Endpoint Protection

 View Only
  • 1.  Feature Request: Create FW Rule using Verisign Signatures

    Posted Dec 08, 2010 01:02 PM

    My problem:

    I'm working for a dialysys system vendor. This engines are used in hospitals and our onsilte technicians have to run diagnose software by connecting the NIC, that is inside it. The diagnose software changes it's md5-hash value during transaction. So we cannot fix the exclusion on the hash value of the file.

    These files get a digital signature using a certificate from Symantecs inhouse solution "Verisign".

     

    Feature Request:

    Im sad that there is no way to identificate a file by it's digital signature from the same vendor (Symantec) :-(

    Shouldn't it be able to build a firewall exclusion rule in Symantec Endpoint Protection using a digital signature of another symantec product?

     

    bye - Holger

     



  • 2.  RE: Feature Request: Create FW Rule using Verisign Signatures

    Posted Dec 08, 2010 01:14 PM

    Symantec has recently taken over Verisign and it will take long time for them to fully incorporate Verisign in all the symantec products may be it won't.

    However you can submit this in IDEAs section..So the DEV and other Symantec team can have a look on it

     https://www-secure.symantec.com/connect/security/ideas



  • 3.  RE: Feature Request: Create FW Rule using Verisign Signatures

    Posted Dec 08, 2010 01:44 PM

    The following link is where new ideas for SEP enhancements should be posted for our security products.

    https://www-secure.symantec.com/connect/security/ideas

    I do think this would be a good enhancement to our firewall component.

    Just out of curiousity, how do you currently have the firewall rules configured in relation to this diagnostic program?

    Firewall rules don't necessarily need to have a fingerprint applied to them if the executable name does not change. Having a fingerprint however would allow only a specific executable to run which would be more secure.