Video Screencast Help
Security Community Blog
Showing posts in English
jjesse | 27 Sep 2013 | 0 comments

The Problem:

Currently within the DLP System there is no way to change a group of agents automatically, the only way is to do this manually through the Enforce Management Console. If you have a large number of agents this needs to be perfomed on it can be tedius. 

In the Management Console navigate to System -> Agents -> Overview and then select the computers you want and under the Actions menu you can change the Endpoint Server these computers communicate with.

Once again this is a bit tedious.

 

The Solution:

The update_configuration.exe file that is included in the SymantecDLPWinAgentTools_X.zip file can solve this problem.  The update_configuration.exe file needs to be in the same location as the Endpoint Agent is installed.

To change the DLP Endpoint Agent server:

  1. Verify the update_configuration.exe file is in the same location as the agent installed
  2. Execute the following command...
riva11 | 20 Aug 2013 | 0 comments

A nice  resource to test your password is the website TestYourPassword. In a simply interface you can test your passord and see if a psword can be defined weak, good or strong.

In the main page you can find also a function to generate a new strong password and if you are interested to know how a password is cracked there is nice video to explain how hacker scan a network for weak passwords and crack them.

TestYourPassword.jpg

Link : TestYourPassword

 

See also the article : How to test your passwords

Mithun Sanghavi | 20 Aug 2013 | 2 comments

Hello,

My name is Mithun Sanghavi and I am part of the Technical Support organization at Symantec. I’m sure you have had a few “How do I..." or "Where can I find...?” kind of questions about Symantec Endpoint Protection. This blog is to assist Symantec Endpoint Protection users with answers to these questions.

First off, I want to introduce you to SymWISE. This is our new product support knowledge base. It is available for our users and partners. This system is an online resource for support information for all Symantec products. SymWISE is one component of a larger effort to provide online resources and self-service options for our users and partners.

Content includes:

  • Best practices
  • Downloads
  • How to instructions
  • Technical product information
  • Troubleshooting tips

SymWISE features a search engine to help you find the information you need for any Symantec...

darci_hunt | 14 Aug 2013 | 0 comments

Today, nearly all of an agency’s mission-critical functions depend on safe and secure information technology systems. With cyber threats ever evolving and growing at an exponential rate, and increased reliance on technology to deliver core services in government, a robust cyber defense is needed by agencies.

Continuous Monitoring is certainly not a new term, but if you were to ask 10 people how they would define this term, you’re likely to get 10 different responses. Ken Durbin, Cyber & Continuous Monitoring Practice Manager, Symantec, provided expert insights on Symantec’s view of Continuous Monitoring and how agencies are adopting continuous monitoring programs as a means to protect government data and infrastructure. Durbin also highlights the benefits, best practices and challenges to adopting a continuous monitoring program.

Continuous monitoring is one part of a six-step process in the NIST Risk Management Framework (RMF), from NIST...

Tariq Naik | 06 Aug 2013 | 0 comments

This article is written based on wide spread Internet reports from Black Hat Conference at Las Vegas.

Recent advances in math and cryptology research in the academic field indicate that there might be mathematical algorithms or solutions in place to break RSA and Diffie-Hellman based encryption without obtaining the secret key and without the need of massive computing resources for significant durations of time within the next four to five years. These encryption schemes are widely on the Internet today for keeping sensitive date private right from encrypting Internet communications used for electronic commerce to securing software updates to encrypting global corporate and government networks.

The key to the security today is that there are no practical ways or efficient algorithms which can break these encryptions without obtaining the secret keys. The day such algorithms are found the encryption and hence the trust on which the Internet works will be broken.

...
Kari Ann | 05 Aug 2013 | 1 comment

 

SC Magazine conducted a group test of endpoint security products and reviewed Symantec Endpoint Protection 12.1.2 in the August 1, 2013 issue. Symantec Endpoint Protection 12.1.2 received a very positive review, receiving an overall rating of five out of five stars in this important trade publication. The review specifically called out SEP’s protection of millions of endpoints, SONAR engine, Insight technology and intuitive usability, concluding that, “Symantec has put together a solid product.” The full review can be read here

.scMag3.ashx__0.jpg

phlphrrs | 31 Jul 2013 | 2 comments

This question really surrounds the issue of security, whether or not some of the major cloud providers have the levels of security to protect enterprise users and information they claim to have and/or whether or not there is willingness to be open and frank about the levels of security or gaps thereof there are.  This has been a pretty common problem since the days of application hosting providers.  I recall these providers getting inundated with requests to have their environments audited ad nauseam against whatever the security standard du jour at that time.  Then there was the issue of encryption and whether or not that was appropriately designed and implemented – again we asked that they have an industry expert attest to the security of that encryption.  Then there was the requirement to audit the provider ongoing to ensure the security requirements remained in place over time.  Clearly, all these good things need to be done.  But, “why...

Wally | 29 Jul 2013 | 0 comments

We're testing SEP 12.1.2 on a 64-bit Windows 7 Pro client.    When we run a full scan, sometimes we get a large difference in the number of files scanned.   For example, sometimes SEP will report 170,000 files scanned, then if we immediately run another full scan, SEP will report 80,000 files scanned.  

The answer from Symatec Support is that this is normal behaviour for  the SEP 12.1 client.

Support says that the first full scan after an AV defs update rescans everything, including the file cache.  Subsequent full scans performed before the next AV defs update does not rescan everything as some files are marked as already having been scanned.   Support says the product was designed this way for performance.   

In our scans, we're seeing between 1,500 and 3,000 files trusted, but the apparently the number of trusted files are not the reason for the difference in the full...

MFox70 | 23 Jul 2013 | 0 comments

I attended a webinar recently which was talking about the move from physical to virtual servers in large corporations. The analogy used was that today, approximately 70% of all servers can be virtualised very quickly, but the remaining 30% can take several years of effort. Hypervisor vendors are working hard to sort this problem out, but the interesting finding was that a large section of that problematic 30% of servers are running legacy applications or are indeed legacy operating systems.

This is odd as you would think that any IT operations person would want to migrate a legacy server from physical to virtual hardware as soon as humanly possible.

 

Legacy systems are still around for a few reasons.

1 Laziness

2 Applications cannot be modified to work on newer OS platforms

3 Software Developers have long since left the company ( relates to point 2)

4 Legacy systems are connected to business critical servers, with little or no...

smartblogger | 22 Jul 2013 | 0 comments

An SSL certificate is a certificate that shows that the website is using Secure Sockets Layering for its connections. This means that the information that is transmitted through the site has been protected through the use of an appropriate encryption and decryption system. The SSL securing of a site creates a dual system of keys that are used to encrypt data and decrypt it later. On the website, any information that the site visitor enters into the portal, is encrypted using a public key. Therefore, when it is transmitted, it is transmitted as an encrypted piece of data that other people cannot get access to. Additionally, should they manage to get hold of this data; it will be meaningless as they will be unable to translate it into useful information. The second key is a private key that is held by the website owner. The website owner uses this to decrypt the encrypted data that the visitors of the website have transmitted. This translates it back into information that they can...