Quantcast
Channel: Symantec Connect - ブログエントリ
Viewing all 5094 articles
Browse latest View live

SMS spammers hide adult site URLs in YouTube videos

0
0
In a recent adult site scam, SMS spammers were observed hiding links in YouTube videos in order to bypass URL filters.

続きを読む

ランサムウェア: 復活しつつあるマクロ

0
0
ランサムウェアを使う攻撃者が、悪質な Word マクロという古い攻撃ベクトルの復活を図っています。

続きを読む

Simda ボットネット、インターポールにより摘発

0
0
Simda ボットネット(別名 Rloader)が所有していたインフラストラクチャが、インターポールの主導する国際捜査で押収されました。

続きを読む

Windows HTTP 脆弱性のパッチ適用が急務

0
0
最近修正された CVE-2015-1635 の脆弱性を悪用されると、リモートコードの実行と DoS 攻撃を許す恐れがあります。

続きを読む

The Florentine Deception: スリル満点、書評も絶賛、全額をチャリティーへ

0
0
シマンテックのチーフアーキテクト Carey Nachenberg が、胸躍るサイバーセキュリティ小説を出版しました。売上金は全額、慈善事業に寄付されます。

続きを読む

IT Analytics 7.5PS1 Watchpoint for Report Security

0
0

The integration of IT Analytics with the Altiris has improved significantly on the 7.5 platform, and I expect that moving to 7.6 will show more boons once I get the time to test it.

One of the struggles we have had with IT Analytics integration is with security. You see, it's quite easy to be misled that all is well when provisioning your security groups in the console, when in fact it might not be. In our case we need a manual touch to refresh the IT Analytics Report Security every time we on-board a new user.

If anyone spots me doing something wrong here... let me know! The issue I see lays in the significant difference between configuring cube security versus report security.. and perhaps some bad assumptions that I as an Altiris Admin originally made when seeing this up.

Configuring Cube Security

I think the task of vonfiguring cube security is quite nice and the provisioning interface is quite sophisticated,

cube-security_0.png

So here we had just put in our AD groups into the "IT Analytics Users" group and set the schedule to syncronise this with SQL's analysis services. This means that when we onboard a new user, they are automatically synced here by virtue of them being in the "IT Analytics Users" group (which contains a nested group of our AD Altiris roles).

So that's nice. I like it. But the end result of all this is to allow our staff access to all those wonderful ITA reports right? The security here however is handled very differently.
 

Configuring Reports Security

If we look at the reporting object this is what we see,

Report_security.png

Note the absense of any scheduling here, or indeed even roles. 

Now, it's important also to note that all the users you see here in the "Role Members" area were not added individually -they were added by clicking the big blue plus sign and selecting the "IT Analytics Users" group from the picker. But what has happened is that group object wasn't added in this process; rather users within the group were ennumerated and were then added individually.

Once those changes are saved, all these individual users will be sync'd down to SQL's reporting services.

And this is where our problem lies. Everytime we onboard a user, we have to add to the process for someone to navigate to the report security section in IT Analytics, and re-add the "IT Analytics Users" group. This refreshes the membership on the SQL Reporting server and then all is once again well.

But Sometimes....

Only sometimes everything isn't OK -security can actually break entirely with all users getting the error,

An error has occurred during report processing. (rsProcessingAborted)
Cannot impersonate user for data source 'ITAnalytics'. (rsErrorImpersonatingUser)
Log on failed. Ensure the user name and password are correct. (rsLogonFailed)

Luckily we saw this error when we leveled up to service pack 1 so were familiar with the solution.  This can be swiftly solved by re-entering in the our Altiris Service account credentials on the SQL reporting server as per TECH 213502,

https://support.symantec.com/en_US/article.TECH213502.html

In short, suboptimal, but manageable with a sigh.... ;-)
 

BackupExec 15 MSExchange.org Readers Choice Award

0
0
Exchange Administrators vote Backup Exec 15 #1

Image preview

We have some exciting news to share! on May 20, 2015, for the eleventh time in the last twelve years, MSExchange.org readers chose BackupExec as the best Microsoft Exchange backup and recovery solution in the market.  http://buff.ly/1Sh71Yv 

Now let me share a little about the hard road we’ve traveled back to our success, and where we are today.

Back in March 2012, Symantec release its latest version of BackupExec 2012.  This was a major release with a lot of change. However, partners and customer were quick to share their displeasure with some of the changes we made

Based on the feedback we received, our product leadership assembled a highly seasoned team to begin addressing top concerns and quality issues heard from our customers.

We listened to our customers and their needs to address the top call generating issues. Our primary goal was increase the quality to such a level that customers would have the highest level of confidence in future Beta releases to be of production quality, fully supported directly by our developers 24x7.  This allowed us to accelerate our velocity while increasing the quality of he release.

Below are some of our key focus areas which led to adoption of some new best practices for the Product Management team.,

  • Agile Software Development - a combination of software development methods in which requirements and solutions evolve through collaboration across self organizing, cross-functional teams.  This approach promotes adaptive planning, continues improvements, and encourages rapid response to change and faster time to market.
  • Scrum Software Development – This provided us the opportunity to engage customers early and demonstrate our work during our bi-weekly sprint activities. This helped to confirm that we were solving for real-world problems and delivering true customer value.
  • New Operating Framework - a set of proven best practices for managing our products, which make up the portfolio and with the end goal in mind of delivering high-value solutions that customers want to buy.
  • Customer Driven innovation - this has allowed us to spend time listening and observing customers in their day to day environment, and identifying unmet needs to which we can go off and solve.
  • Product Quality Beta – this program gained a lot of attention and as I mentioned before, our customers had high expectations and we delivered.  In fact we set out on a journey to prove BackupExec 2014 was production quality and deployed a team of one engineer and one product manager to multiple customer locations around the Globe!  The customers that were chosen including small, medium and large customers with a mix of physical and virtual environments.
  • Customer Service & Technical Support – we made new investments in improving how we provide service and support.  As we move on past BE 15 we will break out support into each of their respective geographies, providing the best customer support experience.

June 2014 Symantec released its new versions of BackupExec 2014.  We listened and brought back those features that you valued most including multi-server job functionality and the Job Monitor.

Shortly after we release BackupExec 2014, on October 2014 Redmond Third-Party Reader's Choice Awards: BackupExec receives the Redmond “Platinum” Reader’s Choice Award.  More proof that we were back on track!

120px_Platinum.jpg

After the release of BackupExec 2014 we continued to stay focused not only on what we learned, but also areas which we could make improvements based on the new methodologies and best practices deployed.

Based on our velocity and quality through the process, we learned that if we pushed harder we could deliver timely platform support, and move to a quarterly cadence in our release schedule.  This equates to faster time to market, increased quality, timely platform support, and incremental customer value.

April 2015 we release BackupExec 15! 

We proved not only could we continue to increase quality, we could increase performance for backup and recovery, improve GRT (Granular Restore Technology) and overall reliability, as well as deliver DAY ZERO support for vSphere 6.0. 

We also introduced a new lower cost Capacity Edition Lite offering that allows new customers to start small and pay as they grow. For existing customers with active maintenance who want to move from al-a-cart to Capacity, we’ve made it simple.

Some additional areas that continue to show proof that our hard work is paying off:

  • A decline in product related defects.
  • The overall trend and increase in customer and product satisfaction.
  • Faster adoption rate of new release due to moving to smaller quarterly release cadence.
  • Highest Server install rate in the history of Backup Exec
  • Exceeding expectations by delivering new platform support ahead of schedule.  Our goal is Day Zero for new platform support.

We THANK our loyal customers and partners, and we welcome our new customers to the family. You have truly made an impact helping us to improve quality, reliability, and supportability. We hope you see that we are your trusted advisors when it comes to information protection and availability.

As a proud member of the Backup and Recovery Product Management team here at Symantec, we thank you.

Go Veritas!

Free Archive Migration Monitoring

0
0

As many of you in the migration community are already aware, we have recently acquired the Timefinity Group and their Intellectual Property.

Timefinity’s daughter company MigrationForensics, which is now a separate entity and independent from the QUADROtech Group, has offered – until the acquisition of their parent company – for many of their customers a very useful migration monitoring and alerting solution, supporting the monitoring of several migration tools from different vendors.

We’re happy to announce that QUADROtech will continue this service for end-customers and partners for free.

We’re currently building a webpage where interested partners and customers can subscribe to the monitoring and download the necessary cloud monitoring agent. Until this is ready, please feel free to send an email to archive-monitoring@quadrotech-it.com if you want to ensure continuity in the monitoring of your migration.

Besides our ArchiveShuttle Product, TransVault’s Migrator and Sprint, Archive360’s archive2anywhere and Nuix Migrations are currently also supported for monitoring.

In the future, all main QUADROtech products (ArchiveShuttle, PSTFlightdeck and MailboxShuttle), will receive an integrated Monitoring and Alerting Solution based on the Timefinity Monitoring Technology. We will be able to offer a unique solution that is able to monitor not only the migration servers itself, but also the ecosystem related to the migration (e.g. Legacy Archive Servers, SQL Servers, Storage, etc.). Alerts can be configured flexibly and sent via email, Skype/Lync and SMS text message based on several criteria.

QUADROtech, ArchiveShuttle, PSTFlightDeck and MailboxShuttle are trademarks of QUADROtech Solutions AG. All other trademarks are the property of their respective owners.


2015 年版『インターネットセキュリティ脅威レポート』: ますます大規模に、大胆に、機敏になる攻撃者

0
0
シマンテックから、『インターネットセキュリティ脅威レポート』(ISTR)の第 20 号が発行されました。この号では、企業インフラを乗っ取ってネットワークに侵入し、スマートフォンやソーシャルメディアを通じてエンドユーザーを脅迫するサイバー犯罪の手口を報告しています。

続きを読む

マイクロソフト月例パッチ(Microsoft Patch Tuesday)- 2015 年 4 月

0
0
今月は、26 件の脆弱性を対象として 11 個のセキュリティ情報がリリースされています。このうち 13 件が「緊急」レベルです。

続きを読む

アマチュア攻撃者でも IaaS クラウド上の膨大な数のファイルからデータ盗取が可能

0
0
比較的スキルの低い攻撃でも、セキュリティが万全ではない IaaS クラウド環境にある 11,000 以上のファイルからデータを盗み出すことができました。

続きを読む

『ブレイキング・バッド』に登場する「ロス・ポジョス・エルマノス」を利用した暗号化ランサムウェアが活動中

0
0
オーストラリア国内のコンピュータに影響する暗号化ランサムウェアが、身代金の要求に『ブレイキング・バッド』のネタを利用しています。

続きを読む

マイクロソフト月例パッチ(Microsoft Patch Tuesday)- 2015 年 5 月

0
0
今月は、46 件の脆弱性を対象として 13 個のセキュリティ情報がリリースされています。このうち 21 件が「緊急」レベルです。

続きを読む

なりすましフィッシング詐欺が Yahoo! に出現し、2 段階認証がさらに重要に

0
0
Yahoo! メールのアカウントとアドレス帳が、家族の「緊急事態」を装うなりすまし詐欺に利用されています。

続きを読む

SMS を利用するスパマー、アダルトサイトの URL を YouTube 動画に秘匿

0
0
最近のアダルトサイト詐欺で、SMS を利用するスパマーは URL フィルタをすり抜けるために YouTube 動画にリンクを隠していることが判明しました。

続きを読む

ソースの確認を忘れずに! トロイの木馬が仕込まれたオープンソース SSH ソフトウェア

0
0
攻撃者がオープンソースの SSH ツール PuTTY の悪質なバージョンを作成し、リモートコンピュータに不正アクセスして情報を盗み出そうとしています。

続きを読む

ケチな犯罪者に対する報復機能を備えた CarbonGrabber の亜種、Rombertik

0
0
広く報道されている内容とは異なり、Rombertik の破壊機能はセキュリティ研究者を標的にしたものではありません。

続きを読む

2015 User Summit - Inventory & Software – Gathering, Detection and Deployment Methods (Lab)

2015 User Summit - Achieving Software License Compliance with EPM Solutions (Lab)

2015 User Summit - Managing Servers with Server Management Suite (Lab)

Viewing all 5094 articles
Browse latest View live




Latest Images