Amazon’s recently announced mobile device is due to be released in July and some of its features may present potential security concerns for users.

Today was an exciting day for Symantec, and a first for the company on multiple fronts. Standing alongside former United States Secretary of State Hillary Rodham Clinton, Symantec Senior Vice President Aled Miles launched our signature Corporate Responsibility program - the Symantec Cyber Career Connection (SC3)—at the Clinton Global Initiative America meeting in Denver.

"This has been a priority for us because six years after the financial crash, many young people are still struggling. In fact, one of the most terrifying statistics is that nearly six million young Americans between the ages of 16 and 24 are out of school and out of work, and for those who don't get a college education or even high school, most doors just won't open no matter how hard they knock," said Secretary Clinton. "We want to get to work and it's one of the highest priorities for CGI America and I'm delighted that there is so much interest because ultimately it's about more than pay checks."

As a cybersecurity leader, Symantec is proud to play a key role in addressing the global cybersecurity workforce gap, providing training and identifying new career opportunities for underserved young adults who may not be college-bound. Through SC3, Symantec and a network of partners—including the nonprofits Year Up and NPower, as well as online career simulation company LifeJourney—will train young adults with the skills needed to get them on track for high-demand, long-term careers in the field of cybersecurity. A pilot of this program will start in August in New York City, Baltimore, and the San Francisco Bay area.

Bridging the workforce gap in cybersecurity

In a world of increased cybersecurity attacks, an estimated 300,000 cybersecurity jobs are vacant in the U.S.; among those, 60,000 could be filled by individuals without a four-year college degree. With the demand for cybersecurity professionals expected to continue to increase, Symantec is in a unique position not only to develop this pathway, but to leverage and strengthen the key components that already exist from other organizations addressing similar challenges. SC3 will package existing curricula (from Symantec, nonprofit partners, and major skills certifiers) to clearly define the sequence of skills and certifications that lead to a job, ensuring our participants are adequately trained before entering the workforce.

By bringing this unique program to high potential, yet underserved young adults, we have an opportunity to help improve their lives and career paths, while narrowing the cybersecurity hiring gap.

Developing a cutting-edge, first-of-its-kind program

Creating a multi-stage program intended to help increase the number and caliber of graduates in cyber careers requires the support of many people and organizations. Over the course of 12 months, we worked with a variety of expert stakeholders including FSG Social Impact Consultants, a steering committee made up of senior executives from a broad array of key Symantec functions (ranging from Government Affairs to Human Resources to our CTO), as well as feedback from interviews with 36 internal and 31 external stakeholders. SC3 is designed to:

1. Raise awareness and recruit underserved populations into long-term cybersecurity careers.
2. Offer an industry-recognized training program—implemented through a network of partners—that prepares underserved populations for in-demand certifications.
3. Following the training, partners will place students in cybersecurity internships to teach and develop needed on-the-job skills. Students have the opportunity to learn countless roles from being a support technician to being a network defense technician.
4. Training partners will connect program graduates to cybersecurity positions through Symantec’s network of customers and partners.

The program will also include specialized tracks developed by Symantec in cybersecurity as well as virtual mentorship from industry leaders.

“We’re excited to partner on a program that so closely aligns with Year Up’s mission to enable low-income young adults to move from poverty to professional careers,” said Gerald Chertavian, founder and CEO of Year Up. “We’ve known that cybersecurity is one of the main subjects that our students are interested in, and as an authority on cybersecurity, Symantec is an ideal partner. This program will open the door for so many young adults to the lucrative cybersecurity field.”

Symantec and the Symantec Foundation made an initial investment of $2 million in the Symantec Cyber Career Connection and will provide the curriculum and products to implement the program. While this is a pilot program, it’s expected to expand globally over the years and I look forward to experiencing the benefits this program brings to our workforce, Symantec, and the broader industry.

Cecily Joseph is Symantec’s Vice President of Corporate Responsibility and Chief Diversity Officer.

Here is the list of top Storage and Clustering community Support Technotes from April - June, 2014.

Before joining Enterprise Vault team, most of my work involved Oracle Database on Unix(Solaris/AIX/HP-UX), Linux and few Windows. Dtrace meant something very different back then. I crossed the line to Windows world in 2011 by joining the Customer Focus Team (CFT) of Enterprise Vault.

I do root cause analysis for Enterprise Vault product issues and try to help the customer by making the product better. Also I look after technical issues raised in Japan since I am located in Tokyo.

From my background, I like scripting languages and believe they can be powerful weapon for troubleshooting or just looking into a log file. I plan to share some of the techniques that I learnt which helped me understand what is happening under the hood.

Four part series of using Powershell to gather data from Registry/SQL Server/WMI and format them.

As with most of you, I’ve been involved in updating software for most of my technical career - whether they be for the operating system of choice, or application specific - homegrown or otherwise. Having used Microsoft technologies such as SMS and WUS/SUS/insert your own acronym, patch management solutions like Shavlik, and others, I can appreciate that applying a hotfix or update can be a time consuming task!

The Early Years…

Hotfixing Enterprise Vault has recently gone through a renaissance-like transformation. For a number of years, we released hotfixes in the form of one or more binaries, sometimes with a .SQL file, packaged in an ZIP file with instructions on how to manually apply them. This would usually entail taking a backup of the binaries to be replaced (along with a full backup of databases etc.), then copy/pasting the hotfixed binaries, and opening up SQLM and running the .SQL file manually against any applicable databases. 

Sometimes overlapping hotfixes meant that customers sometimes had to choose between one fix or another. Keeping track of what hotfixes had been applied to a system was difficult for everybody involved - customers, support engineers, even Engineering! As environments continued to grow, applying even a single hotfix manually meant having to log onto 10 or 20 servers. Not only did this take time, but the likelihood of missing a server out, or making a mistake, increased exponentially…especially when more than one hotfix was applied, or a large number of binaries needed to be manually copied to multiple folder locations, some requiring command line instructions post-application, service restarts etc..

Time for a Change

In October 2012, we took the first step in our transformation to improving the hotfixing landscape by releasing our first cumulative hotfix on Enterprise Vault 9.0.4. It was a basic cumulative hotfix with no frills - each logical ‘area’ of the product family had its own zip file that contained a collection of binaries and .SQL files applicable to the area in question. The major difference with this release over previous hotfix releases was that it contained all available fixes for the 9.0.4 version, without the worry of mutually exclusive fixes or incompatible binaries. Each zip also had a more productised list of fixes, available in the same HTML standardised format that the major and minor versions of the product are released with. Having only the binaries relevant to the particular logical area of the product also made the cumulative hotfix more easy to deploy.

This cumulative hotfix format was successful over a number of different Enterprise Vault releases (9.0.X and 10.0.X). However, there was still the problem of having to manually apply these cumulative hotfixes that needed to be overcome.

In October 2013 our efforts in the background culminated with the release of the first automated cumulative hotfix installer kit, for the 10.0.4 CHF1 release. Immediately identifiable in the same way that one would obtain the Enterprise Vault media kit, the cumulative hotfix kit is wrapped up in an .ISO file.

Within, the folder structure again mimics the Enterprise Vault media kit, with folders for each of the various packages we release.

Figure 1 - screenshot of Enterprise Vault kit layout

Figure 2 - screenshot of Compliance Accelerator kit layout

The differentiator between earlier cumulative hotfixes and this one, relates to the installation of the server-side components. Enterprise Vault, Compliance Accelerator, and Discovery Accelerator cumulative hotfixes now came packaged with their own installation wizards!

Figure 3 - example of the welcome page for the 10.0.4 CHF1 installation wizard.

The installation wizard did what one would expect from an installation wizard - it backed up the binaries that were about to be updated, then it updated the server with the new binaries. Most importantly of all, it also automated any SQL database that needed updating, slipstreaming the changes in so that new databases would be created with the updates as well.

The experience was now on a par with the installation capabilities of the regular Enterprise Vault releases…or so it would seem! In actual fact, with the cumulative hotfix installer, we moved a step ahead of the curve and provided an automated rollback capability that would downgrade both the binaries deployed and the database changes that might have been made - a first for the product!

The Future

Given the capabilities that exist in the cumulative hotfix installer, one may think that there isn’t much more that can be done with it. To a certain extent, there is some truth to that statement. However, there are always updates that are required. For example, with the release of Enterprise Vault 11.0 in May, a new utility has been introduced to upgrade Directory and Storage databases, a command line utility called Database Upgrader. This allows for faster, concurrent and more convenient upgrades of databases to occur. Enterprise Vault 11.0 CHF1, due out in the not-so-distant future (watch the blog for updates!), will be updated to make use of this great new feature for it’s database upgrading functionality. Anything that we can feasibly do to help reduce TCO and improve manageability will be considered for future releases.

Feedback

Have you installed one of the recent cumulative hotfix releases? What was your experience like (good and bad)? What can we do to improve? Your feedback may help shape future releases!

In this blog, we'll look at the help and advice available for quickly solving your support issues.

NetBackup Master Server EMM database and OpsCenter database use SyBase as DB, SyBase has a problem with Transparent Hugepages on RHEL 6.x.

Here is the details and workaround.

Updates deployed to the Connect production servers as a result of the code sprint that ended 24 Jun 2014.

User Facing: Desktop

• Added code for post-by-email users that would, depending on the size of their file attachments, either include the attachments with the notification (if the attachment payload is less than 5MB) or include a link to the attachments in the notification email.
• Added code that would keep the system from sending an email notification to users when a new node of type "User Agreement" is created.
• Fixed code that was occasionally displaying the mobile UI to desktop users.
• Created a new "Encryption" forum that houses Symantec's collection of encryption products.

Admin Facing

• Removed code that was updating child blog posts (resetting the updated on date/time) when the parent blog meta node was changed.
• Granted new permissions to users in the "Translator" role so they can translate blog posts without running into permissions issues.

SEO Wins

• Changed the site title from "Symantec Connect Community" to "Symantec Connect" based on feedback from Symantec's SEO team.

At the Clinton Global Initiative America meeting in Denver, United States Secretary of State Hillary Rodham Clinton, along with Symantec Senior Vice President, Aled Miles, launched our signature Corporate Responsibility program - the Symantec Cyber Career Connection (SC3).

How do you balance security and opportunity? It’s the theme of this year’s Gartner Security & Risk Management Summit. It’s also a fundamental question that drives innovation into businesses, including our own. How can we build security and technology that enables rather than hinders your organization? The answer might surprise you. It surprised some of us. You don’t need another security product. The problem has become too big, too complex, and too personal to address with a single product – or even with layered products. You need a security strategy that extends across your people, technology, and processes. In short, you need to be cyber resilient. But how?

Diversity and inclusion are essential to creating a truly sustainable future. That's why Net Impact partnered with Symantec Corporation on an important project this year to increase the diversity of our network and bring new opportunities to students in Historically Black Colleges and Universities (HBCUs) and women's colleges. Symantec Corporation’s dedication to embedding diversity and inclusion into its business practices made them the perfect partner for this initiative -- according to Symantec, attracting, retaining, and fully engaging diverse talent leads to enhanced innovation and creativity.

At Net Impact, we recognized that in our 320-plus chapter network, we didn’t have enough representation from HBCUs and women’s colleges, and wanted to understand more about impact career opportunities at these institutions. Symantec Corporation’s partnership and generous support allowed us to diversify our network, conduct outreach to engage a variety of students, and bring a group of students to the Net Impact conference in 2013. We directly impacted underrepresented students by giving them opportunities to lead positive change on their campuses through skill-building programs, connect with a community of like-minded peers committed to making a social and environmental impact, and engage through meaningful events, activities, and networking opportunities with Symantec employees.

During the 2013-2014 academic year, we launched five new Net Impact chapters at HBCUs and women’s colleges, providing a platform for the students to create events and dialogue in an entrepreneurial fashion around issues that they are passionate about. The chapters that launched this year held a wide range of activities that focused on different aspects of sustainability and social impact.

We asked the students who led those chapters this year to reflect on their experiences and what being a part of Net Impact means to them. Here’s what they had to say:

Connecting people to something bigger

Seth ‘Rico’ Banks is the chapter leader for the Morehouse undergraduate chapter, and when asked about his greatest moment this year, he said the “best moment would be solidifying a connection with Net Impact [through becoming an official campus club affiliated with an international organization] – knowing that we had someone supporting us behind the scenes. Nothing has ever been done like this at an HBCU campus, which was very exciting.” The Net Impact chapter at Morehouse has a strong, three-person leadership team and a faculty advisor, and they held multiple service fieldtrips in the community around the Atlanta University Center. Rico also said, “I know that a lot of people are dependent on me without even knowing it. Being a minority…this is something that’s going to impact us and the world. People want to be connected to something bigger. I feel like it’s been my job to reveal my passion to other students and help them connect with the concepts.” Rico is really looking forward to next year and wants to bring a sustainable business expo to the Morehouse campus to help students broaden their career paths.

Rico Banks (second from the left)

Finding a path to be on-stage 

At Mills College, the undergraduate Net Impact chapter is thriving with a leadership team of three students and a dedicated faculty advisor who is invested in their success. When asked about her greatest moment this year, Delma Hernandez, the Mills College chapter leader, told us, “I noticed that there weren’t many Latinas speaking at the conference…as Latinas, we need to be up there. As a woman and as a Latina, I know I need to be up there. Net Impact is showing me the path to reach that stage. Our chapter is making a larger impact by modeling strong, smart, collaborative female leadership.” Delma and her team used social media and in-person events to engage their classmates and peers in dialogue around social justice and the importance of awareness of social issues during this past academic year.

Delma Hernandez (far right)

Using social media for change

The Net Impact undergraduate chapter at Simmons College has a strong leadership team of four students. Carla DaSilva (Simmons chapter leader) and Laura Chandler (Simmons chapter vice president) organized a Career Impact Event showcasing women in the CSR community. Carla told us, “The greatest triumph for our chapter, after becoming a recognized organization, was the Career Impact Event. We invited four Simmons alumni, all working within the local Boston nonprofit community, to share their experiences and advice for students on how they too could create a positive impact through their careers.” The Simmons chapter is excited to continue its momentum in fall 2014, and Carla tells us, “We also intend on utilizing social media in order to expand our chapter’s brand further and make it well-known through the Simmons undergraduate community.”

Laura Chandler (left) and Carla DaSilva (right)

Net Impact and Symantec Corporation couldn’t be more proud of the students that launched Net Impact chapters this year! We’re continuing to work with several other HBCU and women’s college campuses to launch chapters in the 2014-2015 academic year, and we look forward to a continued partnership to enable a diverse new generation to use their careers to drive transformational change in the workplace and the world.

Kate Kokosinski is Net Impact's Manager, Corporate Partnerships 

Flexible Storage Sharing provides great capabilities to reduce capital and operational expenditures. In a previous blog entry I was describing how to commoditize high availability and storage using Flexible Storage Sharing. Later we saw in this article how to add an extra node to the cluster. In this blog entry I am going to describe my next step that was to have a database instance running in each cluster node. My idea here was to provide resiliency by having a mirror of my data and redo logs in at least two servers. With this approach, each node will have a local copy of the database that is running plus a mirror for another instance. This will be the architecture I will be using:

Each node has a flash card that is used with the new SmartIO feature to provide a cache that will accelerate the database reads. There is no SAN involved here as I am using the internal storage capacities for each server (up to 25 internal HDDs). From the database high availability point of view, a service group has been created for each instance. Each instance will have a preferred node where it will be running, but it will be able to run in any server in case of failure. This is a screenshot of the configuration:

Note that I am using here a pre-release of Veritas Operation Manager (VOM) 6.1, which will include support for FSS. There is a new folder where CFS and FSS clusters will be included and visualized. This will provide us great visibility of the configuration, including volumes, mount points, number of mirrors, etc:

The mount points are always available in all the three cluster nodes, so I have created a parallel service group for each disk group and mount points. On top of that we have failover service groups for each database instance as we can see in the service group dependencies:

So my next question here was what the performance was going to be. Now each hosts needs to run each own database and benchmark while holding a mirror for another database. These are the results:

Comparing with my first testing the performance of each database is still very consistent and I am having 216K transactions per minute as a total in my three node cluster.

Something really nice about this configuration is that I can adapt my layout to the performance that is needed. Using 7xHDDs for data plus 1xHDD for redo logs in each of the servers gave me 91K transactions per minute:

Carlos Carrero.-

Image stock spam, which can affect share prices and cause financial loss, has become more prominent in the last week.

Google wants Android everywhere and on everything but what does this mean for user security?

With the exciting news of Kaseya’s newest update to 7.0, we were quick to adapt the Symantec Endpoint Protection Management Plug-in for 2.5 with only minor bug fixes. We are now pleased to announce our latest release of Symantec Endpoint Protection Management Plug-in 2.5.1.12.

This updated version for the Kaseya K2 RMM platform allows MSPs to use Symantec Endpoint Protection Management Plug-in 2.5 with Kaseya 6.3, 6.5 and 7.0. Additionally, MSPs currently utilizing our plug-in with Kaseya versions 6.3 or 6.5 can to upgrade to 7.0 with ease. In this, we hope to encourage Kaseya partners using non-Symantec endpoint protection solutions to leverage the plug-in and expand their MSP practice by including Symantec products into their portfolio. Partners will need to run the latest version of Symantec Endpoint Protection or Symantec Endpoint Protection Small Business Edition 12.1.2 to take full advantage of all available management capabilities.

What’s new in version 2.5.1.12?

The latest release, version 2.5.1.12, includes the following bug fixes:

• Support for Kaseya K2 Server 7.0
• Minor UI change in the Walkthrough dialog to reflect changes in compatibility
• Outbound port changes for Web Authentication
• Corrected issue with invalid .dll error during web service authentication

Symantec Endpoint Protection Management Plug-in for Kaseya integrates Symantec™ Endpoint Protection and the Kaseya RMM platform. The plug-in provides remote monitoring and management of Endpoint Protection clients in the Kaseya environment. This functionality is available in versions 2.0 and later of the plug-in.

Key features include:

• The ability to send Endpoint Protection commands to clients (including Scan, Update, enable/disable protection technologies)
• The ability to monitor licenses and server content with web services
• The ability to remotely run LiveUpdate on Symantec Endpoint Protection Manager
• Improved scalability of the plug-in for large networks, especially while detecting endpoints and during agent check-in 

The plug-in is in U.S. English only and available at no additional cost, and can be found at: http://www.symantec.com/docs/TECH197177

For years, the "holy grail" for eDiscovery software providers and the companies they serve has been to provide a single solution that manages the entire eDiscovery process. Minus a few exceptions, most of the providers in the leader’s quadrant began their quest for the holy grail by developing a single point solution to handle a particular step in the eDiscovery process. What is noteworthy for prospective buyers is that the solution providers in the leaders' quadrant have chosen to run the race for the Holy Grail differently.

You want to expand your use of 2FA? You just want your employees to use it? Make it easy! Symantec VIP Access Push makes it easy.

Managed PKI Service 8.11 featuring a self-service portal, administrator enhancements, and updated platform support has been made generally available to customers.

Feature Details

Self-Service Portal

Managed PKI 8.11 provides a Self Service Portal that allows your users to manage their own certificate lifecycle operations (such as viewing, enrolling for, renewing, and revoking certificates, and downloading root CAs).  The new self-service portal will not only improve the user experience, no more waiting for the Helpdesk to address their issue; but it also reduces the burden on IT.   Allowing users to address credential management themselves frees IT to address other strategic issues.  This feature is available to all customers who have Enterprise Gateway.

Support for SHA2

This release establishes SHA2 as the default signing algorithm for existing and new accounts to provide the strongest security available.

Administrator Enhancements

Additional enhancements have been made as we continually improve the user experience of the Administrator and privacy for users.  Enhancements include:

• If the organization has privacy concerns this release allows the administrator to assign values other than email addresses to seats IDs for cloud Profiles, to uniquely identify users. 
• Allow administrators to temporarily suspend and resume certificates via PKI Manager.  In this way, if a user forgets his/her smart card, the administrator can temporarily suspend the certificates for this user and then resume the certificates when the smart card is again available.
• Introduction of a new tool to aid in the import of recoverable Managed PKI 7.x certificates to the Managed PKI 8.x Magnum platform makes migration even easier.

As a cloud offering, all the new features in the Symantec Managed PKI Service are available instantly to existing customers at no additional charge. To learn more about Symantec Managed PKI Service, please visit the website or take Managed PKI for a spin with our free trial.

Follow us on Twitter: @SymantecMPKI