Video Screencast Help
Security Community Blog
Showing posts in English
Bekir | 11 Aug 2009 | 5 comments

Hello all,

I’m a security consultant in my company which is focused on all aspects of IT security but I’m only Symantec focused, for now :)

I want to share a successful SEP deployment adventure with one of our customers who did not allow us to share their name for this experience.

I can tell their structure though. This is a Holding consists of many companies from military manufacturing, energy, banking to textile and etc. having around 10.000 employees in 4 main branches with many banking branches and even with branches on deserts abroad. Main branches are connected to each other with MetroEthernet and DSL to failover. Other branches within the country have only DSL links and branches in the middle of deserts only have 64kbps sattelite links.


They were already using TrendMicro and they were thinking that its management capabilities are limited. There were of course many AV software options on the table to be considered. We did...

riva11 | 07 Aug 2009 | 4 comments

Here is a listing of Top 10 Threats by Bright Hub web site , In the article "Top 10 Computer Viruses of 2009" by Sategroup , there is the complete list about the worst viruses in this year.

Top Viruses of 2009 : Based on Ranking

  • Rank 1: Win32/Conficker
  • Rank 2: INF/Autorun
  • Rank 3: Win32/PSW.OnLineGames
  • Rank 4: Wind32/Agent
  • Rank 5: Win32/FlyStudio
  • Rank 6: INF/Conficker
  • Rank 7: Win32/Pacex.Gen
  • Rank 8: WMA/TrojanDownloader.GetCodec
  • Rank 9: Win32/Qhost
  • Rank 10: Win32/Autorun

Link :  Top 10 Computer Viruses of 2009 

Kevin Walsh | 06 Aug 2009 | 5 comments

Many blogs on the Symantec website are very informative and visually explain - "what is phishing". These efforts have brought down the instances of user-mistakes (such as clicking URL in an email, submitting information to untrusted website etc..). But we have yet to see browser manufacturers addressing the root cause of phishing. Phishing is still a big concern for a new Internet user, especially kids. I see a parallel between usual phishing and Internet crime against kids. Both have same root cause - who can be trusted on the wild-wild-web? 

Explaining "phishing" to a layman: The Internet scammers develop a website which looks just like your bank or merchant. Then the scammer will send you an email that appear an official email from your bank or merchant. This email will ask you to approve a transaction you recently made, or re-verify some personal information by clicking a weblink. If you are not careful and click the weblink you may not realize...

Vikram Kumar-SAV to SEP | 06 Aug 2009 | 5 comments
Sometimes when a file is not detected as threat and you think it is a Malware and still it is not getting detected.
In order to scan it from a different antivirus you actually un-install the current antivirus to install a 3rd party antivirus you update the definitions and then scan a file.
Just to know that even that is not detecting it.
There is a easier way of scanning a file with 39 well known antivirus software with their updated definitions.
Simply submit your file to
VirusTotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, Trojans, and all kinds of Malware detected by antivirus engines.
Adrian Diaz | 05 Aug 2009 | 1 comment
We are a financial institution headquartered in sunny South Florida. We are now a new charter and privately held bank. My role in the organization is that of Vice President, Information Security Manager. I have been with the bank for over four years. Our department is structured where we manage and maintain all the technology security layers as well as internal controls to meet regulatory requirements.   Currently GLBA is our main driver for compliance.
Right from when I started with the bank the Information Security and Information Technology departments where at arms over the then antivirus and client firewall suite. We were using SAV 8.x and 9.x as well as SCS firewall products. Every day, it just seemed to be one battle after the other. The Helpdesk kept receiving user complaints on slow machines, constant viruses and malware, machines freezing and crashing, etc. The Desktop team had issues with...
ajeet kumar | 05 Aug 2009 | 2 comments

Myself Ajeet Kumar, Technical Support Engineer. Our Organization is No.1 Partner with Symantec in India for last 8 years in a Row. We are Platinum Level partner of Symantec. Our organization Core Business line is Technical Services, Network Security, Non-Security Solution, Storage, Back-up & Recovery Solution and Infrastucture Management. We have largest corporate customers in India.

I am working as Resident Engineer at client office. I am handling Nine SEPM servers in different locations in India. My day to day activity is Update the servers, monitoring the servers, generating the reports, Contact Symantec technical support for new issues. Resolve the client issues.

My client is very happy because SEP is not only Antivirus. My client like mostly USB control, Application control, Remote deployment facility. So no more investment for another softwares.
I am accessing other unit’s SEPM consoles through remote console on single PC. So no need to log in...

mon_raralio | 04 Aug 2009 | 0 comments

Here's the scenario:
You have an MS cluster with MS exchange and SMSMSE (Symantec Mail Security for Microsoft Exchange). And you're having problems with the Exchange because SMSMSE is in a stopping state. There is nothing in the logs that says otherwise except for an error in clustering (error 1460).

After checking on Symantec Knowledge base, I found out that it has something to do with the timing. For clustered environment, it is not advisable to make SMSMSE dependent upon another service. Check if the current setup have the SMSMSE dependent on another service that is forcing the Symantec service to stop is-as one admin (someone I know) said "would be a tedious process and is not an option". i.e. it would make things worse. Anyway, waiting for the service to stop really may do the trick.

Then I also found this while Googleing on the probable causes for the clustering side...

t_dawgy78 | 04 Aug 2009 | 0 comments

The Symantec Protection Suite Small Business Edition Promotion is available through end of this year.
For those of you on older Symantec products, this is a great way to upgrade to the new Protection Suite Small Business Ediiton, which includes the new SEP SBE 12.0.
Offer details are located here:
:Upgrade to SPS SBE and get up to a 30% discount. This offer is valid through the end of this year, and is for any current Symantec customers on the following products:
• Symantec Antivirus Corporate Edition
• Symantec Client Security
• Symantec Backup Exec System Recovery Desktop Edition
• Symantec Mail Security for Microsoft Exchange
• Symantec Premium Antispam
• Symantec AntiVirus for Macintosh

Fatih Teke | 04 Aug 2009 | 4 comments

Hello Everyone,

I am the IT Specialist & Security Admin for the largest textile company in Turkey.  We have over 6000 employees, 33 servers, and 550 clients.

We originally installed another vendors AV solution, and found that when the downadup virus hit in April, it infecrted all of our computers worldwide!  I was at home when my IT manager sent a message and said, “we need you, there is a virus problem. Can you come in?”
When I arrived,  I saw Downadup was everywhere. We had originally decided to use another AV product,  as everyone in the IT department trusted the product.  However, this product couldn't identify and delete downadup.  Because of this, every computer on our network was infected!  Our DC (Domain Controller) was down and the addional controller was also down. All servers were down.Terminal servers,file servers etc. We didn't have disaster recovery. We were in...

shp | 04 Aug 2009 | 1 comment

Hi All...

I would like to share my story regarding Symantec Endpoint Protection.  I am from HCL Infosystems Ltd, where I am a Customer Engineer managing a team of five people.  Specifically, I manage SEP deployments for our customers.

This particular customer had an older AV software installed which wasn't providing thorough protectio - a virus outbreak in the network caused many of the machines to go down for extended periods of time.  The customer decided to go with SEP primarily because of its new features.  Specifically, they wanted individual management points in each location, and one central location to manage the entire infrastructure.  Previously, they were not able to bring all clients under one management console due to various difficulties.  The deployment consisted of 49 locations across India, with one server in each location.  Additionally, one server was deployed in Bangalore as the primary server. ...