Currently it is not supported to import Mac OSX Computers from an Active Directory OU into the SEPM:
https://support.symantec.com/en_US/article.TECH132795.html
I would like to see this feature enabled for Macs (as it currently is for Windows Computers) for ease of management/policy assignment.
Im using Backup Exec 2012 to test stored backup tapes. Because these are stored, they are always dated 30+ days past.
When I go into the Restore to check what is on the backup, each and every time I have to adjust the date at the top. It's set to 30 days previous, but I need to to be further back than that. Rather than have to click this each and every time and set a date before I expect the backup to be, i'd like to be able to CHANGE the default setting from 30 days to maybe 60 or 90.
Is this possible?
Please join us for the next Tri-State Data Loss Prevention User Group meeting on Wednesday, March 15 from 2:00 pm to 5:30 pm at Great American Insurance (Dixie Terminal North - Room 1) in Cincinnati.
Lunch will be served!
(Some of the agenda is set now, and some will be nailed down as we get closer.)
Agenda
5:30 – Happy Hour
I have SEP 14 installed on my ubuntu machine and I'm struggling to get the auto protect to stop malfunctioning.
systemctl is showing that the module isn't compatible with my updated kernel. Another post mentioned that you could manually recompile the autoprotect module. But the documention doesn't show you where exactly to run ./build.sh from.
https://support.symantec.com/en_US/article.TECH132...
systemd[1]: Starting LSB: Symantec AutoProtect Modules...
autoprotect[685]: Starting AP: insmod: ERROR: could not insert module /opt/Symantec/autoprotect/symev-ub-ST-14-4.4.0-28-generic-x86_64.ko: Invalid module format
autoprotect[685]: insmod: ERROR: could not insert module /opt/Symantec/autoprotect/symev-ub-ST-14-4.4.0-21-generic-x86_64.ko: Invalid module format
autoprotect[685]: <11>Jan 19 16:29:05 symev: unable to load kernel support module (UNSUPPORTED-OS-ub-ST-14,15,16-4.4.0-59-generic-x86_64)
systemd[1]: autoprotect.service: Control process exited, code=exited status=1
systemd[1]: Failed to start LSB: Symantec AutoProtect Modules.
The Cloud console should contain all historical events that are visible on the clients.
I'm seeing both of my SMG's using > 1000 IOPS on a regular basis. Is this normal?
This seems really high for a email gateway, especially considering our email volume (~200 mailbox users, our busier SMG is processing maybe 10K messages a day).
Both of our SMGs are virtual appliances with combined scanner and control center, are running v10.6.2-7, and have 4 vCPUs and 8 GB RAM each.
Symantec is pleased to announce the General Availability of Symantec Workspace Virtualization & Workspace Streaming (SEV) 7.6 HF8 via File connect.
This document contains release information and known issues for this release of Symantec Workspace Virtualization and Symantec Workspace Streaming 7.6 HF8. Symantec Workspace Virtualization and Symantec Workspace Streaming contains the following:
The version numbers for this release are listed below:
Following are the Workspace Virtualization highlights of this HF:
| Abstract | KB |
| BSoD error is received on Windows 10 version 1607 and Windows Server 2016 | TECH235603 |
Importing layers through IT Management Suite Software delivery randomly returns the following error: Activating layer_foo | TECH236844 |
| The AppStreamService.exe crashes with the following error code:0xc0000005 | TECH236845 |
Former U.S. Treasury Secretary Henry Paulson describes climate change as "the single biggest risk that exists to the economy today." It is estimated that $4 trillion in assets globally will be at risk from climate change by 2030.
At Symantec, focusing on environmental performance not only supports our business objectives, it also contributes to the urgent action needed to combat global climate change and other environmental challenges. Our environmental strategy addresses our responsibility as an individual business and as a global stakeholder to create a world where connectivity and environmental health can flourish. A central part of this is our ability to support a low carbon future through minimizing resource use across our business operations, incorporating environmental stewardship into our product and supply chain operations, engaging employees in protecting the environment and partnering with others to leverage our collective impact.
This past fall CDP published its annual scoring and leadership indices across crucial environmental impact areas including climate change, supply chain impacts, water scarcity and deforestation. CDP is a globally recognized reporting framework that is integral to our environmental strategy for a variety of reasons:
Symantec is proud to have reported to the CDP Climate Change survey since 2008, CDP Supply Chain since 2012, and to CDP Water for the past three years. Symantec received an A- on our climate change response, placing the company in the leadership bracket. Additionally, we scored an A- on the supply chain response and a B on the water response.
Details behind our improvements
Our improved CDP Climate Change score wasdue in part to our new ambitious GHG reduction target (reducing GHG emissions by 30% from 2015 to 2025) and environmental projects that resulted in a 5% reduction in GHG emissions from FY15 to FY16. Examples of projects include energy use reductions in our Tuscon data center, energy efficient design and operational updates to our Mountain View campus, increasing our reliance on clean energy in regions such as India, and strategically consolidating space to increase efficiencies.
Additionally, we continued to take part in various industry initiatives to tackle climate change and transition to a clean energy future:
Continuing to set our bar high
Our improvements this year are exciting, however, we recognize the need for continual improvement to meet our goals. Over the coming months we will gather data on our FY17 progress, remain focused on our ambitious 3% per year GHG emission reduction goal, continue our advocacy efforts and work to integrate newly acquired companies into our environmental strategy.
Additionally, as a company whose core mission is the protection of information, we recognize the role our market-leading products and services play in ensuring that technologies contributing to a sustainable future are able to remain safe and secure.
We look forward to bringing you more updates on our environmental activities here on our Corporate Responsibility blog and in our annual CR report next year.
Amanda Davis is Symantec's Senior Manager, Corporate Responsibility and Environment.
Hello,
In one of the most recent updates, you guys added a feature to disable clickable URL's. We were excited for that feature, but it doesn't tell us what the URL was, so we don't know where to implement it.
I think it would be very helpful to use Symantec's reputation engine to look at any URL in the email and detect if it is malicious or not. It seems like you would already have the pieces in place with the global reputation network.
Thanks,
Mike
Hi there everyone,
in my company we use SEP SBE Cloud to manage 9 endpoints, and we where wondering if there is a feature to block certain websites, or block all websites allowing just some in a whitelist.
I've found different refernces on creating Firewall policies to do that, but I think they are all referred to the Enterprise version of SEP, as I can't find nothing similar in SEP SBE Cloud Console:
Thanks and have a nice day!
Nicolò
Hi there everyone,
I'm a bit confused on current Symantec Endpoint Protection line of products; below is what I have understood.
On Premise Solutions:
Hosted Solutions:
Licencing seems also different (here): it's a per user subscription, not a subscription per endpoint. In my company all our endpoints are workstation shared across different people: we have almost 20 users but just 9 endpoints; do we have to purchase 20 subscriptions?
Thanks and have a nice day!
Nicolò
As more services are provided online – from healthcare patient portals and electronic prescriptions to government services – they must be safe and secure to protect consumers’ personal information. To respond to this growing need, Symantec’s Norton Secure Login provides a trusted authentication infrastructure for identity assurance.
Norton Secure Login recently achieved Identity Ecosystem Framework (IDEF) certification – the first identity solution to do so. The certification provides organizations in the public and private sectors, as well as citizens, with increased confidence that their online services and transactions are secure.
The IDEF was developed by the Identity Ecosystem Steering Group (IDESG), a public-private partnership committed to developing and implementing identity practices that make the internet safer. The framework is based on the National Strategy for Trusted Identities in Cyberspace (NSTIC), a government initiative calling for an online environment where individuals can choose from a variety of credentials to use in lieu of passwords for interactions conducted online.[1]
The solution employs Symantec’s proven security measures such as two factor authentication, anomaly detection, activity monitoring, encryption, and single sign-on. With Norton Secure Login, users can access services and complete transactions online without needing to create and manage multiple log-ins and passwords, which can be easily compromised.
The IDEF certification confirms that Symantec Norton Secure Login meets a set of common requirements for privacy, security, interoperability, and user experience. It further proves Symantec’s commitment to the NSTIC initiative and dedication to leading the way in providing compliant identity services that support and protect customers’ online activities. Symantec Norton Secure Login is also Federal Identity, Credential, and Access Management (FICAM) certified– providing Federal agencies with the assurance that it meets the government’s standards for secure authentication.
“Symantec is an IDESG founding member and has been an important and valued contributor to the group and to the development of the IDEF. Symantec’s investment to improve the identity ecosystem and obtain IDEF certification is clear evidence of its commitment to improving customers’ online security and privacy. Symantec’s participation in the IDEF further solidifies the framework as the emerging gold standard for Internet identities,” said Sal D’Agostino, IDESG President.
Symantec is one of only four vendors that are FICAM certified and the only vendor to have an identity service that is both FICAM and IDEF certified. The new certification supports Symantec’s dedication to providing a safe and secure environment to support online innovation for its customers. As the first company to achieve IDEF certification, Symantec provides its customers – commercial companies and Federal agencies alike – with the comfort of knowing they have a secure authentication infrastructure.
1 http://www.idesg.org/About/Overview
**REPOSTED FROM HEALTHITJOBS.COM BLOG Tuesday, January 17, 2017**
What do theater and health IT have in common? A lot, according to David Finn, CISA, CISM, CRISC, member of ISACA, and Health Information Technology Officer for Symantec. Although he now works to combat major cybersecurity issues in health IT, he began his career with a master’s degree in theater. And he’s just as passionate about health IT as a thespian is about their art.
“This may be the most exciting time in the history of healthcare and the most exciting time to be engaged in information technology,” Finn said. “Put the two industries together and you have a chance to really change the world, to make people well and keep them healthy with technology. You have the opportunity to change the way healthcare is delivered, making it cheaper, better, and faster than we ever imagined.”
We spoke with Finn to talk about his unique path into the field, cybersecurity, and the future of health IT. Here’s what he had to say:
While a theater degree and IT seem like an odd pairing, Finn sees his career as a natural progression. Many of the concepts he learned in theater actually apply to skills he’s needed to succeed in IT.
Theater is about understanding what drives people to do things the way they do. So, writing code was an easy leap from theater — I was telling a computer what to do to elicit a particular input from an end-user. Play script or deck of punch cards, it was the same process to end production.
For several years, I moved back and forth between IT audit and what was then called management information systems. As an auditor, I learned controls and risk. In IT, I learned that operations for an organization were much more critical than filling out the questionnaires “properly.” Both were important lessons, and they shouldn’t be mutually exclusive. I had been an auditor at a major Integrated Delivery System and I had seen IT from both sides, but “cyber security” hadn’t really been invented yet.
When I had the chance to move from IT consulting to security in healthcare — this is still before HIPAA was in effect — I jumped at it. It was like writing my own play, where operations and security actually worked together. The best art comes from constraints and limits. The best systems are created when security is built into operations and workflows. An uncontrolled system is as worthless as one that is so locked down, no one can use it.
For professionals with unusual educational backgrounds looking to enter health IT or even those with at least some of the technical fundamentals, Finn suggests they start on the clinical side.
Learn healthcare first, preferably from an operational perspective, then move to technology. People with clinical backgrounds are in great demand.
So if you are in IT already and want to move to health IT, start to learn how healthcare works. Volunteer at a hospital to see and understand the needs. Take classes. There are more and more educational opportunities to learn health IT. Get certified in privacy or security in healthcare.
Learning the ins and outs of healthcare is just the first step. Finn believes it’s important for all professionals to earn certifications and participate in organizations like ISACA to keep their skills sharp.
Certifications are critical to maintain professionalism and stay current in a world that changes, literally, hour by hour. It is nearly impossible to keep up on your own. And belonging to organizations like ISACA provide the platform, training, and education to keep up with the times.
ISACA is one the best professional membership organizations worldwide and it is directly related to some of the most important work going on in the world — protecting our information and our identities. ISACA defines the roles of information systems governance, cybersecurity, audit, and assurance.
One of the things that our cyber world has done is shrink our “real” world. Cyber is global, and our training, education, personal network, and certifications should be as well.
Security is one of the biggest issues in health IT right now, but Finn thinks the nature of healthcare will require different solutions.
In my opinion, there are two main barriers to better security in healthcare. First, because healthcare was late to digitizing business, there was never really a need for cybersecurity. When you could lock up all the medical records in the records room, security was easy.
Then we rolled out Electronic Medical Records (and that happened quite fast, frankly), but it happened with little attention to privacy and security because no one understood that was a need. So, you have this historical lack of attention to and investment in security.
Now, people are beginning to understand. After millions of breached records and hundreds of hospitals shut down or slowed down due to ransomware, it is beginning to sink in. Not unrelated to that is the fact that privacy and security was pushed out under HIPAA as a compliance issue. It was more important to check the boxes than to really implement effective, risk-based policy and procedure.
Second, healthcare is a uniquely difficult environment to secure against cyber threats, and often, security measures conflict with care delivery or research. There are a lot of shared devices, many of which are critical to patient care. Routine security measures in other industries sometimes won’t work in a clinical context. You can’t just log a doctor off the system if his session times out in surgery.
Despite ongoing challenges, Finn sees health IT as an exciting field that’s improving information and trust in the healthcare system.
Introducing information technology to healthcare has already changed it forever. One could argue about which changes are for the good and which may be a step backward in the patient-caregiver relationship, but healthcare will never be the same. I believe, overall, these changes have been and will be immensely positive.
Healthcare has always been about information: the details the patient can provide, the results of tests, what the physician knows about a specific disease or certain populations of people. But as we learn more, no one person can retain enough information to effectively correlate and synthesize millions of pieces of data. IT makes that possible. IT will be as indispensable as the stethoscope — and may replace it.
How do security, assurance, and privacy play into that? It’s about trust. If patients can’t trust doctors with their information, if physicians can’t trust the veracity of information from patients or other providers, if we don’t know who we are actually talking to or caring for, that is the end of healthcare.
As we have digitized healthcare, we have made information security and privacy a strategic function of providing care and the business of healthcare. Data may run at internet speed, but healthcare runs at the speed of trust.
We are running v14 of SEP. Currently when a user pauses and snoozes a scheduled scan, the scan does not resume from where it left off. Instead it starts from the very beginning when it resumes. It would be great if this could be fixed. Also, when a laptop is shutdown or put in sleep/hibernate mode during a scheduled scan, the scan completely stops. It would be great if you could introduce functionality so that a scan would not stop but rather would resume where it left off after coming out of sleep or hibernate. Thanks.
I have to create multiple policies with different response rules targetted for different user groups. The matching criteria in all the policies will remain the same. Hence I want to clone the policies so that it will save my time on defining matching criteria for each policy. Is there a way to do that?
I tried exporting the policy, changing its name and re-importing it. However it fails.
Does anyone know where the report tab has disappeared to as it is no longer in the java console nor inside the UMC for DCS:SA?
Why did Symantec remove the reports tab? Why is it no displayed in UMC?
Hi,
A client using my server for emails is having issues sending emails to a client using your service. The errors are:
Connection timed out H=cluster1.eu.messagelabs.com [195.245.230.83]
SMTP error from remote mail server after RCPT TO:<stook@tektura.com>: 421 Service Temporarily Unavailable
Can you see if our IP or their ISP IP has been temporarily blacklisted or why their emails are not getting through please??
server address is 91.146.110.198.
the sender address is as follows:
246.12-30-62.static.virginmediabusiness.co.uk
Sender IP: 62.30.12.246
If it is temporary like your error sugests how long will it take to heal itself?
Thanks in advance for any help/advice it would be much appreciated.
Kind Regards
Mark
Hi all
It seems that users can now partially disable SEP client inspite both "Allow users to enable and disable..." options in Client User Interface Settings are ticked off. Specifically, "Disable Symantec Endpoint Protection" option (after right click on SEP icon in system tray) is no longer greyed out and when user selects it it disables Generic Exploit Mitigation (screen below).
I was wondering if this is by design? This is new feature, possibly with issues, but I still don't think it is a good idea to leave it to (my) users to decide if they are going to use it or not.
Is there a way to disable this behaviour? Am i missing something?
Regards
We need removal of 194.78.2.199 - this is an uncompromised ip address.
Currently we are unable to deliver mail.
We are on no other blacklist.
Lunch will be served and a Happy Hour to follow the meeting!
Agenda
