Video Screencast Help

Security Community Blog

Showing posts tagged with 11.x
Showing posts in English
Michel Ramirez | 25 May 2010 | 0 comments

Hi Everyone,
Attached are the slides from our last meeting. We had a great turn out and we hope to see you all at future meetings.

oxo-oxo | 17 May 2010 | 0 comments

There are methods to import computers into SEPM via table manipulation
- I am going for creating an ADAM instance, sync it with SEPM and Powershell some scripts ...

https://www-secure.symantec.com/connect/articles/adam-and-eve

vemundocrusher | 12 May 2010 | 0 comments

I have been a sysadmin for two years for an auto group.  The decision was made to move to managed clients after noticing that many users were not updating there av.  During the time we did have a few virus's/trojans hit our network, but not many or so it seemed....
  After rolling out the managed client we were noticing regular infections mostly from upper managment who were less filtered than most user. What supprised me was not getting any phone calls or email letting me know they had been infected.  I just have to wonder how many infections had gone unreported, and now wonder how i could function without the ability to manage the av.

oxo-oxo | 08 May 2010 | 0 comments

My Blog on SEP and SEPM
Here, I collect what I am doing

PCI Compliance:
At the present time, I have some work to be done in connection with PCI compliance https://www.pcisecuritystandards.org/ .
One of the areas in PCI compliance is anti-virus: Symantec is "PCI compliant". (Search Symantec)

However ...
There are some problems with Audit.
Well let us define "at risk" devices: windows, and where: the production domain.
So, I import all the AD and have all the computers in the domain defined and synced.
Then I make a report, and here is the problem, I have defined my computers and some have contacted the SEPM but others have not.
As yet, I have not been able to find a...

dfnkt_ | 27 Apr 2010 | 0 comments

The following code will create a stored procedure on your SQL server for the SEPM database. This stored procedure excepts a single value in the form of a computer name. The ComputerName parameter is currently set to varchar(25) even though, as you probably already know, windows limits computer names to 15 characters.

Make sure you are set to use the SEPM DB and execute the following code:

CREATE PROCEDURE GetScanTime

--//* Create a parameter for user to enter computer name *\\
@ComputerName varchar(25)
AS
--//* Do not return row count * \\
SET NOCOUNT ON;
BEGIN
SELECT
--//* t1=dbo.scans, t2=dbo.sem_computer *\\
    t1.startdatetime AS 'Date',
    t2.computer_name AS 'Computer Name',
    t1.duration AS 'Scan Duration (in seconds)'...
MattBarber | 09 Apr 2010 | 0 comments

We have an inventory report (via Altiris) that runs every night to show the equipment that gets moved to a location where they are no longer managed on the network, ie; surplus, offsite, etc.  Since these systems no longer needed to be managed, we can remove them from our SEP console.  There is a report for this on the reports tab.  This schedule report shows all systems that haven't checked into the server for 2 or more weeks.  This has been very helpful for us.  This report can also be run for a specific time period on the Quick Reports tab as well.

khaley | 25 Mar 2010 | 2 comments

I recently ran a survey on password management.  You can see my original blog and even take the survey yourself here.   At best, I thought 20 or so of you would take the time to fill out the survey…and that would include most of my close relatives.  However, instead we got more than 400 responses in a few short days (not even including my relatives).  So, thank you to all who took the time to complete the survey.  I’ve posted the results below. 
 
I want to comment on some of the results.  It may be a stretch to draw too many definitive conclusions from the data, but it will be fun nonetheless.  If anyone wants to comment, correct or vehemently disagree with any of my conclusions please feel free to do so.

Let’s get started!

1. On how many different...
peter_starceski@symantec.com | 17 Mar 2010 | 0 comments

Best Practices with Symantec Endpoint Protection (SEP) Group Update Providers (GUP)
http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/dc357db8671b262b882575ad0062a5b2?OpenDocument
 
New features and functionality in Symantec Endpoint Protection Release Update 5 (SEP RU 5) Group Update Provider (GUP)
http://service1....

sandip_sali | 10 Mar 2010 | 1 comment

Symantec is undoubtedly the world leader in protecting systems and networks from security threats. It also handles the most complicated tasks of avoiding false positive detection and cleaning/deleting the encountered security threat.

Lately, there has been a rise in other antivirus programs catching false positive's and posing them as actual security threats!  As a result, it might give a customer the sense that SEP isn't doing what it was designed to do.  Our response team performs a herculean task of analyzing a number of suspected files submitted to us. 

When I say "Security Threat," I mean Trojans, worms, and hoaxes. Symantec endpoint has a different approach to handle them. Needless to say, the customers data security and software stability is our prime objective, which at times is not targeted by the free antivirus software. Symantec has been known for detecting the lowest percentage of False Positive threats....

OCCK | 09 Mar 2010 | 1 comment

We are trying to feed the client log entries from the Endpoint Protection to a Security and Information event Management (SIEM) system.   In order for us to size the SIEM, it is necessary to determine number of client logs per hour coming in to the SEP manager.   Does everyone know to figure out this number?  Thanks.