Video Screencast Help
Security Community Blog
Showing posts tagged with Tip/How to
Showing posts in English
DominikG | 08 Dec 2009 | 4 comments
I am receiving many support requests related to scan errors of the scan engine, which are caused by a suboptimal usage of the system resources, or because someone simply did not configure the parameters in the right way.
The scan engine is not software that can be set up and is good to go. In each environment, there has to be done some tuning to avoid errors and/or performance issues.
For that reason I talked to Symantec’s tech support to get a little help on how to configure the resource parameters correctly.
 
So if you are experiencing scan errors in a large amount or get reports of bad performance, please check the following steps:
 
1. Open the scan engine interface and go to “reports” -> “resources”
2. Note the value of “thread pool size”
3. Note the value of “Load statistics” -> “queued...
GertjanA | 04 Dec 2009 | 0 comments

When installing multiple EV-servers, where multiple Exchange, File, Domino etc servers need to be checked, it is not very friendly you have to key in the list of servers on each install of Deployment Scanner.

To get the list of servers on all of your Deployment Scanner's do the following:

Install Deployment Scanner on all the servers that need to have it.
Start Deployment Scanner on 1 server, put in the required servers to check, and let it run.
Close Deployment Scanner
Goto the C:\Program Files\Enterprise Vault folder, and copy the file PreReqConfig.xml to the same location on the other servers you installed D.S. on.

Start Deployment Scanner on the other servers, and you will see that the entries are present.

Gertjan

TSE-JDavis | 01 Dec 2009 | 1 comment

I am currently investigating, with Ben C Smith, an issue where IU shadowing does not work on Server 2008 64-bit version. The location where AV defs are stored on 64-bit 2008 is C:\ProgramData\Symantec\Definitions but the setup-iu.bat builds the definitions in the C:\Program Files(x86)\Common Files\Symantec Shared folder. When I run IntelligentUpdater, either i32 or i64, it doesn't see a product tpo update. Trying to figure out where Scan Engine's shadowing process looks for defs to convert and if this will work if we just change the batch file to look in the right place.

UPDATE: Shadowing seems to be working once I installed SEP onto the server. Will uninstall all products and runt eh modified version of the setup-iu.bat file and see if it can build a VirusDefs folder that the Intelligent Updater will see and update.

Rolf Niedhorn | 28 Nov 2009 | 1 comment

Hello, everyone,

Daniel Melanchton (Microsoft Germany) made a blog post regarding scan exclusions for Microsoft Products.

Because some people reported issues with user profiles since SEP 11 RU5, it is very interesting to look at Microsofts following recommodation:

Group Policy related files

Group Policy user registry information. These files are located in the following folder:

%allusersprofile%\

Exclude the following file:

NTUser.pol

Group Policy client settings file. These files are located in the following folder:

%Systemroot%\system32\GroupPolicy\

Exclude the following file:

registry.pol

You may find the whole article under the following link:

 http://support.microsoft.com/kb/822158/en-us (Article ID: 822158 - Last...

snekul | 24 Nov 2009 | 1 comment

First, some background. We were setting up a new box running Server 2008 R2 Core on x64.  In my department, we push out SEP to all our servers via Group Policy.  On this new Server 2008 R2 Core on x64 box the install of SEP failed.  We were puzzled until we ran into another application (in this case VMware Tools) that did not install properly either.  We discovered that Server 2008 R2 Core does not have an "Installer" folder inside the Windows folder--this would usually be C:\Windows\Installer.  Upon creating the folder, VMware Tools installed fine and on a reboot, SEP installed just fine as well.

Also, we were pushing out RU5, as that is necessary for full support on Server 2008 R2.

So, if you run into trouble installing SEP (or anything else for that matter) on Server 2008 R2 Core, make sure you have an "Installer" directory in your Windows folder.

FrankPadavano | 10 Nov 2009 | 1 comment

To anyone who can assist,

I am running Symantec Endpoint Protection Version 11.0.3001.2224 on my 'laptop' and have an error with a scan recently completed.  I know that my files are corrupt as I have tmp files in my "Incomming Folder".  When I went online to find out how to correct the issue, it only provide me a solution for v 10.xxx and it only provides how it can be corrected via the Symantec System Center.  How can i revert to the previous definition set while working remotely on my laptop??

Regards

Frank

Sheri Atwood | 30 Oct 2009 | 4 comments
Study Reveals Small Businesses Lack Security Policies
 
The security threats to small businesses are increasing in complexity, number and frequency, and the volume of information they must protect and maintain continues to expand.  A surprisingly high number of Small businesses have yet to take even the most basic steps towards protecting their businesses, such as implementing antivirus or backing up their data. 
 
As part of Cyber Security Awareness Month, the National Cyber Security Alliance (NCSA) and Symantec partnered to conduct a survey on the cyber security awareness practices and habits of roughly 1,500 small businesses in the United States. The results showed that while 65 percent of those surveyed believe that Internet security is critical to their business, only 28 percent have formal Internet security policies.
...
Patrick E. Spencer | 10 Oct 2009 | 0 comments

Starting with the April 2009 issue, we began publishing each issue of CIO Digest to the Amazon Kindle. Readers want to consume content in a variety of different formats, and the increasingly popularity of the Amazon Kindle prompted us to begin making each issue available on it.

The July issue has some really interesting articles, including an exclusive interview with Steve Vollmer, the VP of IT and CTO at Las Vegas Sand Corporation, features on ways to optimize storage investments and strategies on weathering the 2009 economic climate, and much more. Click here...

Bijay.Swain | 06 Oct 2009 | 1 comment
We are using 1000 license of SCS 3.1 . And all of the Pcs are spread over 20 Km area .  Now we are upgrading those clients to Symantec Endpoint Protection.
Now the problem is we are in a workgroup model network (No active directory domain) so we can’t use group policy/Login script/domain admin account to use push deployment feature of SEP. And Sep doesn’t have any web deployment feature like SCS had earlier. I searched for any option for remote deployment in a workgroup model network but unable to get any solution.
 
So decided to try something which will work in my environment and I came up with an idea, which I have recorded (procedure) as a .swf  file and putting it in the website .It may help others to deply client in workgroup.
Best feature of this is it also removes the old version of Symantec antivirus if present on the client system. You just have to call the user and ask him to open the website...
riva11 | 02 Oct 2009 | 3 comments

According to the IANA assignment , TechPosters published a nice poster in PDF file that shows common ports using a graphical design to give also information about ports used for Chat, Gaming, Malicious, Peer to Peer , etc. applications.

ports.jpg

The Techposters website, where I found this poster, is a collection of quick reference guide posters in pdf format. They have been collected from various sources on the Internet and available for IT admins and many other users interested in many operating systems. These tech posters covers Unix, Linux and Microsoft operating systems and also software programs, platforms and scripts.

Link : TechPoster Common Ports

Source...