful customer installs/upgrades of LUA 2.3.1 so far and feedback has been very positive.

As a recap, 2.3.1 introduced the following enhancements:

  • The LUA web server service will now automatically restart if it crashes or terminates unexpectedly.
  • LUA will now automatically install and utilise an optimised private Java Runtime Environment (version 1.6 update 27). This also means it is no longer necessary to separately install a public JRE for use by LUA.
  • It is now possible for LUA to automatically run multiple specified distribution tasks after a download task completes.
  • New quick link added to the user interface which allows customers to quickly and easily capture all LUA-related troubleshooting...
Read more
Symantec Nominated for 12 SC Magazine Awards!
Pamela Reese | 09 Nov 2011 | 3 comments

Symantec received a finalist nomination in 12 catagories of the upcoming SC Magazine 2012 Awards, representing Symantec's broad portfolio of superior security offerings. SC Magazine will announce the winners at a dinner event during RSA 2012. Symantec looks forward to attending! 

Best Anti-Malware Gateway(Symantec Web Gateway 5.0)

Best Cloud Computing Security(Symantec Endpoint Protection.cloud)

Best Data Leakage Prevention (DLP)(Symantec Data Loss Prevention)

...

Read more
Big boys increase in SIEM space
Tariq Naik | 06 Oct 2011 | 0 comments

IBM and Intel's security arm, McAfee, have bought themselves SIEM capabilities with IBM buying Q1 Labs, and McAfee is purchasing NitroSecurity. This follows HP's aqquisiton of Arcsight last year.

Read more
Domo Arigato Mr. Morto.....or........Helllooo? Morto?
Brandon Noble | 01 Sep 2011 | 0 comments

Over the weekend, Microsoft and F-secure issued warnings about a new global threat called “Morto”, and The Internet Storm Center has been seeing a large spike in traffic on Port 3389.

The spike looks to have been caused by the RDP (Remote Desktop) portion of the worm calling around looking for RDP connections. Once it finds one, it uses a small list of weak passwords and  ..pwnage ensues.

Symantec detects this threat as W32.Morto and Security Response and will continue to perform deeper analysis throughout the next several days. So far, they have uncovered several dozen different MD5s that are all part of this same threat family.

 

Signs of Morto in your environment

As we learned with W32.Downadup:
Brute force attacks + Small list of passwords = Account lockouts....

Read more
Search Assets Database by IP Address
awgtek variq | 22 Jul 2011 | 0 comments

Problem:

You would like to search the Assets and Policies database for an IP using an Advanced (SQL) Query.

Solution:

In your advanced query enter the following SQL. Then replace [ipnum] with your IP address (i.e. dotted quad IP).

SELECT SYMCMGMT.SYMC_SIM_POLICY.NAME,  SYMCMGMT.SYMC_SIM_ASSET.* FROM SYMCMGMT.SYMC_SIM_ASSET_POLICY_MAP RIGHT JOIN SYMCMGMT.SYMC_SIM_ASSET
on SYMCMGMT.SYMC_SIM_ASSET_POLICY_MAP.ASSET_ID = SYMCMGMT.SYMC_SIM_ASSET.ID
LEFT JOIN SYMCMGMT.SYMC_SIM_POLICY ON SYMCMGMT.SYMC_SIM_ASSET_POLICY_MAP.POLICY_ID = SYMCMGMT.SYMC_SIM_POLICY.ID
 WHERE SYMCMGMT.SYMC_SIM_ASSET.IP = (

SELECT CASE WHEN  (IPNumber - 2147483648) > 0 THEN IPNumber -(2*2147483648) ELSE IPNumber END AS IPNUMBER2  FROM  ( SELECT     16777216 *
CAST(LEFT(IPNumber1, LOCATE('.', IPNumber1, 1)-1) AS BIGINT)     +  65536 * CAST(...

Read more
Process Orchestration – The Key to Improving Security Response
Sean Yarger | 08 Jun 2011 | 1 comment

 

Let’s pretend for a moment that you’re on a business trip. You hear the boarding call for your flight and reach down to grab you laptop – only your laptop isn’t there. Whether it was left at security or snagged by another traveler in the terminal, your laptop is gone and your company data is at risk.

 

So what do you do? Typically you’ll need to make a call to the office, notifying your IT department of the incident. This call will initiate a chain reaction of events set into place to ensure measures are taken to secure the files and equip you with a new device to keep business running as usual. This process typically involves a series of forms, approvals, signatures, etc.

 

While it may sound simple, enforcing processes with effectiveness is one of hardest things for companies to do. With multiple people involved and steps required, any number of things can go wrong, slowing down the process –...

Read more
Job Opportunity: Symantec Security Consultant
Chad Dupin | 01 Jun 2011 | 0 comments

ITS Partner is looking to hire a few Symantec Security Consultants / Engineers.

 

Location

West Michigan / Grand Rapids, MI Area.

Job Summary

This position will be focused on the implementation of Symantec security products within various customer environments. Job responsibilities include assessing customer needs and expectations, designing solutions to meet those needs, and then implementing the design. In addition to these activities the consultant will participate in the sales process (proposal creation, presentations, sales calls, demos, etc.). This position has the opportunity to grow into a leadership role within ITS to help guide and direct the security team.

Preferred Technical Qualifications

  • Symantec Endpoint Protection
  • Symantec Endpoint Encryption
  • Symantec Data Loss Prevention
  • Control Compliance Suite
  • PGP

Technical Knowledge

...
Read more
Phishing email - Japan Earthquake
wongkf | 13 Apr 2011 | 0 comments

Dear all,

This is an email message that I have reveived recently. Please broadcast it to stop the scam. I have checked the email header and confirmed that it was sending through yahoo.co.jp mail server by using an IP address allocated to a country in South East Asia (not Japan).

Read more
Symantec Cybercrime Index Portal...
SecuredThatToo | 17 Feb 2011 | 1 comment

Symantec just announced a pretty cool, interactive, free tool to help stay abreast of security trends and activities.  It even has historical data!  There’s an online version, a installable Windows gadget and you can access it via your mobile phone!  It's pretty slick!

Online Web Portal:
http://www.nortoncybercrimeindex.com

Windows Gadget Download:
http://www.norton.com/ProtectYourself

Mobile:
http://www.nortoncybercrimeindex.mobi

Check it out!!!

Thanks,
Min Ju

Read more
Your opportunity to provide usability feedback about security products
UCD4me | 05 Jan 2011 | 0 comments

The User Centered Design (UCD) team here at Symantec exists to help make customer experiences easier, more efficient and more useful for you.  Right now, we're ramping up several research projects where we are looking for those in security and compliance with a manger, director or CISO role to give us feedback in the form of short user stories.  This should require only a 30-45 minute commitment on the phone to share experiences and points of pain, and this effort is "product agnostic" so as long as you are involved with security, regardless of products used, we'd like to hear from you!

 

If you are interested, please email Kellie Mecham at kellie_mecham@symantec.com to arrange a date and time for the phone interview. 

 

We look forward to hearing from you!

 

Best wishes,

 

Kellie

 

 

Read more