Video Screencast Help
We've launched some major improvements to the interface and community structure. Learn about them here!
updated discussion 23 Jun 2017
I would just like to ask about WannaCry ransomware 2.0 latest news? Is there any new variant for this threat? and are we still protected from it specially for those that still using SEP 12 (I'm currently using 12.1.6 MP5)?  Thanks in advance. 
updated discussion 23 Jun 2017
I just opened the following case with support. Can anybody else confirm this behavior? I currently have Symantec DLP Endpoint Prevent policies configured to detect sensitive information within Email/SMTP messages. Today it was discovered that certain special characters may cause issues with incident detection. A user sent an email containing sensitive information that should have been ...
updated discussion 23 Jun 2017
Hello everyone. I am appealing to the experience of this forum. We are Symantec service partners in Argentina. This is the first time we have implemented SMG with Groupwise (we always do with AD). We need information on how to implement Authentication, Recipient Validation and Address Resolution on this environment. All the information you can provide, beyond the one related to the ...
updated discussion 23 Jun 2017
I would just like to ask about WannaCry ransomware 2.0 latest news? Is there any new variant for this threat? and are we still protected from it specially for those that still using SEP 12 (I'm currently using 12.1.6 MP5)?  Thanks in advance. 
updated discussion 23 Jun 2017
I just opened the following case with support. Can anybody else confirm this behavior? I currently have Symantec DLP Endpoint Prevent policies configured to detect sensitive information within Email/SMTP messages. Today it was discovered that certain special characters may cause issues with incident detection. A user sent an email containing sensitive information that should have been ...
updated discussion 23 Jun 2017
Hello everyone. I am appealing to the experience of this forum. We are Symantec service partners in Argentina. This is the first time we have implemented SMG with Groupwise (we always do with AD). We need information on how to implement Authentication, Recipient Validation and Address Resolution on this environment. All the information you can provide, beyond the one related to the ...
new article 22 Jun 2017
Vault 7 is a series of documents that WikiLeaks began to publish on 7 March 2017, that allegedly detail activities and capabilities of the United States Central Intelligence Agency to perform electronic surveillance and cyber warfare. The files, dated from 2013–2016 and again allegedly include details on the agency's software capabilities, such as the ability to compromise cars, ...
updated article 22 Jun 2017
In April 2017, an attack group calling itself the TheShadowBrokers, released a trove of data it claims to have stolen from the Equation cyberespionage group. The data contains a range of exploits and tools the attack group state were used by Equation. TheShadowBrokers said that the data dump was a sample of what had been stolen from hacking Equation and that the “best” files would be auctioned ...
new article 13 Jun 2017
Hello DLP Users.. I wanted to share some information on how to get DLP to Scan using SSH. I had a customer who wanted to scan their File Server (EMC Isilon), but NOT all of the File System was accesible via NFS or CIFS shares. They were able to provide me a ROOT account that I could SSH directly to the File server. So I began to figure out how to be able to Mount a file system using SSH as ...
new article 13 Jun 2017
  Hello DLP Users.. I wanted to share some information on how to get DLP to Scan Amazon AWS Buckets. I had a customer who wanted to scan their Amazon AWS Storage (S3), there is no documentation on how to do this and it is currently NOT supported by Symantec So I began to figure out how to be able to Mount a S3 file system using fuse. This lead me to S3FS! S3FS is a FUSE (File System in ...
updated blog entry 23 Jun 2017
Organizations continue to embrace the cloud with higher use of file sharing and adoption of even more cloud applications.  In the second half of 2016, Symantec customers on average broadly shared more files in the cloud than ever before. At the same time, they are sharing data more responsibly. Research shows a significant reduction in the percentage of broadly shared files in the cloud ...
updated blog entry 23 Jun 2017
We are so happy to announce that we did it! We created the industry’s first integrated cloud security solution with true enterprise DLP and full cloud access security broker (CASB) capabilities. And it’s available now. From the moment the Symantec acquisition of Blue Coat closed in August, our joined development teams went all in to solve this critical issue.  And we did it in just over ...
updated blog entry 21 Jun 2017
I. BACKGROUND: We have been dealing with new Sality variants for more than 12 years and the Sality.AE family for a little over 9…the variants keep coming. It has become one of the most common file infectors reported by Enterprise customers. With its ability to move through shares and disable AV, it’s one of the most destructive and tricky threats we have out there. That said, it’s not too hard ...
updated blog entry 21 Jun 2017
I. BACKGROUND: In mid-2009, W32.Changeup, was first discovered on systems around the world. Over the last few years, Symantec Security Response has profiled this threat, explained why it spreads, and shown how it was created.  Since November 2012 we have seen weekly spikes the number of W32.Changeup detections and infections. The increase in detections is a result of a renewed ...
updated blog entry 20 Jun 2017
Problem Statement: Organizations wants to block the outbound emails which is going outside the organization when outbreak is triggered and allowing inbound email. This is required to avoid blacklisting the email domain on ISP due to email outbreak with same subject or attachment. As SMSMSE has limitation to bifurcate the email message recipients as external and internal and ...
updated blog entry 19 Jun 2017
賽門鐵克「2017年第22期網路安全威脅研究報告 (ISTR):威脅態勢探討」網路研討會 時間:14:00 - 15:30 (中國標準時間) 日期:2017 年 6 月 21 日 主講人:台灣賽門鐵克首席技術顧問 張士龍 2016 年目標式攻擊者使用的技術大幅改變,包括持續興起的勒索軟體,以及從物聯網裝置所發動的重大攻擊。  這次網路研討會將分享第 22 期 ISTR 的各項資料,深入瞭解 2017 年影響我們的各種威脅及趨勢。其中將涵蓋報告的重要發現以及各種最佳實務準則,讓我們在 2017 年獲得充分的保護。 從這份受到高度肯定的研究報告中獲知事實,瞭解何以: •從事政治動機的破壞與顛覆的目標式攻擊正以驚人的速度成長 •每 131 封電子郵件就有一封具有惡意連結或附件,是五年來的最高比例 •勒贖金額激增 266%;美國名列首要目標,有 64% ...
updated blog entry 16 Jun 2017
Email security remains more of a challenge than ever for organizations. Not only is email still the preferred mode of attack, but clever cohorts of malicious actors are improvising to develop new evasions of traditional email security defenses. How secure is your email? Here’s what you need to know: The data paint a troubling picture of the threat landscape with the incidence of malware-laden ...
updated download 22 Jun 2017
This Page has information on AWS Cloud formation Template (CFT) based test drive that can be used by CWP users to validate CWP features. This template automates the creation of instances, subnets, VPC's etc. Multi-tier Organisation Setup ABC Trade Corporation is a leading multi-national company. It has typical N-tier architecture, separating front-end and back-end of the organisation. Each ...
updated download 24 Apr 2017
Symantec DCS Policy Utility v1.0.0.11 For Windows OS (Note .NET Framework 4.5 is required) Designed to help you tune your policy by processing the log files from an Agent. There's a getting started tab that explains the best steps to get the logs and events you need to troubleshoot your policy. The program does not make any changes to the machine or policy. It parses the sisidsevents and ...
updated download 17 Apr 2017
The database space reclamation utility lets you reclaim unused incident LOB space in your Symantec Data Loss Prevention Oracle 11g Standard database. This can use the database space reclamation utility after migrating incident attachments to external storage, or after deleting a large number of incidents.
updated event 20 Jun 2017
Symantec has just released new advanced threat protection capabilities for Messaging Gateway 10.6 based on integration with Symantec's Content & Malware Analysis platform. This new advanced threat defense option for Messaging Gateway provides offloading of messages to Content & Malware Analysis for further inspection and comprehensive malware detonation.  Join Symantec product ...
updated event 19 Jun 2017
Please join us for the next Columbus Data Loss Prevention User Group meeting, Tuesday June 20, 2017, from 12 noon to 4:00 pm -- at the offices of DSW in Columbus. Food will be served! Location: DSW Designer Shoe Warehouse – 810 DSW Drive, Columbus, OH 43219. Tentative Agenda: 12:00 - 1:00:  Networking lunch at DSW's Cafe! 1:00 - 2:00:    Symantec Presentation - ...
updated event 12 Jun 2017
Webinar: A Panel Discussin on Google Docs and the Future of Phishing Scams TIME: 1:00 PM (PST) / 4:00 PM (EST) DATE: June 8, 2017 When the Google Docs phishing scam spread across the network in early May, it showed what a sophisticated phishing email looks like. It did not ask for a user's password and in some cases, it came from contacts the user already knew. What made this scam so hard ...
updated event 07 Jun 2017
Please join us for the next Pittsburgh Security User Group meeting on July 27, 2017 from 2pm to 5pm at the Jerome Bettis Grille 36 -- 393 N. Shore Dr. Pittsburgh, PA 15212. Agenda 2:00 – 5:00 pm Welcome & Introductions - Tony Stasa Symantec Presentation: Tony Stasa & Valerie Zaucha Customer Presentation: TBD Customer Roundtable (3-4 topics/groups) Conclusion, Feedback survey & ...
new event 02 Jun 2017
WEBINAR: Year in Review: Financial Sector Threat Activity TIME: 11:00 AM (PST) / 2:00 PM (EST) SPEAKERS: Candid Wuest, Threat Researcher, Symantec and Vikram Thakur, Researcher, Symantec Financial institutions are increasingly facing attacks on multiple fronts. Cyber criminals continue to target online banking using malware to hijack customer transactions and banking ...
new event 01 Jun 2017
PORTLAND COMBINED USER GROUP MEETING: LOCATION: Cambia Health Solutions; Cambia 1621 SW First Ave. Portland, OR 97201 DATE: 8/15/2017 TIME: 5:30pm (Happy Hour & Dinner Provided)  AGENDA: TBA
new event 17 May 2017
WEBINAR: Using the NIST Cybersecurity Framework to Identify PHI TIME: 10:00 AM (PST) / 1:00 PM (EST) SPEAKERS: Axel Wirth, CPHIMS, CISSP, HCISPP, Technical Architect, Symantec & Vishal Gupta, VP, Engineering/Product Management, Symantec Part 2 of 7: The NIST Cybersecurity Framework Healthcare Webinar Series Of the 16 critical infrastructure sectors, healthcare is the only one yet to ...
updated event 16 May 2017
WEBINAR ON-DEMAND VIEW ANY TIME Don’t Cry Over WannaCry Ransomware Wannacry is big but how big is it really? It’s important to understand how this piece of ransomware is operating, what you can do to stop it and what to do if you’ve been compromised. Join us to learn what Symantec customers and non-customers can do against this threat and future threats like it. Register Now (CLICK HERE)
new video 27 Apr 2017
This video forms part of a series which describes the actions administrators will need to take in order to setup the Symantec Email Quarantine when they are using the Symantec Email Security.cloud service. This video focuses on creating the correct user permissions in the ClientNet portal to ensure that the quarantine administrator may take all necessary actions.
new video 27 Apr 2017
This video forms part of a series which describes the actions that administrators will need to take in order to setup the Symantec Email Quarantine when they are using the Symantec Email Security.cloud service. This video looks at the Quarantine portal and some of the more common actions that administrators may wish to take, such as customizing the Email Notifications that are generated to end ...
new video 27 Apr 2017
This video forms part of a series which describes the actions that administrators will need to take in order to setup the Symantec Email Quarantine when they are using the Symantec Email Security.cloud service. This video looks at the Quarantine options in ClientNet itself and the various options available for quarantine administrators to configure.
updated video 27 Apr 2017
This video forms part of a series which describes the actions that administrators will need to take in order to setup the Symantec Email Quarantine when they are using the Symantec Email Secrurity.cloud service. In this video you will be walked through how to turn on quarantine settings for the services that are included in your bundle: either Anti-Spam only, or Anti-Spam, Data Protection ...
new idea 21 Jun 2017
In SEPM 14 (MP1 and MP2) the feature Add a Computer has been removed. Previously when you right click on a container under Clients. The drop down menu provided an option to Add a Computer. That feature has been completly removed from SEPM 14. We were using this feature on a daily basic. Please put it back.
new idea 20 Jun 2017
Currently, you cannot select multiple workstations if you convert it from Computer Mode to User Mode or vice versa.
new idea 20 Jun 2017
Request: Add support for %USERPROFILE% environment variable to Custom Exclusions Path Macro. Use Case: Current Path Macros focus on all user pathing but do not provide coverage for per user pathing.  It is difficult to exclude common resources used by many users which are stored under per user pathing.
updated idea 20 Jun 2017
Request: Add support for environment variables in exclusions. Use case: Resources with variable pathing based on environmental variables are difficult to exclude.  As an example resources stored under "%USERPROFILE%\Application\Extensions" would require a static exception for every user in the environment which needs their Extensions folder excluded.
new idea 19 Jun 2017
There used to be a setting to never log out of the remote Java console. I have multiple customers who have the SEPM console up in their NOC's and they constantly have to log back in. This is the only console in their BNOC that times out.
new idea 09 Jun 2017
I have a customer who is noticing that reports are showing that systems are/were affected by a virus/malware yet this does not reflect in the Activity summary on the homepage. The SEPM Logs are also fed into QRadar and shows that there was an infection that dies not show on the Activity Summary. Can we get the Activity Summary to reconsile with reports and logs?
new idea 08 Jun 2017
Creating this on behalf of MSU. Customer would like to be able to configure the initial web console traffic (download & login screen) to use SSL secured traffic rather than plaintext. Currently, changing the port from default of 9090 by using the Management Server Configuration Wizard is possible, but doesn't enable SSL security, it's still plain text.
new idea 08 Jun 2017
Would be useful in the cases of multiple SEPM environments and migration work if you were able to use location awareness to set which management server list you'd like a machine to report into and maybe be able to define location rules based on OS of clients.  For example moving clients to a new SEPM but you don't want the unsupported operating systems to move to the new environment. Then ...
new idea 07 Jun 2017
I have a customer who would like to submit a product enhancement for SEP. In the Clients tab, under clients, having the ability to roght click on a client and get an activity summary or risks, viruses and spyware.
Member Name
Reward Points
All Time
Member Name
Reward Points
Last 30 Days
Member Name
ArticlesSolved
Mithun Sanghavi
1,267
60
SMLatCST
435
1
jjesse
107
24
ℬrίαη
2,792
22

A Message From Your Community Manager: RGMDonaldson

Welcome to the Security Community on Symantec Connect.

The Security Community covers many different security products from Symantec and provides valuable technical information for each.

Please feel free to contact me via private message with any questions you may have.

I look forward to hearing from you and answering any questions about the Community.

Login to contact the Community Manager.