1. /
  2. Security Response/
  3. Security Updates Detail

Symantec Enterprise Security Manager - Security Update 34

March 31, 2008

Description

The Symantec Enterprise Security Manager™ Security Update 34 has been enhanced to support Windows Server 2008, Red Hat Enterprise Linux 5.x on IBM z-series (s390x), HP-UX 11.23 on PA-RISC operating systems. In addition, a new module name Agent Information has been added, along with new checks in the Active Directory, Startup Files, and Account Information modules.
Install Security Update 34 to upgrade UNIX and Windows security modules on Symantec ESM 6.x agents. For detailed descriptions of new features and enhancements, download Security Update 34 Release Notes.

Enhancements

Security Update 34 provides the following enhancements:
  • Support for the following operating systems:
    • Windows Server 2008
      For more information on the ESM 6.5.3 agent for Windows Server 2008, see http://www.symantec.com/avcenter/security/Content/2008.04.04.html
    • Red Hat Enterprise Linux 5.x on IBM z-series (s390x)
      For more information on the ESM 6.5.3 agent for Red Hat Enterprise Linux 5.x on IBM z-series (s390x), see http://www.symantec.com/avcenter/security/Content/2007.02.29.html
    • HP-UX 11.23 on PA-RISC
      • New Agent Information module with 8 checks:
        • Agent name
        • Registered to Manager
        • OS information
        • Agent version
        • SU version
        • CPU information
        • DNS setting
        • ESM Application Modules
          • 1 new check in the Active Directory module (Windows Server 2003/Server 2008)
            • DCOM Machine Restriction
              • 3 new checks in the Startup Files module (Windows 2000/Server 2003)
                • Data Execution Prevention (Hardware)
                • Data Execution Prevention (Software)
                • Services Security Options
                  • 2 new checks in the Account Information module (All Windows)
                    • Enumerate groups on Domain Controller
                    • Enumerate groups on member serve
                      • 2 new templates
                        • System Services (Startup Files)
                        • DCOM Machine Restriction (Active Directory)
                          • New columns added in the GPO User Rights, GPO System Services, and Security Options templates
                          • Support for the relational operators in the GPO Security Options and Security Options templates

Downloads

Download Security Update 34 for AIX-PPC64
  • AIX 5.3 (64-bit only)
Download Security Update 34 for Linux
Linux Platforms include:
  • Red Hat Enterprise Server (x86, Opteron and EM64T)
  • SUSE Linux Enterprise Server 9/10 (x86)
  • SUSE Linux Enterprise Server 9/10 (Opteron and EM64T)
  • ESX Server (x86, Opteron)
For these platforms, continue to use Security Update 18:
For these platforms, continue to use Security Update 17:

Extended Support

The Extended Support TPK includes the following enhancements:
  • Large file support
  • Extended unprintable characters in filenames support (Solaris only)
  • Full promiscuous mode detection (Solaris only)
Download Security Update 34 for AIX RS/6000 (Extended Support - 5.2+ only)
  • AIX 5.2 (32-bit and 64-bit) and AIX 5.3 (32-bit)

Agent Installs

Refer the following Security Response Web page for information on downloading the ESM 6.0/6.5.x agents:

Documentation

The Release Notes fully document all module enhancements. New User’s Guides are issued only with new versions of Symantec ESM. Continue using your Security Update 17 User’s Guides until the next version of Symantec ESM is released. See Security Update 34 Release Notes (PDF).
Note: In Japanese, SU 34 is compatible with Symantec ESM 5.5.3 Japanese on Windows and Solaris operating systems only.
* Signature names may have been updated to comply with an updated IPS Signature naming convention. See http://www.symantec.com/business/support/index?page=content&id=TECH152794&key=54619&actp=LIST for more information.
Last modified on: March 31, 2008
Security Response Blog
The State of Spam