Hello Everyone,
I am facing problem regarding replacing keys on server, I have to manually delete the old keys and upload new keys, can't it automatically upload new keys replacing the old one, I am using PGP in one of my mobile application, I am using LDAP provided by UnboundID SDK to upload or retrieve keys to-and-from server.
Any help will be very beneficial,
Thank You!.
If we upgrade sepm A to ver. 14 and do not upgrade SEPM B to ver. 14, can replication between this two happen
We are using SEPM 12.1.6 RU6 MP3
Is a newer or later link available? I cannot seem to open it.
Hello -
I have a customer who I'm told formerly used Symantec's email security product, but has migrated to and uses Office365 - thus the Symantec product was dropped for them.
However, they have a business partner who does use Symantec Email Security. Their email system reports the email was successfully delivered, Symantec is reporting it delivered, but it is never making it to the Office365 service. The mail logs at Office365 do not see any attempt of delivery, rejection, etc of the mail from the remote domain. Microsoft confirms these findings.
I believe that the Symantec system is delivering the mail to the setup it sees for the customer in the Symantec system and is never actually delivering the email to the MX record.
I do not see any support option for this and the business partner has maintained that the issue is not on their end as it shows delivered.
What would my options be with getting this resolved (or at least ruled out) at Symantec?
Hi guys!
I have a SMG with trial license but the SPAM definitions are not up to date. I've rebooted the server, restarted the Conduit service, and reloaded the license but the issue persists.
This is the log that the Control Center shows:
| Date: | Thursday, Sep 07, 2017 09:38:08 AM CDT |
| Severity: | Error |
| Host: | Local Host |
| Log type: | Conduit |
| Description: |  Error from web server 471 - License Invalid : unable to GET: https://aztec.brightmail.com/rules5/dayzero.vcdiff/4/latest. |
Hope anyone could help me.
Greetings!
Hello, customer service directed me here.
I bought Symantec Endpoint Encryption (powered by PGP Technology) and installed it on my Mac (version Sierra 10.12.5) but found through customer service afterward that the software was not compatible with that latest version of OSX. They issued me a refund and I thought I uninstalled the software and deleted all related files by searching "PGP" and "Symantec" and deleting everything I found. A month later, after booting my laptop, I am receiving incessant notifications saying "External Connection Detected" followed by "Encryption desktop has detected an SSL/TLS connection initiated by your mail client..." No matter how many times I click OK and check "Don't warn me again," it keeps popping up. Please advise on how to completely remove any and all Symantec/PGP software from my machine. I tried the Terminal command uninstall_pgp.pl and it says "command not recognized."
Info on product: order number SP1310821, SKU 47W6XZF0-EI1EA.
Thanks in advance.
Hi Peeps,
Do you have any use case of sample scripts and executable that you run during notification triggered? thanks.
Hello everyone,
Is it possible to change Drive Encryption Non-Windows Password from SEE Management Server? We're using SEE version 11.1.X
By now, I think it is not possible due to the fact that the SEE user control is manage only via SEE Client Administrator (at endpoint).
However, in a Scenario where Helpdesk would like to add/remove register users at SEE Client Administrator remotely. How can we do that? Is it even possible? Maybe via GPO?
Appreciate your thoughts and suggestions.
Harold
Hi,
We have 3 S400-30s in our environment. They have SGOS 6.7.11 on them. We have been having issues with WCCP becoming unstable on the swith they are attached to.
And this past week or 2 the BlueCoats reboot on their own at random times. Today I received the following in and alert email.
Health check 'drtr.rating_service' changed from: Unknown, to: DNS failed, and has become sick. Status: Health check DNS resolution failed.
Has anyone ever seen this?
Thanks,
Jim
Dear All,
what is this SOC and how it works?
Currently SEP 12.1.7 Installed. Customer wants to deploy Cylance as well in cunjuction to SEP. Regardless of the 2 programs working together does running a second antivirus in conjunction with SEP void any support agreements?
This Saturday, September 9th, Europe celebrates its third annual European Battery Recycling Day. This day, organized by Eucobat, a European association working to ensure that all waste batteries are collected and recycled in an ecologically sound way, works to raise the awareness of consumers and businesses on the importance of collecting spent batteries for recycling.
In France, nearly 45,000 students will participate in a large collection of batteries through organized events throughout the country. More than 1.3 billion batteries are sold each year in France, but after they are used, many end up in the trash. To avoid the risk of pollution and recover the metals in battery, Corepile is organizing Battery Recycling Day in France, while Stibat runs efforts in the Netherlands. There will be more than 24,000 places, including supermarkets, drug stores, and primary schools, in the Netherlands where people can drop off used batteries.
As we use more and more electronic products, batteries are now indispensable in our daily lives. As the number of batteries used each year grows, as does the need for battery recycling. Batteries require a special recycling process due to the substances found inside, some of which are harmful to the environment. Often, these substances can be reused, another benefit for the planet.
At Symantec we are doing our part by meeting all applicable legal and regulatory requirements related to batteries. Amongst several European Directives that apply to Symantec hardware products, there are two, the European Batteries Directive and the Waste Electrical and Electronic Equipment (WEEE) Directive, that require manufacturers or importers to deal with batteries specifically. These requirements include:
Symantec itself offers its professional customers across the globe an option to return their used appliances. Symantec then determines if and what components of a returned appliance can be reused and refurbished or must be responsibly recycled. Customers in many European countries can also use the EARN network, which Symantec supports, to have their old appliances recycled in a responsible manner.
Symantec has partnered with Thinkstep on battery compliance to manag Re our reporting obligations through their EC4P program. Thinkstep, which provides sustainability software, data and consulting services, helps businesses drive operational excellence, product innovation, brand value, and regulatory compliance. Through the EC4P program, Symantec reports to one entity and Thinkstep helps ensure that we meet the national battery and WEEE laws in many European countries, and more around the world. EC4P experts help Symantec stay up-to-date with changing regulations and help us implement cost-effective and reliable compliance arrangements in each country.
We hope you’ll join the efforts on European Battery Recycling Day! Several Symantec sites across the globe – including Cape Town, Dublin, Dubai, Paris, and Warsaw - are facilitating a battery recycling effort for employees. Contact your facilities team to see if your site is participating.
We will also continue to provide products and services that meet and exceed international standards, including those related to battery recycling, to do our part for the planet. For questions, information or documentation on any aspect of Symantec's products or supply chain please contact cr_compliance@symantec.com.
There is a subset of individuals being monitored that we want to automatically change the incident status to a specific predefined value as soon as their endpoint incidents or network incidents are detected. How can we do that?
I have installed version 14 of SEP on Windows Server 2012 R2. When I try to Run a scan after a few files it gets stuck. Pause and Cancel dont work. I have to Restart the server to try again. I haven't managed to run a single scan.
Thank you
Recently, Microsoft issued a newSecurity Intelligence Reportthat includes some interesting insights regarding attacks on cloud apps. The analytical points from the report are highlighted below:
Microsoft reported a 300% increase in the company’s cloud-based user accounts being attacked year-over-year as of 1Q2017 vs. 1Q2016
The number of account sign-ins attempted from malicious IP addresses increased by 44% year-over-year in 1Q, and over two-thirds of incoming attacks on Azure services in 1Q came from IP addresses in China and the US.
Ransomware encounter rates are the highest in Europe vs. rest of the world in 1Q2017.
These findings highlight the need to stay vigilant in pursuing comprehensive security solutions for your cloud activity. As you’re well aware, bad guys will follow the money; so when sensitive corporate content moves to the cloud, attacks will follow. Microsoft’s research findings seem to confirm this adage.
Here we will demonstrate how Symantec CloudSOC helps subvert the cloud attacks highlighted in the recent Microsoft report. Let’s take a look into the threats and supported detection controls provided by CloudSOC.
Recently, hackers have begun using cloud apps to distribute ransomware to end-users. Two attack variations have been encountered. First, ransomware is uploaded to the cloud storage app and a direct URL is distributed to end-users for download. Second, the malware specific URL (referencing the ransomware uploaded to the cloud) is used in conjunction with additional malicious code (iframe code, JavaScript, etc.) to trigger stealth drive-by download attacks. The Cloud Threat Labs research team has previously covered the spreading of petya ransomware via dropboxand cerber ransomware via Office 365.
Symantec CloudSOC has built-in capabilities to detect threats in files uploaded to cloud storage apps. The detection mechanism scans the files to unveil malicious code that may exist within. For example, when a user uploads a file to the cloud app, it is scanned for potential threats and an associated report is shown in CloudSOC. The administrator can configure additional policies to restrict the sharing of the malicious file with other users and prevent the distribution of malware. In addition, the end-user has an associated threat score profile that highlights the risk associated with the end-user who uploaded the malicious file to the cloud app. The malicious file can be ransomware or an other type of malware, but at the end, the malicious files will be flagged. As a result of successful detection of ransomware, the infections can be controlled or prevented upfront. CloudSOC is equipped with a content inspection feature that detects the malicious files and alerts upfront.
Cloud apps are being used by hackers to take over user accounts. One of the primary attack vectors is the brute-force / dictionary attack in which multiple login requests are sent over a period of time with different sets of credentials. The attack is driven with a motivation to hijack the user account by launching a robust automated attack. The attackers can use the intelligence from the previous set of attacks.
To deploy detection controls upfront, CloudSOC provides an inherent capability to configure alerts for detecting automated attacks launched against Office 365 accounts. The alerts will trigger when thresholds are hit. Importantly, administrators can configure the settings as the screenshot below using organizationally approved policies.
As highlighted in the Microsoft Threat Research report, Office 365 was frequently accessed from malicious IPs over a period of time. This could reflect the two scenarios: First, the attacker has compromised a users’ credentials and then used them to access the application. Second, the attacker was trying to obtain the users’ credentials by launching automated attacks in a distributed manner from wide variety of IP addresses belonging to different geographic locations on the Internet. It is very important and essential part of the threat intelligence process to determine how, when, and from where users’ accounts are accessed. CloudSOC provides detection control to define alert settings for checking account access from the suspicious locations.
Apart from detecting the threats above, Symantec CloudSOC has the most robust solution for protecting Microsoft environments, including:
Hi,
SEPM Web console not opening Showing error as the request resulted in an internal Error.
Hi.
When i deleted response polices, response policies were not deleted because response policies were allocated.
But response policies were not allocated.
How can I solve this problem?
I attach two situation pictures.
Hi
Licensed Symantec Endpoint Protection didn't detect VBS-trojan (attached).
https://www.virustotal.com/ru/file/7ed68cc7a22b7e5...
Hi, for sizing calculation I need to calculate the number of SPE required = total data flow from NAS system to SPE / SPE throughput.
How is possible to calculate the data flow ? There is a traffic monitor tool also for SPE 7.9 ?
