Video Screencast Help
Search Video Help Close Back
to help

Security Community Blog

Showing posts tagged with Tip/How to
Showing posts in English
EV8.0 - Copying over configuration file Deployment Scanner
GertjanA | 04 Dec 2009 | 0 comments

When installing multiple EV-servers, where multiple Exchange, File, Domino etc servers need to be checked, it is not very friendly you have to key in the list of servers on each install of Deployment Scanner.

To get the list of servers on all of your Deployment Scanner's do the following:

Install Deployment Scanner on all the servers that need to have it.
Start Deployment Scanner on 1 server, put in the required servers to check, and let it run.
Close Deployment Scanner
Goto the C:\Program Files\Enterprise Vault folder, and copy the file PreReqConfig.xml to the same location on the other servers you installed D.S. on.

Start Deployment Scanner on the other servers, and you will see that the entries are present.

Gertjan

Read more
Scan Engine on Server 2008 64-bit an Intelligent Updater shadowing
TSE-JDavis | 20 Mar 2012 | 1 comment

I am currently investigating, with Ben C Smith, an issue where IU shadowing does not work on Server 2008 64-bit version. The location where AV defs are stored on 64-bit 2008 is C:\ProgramData\Symantec\Definitions but the setup-iu.bat builds the definitions in the C:\Program Files(x86)\Common Files\Symantec Shared folder. When I run IntelligentUpdater, either i32 or i64, it doesn't see a product tpo update. Trying to figure out where Scan Engine's shadowing process looks for defs to convert and if this will work if we just change the batch file to look in the right place.

UPDATE: Shadowing seems to be working once I installed SEP onto the server. Will uninstall all products and runt eh modified version of the setup-iu.bat file and see if it can build a VirusDefs folder that the Intelligent Updater will see and update.

Read more
Virus scanning recommendations for computers that are running Windows Server 2008 R2, Windows Server 2008, Windows Server 2003
Rolf Niedhorn | 28 Nov 2009 | 1 comment

Hello, everyone,

Daniel Melanchton (Microsoft Germany) made a blog post regarding scan exclusions for Microsoft Products.

Because some people reported issues with user profiles since SEP 11 RU5, it is very interesting to look at Microsofts following recommodation:

Group Policy related files

Group Policy user registry information. These files are located in the following folder:

%allusersprofile%\

Exclude the following file:

NTUser.pol

Group Policy client settings file. These files are located in the following folder:

%Systemroot%\system32\GroupPolicy\

Exclude the following file:

registry.pol

You may find the whole article under the following link:

 http://support.microsoft.com/kb/822158/en-us (Article ID: 822158 - Last Review: October...

Read more
Installing SEP via Group Policy on Server 2008 R2 Core
snekul | 25 Nov 2009 | 1 comment

First, some background. We were setting up a new box running Server 2008 R2 Core on x64.  In my department, we push out SEP to all our servers via Group Policy.  On this new Server 2008 R2 Core on x64 box the install of SEP failed.  We were puzzled until we ran into another application (in this case VMware Tools) that did not install properly either.  We discovered that Server 2008 R2 Core does not have an "Installer" folder inside the Windows folder--this would usually be C:\Windows\Installer.  Upon creating the folder, VMware Tools installed fine and on a reboot, SEP installed just fine as well.

Also, we were pushing out RU5, as that is necessary for full support on Server 2008 R2.

So, if you run into trouble installing SEP (or anything else for that matter) on Server 2008 R2 Core, make sure you have an "Installer" directory in your Windows folder.

Read more
Laptop Symantec Endpoint Protection
FrankPadavano | 10 Nov 2009 | 1 comment

To anyone who can assist,

I am running Symantec Endpoint Protection Version 11.0.3001.2224 on my 'laptop' and have an error with a scan recently completed.  I know that my files are corrupt as I have tmp files in my "Incomming Folder".  When I went online to find out how to correct the issue, it only provide me a solution for v 10.xxx and it only provides how it can be corrected via the Symantec System Center.  How can i revert to the previous definition set while working remotely on my laptop??

Regards

Frank

Read more
Study Reveals Small Businesses Lack Security Policies
Sheri Atwood | 30 Oct 2009 | 4 comments
Study Reveals Small Businesses Lack Security Policies
 
The security threats to small businesses are increasing in complexity, number and frequency, and the volume of information they must protect and maintain continues to expand.  A surprisingly high number of Small businesses have yet to take even the most basic steps towards protecting their businesses, such as implementing antivirus or backing up their data. 
 
As part of Cyber Security Awareness Month, the National Cyber Security Alliance (NCSA) and Symantec partnered to conduct a survey on the cyber security awareness practices and habits of roughly 1,500 small businesses in the United States. The results showed that while 65 percent of those surveyed believe that Internet security is critical to their business, only 28 percent have formal Internet security policies.
 
...
Read more
July 2009 Issue on Amazon Kindle
Patrick E. Spencer | 10 Oct 2009 | 0 comments

Starting with the April 2009 issue, we began publishing each issue of CIO Digest to the Amazon Kindle. Readers want to consume content in a variety of different formats, and the increasingly popularity of the Amazon Kindle prompted us to begin making each issue available on it.

The July issue has some really interesting articles, including an exclusive interview with Steve Vollmer, the VP of IT and CTO at Las Vegas Sand Corporation, features on ways to optimize storage investments and strategies on weathering the 2009 economic climate, and much more. Click here to access...

Read more
Web Deployment of sep in a workgroup network
Bijay.Swain | 06 Oct 2009 | 1 comment
We are using 1000 license of SCS 3.1 . And all of the Pcs are spread over 20 Km area .  Now we are upgrading those clients to Symantec Endpoint Protection.
Now the problem is we are in a workgroup model network (No active directory domain) so we can’t use group policy/Login script/domain admin account to use push deployment feature of SEP. And Sep doesn’t have any web deployment feature like SCS had earlier. I searched for any option for remote deployment in a workgroup model network but unable to get any solution.
 
So decided to try something which will work in my environment and I came up with an idea, which I have recorded (procedure) as a .swf  file and putting it in the website .It may help others to deply client in workgroup.
Best feature of this is it also removes the old version of Symantec antivirus if present on the client system. You just have to call the user and ask him to open the website...
Read more
Discover Common Ports usage
riva11 | 29 Jul 2010 | 3 comments

According to the IANA assignment , TechPosters published a nice poster in PDF file that shows common ports using a graphical design to give also information about ports used for Chat, Gaming, Malicious, Peer to Peer , etc. applications.

ports.jpg

The Techposters website, where I found this poster, is a collection of quick reference guide posters in pdf format. They have been collected from various sources on the Internet and available for IT admins and many other users interested in many operating systems. These tech posters covers Unix, Linux and Microsoft operating systems and also software programs, platforms and scripts.

Link : TechPoster Common Ports

Source :...

Read more
Migrating SEPM DB to SQL 2008
Kedar Mohile | 28 Sep 2009 | 2 comments

Migrating SEPM DB to SQL 2008

The procedure would remain same as before. You might want to check the following

  1. Remove the SEPM from any replication setup with other SEPMs
  2. Backup the SEPM server certificate
  3. Backup the existing SQL database using SEPM backup and Restore wizard
  4. Install an instance of Microsoft SQL Server 2008
  5. Uninstall the Symantec Endpoint Protection Manager
  6. Reinstall the Symantec Endpoint Protection Manager configured to use a new Microsoft SQL Server 2008 database
  7. Restore the SEPM server certificate
  8. Restore the backup copy of the database
  9. Reconfigure the Symantec Endpoint Protection Manager database to recognize Microsoft SQL Server 2008 by running Management Server Configuration Wizard...
Read more