Quantcast
Channel: Symantec Connect - ブログエントリ
Viewing all 5094 articles
Browse latest View live

Symantec ITMS 7.5 SP1 HF4 available

0
0

Hi Enpoint Management Community,

ITMS 7.5 SP1 HF4 is available via SIM!

Release Notes can be found here


Android Vulnerability to Privilege Escalation - Lollipop is the only Exception.

0
0

Some bad news for Android users, A security weakness in Android mobile operating system versions below 5.0 has been noticed. It puts potentially every Android device at risk for privilege escalation attacks. It has been patched in Android 5.0 Lollipop – the latest version of the mobile operating system.

This vulnerability has been discovered by a security researcher named Jann Horn. 
This could allow any potential attacker to bypass the Address Space Layout Randomization (ASLR) defense and execute arbitrary code of their choice on a target device under certain circumstances. ASLR is a technique involved in protection from buffer overflow attacks.
The flaw resides in java.io.ObjectInputStream, which fails to check whether an Object that is being deserialized is actually a serializable object. The vulnerability was reported by the researcher to Google security team earlier this year.

Jann confirms ""When ObjectInputStream is used on untrusted inputs, an attacker can cause an instance of any class with a non-private parameterless constructor to be created," the security advisory from Horn says. "All fields of that instance can be set to arbitrary values." on his blog on Reditt.
Researcher has also developed a POC showing the creash of System_Service. As of now, in order to exploit this vulnerability, one need to get a malicious app installed onto the target device.

This vulerability has been patched with the release of recent Android release - 'Lolipop'.

POS malware: Potent threat remains for retailers

0
0
The retail industry continues to be a low-hanging fruit for attackers and attacks are likely to continue until the full transition to more secure payment technologies.
Twitter カードのスタイル: 
summary

As Americans gear up for another holiday shopping season, the threat posed by point-of-sale malware remains high. More than a year after the discovery of the first major attacks against POS networks, many US retailers are still vulnerable to this type of attack and are likely to remain so until the complete transition to more secure payment card technologies in 2015. 

While some retailers have enhanced security by implementing encryption on their POS terminals, others have not and retailers will continue to be a low-hanging fruit for some time. While the introduction of new technologies will help stem the flow of attacks, it will not eliminate fraud completely and attackers have a track record of adapting their methods. 

Point-of-sale malware is now one of the biggest sources of stolen payment cards for cybercriminals. Although it hit the headlines over the past year, the POS malware threat has been slowly germinating since 2005 and the retail industry missed several warning signals in the intervening period. This allowed attackers to hone their methods and paved the way for the mega-breaches of 2013 and 2014, which compromised approximately 100 million payment cards and potentially affected up to one-in-three people in the US.

Attacks have reached epidemic proportions in part because POS malware kits are now widely available, which means attackers can target retailers without having to develop their tools from scratch. For example, BlackPOS (detected by Symantec as Infostealer.Reedum), which was used in the some of the most high profile attacks, has been for sale since February 2013 with a price tag of US$2,000. This is a relatively small investment for attackers, who are likely to net millions from a successful operation. 

pos-barchart-662x518.png
Figure 1. Point-of-sale attacks exploded once malware kits became widely available on the cyberunderground

Hopelessly exposed
Attacks on point-of-sale terminals had their genesis as far back as 2005, when attackers began using networking-sniffing malware to intercept payment card data while in transit. A group of attackers led by Albert Gonzalez were the main perpetrators, stealing more than 90 million card records from retailers. 

As payments processors and retailers tightened up their security, the attackers adapted and attention turned to the point-of-sale terminal. When a card is swiped, its details are briefly stored in the terminal’s memory while being transmitted to the payment processor. This provides a brief window for malware on the terminal to copy the card data, which it then transmits back to the attackers. The technique is known as “memory scraping”. 

POS malware was first discovered October 2008, when Visa issued an alert on a new type of exploit. During a fraud investigation, it found that attackers had been installing debugging software on POS systems that was capable of extracting full magnetic stripe data from its memory. Little heed appears to have been taken of this warning, giving malware developers time to perfect their methods. In the intervening period, developers have worked to streamline the malware, integrating all functionality into a single piece of software. 

This development process eventually led to fully featured POS malware kits emerging on underground markets from 2012 onwards. US retailers were hopelessly exposed and what followed was a flood of high profile breaches, with several major US retailers hit by POS malware attacks. 

Spotlight: BlackPOS
One of the most widely used forms of POS malware is BlackPOS which is also known as KAPTOXA, Memory Monitor, Dump Memory Grabber, and Reedum. Variants of BlackPOS have been used to mount some of the biggest retail POS breaches. 

Its development mirrors the evolution of the broader POS malware market. The earliest versions of BlackPOS date from 2010. Over time, it has evolved into a highly capable cybercrime tool which employs encryption to cover its tracks and can be customized to suit the target environment. 

By February 2013, BlackPOS was ready for the mass market and the group behind one of its variants began selling it on underground forums, charging customers $2,000 for the package. 

Thriving marketplace
While the malware used to mount POS attacks is usually sold on underground forums, these forums are also often where the bounty of those attacks returns to be sold. For example, stolen credit card details from some of the biggest US breaches were sold on a forum known as Rescator. 

New research from Symantec found that prices can vary heavily depending on a number of factors, such as the type of card and its level, i.e. gold, platinum or business. Card data originating from the US tends to be cheaper because of the widespread availability stolen US cards. Card details along with extra information, known as “Fullz”, tend to attract higher prices because details such as someone’s date of birth or credit card security password make it easier to perform fraudulent transactions or other activities. 

Single credit cards from the US tend to cost $1.50 to $5, with discounts often available for those who buy in bulk. Single cards from the EU tend to cost more, selling for $5 to $8. Fullz start at $5 and can range up to $20. A single embossed plastic card with custom number and name meanwhile will sell for approximately $70. The stolen cards uploaded to Rescator were initially selling at a cost of $45 to $130 per card before prices later settled down.

Will new technologies render POS malware obsolete? 
New payment card technologies, many of which are already in use in Europe, have been promoted as effective countermeasures for POS malware but are not a silver bullet. Their arrival is likely to herald the end of the large-scale POS breaches seen in recent years, but they will not eradicate theft of credit card data completely.  

The adoption of EMV, chip-and-pin cards to replace traditional magnetic stripe cards ought to render the current generation of memory-scraping POS malware ineffective. However, chip-and-pin cards are still susceptible to skimming attacks and stolen credit card numbers can still be used in “card-not-present” transactions, such as online purchases. 

Additionally, stolen credit card information in Europe is often used in the US since it doesn’t have chip and pin as a verification method. Going by this precedent, the advent of chip and pin in the US may mean attackers will continue to attempt to steal card information but use it in other countries that don’t use the chip-and-pin standard. 

The chip-and-pin standard itself may be superseded at some point by the adoption of NFC mobile payment solutions such as Apple Pay, Google Wallet or CurrentC. With these payment technologies, the credit card number isn’t transmitted during the transaction. NFC is still susceptible to exploitation by attackers, but most attacks require physical proximity, making large-scale thefts almost impossible.

Advice for consumers
Some retailers are rolling out encryption on their point-of-sale networks to prevent memory scanning, which is encouraging. However, attackers have a tendency to adapt and evolve, and will no doubt look to circumvent these additional countermeasures. 

There are several steps you can take to remain vigilant against this type of fraud:

  • Monitor your bank account and credit card statements for any strange or unfamiliar transactions. Notify your bank immediately if you notice anything suspicious. Small transactions, such as a $1 charitable donation, are often used by criminals to test if a card is still usable.
  • Carefully guard personal information such as your address, your Social Security number, or date of birth, and don’t use easily guessed passwords or PIN codes. All of these details can be used to facilitate identity theft and defeat additional security checks.

Advice for businesses
Symantec has a number of solutions for retailers who wish to guard their point-of-sale systems from attack. For more details, please read: Secure Your Point-of-Sale System

Symantec protection
Symantec products detect all of the currently known variants of point-of-sale malware, including:

BlackPOS

FrameworkPOS

Dexter

Chewbacca

JackPOS

RawPOS

Vskimmer

Backoff

Further information
For more information about attacks against POS systems, please read our whitepaper entitled: Attacks on point of sales systems

¿Conocéis SORT?, tenemos update con mejoras para NetBackup y NetBackup Appiiances

0
0

¿Conocéis SORT?, ¿no?.

Es una gran herramienta para ayudarnos a comprobar estados de compatibilidad, requisitos para instalaciones o migraciones de producto, lo podeis encontrar en:

https://sort.symantec.com/home

Y en concreto para la parte de NetBackup aqui:

https://sort.symantec.com/netbackup

Puede hacer cosas como ayudar a chequear el espacio de NBDB de cara a palicar migraciones de versiones o instalación de parches...

Puede enseñar parte de los planes futuros de NetBackup:

https://sort.symantec.com/nbufutureplans

Puede generar checklist de cara a instalaciones/migraciones, aqui un ejemplo para Netbackup en Unix:

https://sort.symantec.com/checklist/install/nbu_sample_unix

 

Es una herramienta muy potente que puede facilitar mucho las operaciones sobre NetBackup, os animamos a su uso!

 

Ignacio De Pedro

 

ITMS 7.5 SP1 HF4 is now available

0
0

Announcing the availability of ITMS 7.5 SP1 HF4.

This release is available through SIM and contains a number of fixes for the following components:

  • Symantec Management Platform
  • Deployment Solution
  • ULM (UNIX-Linux-Mac) Agent

Release notes are available at http://www.symantec.com/docs/DOC7940

Cheers,

-Hugo

DS 7.5 - How to include ghost32.exe in a bootable USB or .ISO created with bootwiz.exe

0
0
Twitter カードのスタイル: 
summary

When creating bootable USB or .ISO with Bootwiz.exe, Ghost32.exe is not included in the boot.wim file (WinPe4.0 file)

 

bootwix.exe is located here on the SMP:

\Program Files\Altiris\Deployment\BDC\bootwiz\BootWiz.exe

Please keep in mind that with a fresh install of DS 7.5 SP1 you need first to import the windows ADK for WinPE 4.0 by following wizard at:

settings(tab) ->deployment -> Create Preboot Configurations

 

1 - After importing and installing the WinPe 4.0 environment, please run bootwiz.exe and follow the wizard to create a bootable USB.

100_0.jpg

 

2 - Remember to select Stand-Alone boot:

110.jpg

 

3 - When the Pre-boot configuration creation process has completed, you will be able to access its folder structure from bootwiz as below:

111.jpg

 

Locate ghost32.exe here on the SMP:

\Program Files\Altiris\Deployment\Imaging\ghost\x86

4 - Now you can add ghost32.exe to the newly created pre-boot configuration by adding the file or folder to the file structure in bootwiz

(Right click to create a folder and to add the file)

112.jpg

 

5 - Please remember to re-create the preboot configuration(create boot disk)

113.jpg

 

6 - Save your .iso in a folder easily accessible or onto a USB or CD/DVD and remember to select "stand-alone boot" as on picture below:

115.jpg

 

Ghost32.exe is now included into the boot.wim file. After booting into WinPe4.0 you will be able to access Ghost32.exe by browsing the X:\ drive in automation

 

to check if the file has been included into the boot.wim file(without necessarily booting into automation), please follow the article at link below:

https://www-secure.symantec.com/connect/blogs/ds-7x-mounting-bootwim-file-access-folder-structure-enable-checkaddremove-files-and-folders

NOTE:

If you found the above information useful, please give this article a thumbs-up (top right of the post) or add a comment below. Your feedback would be really appreciated – Thank you, Mauro

DS 7.x - Mounting boot.wim file to access folder structure (enable check/add/remove files and folders)

0
0
Twitter カードのスタイル: 
summary

Please see below how to access the WinPE pre-boot file "boot.wim" in few simple steps.

We take as example a WinPe 4.0 Pre-Boot .ISO configuration created by using Bootwix.exe following article below:

https://www-secure.symantec.com/connect/blogs/ds-75-how-include-ghost32exe-bootable-usb-or-iso-created-bootwizexe

1 - Locate your newly created .ISO configuration:

120.jpg

2 - Mount the image using for example "magicISO"

121.jpg

4 - If not already present create anew folder in C:\  in our example we name it "test"

5 - Copy the boot.wim file from the mounted .iso image (E:\SOURCES) to the c:\test folder

6 - Create a folder under C:\ , and name it for example "mount"

7 - Open a command prompt (CMD) with admin rights

8 - Run the following command (DISM) as below:  (in our example we have set folders C:\test and C:\mount - modify the command to suit your naming and locations)

DISM /Mount-Wim /WimFile:C:\test\boot.wim /Index:1 /MountDir:C:\Mount\

125.jpg

9 - Now you can access C:\Mount and browse it. - In the example below we verify Ghost32.exe has been included in the preboot configuration:

126.jpg

10 - Unmount boot.wim with the following command:

DISM /Unmount-Wim /MountDir:C:\Mount /Commit

127.jpg

If you need to inject NIC Drivers into boot.wim you may want to have a look at this other article:

https://www-secure.symantec.com/connect/blogs/ds-75-adding-nic-drivers-bootwim-winpe-40-pre-boot-configuration

NOTE:

If you found the above information useful, please give this article a thumbs-up (top right of the post) or add a comment below. Your feedback would be really appreciated – Thank you, Mauro

DS 7.5 - Adding NIC drivers to boot.wim (WinPE 4.0 pre-boot configuration)

0
0
X86 - intel i217 and intel i218 manual driver injection
Twitter カードのスタイル: 
summary

Following up from article at link below where we explained how to mount and un-mount boot.wim:

https://www-secure.symantec.com/connect/blogs/ds-7x-mounting-bootwim-file-access-folder-structure-enable-checkaddremove-files-and-folders

In this post, we will go through the process of manually injecting x86 drivers for the network card Intel i217 i218 into boot.wim

1 - First of all we need to prepare the Driver's Folder by cleaning up all the unecessary drivers/files

To see how to pick the correct driver for a specific NIC, and how to do the clean-up please have a look at this article:

(..Under construction...)

 

The final product will look something like this:

300_0.jpg

2 - The above folder is now stored as C:\NDIS63\ 

let's access the command prompt with admin rights and have the boot.wim mounted at folder c:\mount\

125.jpg

3 - to inject the Drivers we run the following command:

DISM /Image:C:\Mount /Add-Driver /Driver:C:\NDIS63 /recurse

128.jpg

4 - the driver e1d6332 has been succesfully injected in the mounted pre-boot environment

129.jpg

5 - It is possible now to un-mount the folder

The pre-boot configuration "boot.wim" is ready for WinPe 4.0 booting on machines with Intel i217 and i218 network cards

For info on how to un-mount the folder, see article below:

https://www-secure.symantec.com/connect/blogs/ds-7x-mounting-bootwim-file-access-folder-structure-enable-checkaddremove-files-and-folders

 

NOTE:

If you found the above information useful, please give this article a thumbs-up (top right of the post) or add a comment below. Your feedback would be really appreciated – Thank you, Mauro


Symantec a Best Place to Work for LGBT Equality

0
0

 

HRC_0.jpeg

 

For the seventh year in a row, Symantec has earned a perfect score of 100 on the Human Rights Campaign’s Corporate Equality Index (CEI). A score of 100 earns us a designation as a Best Place to Work for LGBT Equality.

The CEI is the national benchmarking tool on corporate policies and practices pertaining to lesbian, gay, bisexual and transgender employees. Here at Symantec, we’re focused on building a winning and inclusive culture that allows our employees to bring their whole selves to work. This recognition is an important signal to all our employees – but specifically our LGBT employees – that we are taking tangible steps toward this goal.

Additionally, we view diversity as a critical component to fostering a culture of innovation, which ultimately leads to business success. As our CEO Mike Brown says, “Every individual brings a unique perspective that inspires innovation. We’re building a culture that celebrates diversity and inclusion because it drives our success as a business, our ability to serve our customers and partners, and our strength as a team.”

 

To learn more about our commitment to diversity and inclusion, visit the Our People section of Symantec’s Corporate Responsibility website.

 

Antoine Andrews is Symantec's Director, Global Diversity and Inclusion.

5 Ways Communication Service Providers (CSPs) Can Deal with Changing Landscape

0
0
Twitter カードのスタイル: 
summary

The security thread landscape is shifting.

Protecting infrastructure, information assets and customer experience is no longer enough. Security has become a more challenging issue as it now involves protecting mobile devices, cloud and machine-to-machine (M2M).

This is apparent in our findings from the latest issue of Internet Security Threat Report:

  • 91% increase in targeted attacks campaigns in 2013
  • 62% increase in the number of breaches in 2013
  • Over 552M identities were exposed via breaches in 2013
  • 23 zero-day vulnerabilities discovered
  • 38% of mobile users have experienced mobile cybercrime in past 12 months
  • Spam volume dropped to 66% of all email traffic
  • 1 in 392 emails contain phishing attacks
  • Web-based attacks are up 23%
  • 1 in 8 legitimate websites have a critical vulnerability

Source: Symantec Internet Security Threat Report 19, 2014

 

With this, enterprises, SMBs and consumers are expecting CSPs to tackle the challenges of information protection.

This challenge presents a huge opportunity for CSPs to offer new services to their customer base and target markets—focusing on services that CSPs can upsell, build and extend on while gaining benefits that are beyond revenue, like customer loyalty.

CSPs should exploit the market trends and profit from new revenue opportunities riding on their two main assets.

These valuable assets are:

  • Providers’ core network competency
  • Providers’ existing relationships with large customer base, from consumers, to SMBs and enterprises

Here are 5 ways how CSPs can address the changing security threat landscape.

  1. Plan ahead and start early on new technology with trusted partners

Good planning is vital when offering new services. CSPs need to identify a trusted partner to work together in addressing any imminent changes in technology, for instance the SDN/NFV development. A partner with global reach and proven success with other CSPs globally is a good example of who CSPs could work with.

  1. Develop a straightforward information protection and management roadmap that offers huge upsell opportunities.

Focus on the core network competencies, leveraging all other differentiating assets, and also the rest of the service stack.To drive upsell opportunities, CSPs should create innovative business model riding on market changes, such as monetization opportunity with OTT players.

  1. Adopt cloud and mobile business models to build trust and confidence in the cloud.

CSPs need to deliver superior cloud services that are more trusted and available. CSPs should explore these possible business models for the cloud service offerings, depending on the requirements.

  • Resell existing services from trusted cloud partners—for CSPs without extensive IT and cloud services experiences, or when time-to-market is critical.  
  • Build cloud services—for CSPs with advanced IT services skills that can build customizable cloud services.
  • Extend on-premise customer environment via cloud—use as migration steps for customers that are moving to cloud gradually.
  1. Optimize the networks before adding services using a ‘Clean Pipe’ strategy.

Resilient existing network is imperative to expansion and in maintaining customer trust and loyalty. Proper traffic management can reduce malicious and unsolicited traffic.

  1. Exploit and optimize existing infrastructures.

By doing so, CSPs can utilise an IT foundation that is not hardware or software specific. This offers an increase agility and flexibility in designing the services and seamless migration from one system to another, which in turn save up on existing investment.

Through these steps, CSPs can profit from new revenue opportunities by addressing the changing landscape. Hence, CSPs must note that the key to success is to differentiate within the marketplace by:

  • Engaging with trusted partners
  • Optimizing and leveraging existing network and infrastructure
  • Developing a straight forward service roadmap
  • Building trust and confidence
  • Adapting to cloud and mobile business models
  • Leveraging existing experience through providers’ core network competency

Apart from adapting to a changing landscape, CSPs could also focus on addressing the SMB market, a market “that has been left somewhat untouched”, according to Frank Bunn, Senior Manager, Communication Service Provider Strategy, Symantec EMEA. Read “How can Communication Service Providers (CSPs) address the SMB market?” for more tips on tapping this market.

DS 7.5 - Ghost Boot Wizard? In Deployment Solution 7.5 is called "Boot Disk Creator" (BootWiz.exe)

0
0

If you are looking for "Ghost Boot Wizard" in DS 7.5, keep in mind that this name is associated with Ghost Solution Suite.

Iin Deployment Solution 7.5 a very similar tool is "Boot Disk Creator" (bootwiz.exe) and on the SMP it is located here:

 

\Program Files\Altiris\Deployment\BDC\bootwiz

37.jpg

 

If you want to know how to include Ghost tools to the USB/DVD pre-boot configuration please see article:

https://www-secure.symantec.com/connect/blogs/ds-75-how-include-ghost32exe-bootable-usb-or-iso-created-bootwizexe

 

If you are an expert Ghost user and you want to know the location of GHOST executables and tools in SMP 7.5, see below:

https://www-secure.symantec.com/connect/blogs/ds-75-location-ghost-executables-and-tools-smp-75

 

 

NOTE:

If you found the above information useful, please give this article a thumbs-up(top right of the post) or add a comment below. Your feedback will help our tech community – Thank you, Mauro

 

DS 7.5 - Unable to Boot into WinPE 4.0: "Windows Boot Manager" menu appearing

0
0

When running "boot to PXE" or "boot to automation" from the console, it is common to see this coming up on the client machine instead of WinPE:

39.jpg

This will result in a LOOP as the client will boot into Production and then the "boot to PXE" or "boot to automation" task will be picked up again until it times out.

 

Please check the BIOS Boot Setup; very likely "Network Boot" is NOT set as FIRST:

38.jpg

 

 

So to correct this, please modify to:

41.jpg

 

and the client should now boot into WinPE 4.0 as sequence below:

42_0.jpg

43.jpg

44.jpg

 

 

 

NOTE:

If you found the above information useful, please give this article a thumbs-up(top right of the post) or add a comment below. Your feedback will help our tech community – Thank you, Mauro

 

 

 

 

 

Backup Exec 15 - Registro al Programa Beta

0
0

 

Backup Exec™ 15 Beta Registration

 

Os anunciamos que el programa de beta para la siguiente versión de Backup Exec, Backup Exec 15, ya se encuentra abierto para que os registréis. Esta beta permite a los clientes nuevos y existentes de Backup Exec probar, validar y proporcionar feedback acerca de la nueva plataforma y las mejoras incluidas en la nueva versión

Esta edición beta puede ser instalada en entornos de laboratorio o entornos productivos en todos los lenguajes soportados por Backup Exec.

¿Qué hay de nuevo en Backup Exec 15?

Backup Exec 15 es una solución potente, flexible y sencilla de utilizar para sus backups y recuperaciones para entornos virtuales y físicos. Tú puedes estar entre los primeros en evaluar las nuevas plataformas soportadas y la fiabilidad de las nuevas mejoras introducidas en esta versión. Tu opinión acerca de la estabilidad, funcionalidades y rendimiento del producto nos ayudará a continuar desplegando una plataforma de alta calidad en la que puedas confiar. Backup Exec 15 incluye:

·       Soporte para VMware vSphere 2015

·       Soporte para Oracle 12c

·       Resolución a bugs reportados por los clientes

Adicionalmente, Backup Exec 15 incluye actualizaciones para las siguientes plataformas:

·       VMware VSphere 5.5 U2

·       Exchange 2013 Cumulative Update 6

·       SQL 2014 como repositorio para la base de datos de Backup Exec

·       SCOM para 2007 y 2012

·       ¡Y muchas más!

Elementos discontinuados

·       Backup Exec 15 no soportará servidores de Backup Exec ejecutándose en sistemas operativos de 32 bits

Nota: Servidores remotos con sistemas operativos de 32 bits seguirán siendo soportados a través del Agente de Windows (AWS).

Forward-looking Statements: Any information regarding pre-release Symantec offerings, future updates or other planned modifications is subject to ongoing evaluation by Symantec and therefore subject to change. This information is provided without warranty of any kind, express or implied.  Customers who purchase Symantec offerings should make their purchase decision based upon features that are currently available.

Disponibilidad del programa de Beta

Backup Exec 15 estará disponible para su descarga en el primer trimestre de 2015. Hemos abierto el registro en el programa de Beta con tanta antelación con el fin de que los participantes tengan más tiempo para registrarse. Proporcionaremos más información acerca del programa de Beta cuando se acerque la fecha de lanzamiento.

Si tiene cualquier pregunta acerca del programa de Beta puede ponerse en contacto con TSS Iberia:

Álvaro Monje - alvaro_monje@symantec.com

César Lafuente: cesar_lafuente@symantec.com

O en el email del programa: BnR_Beta@symantec.com

 

Os animamos a que os registréis en la siguiente página: Backup Exec 15 Beta Program

 

 

 

Connect with Symantec and Earn Rewards!

0
0
Twitter カードのスタイル: 
summary

Solve problems, share knowledge, and earn rewards!

By connecting with your LinkedIn profile and completing a 3 question survey, we'll get to know more about your unique interests to ensure we provide the solutions, technical knowledge, and product ideas most important to you.

As our way of saying "thanks" for taking the time to give us your feedback, from now until the end of the year, we'll give you 100 points towards the Symantec Connect Rewards Program in return!   Just click here:  http://symantec-connect.apps.umbel.com/880/symantec-connect/ to get started.

If you don't have a LinkedIn Profile or would prefer not to connect via LinkedIn, you will be given the option to "Skip"  and you'll be taken straight to the survey.

Thank you for helping us continue to improve your Connect experience. 

DS 7.5 - Download and install Windows ADK for WinPE 4.0

0
0

1 - To Download the Windows ADK for WinPE 4.0 please access the following link:

https://www.microsoft.com/en-in/download/details.aspx?id=30652

45.jpg

 

 

2 - Save adksetup.exe locally

 

3 - Run adksetup.exe and follow the installation wizard

4 - Select the Features you want to install (de-select the ones that are not needed):

46.jpg

 

5 - Complete installation

 

 

NOTE:

If you found the above information useful, please give this article a thumbs-up(top right of the post) or add a comment below. Your feedback will help our tech community – Thank you, Mauro

 

 

 


DCS 6.5 Beta - December

0
0
Available for download on 15 December 2014

On behalf of all of us in Product Management and Engineering I would like to thank you for your willingness to be part of the DCS 6.5 Beta. For all of you who also filled in our survey, your anonymous responses were very helpful so we can better understand your needs, environment and the use-cases you want to investigate with our new product.

Updates since last Blog

Over late October and November, a lot of work has been going on with our Engineering teams who are busily preparing for the December Beta drop.  We have had a number of pre-Beta trials running inside the company, defect reviews and have a high confidence you will be impressed with our new UI, product features and flexibility to better secure your workloads in your data center.

You may recall in the previous Beta announcement we said we were investigating doing Hands-On Labs to give customers an opportunity to test without having to setup your own environment. Unfortunately this is a work in progress so if you are interested in only testing via HoL please email us at DCS65_Beta@symantec.com to indicate your preference.

About the December DCS 6.5 Beta

For all customers who will be downloading and installing DCS 6.5 to your non-production environment, below is a bit of updated background on the Beta. Let me take a moment to explain a bit more of the why’s, what’s and wherefores of our December Beta so you have a good idea of our goals:

  1. First, we are departing from previous Beta periods of 30 days and will be running the Beta from 15/12/14 through to 26/1/15 as we appreciate many activities may lead to your needing to schedule your testing in a quiet period
  2. By offering you a longer testing window, we look forward to you spending time getting to know DCS 6.5, walking through our use-case tests and exploring the product to get an idea how it will help you with security jobs in your company
  3. We will continue to take Beta thoughts, ideas, defects, plus feedback post our 26/1/15 cut-off and we’ll look at that feedback for the basis of future features or fixes.

Exact use-cases and functionality

FunctionalityAdditional Information
REST API  - Automating SecurityCustomers wanting to test the REST API's should ask for a copy on the SymIQ Symantec Data Center Security Beta discussion forum and a copy will be supplied to you.
AWS Windows and RHELCovered in our testing scripts to aid validation of new functionality
Openstack – MonitoringFirst customers will be able to monitor and provide application protection for an OpenStack/KVM virtual data center.  We also provide robust detection/monitoring for Openstack modules:
•             Compute (Nova)
•             Identity Service (Keystone)
•             Networking (Neutron)
•             Image Service (Glance)
•             Object Storage (Swift)
•             Block Storage (Cinder)
DCS: Server new UMC UICovered in our testing scripts to aid validation of new functionality
DCS: Server Advanced – Protection Policy wizard improvementsCovered in our testing scripts to aid validation of new functionality
Feedback on improved discovery/mapping of applications and performance
Guest Network Threat Protection (IPS)Covered in our testing scripts to aid validation of new functionality
File QuarantineCovered in our testing scripts to aid validation of new functionality
Cloud Admin initiating security provisioning requestCovered in our testing scripts to aid validation of new functionality
(Only works for vApp currently. Need to make sure customer creates a dummy vApp for this testing.)
Cloud admin requesting exception for system recommended policiesCovered in our testing scripts to aid validation of new functionality
(Security Profile Editing is currently not feature complete)
Security admin reviewing new provisioning requests and approving themCovered in our testing scripts to aid validation of new functionality
(Only works for vApp currently. Need to make sure customer creates a dummy vApp for this testing.)
Security admin validating that all security policies were applied for a vAppCovered in our testing scripts to aid validation of new functionality
(To be done by checking DCS:Server, DCS:Server Advanced, NSX consoles to validate provisioning activity)
Security admin creating custom tags and mapping them to custom policies in DCS:Server and DCS:Server advancedCovered in our testing scripts to aid validation of new functionality
(Should be able to test mapping to mandates and control statements, and the level of customization required by customers.)
Security admin creating custom application templates and mapping them to rules from PANCovered in our testing scripts to aid validation of new functionality
Security admin adding new security assessment questions and publishng them into vCenterCovered in our testing scripts to aid validation of new functionality
Security admin viewing list of all policies imported from DCS:Server and DCS: server AdvancedCovered in our testing scripts to aid validation of new functionality
(We would like to understand the type of policies that customers want to orchestrate security policies)

For further information on the Beta, please see the SymIQ Symantec Data Center Security Beta forum. (Registration Required)

Real-time Security Visibility and Reporting

0
0
MetriX Dashboards

Novacoast is a Syamntec Platinum Partner and has partnered with MetriX Dashboards who have developed their our own unique real time dashboard solution. MetriX gives users the power to quickly and easily aggregate real-time data from any number of data sources into a single, consolidated view.

MetriX provides those within security with an unprecedented view into the organization’s security posture, while providing you with real-time notifications when thresholds or service levels are not being met. This ensures that IT can respond quickly to threats, thereby reducing risk associated with lack of timely visibility.

I thought this may be of intrest and wanted to share a screen shot of a few dashboards.

For additional information feel free to shoot me a note at rjschoenherr@novacoast.com or visit www.metrixdashboards.com

SEP 12.1 Dashboard - Image_0.png

 

Symantec DLP Dashboard_Image.png

 

 

 

 

 

Enable the Agile Data Center - Join us at the Gartner Data Center Conference

0
0
Visit us at Booth #345, Key session info, & meet with executives

Join Symantec at the Gartner Data Center, Infrastructure & Operations Management Conference 2014 in Las Vegas and get the information you need to deliver crucial IT services and drive improved levels of productivity and innovation at the same time. With a renewed focus on people, processes, technology and culture, you will learn how to select and prioritize I&O initiatives, manage ongoing volatility, and elevate their own strategic leadership in the digital enterprise of the future.

 

Stop by Symantec booth # 345 to learn how Symantec can help you transform and enable the Agile Data Center.  Don’t miss the following sessions:

  • Drew Meyer, Senior Director, Information Management speaks on Agile Data Centers: Leveraging software-Defined into Additional Revenue on Tuesday,  December 2 at 4:15 pm.
  • Piero DePaoli, Senior Director, Information Security speaks on Protecting Your Data Center Against Targeted Attacks, on Wednesday, December 3 at 12:15pm.

 

Click here for more information: http://www.gartner.com/technology/summits/na/data-center/

Hackers Playing Grinch Could Dampen Your Holiday Sales

0
0

hackers grinch thomas hawk flickr.jpgAs the holiday shopping season descends upon retailers and shoppers, storm clouds of apprehension from recent data breaches continue to darken the perception of safety among some consumers. A recent study conducted by CreditCards.com and reported on by Huffington Post found that 45% of gift-grabbing respondents would “definitely not” or “probably not” shop at major retailers that suffered data breaches this year. The study also noted that, 48% of shoppers said they would use cash instead of debit or credit cards due to the high number of recent data breaches.

Given that retailers depend on holiday sales to meet their annual goals, losing nearly half of its holiday customer base either online or at a brick-and-mortar store could have devastating financial implications for these outlets. Make no mistake: Trust drives sales. And as the data above shows, once that trust is shaken, it can be difficult to rebuild.

 

Double Check the Security of Transactions

Organizations need to focus on both continuing to shore up their defenses and their customers’ trust, as today’s vulnerability could be tomorrow’s casualty. During the holiday season, the temptation for hackers is at its highest. Below are a few steps your organization’s IT department should consider putting in place to ensure security this holiday season:

  • On-site security. Online retailers should help consumers feel safe right away when visiting their site. This can be done by using the Extended Validation (EV) SSL green address bar, Always On SSL (AOSSL) throughout the entire shopping experience, and posting the Norton Secured Seal at any areas where the consumer needs to make a decision (e.g. login, order page, payments page)
  • Secure data transfer. Various studies have shown that 56% of all data breaches could be stopped by having encryption protecting network data. Use network security solutions (even between internal corporate networks) such as Symantec Endpoint Protection to harden endpoints, encrypt data, and provide layered protection against malware.
  • Train employees to spot social engineering. Remember, many attacks happen due to “social engineering”: Manipulation of people into performing actions or divulging confidential information. Hackers being able to attack one employee’s computer can leave the remainder of the internal network at risk of exposing critical data or information.so protection between individual parts of the corporate network is just as important.
  • Integrate with the company’s crisis communication plan. IT can help the overall crisis communications plan by developing “dark pages” on the corporate website. Dark pages should include pertinent contact information and communication channels which could be pushed live in the wake of a breach. Pages should also include frequently asked questions and placeholders for answers to quickly get facts out ahead of third-party articles, opinions from experts and a spike in brand conversation on social media channels.

Respond Promptly to Any Issues

Because of this loss of trust, IT security staff of breached retailers should be especially vigilant during the holiday season; becoming deeply involved in helping the organization repair besmirched trust with customers to reinforce the assurance of safe shopping will be critical to this process.  If your organization happens to experience a breach during the holidays, or even during the rest of the year, here are a few steps IT can take to help to restore trust:

  • Create an online support forum on the corporate website which is easily located and visible to provide customers with official information regarding the breach your organization suffered, a way to report fraudulent activity (some states even require this), and a way to notify the organization directly if they suspect another breach has taken place. Respond to all serious inquiries and assume any could be legitimate.
  • Anticipate questions and lend expertise to help guide restorative messaging to customers. IT is uniquely positioned on the front lines of a breach, which is important at the moment of breach, but we become important again in offering customers assurance post-breach.
  • Spread the word. Provide communications both on the corporate website as well as on the company social media channels to explain how the company took steps to manage security. Also note that this messaging should be Legal- and CISO-approved.
  • Be mindful of new threats from scammers looking to take advantage of potential vulnerabilities in the wake of a breach. IT can aid the investigation, reporting and communicating with the public and board members about damaging content.
  • Learn from a breach. In the days and weeks after a breach, share website referral traffic stats with the security response team to help guide a post-breach communication and monitoring strategy for the future. For example, finding that a great number of users clicked links to your website from a single news outlet or social network.

The holidays are by far the most critical time for retailers to be thinking about security, but it shouldn’t be the only time. Breaches can happen out of the blue; use your position in IT to help keep grinches at bay and keep your customer’s information—and their trust in your business—secure. Breached organizations should follow these guidelines year-round, disclosing breaches quickly and transparently, and keeping the communication focus on protecting users in the future.

Backup Exec 15 Beta Registration is now open!

0
0

We are pleased to announce that the beta program for the next release of Backup Exec, Backup Exec 15, is open for registration. This beta allows new and existing Backup Exec customers the opportunity to test, validate, and provide feedback on this upcoming release.

This beta release can be installed in both lab and production environments in all languages supported by Backup Exec. 

What’s new in Backup Exec 15?

Backup Exec 15 delivers powerful, flexible and easy-to-use backup and recovery for virtual and physical environments. By participating in the beta, you can be among the first to evaluate newly-supported platforms and reliability enhancements. Your feedback on product stability, features, and performance will help us to continue delivering a high quality product that you can trust. Backup Exec 15 includes:

·      Support for VMware vSphere 2015

·      Support for Oracle 12c

·      Fixes for customer-reported issues and bugs

Additionally, Backup Exec 15 includes the following platform updates:

·      SDR (Simplified Disaster Recovery) support for Windows Server 2012 R2 and Windows 8.1 client

·      VMware vSphere 5.5 U2

·      Exchange 2013 Cumulative Update 6

·      SQL 2014 as a repository for the Backup Exec database

·      SCOM for 2007 and 2012

·      And more!
 

End of life items

·      Backup Exec 15 will not support Backup Exec servers running on 32-bit operating systems; however, remote servers with 32-bit operating systems will be supported using the Agent for Windows (AWS).

Forward-looking Statements: Any information regarding pre-release Symantec offerings, future updates or other planned modifications is subject to ongoing evaluation by Symantec and therefore subject to change. This information is provided without warranty of any kind, express or implied.  Customers who purchase Symantec offerings should make their purchase decision based upon features that are currently available.

 

Beta Availability

Backup Exec 15 will be available for download in the first quarter of CY 2015. We are opening beta registration early so that participants have ample time to register. We will provide more updates about the beta program closer to the launch.

If you are interested in participating in this Beta program, please click the link below and click “Join this Beta Program”.

Registration link: https://symbeta.symantec.com/callout/?callid=B5C9F823420C44A49A7596453FEDCE72

If you have questions about this beta program, please email: BnR_Beta@symantec.com.

We look forward to your interest and participation in the upcoming beta release of Backup Exec 15.

Best regards,
Backup Exec team

Viewing all 5094 articles
Browse latest View live




Latest Images