Cloud, cloud and more cloud. The IT world is adopting new infrastructure and service delivery models that cut costs and deployment times while increasing service reliability. But this latest in disruptive technologies is creating a real headache for data protection architects and their administration teams. 

This direction is so entrenched that Veritas, (the independent information management company that will emerge from the separation from Symantec) has established a "Hybrid is the Model" motto across all of our product development plans. But how are we reducing the pain created by managing information across these new mixed platforms? Let's take a look at the latest Backup and Recovery improvements springing from our hybrid commitment.

NETBACKUP

1. NetBackup is the first - and only - enterprise information management software supported at the launch of Google's nearline storage platform. Simon Jelley goes into more detail here and Rasheed gives his own take on the significance of this development in general over on LinkedIn.
2. NetBackup 7.7 (in beta now) includes a greatly improved Amazon connector (as well as the Google support mentioned above). Release plans tentatively also include connectors for Verizon, Hitachi Data Systems and Cloudian.
3. NetBackup already supports the NetApp SteelStore gateway appliance as an NFS or CIFS mount.
4. NetBackup's MSDP deduplication technology running in the Amazon cloud, and Auto Image Replication to a media server in the cloud are on deck to deliver dedupe to cloud and tapeless disaster recovery. 
5. NetBackup is vSphere 6 Ready on the day of release. Ana Pinczuk's blog gives more information.
6. A brand new self-service version of NetBackup is coming out in April, ideal for service providers of any kind. We hinted at that upcoming release here.

BACKUP EXEC

1. Midmarket customers can use Backup Exec 2014 (and the upcoming Backup Exec 15) with Amazon via the AWS Storage Gateway. vExpert Mikko Nykyri explains more here, and watch for expanded use cases in Backup Exec 15 both on-prem and in the Amazon cloud. 
2. Backup Exec supports both AWS and Azure via the NetApp SteelStore gateway. Nifty infographic here.
3. Backup Exec supports the Quantum DXi dedupplication appliances as gateways to the Quantum Q cloud.
4. Backup Exec 15 is vSphere 6 Ready on the day of release. Ana Pinczuk's blog gives more information.

Curious about our reasoning behind hybrid cloud? Here's some background on that commitment.

Forrester reports that the 2020 cloud markets are sized as follows: Private $16B, Hybrid $66B and Public $159B. But the growth rates are what really intrigue us, because that is where our customers are investing their dollars and where our channel partners can find opportunity to assist. In fact, Gartner reports that nearly half of large enterprises will have hybrid clouds by the end of 2017 and IDC is even more bullish.

Enterprise customers tell us that a wholesale rip-and-replace is completely unrealistic, but a partial and controlled migration of appropriate applications and services is happening now. In other words, nobody wants their crown jewels with a 3rd party.

Efficiency and deployment speed are major benefits to cloud adoption. But fragmented platforms is an unfortunate outcome that wreaks havoc on information management architectures. Veritas is building solutions that help the world's largest organizations manage through these challenges with grace and power.

When choosing an endpoint security product it is important for you to choose a vendor with more than just strong protection. Accuracy and performance also play critical roles in ensuring an organization is getting the most out of their endpoint solution. Symantec Endpoint Protection Small Business Edition (SEP SBE) beats competitors, Sophos and Kaspersky, in these metrics.

According the latest Dennis Technology Labs Small Business AV Protection Report  (December 2014), Symantec received a AAA rating while Sophos Anti-Virus Business received a rating of AA. Dennis Labs gives SEP SBE a total accuracy rating of 100% while Sophos received a 94% accuracy rating score.

In addition to being effective, endpoint security needs to avoid slowing down machines. According to a PassMark Software comparison of performance, conducted in July 2014, SEP SBE uses far less memory (RAM) when idle. The amounts were 83.1 MB for Symantec as compared to 103.2 MB for Kaspersky and 197 MB for Sophos. Furthermore, Symantec takes less than half the time to copy, move and delete sets of sample files while the endpoint solution is running in the background. Facilitating productivity is important for any organization, because let’s face it, time is money.

Passmark Software also presented a total cumulative score using 17 performance metrics across six security vendors. Symantec obtained the highest cumulative score of 66 out of 70. Sophos was ranked fourth out of the six (with a score of 59) and Kaspersky ranked sixth out of six (with a score of 41).

For more information about Symantec Endpoint Protection Small Business Edition, or to start a free trial, visit: http://www.symantec.com/endpoint-protection-small-business-edition/

Teamwork and Collaboration are two goals that most organizations strive for, but sometimes they are easier said than done. Today we take a look at how the SSC15 team is successfully working together in Turkey, despite cultural differences, new clients and challenging projects. 

SSC participants Joe Gifford and Mirable Ramos visit the United Nations Refugee Agency.

With nearly two weeks already passed in Turkey, the Symantec Service Corps (SSC) team is hard at work, moving well beyond the early introductions into strategy, tactics, and execution. Prior to leaving for Ankara they selected “Ilerleme” (Progress) as their team name and “Adam adamaa gerek olur” as their motto, meaning, “We all need each other. We can only do great things through teamwork.”

 They also identified four key goals:

• Collaboration—To collaborate openly in order to attain the best possible outcome.
• Teamwork—To work as a diverse team in terms of ideas and leverage each other’s knowledge and experiences.
• Progress—To look for long-term solutions that can be sustained over a period of time.
• Unity—To build positive working and personal relations with the local clients in a short period.

Today we look at how the team is working towards their Collaboration and Teamwork goals, including what they are doing both in and out of the office to connect with their team and clients. Progress and Unity, the two final goals, will be featured in next week’s Travel Log: Turkey article.

Embracing a new culture and fueling collaboration

Despite different backgrounds and thousands of miles traveled, reports of strong collaboration right from the start are echoed across the team.

“I think the biggest surprise so far has been how quickly both my Doğa Derneği (The Nature Society) team and our entire SSC team have bonded and started collaborating. I definitely expected this level of collaboration as a part of this program but the fact that it’s happened so quickly has been very exciting. It has also been surprising to see how interconnected all three projects are, even as different as they might seem.”—Rachel Yokum, senior product marketing specialist

The team has also been impressed by how welcoming, patient and supportive their clients, as well as members of the Ankara community, have been as they get acquainted with the language and culture.

During the first few days in Ankara, Joe Gifford, senior content grader, was practicing his Turkish while at a supermarket close to the team’s hotel. The men appreciated his efforts to speak the language and invited the team that was in the shop to join the supermarket staff for a traditional breakfast of fresh bread, chilies, and an omelet filled with sucuk (Turkish spiced salami) and practice their Turkish language skills throughout the meal. This experience reflects the warmth and openness the team has experienced so far during their trip.

The SSC team is invited to a traditional breakfast in a supermarket after practicing their Turkish in the store. 

Beyond the language differences, the team has been surprised to see how interconnected the work of the non-profits is and how collaboration is occurring during moments where it is least expected. For example, in celebration of International Women’s Day 2015, the entire SSC team was invited to attend an event organized by one of the non-profits, the Association for Solidarity with Asylum Seekers and Migrants (ASAM). The team was asked to be sensitive as some of the refugees, women and children from two to 60 years old, might not want to talk or have their pictures taken. Yet, as music from the refugees’ individuals’ countries (Afghanistan, Iran, Iraq, and Syria) started playing on the speakers, the young girls began dancing and soon the older women followed, creating one giant dance party.

Instead of a solemn event, the music united the refugees who had come from different parts of the world. It was particularly empowering to see women and children celebrating their own place in their new home, enhancing the meaning and connection the SSC team now feels to Turkey, the mission of ASAM, as well as Flying Broom and their efforts to create an equal society for women.

Small groups, large responsibilities for all

In Turkey, the SSC teams are split into three groups, with three people assigned to each client organization. Because the teams are small and there is only four weeks to complete their missions, each SSC team member has a significant amount of responsibility on their plate and must stretch their own abilities in many directions.

The ASAM team, which includes Sohini Nathoo (Johannesburg, South Africa), Joseph Gifford (Dublin, Ireland), and Mirabel Ramos (Culver City, CA), are working to understand the needs and requirements for an online system to enable multiple users at various locations to track their clients, as well as to provide a simplified reporting system. The team has had a busy week, as evidenced in the slideshow and experiences they shared.

“It’s no surprise that the work expected of a tech company on behalf of any NGO might be technical in nature, but I am amazed at how well my teammates have been able to address the issues we face.”—Joe Gifford, senior content grader

“I have been looking forward to consulting with an organization in a foreign territory, one that does very different work to that which I have been exposed to and working with peers from different parts of the world to put together a solution that brings about a positive change.”—Sohini Nathoo, partner success manager

“Patience and curiosity are the two skills/traits that have benefited me most while working together on this project.”—Mirabel Ramos, principal program manager

Even though team members all bring different personalities, backgrounds, and experiences, they have earned a deep level of trust and respect for one another in a very short amount of time.

A look ahead

As we near the halfway point, the SSC continues to strengthen as a team. Next week we’ll look at the two remaining goals, Progress and Unity, and see how the team feels the team name, which they established well in advance of their trip, is holding up. We’ll also spotlight the other two teams in future articles, sharing some of their favorite experiences and interactions.

Join the team on their journey by following along on the Symantec Service Corps blog, here on the Corporate Responsibility in Action blog, and on twitter using hashtag #SSC15.

Related articles:

• Travel Log: Turkey—Week 1: Welcome to Ankara
• Making an Impact in Turkey: Announcing 2015 Symantec Service Corps Volunteer Partners

Attackers look to the emotional aspects of human decision making to execute their attacks. They use psychological manipulation tactics, as people tend to pay attention to personally relevant messages, especially if there is an urgent call to action.

Social Engineering is a non-technical method that attackers use to try to get people to divulge sensitive information or install malware onto their computer. Clearly, these types of attacks use tools that are technical, however, successful execution of these attacks rely heavily on human-to-human interaction and using the emotions of the human being as the exploitable vulnerability.

Social Engineering Attack Vectors

Since social engineering involves the hacking of human emotions, there are multitudes of ways an attacker can attempt to extract data from their targets.

Baiting

This type of attack plays on the curiosity of the human psyche. An attacker will leave a malware-laden device, such as a USB stick, in an obvious area where someone will find it. The victim will probably plug it into their computer to see what is on it, and then malware is injected into their system.

Phishing

The oldest and still one of the most successful tricks in the book, attackers will try to use a variety of influencing levers in spam emails.  Fear tactics tend to be one of the most effective levers, as it depends on users making quick, impetuous decisions based on their emotions.  Another successful influencing lever is when the request appears to be coming from an attacker posing as an authority figure, which is a version of pretexting. People will tend to unquestionably comply when a directive comes from a member of management or a higher-up in the organization.  Sense of urgency is also another lever that relies on emotional decision-making. If a target is presented with a scenario that is urgent- such as a warning that if they don’t take action within a certain time frame, their account will be suspended, the victim feels that they need to act urgently, which will lead to poor impulsive decision making such as clicking on a malicious link and unintentionally divulging their user credentials.

Email Hacking and Contact Spamming

People tend to comply with requests that come from someone they know, especially if it is coworkers, friends or family members. Therefore attackers will try to use various social engineering tactics to obtain the target’s email credentials. Once the attacker gains control of the account, they will then spam everyone in their address book, thusly perpetuating the attack with the objective of spreading malware or tricking victims out of sensitive information and more user credentials.

Pretexting

Pretexting is a social engineering tactic where an invented scenario is created to trick a target into divulging personal and sensitive information. It involves researching a target and using what is found out about the individual, then tailoring the attack based on that information. Being able to perfectly mimic the head of marketing is useless if your target is the head of marketing.

Quid Pro Quo

Something for something. The attacker promises free promotional items, a prize or even financial compensation for the exchange of sensitive information.

Spear Phishing

In the family of phishing, spear phishing its more complex cousin. Usually targeted at specific individuals in a specific company, it is more of a campaign than one-off phishing emails. The attacker will do research on the target and then send emails that are personally relevant to the victim, in the attempt to get the victim to complete the call to action, which is clicking on links, downloading malware or divulging sensitive information. Sometimes the attackers will use pretexting in order for the con to look more authentic.

Vishing

Probably the least technical of all of the attack vectors, vishing is when the attacker will call the target, posing as a trusted individual, such as a member of the IT department requesting user credentials in order to fix a technical issue. This tactic relies heavily on pretexting.

Social Engineering attacks can be executed with a single attack vector with the intent to collect specific information from a specific target, or it can be used in a more complex operation, generally used in corporate attacks. These two attack campaigns are called Hunting and Farming.

Hunting

The objective of hunting is to extract as much data as possible with minimal contact with the target. The most common attack vectors used in this scenario are phishing, baiting and email hacking.

Farming

A much more complex campaign, farming requires a little more legwork on the attackers part. Akin to a “long con,” the attacker performs some reconnaissance on the target, seeking to form a relationship with them. Another tactic that relies heavily on the pretexting lever, the objective is to string them along as long as possible in order to extract as much data as possible.

Social Engineering is everywhere on the Internet landscape- social media, email, compromised websites, and even spills over into real life interactions. It’s so highly effective due to the one element that is impossible to patch or install security software on: the human being. The best defense against social engineering is education. It’s a good idea to have some form of internet security compliance training within an organization in order to help your employees not only help safeguard the company’s data, but their own as well.

Cloud, cloud and more cloud. The IT world is adopting new infrastructure and service delivery models that cut costs and deployment times while increasing service reliability. But this latest in disruptive technologies is creating a real headache for data protection architects and their administration teams. 

This direction is so entrenched that Veritas, (the independent information management company that will emerge from the separation from Symantec) has established a "Hybrid is the Model" motto across all of our product development plans. But how are we reducing the pain created by managing information across these new mixed platforms? Let's take a look at the latest Backup and Recovery improvements springing from our hybrid commitment.

NETBACKUP

1. NetBackup is the first - and only - enterprise information management software supported at the launch of Google's nearline storage platform. Simon Jelley goes into more detail here and Rasheed gives his own take on the significance of this development in general over on LinkedIn.
2. NetBackup 7.7 (in beta now) includes a greatly improved Amazon connector (as well as the Google support mentioned above). Release plans tentatively also include connectors for Verizon, Hitachi Data Systems and Cloudian.
3. NetBackup already supports the NetApp SteelStore gateway appliance as an NFS or CIFS mount.
4. NetBackup's MSDP deduplication technology running in the Amazon cloud, and Auto Image Replication to a media server in the cloud are on deck to deliver dedupe to cloud and tapeless disaster recovery. 
5. NetBackup is vSphere 6 Ready on the day of release. Ana Pinczuk's blog gives more information.
6. A brand new self-service version of NetBackup is coming out in April, ideal for service providers of any kind. We hinted at that upcoming release here.

BACKUP EXEC

1. Midmarket customers can use Backup Exec 2014 (and the upcoming Backup Exec 15) with Amazon via the AWS Storage Gateway. vExpert Mikko Nykyri explains more here, and watch for expanded use cases in Backup Exec 15 both on-prem and in the Amazon cloud. 
2. Backup Exec supports both AWS and Azure via the NetApp SteelStore gateway. Nifty infographic here.
3. Backup Exec supports the Quantum DXi dedupplication appliances as gateways to the Quantum Q cloud.
4. Backup Exec 15 is vSphere 6 Ready on the day of release. Ana Pinczuk's blog gives more information.

Curious about our reasoning behind hybrid cloud? Here's some background on that commitment.

Forrester reports that the 2020 cloud markets are sized as follows: Private $16B, Hybrid $66B and Public $159B. But the growth rates are what really intrigue us, because that is where our customers are investing their dollars and where our channel partners can find opportunity to assist. In fact, Gartner reports that nearly half of large enterprises will have hybrid clouds by the end of 2017 and IDC is even more bullish.

Enterprise customers tell us that a wholesale rip-and-replace is completely unrealistic, but a partial and controlled migration of appropriate applications and services is happening now. In other words, nobody wants their crown jewels with a 3rd party.

Efficiency and deployment speed are major benefits to cloud adoption. But fragmented platforms is an unfortunate outcome that wreaks havoc on information management architectures. Veritas is building solutions that help the world's largest organizations manage through these challenges with grace and power.

I am very pleased to announce that both NetBackup and Backup Exec are VMware vSphere 6 Ready on their first dates of general availability. Interested customers can read more about the April release of Backup Exec 15 here (http://www.symantec.com/connect/blogs/backup-exec-15-beta-registration-now-open), more about the just-released NetBackup 7.6.1.1 here, and may plan rollouts knowing they have a backup solution in place for cutting edge virtual environments. We will continue to enhance our vSphere 6 capabilities in NetBackup 7.7 later this year.

Over the past year we’ve talked a lot about the importance of agility in driving business success, and how the Information Management solutions we provide can help IT accelerate business value.  What we haven’t talked as much about is the agile transformation we have undertaken within our own business.   A year ago, we began transitioning our engineering processes to an Agile development model.  Business process transformations are never easy, but as this announcement shows, our investments are paying off as we deliver support of new workloads well within our 90-day commitment.  We are excited to continue on our transformation journey to accelerate capabilities to market and offer even more business value to you as the new Veritas.

We understand that our backup and recovery solutions enable you to provide increased information access, business agility, and risk management as you enable your business to keep ahead of market demands.   Our team is committed to helping you move faster and take bigger risks knowing your information will be safe. The more agile we are, the more agile you can be. Are you ready to deploy vSphere 6? Go ahead – we’re ready when you are.

The ‘Restore from Vault’ button is a close colleague of the ‘Store in Vault’ button in the Enterprise Vault Outlook Add-in. Many people know what it does, and doesn’t do, but let’s go over some of the nitty gritty here.

Strange as it seems it doesn’t restore the item from the vault in the true sense. In my mind, if it MOVED the item from the archive back to the mailbox then that would be a true ‘restore from vault’, but this button does a slightly different thing to that. What the button does is restore a COPY of the item back to the mailbox (either in the current folder, or, in the restored items folder’). The item in the archive is still there, untouched.

That is probably the number one thing that people get confused about with regards to this button - they think it removes the item from the archive, but it does not do that.

What actually happens is that the item is marked with a timestamp, and the icon changed to pending restore. The Outlook Add-in then sends a HTTP request to the Enterprise Vault server to restore a copy of the item.

09/03/2015 14:39:21.565[2180][M]: Sending HTTP request: http://rowi01-ev-01.rowiev.local/EnterpriseVault/clientaction.asp?act=4&fdrenc=_&dn=/o%3dFirst%20Organization/ou%3dExchange%20Administrative%20Group%20(FYDIBOHF23SPDLT)/cn%3dRecipients/cn%3ddel-1726&svr=ROWI01-EX-01&sid=108A949F5E6FEBF43954BCD5A47E15E7B1d10000rowi01-ev-01.rowiev.local&tsp=2015-03-09T14:39:21&pdl=AAAAAAAACBJPMCNBGNHIBEEEJDJEAIOIAMBODCIDABAABMDEJLPBPBEKMDEJIHBBHHCJAHBNCCDIAAAAAAIPGHAHAAAA

The W3WP component of the Enterprise Vault receives and processes the request on to AgentClientBroker, and the RetrievalTask. That does the work, of restoring the item.

When all that’s done, remember the item is still in the archive.

Do you have this button enabled? Do users really know what it does? Let me know in the comments below…

Here I will be posting custom reports, that were created by me or other forum members. All correction, improvements and optimizations to code below are highly appreciated.

• SQL procedure for converting time in seconds to hh:mm:sec format. May be useful for displaying duration in human readable form.

• *This procedure used in some of my reports, make sure to add it.

• Audit report deleted and deactivated policies. 
• Audit report clients removed from policies. 
• List of all active clients, policies, policy types and backup selections in configuration.
• Last successful backup for failed jobs, done by M_henriksen, with a little bit of my tuning
• Generic daily report with 
  • Policy Name
  • Client Name
  • Platform
  • Version
  • Schedule Name
  • Job Scheduled Time
  • Job Start Time
  • Job End Time
  • Job Duration
  • Job Status
  • Files(Selection)
  • Job Size(MB)
  • Status Code
• Unique failures daily(Parent jobs only child jobs will be omitted) 

• SQL procedure

  CREATE FUNCTION SecToTime(seconds INT)

  RETURNS CHAR(20)

  AS

  BEGIN

  RETURN (

          (SELECT RIGHT('00' + CAST(CAST(floor(seconds/3600) as NUMERIC(3)) as CHAR(3)), 2)) + ':' +

          (SELECT RIGHT('00' + CAST(CAST(floor(seconds/60) % 60 as NUMERIC(2)) as CHAR(2)), 2)) +':' +

          (SELECT RIGHT('00' + CAST(CAST(seconds % 60 as NUMERIC(2)) as CHAR(2)), 2))

  )

  END

  Example:

  SELECT SecToTime(1000);

  >>00:16:40

  SELECT SecToTime(100000); -- hours will go over 24.

  >>27:46:40

   Audit report deleted and deactivated policies

  SELECT

  domain_MasterServer.networkName as "Master",

  SUBSTR(LIST(audit_Key.value), 0, CHARINDEX(',',LIST(audit_Key.value))) as "Client",

  SUBSTR(LIST(audit_Key.value), CHARINDEX(',',LIST(audit_Key.value))+1, LEN(LIST(audit_Key.value))) as "Policy",

  MAX(UTCBigIntToNomTime(audit_Record.auditTime)) as "Timestamp",

  MAX(audit_UserIdentity.userName) as "User"

  FROM audit_Record, audit_Key, domain_MasterServer, audit_UserIdentity

  WHERE domain_MasterServer.id =  audit_Key.masterServerId

  AND audit_Record.userIdentityId = audit_UserIdentity.id

  AND audit_Record.masterServerId = audit_Key.masterServerId

  AND audit_Record.tieInId = audit_Key.tieInId

  AND audit_Record.recordId = audit_Key.recordId

  AND audit_Record.messageId = 10

  AND DATEDIFF(hour,UTCBigIntToNomTime(audit_Record.auditTime), GETDATE()) <= 48 --- Change time here

  GROUP BY audit_Record.tieInId, domain_MasterServer.networkName

  ORDER BY "Timestamp" DESC

  Audit report clients removed from policies

  SELECT

  domain_MasterServer.networkName as "Master",

  LIST(audit_Key.value) as "Policy",

  LIST((CASE

          WHEN audit_Record.messageId = 2 THEN 'Deactivated'

          WHEN audit_Record.messageId = 5 THEN 'Deleted'

  END)) as "Action",

  LIST(UTCBigIntToNomTime(audit_Record.auditTime)) as "Timestamp",

  LIST(audit_UserIdentity.userName) as "User"

  FROM audit_Record, audit_Key, domain_MasterServer, audit_UserIdentity

  WHERE domain_MasterServer.id = audit_Key.masterServerId

  AND audit_Record.masterServerId = audit_Key.masterServerId

  AND audit_Record.tieInId = audit_Key.tieInId

  AND audit_Record.recordId = audit_Key.recordId

  AND audit_Record.userIdentityId = audit_UserIdentity.id

  AND audit_Record.messageId IN (2 ,5)

  AND DATEDIFF(day,UTCBigIntToNomTime(audit_Record.auditTime), GETDATE()) <= 7 -- Change Time here

  GROUP BY audit_Record.tieInId,domain_MasterServer.networkName

  ORDER BY "Timestamp" DESC

  List of all active clients, policies, policy types and backup selections in configuration

  SELECT

  domain_PolicyClient.clientName as "Client Name",

  domain_PolicyClient.policyName as "Policy Name",

  lookup_PolicyType.name as "Policy Type",

  nb_Policy.fileList as "Backup Selection"

  FROM

  domain_PolicyClient, domain_Client,lookup_PolicyType, domain_Policy, nb_Policy

  WHERE

  AND lookup_PolicyType.id = domain_Policy.type

  AND domain_PolicyClient.clientName = domain_Client.name

  AND domain_PolicyClient.masterServerId = domain_Client.masterServerId

  AND domain_PolicyClient.policyName = domain_Policy.name

  AND domain_PolicyClient.masterServerId = domain_Policy.masterServerId

  AND domain_PolicyClient.policyDomainName = domain_Policy.policyDomainName

  AND domain_PolicyClient.policyVersionNo= domain_Policy.versionNo

  AND domain_Policy.name = nb_Policy.name

  AND domain_Policy.masterServerId = nb_Policy.masterServerId

  AND domain_Policy.versionNo = nb_Policy.versionNo

  AND domain_Policy.policyDomainName = nb_Policy.policyDomainName

  AND domain_Policy.status = 0

  AND domain_Policy.active = 1

  AND lookup_PolicyType.name  LIKE '%DB2%'

  -- domain_Policy.name LIKE '%PR%'

  -- domain_PolicyClient.clientName LIKE '%winprd%'

  ORDER BY domain_PolicyClient.clientName

  Last successful backup for failed jobs f all active clients, policies, policy types and backup selections in configuration

  SELECT DISTINCT

  B.friendlyName as 'Master Server',

  A.clientName as 'Client Name',

  A.policyName as 'Policy Name',

  LIST(A.statuscode) as 'Status Code',

              (       select DATEDIFF(DAY,UtcBigIntToNomTime(MAX(CKP.endTime)),GETDATE()) as 'Days since Last successful' 

                      from   domain_JobArchive CKP

                      where CKP.masterServerId = A.masterServerId AND

                                CKP.id = CKP.parentJobId AND

                                CKP.clientId = A.clientId AND

                                CKP.policyId = A.policyId AND

                                CKP.policyName = A.policyName AND

                                CKP.policyType = A.policyType AND

                                ( CKP.statusCode = 0 OR   CKP.statusCode = 1  )  ),

              (       select  UtcBigIntToNomTime(MAX(BKP.endTime)) as 'Last successful'

                      from   domain_JobArchive BKP

                      where BKP.masterServerId = A.masterServerId AND

                                BKP.Id = BKP.parentJobId AND

                                BKP.clientId = A.clientId AND

                                BKP.policyId = A.policyId AND

                                BKP.policyName = A.policyName AND

                                BKP.policyType = A.policyType AND

                               ( BKP.statusCode = 0 OR   BKP.statusCode = 1  ) )

  FROM  "domain_JobArchive" A , "domain_masterserver" B

  WHERE

  A.masterServerId = B.id AND A.id = A.parentjobid AND

            DATEDIFF(hour,UtcBigIntToNomTime(A.endTime), GETDATE()) <= 24

  AND

  (         select  DATEDIFF(DAY,UtcBigIntToNomTime(MAX(CKP.endTime)),GETDATE()) as 'Days since Last successful'

                      from   domain_JobArchive CKP

                      where CKP.masterServerId = A.masterServerId AND

                                CKP.id = A.parentJobId AND

                                CKP.clientId = A.clientId AND

                                CKP.policyId = A.policyId AND

                                CKP.policyName = A.policyName AND

                                CKP.policyType = A.policyType AND

                                CKP.scheduleType = A.scheduleType AND

                                ( CKP.statusCode = 0 OR   CKP.statusCode = 1  )  ) > 0 AND

  A.scheduleName != 'user_backup' AND

  A.statusCode not in (0,1,190,199,230,239,240,800,1000) AND

  A.policyName NOT LIKE 'SLP_%' AND A.type IN (0,22,28) AND

  A.scheduletype not in (-1,2)

  Group by A.clientName,A.masterServerId,A.policyName,B.friendlyName,policyType,scheduleType,clientid,policyid

  ORDER BY B.friendlyName , A.clientName

   Generic daily report with 

  SELECT

  domain_JobArchive.policyName as "Policy Name",

  domain_JobArchive.clientName as "Client Name",

  domain_Client.hardwareDescription as "Platform",

  domain_Client.versionLabel as "Version",

  domain_JobArchive.scheduleName as "Schedule Name",

  adjust_timestamp(domain_ScheduledJob.scheduledTime,10800000) as "Job Scheduled Time",

  UTCBigIntToNomTime(domain_JobArchive.startTime) as "Job Start Time",

  UTCBigIntToNomTime(domain_JobArchive.endTime) as "Job End Time",

  SecToTime(DATEDIFF(minute,UTCBigIntToNomTime(domain_JobArchive.startTime),UTCBigIntToNomTime(domain_JobArchive.endTime))) as "Job Duration(Minutes)",

  (CASE

          WHEN domain_JobArchive.state = 3 AND domain_JobArchive.statusCode = 0 THEN 'Successful'

          WHEN domain_JobArchive.state = 3 AND domain_JobArchive.statusCode = 1 THEN 'Partial'

          WHEN domain_JobArchive.state = 3 AND domain_JobArchive.statusCode > 1 THEN 'Failed'

          ELSE 'Failed'

  END)  as "Job Status",

  nb_JobFilesArchive.fileinfo as "Files",

  CAST(domain_JobArchive.bytesWritten/1024/1024/1024 as NUMERIC(20,2)) as "Job Size(MB)",

  domain_JobArchive.statusCode as "Status Code"

  FROM domain_JobArchive,  lookup_JobState, domain_ScheduledJob, nb_JobFilesArchive, domain_MasterServer, domain_Client

  WHERE domain_ScheduledJob.jobid  = domain_JobArchive.id

  AND domain_JobArchive.masterserverId = nb_JobFilesArchive.masterserverId

  AND domain_JobArchive.clientName = nb_JobFilesArchive.clientName

  AND domain_JobArchive.id = nb_JobFilesArchive.jobID

  AND domain_MasterServer.id = domain_JobArchive.masterServerId

  AND domain_JobArchive.clientName = domain_Client.name

  AND domain_JobArchive.masterserverId = domain_Client.masterserverId

  AND domain_JobArchive.state =lookup_JobState.id

  AND DATEDIFF(hour,UTCBigIntToNomTime(domain_JobArchive.endTime), GETDATE()) <=24

  AND domain_JobArchive.policyName != ''

   Unique failures daily(Parent jobs only child jobs will be omitted) 

  SELECT

  MAX(domain_Job.id) as "Job Primary ID",

  domain_Job.clientName as "Client Name",

  domain_Client.hardwareDescription as "Client OS",

  lookup_JobType.name as "Job Type",

  lookup_JobState.name as "Job Status",

  count(domain_Job.statusCode) as "Number of entries",

  domain_Job.policyName as "Policy Name",

  MAX(UTCBigIntToNomTime(domain_Job.startTime)) as "Job Start Time",

  MAX(UTCBigIntToNomTime(domain_Job.endTime)) as "Job End Time",

  MAX(SecToTime(DATEDIFF(second,UTCBigIntToNomTime(domain_Job.startTime),UTCBigIntToNomTime(domain_Job.endTime)))) as "Job Duration",

  MAX(domain_Job.bytesWritten/1024/1024/1024) as "Job Size(MB)",

  MAX(domain_Job.filesBackedUp) as "Job File Count",

  MAX(domain_Job.throughput) as "Job Throughput (KB/Sec)",

  domain_Job.statusCode as "Status Code",

  lookup_JobStatusCode.name as "Status Code Description"

  FROM

  domain_Job, domain_Client, lookup_JobType, lookup_JobState, lookup_JobStatusCode

  WHERE domain_Job.type = lookup_JobType.id

  AND domain_Job.statusCode > 0

  AND domain_Job.statusCode = lookup_JobStatusCode.id

  AND domain_Job.id = domain_Job.ParentJobID

  AND domain_Job.state = lookup_JobState.id

  AND domain_Job.clientName = domain_Client.name

  AND DATEDIFF(hour,UTCBigIntToNomTime(domain_Job.endTime), GETDATE()) <= 24

  AND domain_Job.policyName != ''

  child jobs will be omitted) 

SQL procedure

Example:

SELECT SecToTime(1000);

>>00:16:40

SELECT SecToTime(100000); -- hours will go over 24.

>>27:46:40

 Audit report deleted and deactivated policies

Audit report clients removed from policies

List of all active clients, policies, policy types and backup selections in configuration

Last successful backup for failed jobs f all active clients, policies, policy types and backup selections in configuration

 Generic daily report with 

 Unique failures daily(Parent jobs only child jobs will be omitted) 

Here I will be posting custom reports, that were created by me or other forum members. All correction, improvements and optimizations to code below are highly appreciated.

• SQL procedure for converting time in seconds to hh:mm:sec format. May be useful for displaying duration in human readable form.

*This procedure used in some of my reports, make sure to add it.

• Audit report deleted and deactivated policies. 
• Audit report clients removed from policies. 
• List of all active clients, policies, policy types and backup selections in configuration.
• Last successful backup for failed jobs, done by M_henriksen, with a little bit of my tuning
• Generic daily report with 
  • Policy Name
  • Client Name
  • Platform
  • Version
  • Schedule Name
  • Job Scheduled Time
  • Job Start Time
  • Job End Time
  • Job Duration
  • Job Status
  • Files(Selection)
  • Job Size(MB)
  • Status Code
• Unique failures daily(Parent jobs only child jobs will be omitted) 

SQL procedure

Example:

SELECT SecToTime(1000);

>>00:16:40

SELECT SecToTime(100000); -- hours will go over 24.

>>27:46:40

 Audit report deleted and deactivated policies

Audit report clients removed from policies

List of all active clients, policies, policy types and backup selections in configuration

Last successful backup for failed jobs f all active clients, policies, policy types and backup selections in configuration

 Generic daily report with 

 Unique failures daily(Parent jobs only child jobs will be omitted) 

2015 will be a year to remember in the IT industry.  Innovative and industry leading technologies are emerging it seems weekly.  Symantec Altiris is no exeption.

  -   If you haven't taken the time to explore Altiris 7.6, do so with us.  We will explore what the upgrade means to you and your oranization. New unique features, better performance and the new CEM (cloud enabled management) are just the tip of the iceberg.

Join us on April 8th, @ 2 EST to learn why there is no better time to upgrade!

In “Moneyball”, author Michael Lewis describes how a professional sports team used data analytics to field the best possible team of players. Can this same quantitative approach help a company achieve the highest possible level of security? Symantec’s Amit Mital discusses how advanced data mining on massive amounts of security intelligence will help organizations thwart even the most complex attacks on their systems and information. 

•Speaker: Amit Mital, Executive Vice President, Emerging Endpoints and Chief Technology Officer 

•Day: Wednesday, April 22nd 

•Time: 3:30pm – 3:55pm 

For more information on RSA, visit http://www.rsaconference.com/events/us15

The intent of the attached query is to provide an alternative reporting mechanism for Year by Month aggregate Ticket activity.

The Column legend is as follows:

      Year: Derived from ReportProcess.ProcessStarted

   Month: Derived from ReportProcess.ProcessStarted

 Started: Total count of ProcessStarted entries for the given Year/Month.

  Ended: Total count of ProcessEnded entries for the given Year/Month.

               NOTE: The query accounts for broken tickets by inferring that the ticket has ended when PercentComplete = 100.

On Hold: Total count of Result = 'Hold' entries for the given Year/Month

    Open: Total count of ProcessStarted entries that are still open at the Year/Month cutoff.

My name is Cullen Covington, and I am a cybersecurity intern through the Symantec Cyber Career Connection (SC3) program. After 6 months of technical and professional training at Year Up, I began an internship at Symantec’s office in Herndon, VA. I have only been on the job for a few weeks, but I have already learned so much.

The first day of my internship at Symantec was in the Global Security Operations office. I walked into a small room full of people with very diverse backgrounds. That day, Jacob Horst, my manager, taught me one of the most valuable lessons so far. He explained to me that in order to become successful in this field I'd have to understand the motivations of an attacker. Just knowing technical terms or how computers work would not be enough in this era of cybersecurity. I would need to know what information would be valuable to a hacker and how it could be used for monetary gain or other benefits. He also taught me that the most vulnerable asset in cybersecurity is the human user.

Since that first day, I have had the opportunity to start working with security incidents. Over the course of these first few weeks I've learned how to track and analyze network traffic events using Splunk. With what I learned during my training at Year Up, I can identify when a computer is infected with a virus by the repeated traffic it produces or by it beaconing out to get a connection with a Command and Control (CNC) server. Currently I am watching our data collection platform for policy violations within the company and learning to do investigations into more serious incidents.  

I have learned so much already, but this is only the beginning. I am looking forward to learning more during the rest of my 6 month internship.

There’s no question that mobile devices and apps are essential tools for today’s workforce. Employees have embraced mobility because it provides more flexibility and boosts productivity. As a result, mobile apps have become attractive targets for cybercriminals who disguise mobile malware as legitimate mobile apps. In this evolving mobile threat landscape, enterprises must extend threat protection to any mobile device that connects to corporate resources. When choosing a mobile threat protection solution, it’s important to choose a vendor that goes beyond the basics and introduces innovations that deliver better protection.

Symantec recently received the AV-TEST Innovation Award 2015 in Mobile Security for App Advisor for Google Play, a feature in both Symantec Mobility: Threat Protection and Norton Mobile Security at Mobile World Congress in Barcelona, Spain. AV-TEST is an independent organization that evaluates and rates antivirus and security suite software for Microsoft Windows and Android operating systems. The award was bestowed for the ground-breaking proactive protection offered by the new App Advisor for Google Play feature and the app intelligence technology that powers it -- Norton Mobile Insight.

App Advisor for Google Play allows users to examine the behaviors of an app BEFORE downloading it from Google Play store. It scans apps in real-time looking for malware and app behaviors that invade privacy, display annoying/intrusive adds or consume excessive battery and data. By scanning the app before downloading employees can make an educated choice about what apps to download, and what they are willing to trade for using a particular app.

“We chose the App Advisor technology, powered by Norton Mobile Insight, because we wanted to reward innovation instead of run-of-the-mill technology and features,” said Andreas Marx, CEO, AV-TEST. "There are a large number of manufacturers of security solutions, but when we see one that has gone beyond the basics of product development to introduce innovations to the market that solve for global challenges, we are compelled to reward and recognize the tremendous work.”

To learn more about how Symantec can help your organization confidently enable mobility, visit http://www.symantec.com/mobility/products/

Hi,

Our company is looking for an Altiris Engineer in the Washington DC area. This is an immediate requirement .

If anyone is interested, please send me over your resume to altirisman@gmail.com

Thanks

Ciscoman

In the organizations running Microsoft Active Directory to list and manage network components such as Users, Computers etc. Administrators can hand over a number of tasks to delegate Users to share the load of administration. These tasks are usually the more mundane ones which are logged on daily basis and can be handled even by the junior IT staff. Password resets and Account Unlock are probably one of the most common tasks that occupy the Helpdesk issue list. According to a recent research by Gartner – a technology research firm, password related calls consume a major portion of the IT Helpdesk time. This is because for most of the organizations passwords still forms the front line of defense against unauthorized accesses to the computers and the vast amount of the business-critical data that they hold.

To ensure security of data and prevent unauthorized accesses organizations design complex password policies which in turn only lead to more Helpdesk calls related to password resets. What are the implications of large volume of helpdesk calls?

• Consumes organizational resources to handle these calls.

• Overall organizational productivity suffers as employees have to wait to get their password reset in the process increasing non-productive hours.

• As the employees could not log into their system, important applications and services running on the computer are left unattended which might disrupt business operations.

So as an IT administrator what are the solutions that you can look at to handle this situation.

Firstly, administrators can delegate such tasks to junior staffs as it is a routine task which doesn’t require much effort. Even non-technical users can take care of these issues after a week’s training or so. Still that would still require a significant number of man-hours although cheap ones. For large organizations having hundreds of thousands of employees, you would need a team of dozens of employees to solve these issues within a reasonable period of time.

Secondly, you as an administrator can opt for specialized applications which are available as fully automated self-service utility to handle these issues. These applications delegate password reset and account unlock task to end-users who have to reset the password and unlock their account on their own. This comes across as plausible solution as it gives the control to end Users who can reset their password from their desktop or on their peers’ desktop, minimizing helpdesk calls and increasing employee productivity.

There are so many specialized solutions available in the market; before you decide to go for any particular one, you need to ensure that it is equipped with some highly desirable features:

• Password reset through web-browser only after Users answer challenge questions successfully.

• Centralized Admin control over what all questions can be used as challenge questions. What is your Employee code? What is the color of your car? – these types of questions should not be used as challenge questions.

• It must notify users a specified period of time in advance before their password expires.

• Multiple notifications should be sent incase Users ignore/miss the first notifications.

• Notifications should be sent via multiple platforms like sms and email to eliminate the chances of non-delivery.

• As organizations are divided in different functional areas, password expiry notifications and policies should be configurable at OU/Group level to allow diverse password expiry policy within an organization.

• Not just end-Users even administrators should be informed of the impending password expiry for at least employees occupying managerial positions.

• Customizable notification text for phased notification alerts to make it more compelling before the password expires.

• Centralized console for batch password reset and auto account unlock.

• Insightful reports presenting the “top-view” of the entire User Password/Account expiry/lockout scenario.

These are some of the important features that you must look for in your prospective specialized self-service password reset software. Besides, Employees should be properly trained on the password expiry and account lock out events handling policy of the organization. This will surely help you to reach the goal of “near-zero-password-expiry-helpdesk-tickets” helping you to implement organizational cost-cutting measures. Many of these applications are available in free trial. You can download and try free version of Lepide Active Directory Self Service which comes equipped with most of these features.

The OpenSSL Project has announced several vulnerabilities in the library which will be patched on Thursday, March 19, 2015.  The announcement was made by OpenSSL's Matt Caswell.  Caswell states that the patches will fix a number of security defects and the highest severity fixed by these releases is classified as "high" severity.  The patches will address vulnerabilities in OpenSSL versions 1.0.2a, 1.0.1m, 1.0.0r, and 0.9.8zf.  Symantec will have more information shortly after the releases.

The SSC team has four short weeks to accomplish some very aggressive goals. With a unified vision and shared mindset, they are making significant progress that their non-profit clients will benefit from long after the mission is complete. 

The entire SSC team after volunteering with the UN Refugee Agency

Before leaving for Ankara, we asked the 2015 Symantec Service Corps (SSC) team members what they thought their biggest challenge would be. Many responded that it would be learning the organization, setting the scope of work, and delivering on aggressive goals in only four weeks. They knew upfront that they would need to come together, united as a team, to leverage each other’s strengths for the greater good. They also knew that while their time in Turkey is limited, the work they were doing would set their three non-profit organizations up for success, well after the team was back home.

"We only have a month in Ankara, Turkey,” says Sohini Nathoo, partner success manager. “However, having conducted a couple of calls with our client, it was clear they have some big expectations of what they are looking to us to deliver. We’re from different parts of the world, in different roles and with varying work styles. If we can work together as a unit then it makes delivering the client’s needs easier, it makes the environment in which we work more pleasant and allows us to learn from each other’s strengths."

Recently we looked at how the team is accomplishing their collaboration and teamwork goals; this week we will dive into their experiences working towards unity and progress, which include building positive working and personal relations with the local clients and looking for long-term solutions that can be sustained over a period of time.

These goals—combined with their team name and motto—emphasize the importance of a common vision and purpose as well as keeping a long-term perspective in mind, despite the short time frame.

Raising awareness of nature conservation

For Patty Christofferson, Shantanu Gattani, and Rachel Yokum, the SSC team supporting Doğa Derneği (Nature Society), the project involves assessing the current status of the organization’s Annual Raptor Census project, and providing a strategic marketing plan to build awareness for the conservation society and increase volunteer participation. These guidelines will help the organization over the long-term in its mission to defend the rights of nature by conducting scientific research, providing solutions for conservation, establishing partnerships, mobilizing volunteers, and driving policy change.

"Team Bird" with Doğa Derneği clients.

The three-team members were new to the Turkish culture and language, and had no ecology or environmental science background. 

"This organization is both intimidating and exciting,” says Rachel Yokum, senior product marketing specialist. “Their passion is unparalleled. Their team is simultaneously working around local barriers to raise awareness for biodiversity and doing key conservation research in active war zones. In short, they’re an incredible organization that, with limited resources, is putting forth Herculean efforts to save the fragile ecosystems. I think unity is integral to our success because we only have four weeks to achieve some pretty ambitious goals and as strong as we all are individually, the only way we can be successful is to lean on our teammates and learn from each other, too.”

The team spent the first week ensuring they had accurately scoped the work and set expectations on what they could deliver in a month. During the second week, they dove into specific aspects of the project and conducted additional meetings with staff members and check-in meetings to ensure they were on track.

"Our team works really well together and we are able to balance our skills and backgrounds well,” notes Patricia Christofferson, director of North America marketing. “We recognize each other’s strengths and draw upon them to accelerate the team output. The team name and motto reflect our approach in how we are working with our clients and collaborating with each other.”

Creating a lasting impact

The SSC team is conscious that – with such an abbreviated timeline – there is a danger of addressing the organizations’ most immediate needs while neglecting long-term potential. They’ve carefully crafted their working strategies to take this into account.

“For the Association for Solidarity with Asylum Seekers and Migrants, we are trying to recommend systems that they can use to solve problems that they have now and can use with their future plans for expansion,” explains Mirabel Ramos, principal program manager.

 With just one week to go until the mission ends, all three SSC teams are deeply engaged in their assignments, trying to accomplish as much as possible and set their clients up for long-term success.

Next week we’ll take a look at the Turkish culture, including some of the experiences that are sure to change how the team approaches their jobs once they are back. We’ll also spotlight Team Flying Broom, sharing an update on their efforts to empower women in this growing region.

Join the team on their journey by following along on the Symantec Service Corps blog, here on the Corporate Responsibility in Action blog, and on twitter using hashtag #SSC15.

Related articles:

• Travel Log Turkey—Week 2: Teamwork in Action
• Travel Log: Turkey—Week 1: Welcome to Ankara
• Making an Impact in Turkey: Announcing 2015 Symantec Service Corps Volunteer Partners

Lora Phillips is Symantec's Senior Manager, Corporate Responsibility.