Computer programming jobs are growing at two times the national average, and by 2020 there will be 1.4 million computing jobs. However, by that same five year time period, there will only be 400,000 computer science students. At that rate, there will be 1 million more jobs than students by 2020. This is a concerning statistic that not only impacts our students’ futures, but also our company and our global economy.

Addressing this discrepancy begins in our classrooms, and with only 10% of U.S. schools teaching computer science, there is plenty of room for improvement.

Symantec’s goal is to excite, engage and educate students in STEM, with an emphasis on computer science and cybersecurity. One of the primary ways Symantec has a positive impact on local communities is through our volunteer efforts. We believe that the communities where Symantec maintains offices should be stronger and more vibrant because of our presence and that our employees are best positioned to understand the needs of their communities.

Symantec recently launched the Take 5 Volunteer Challenge, a campaign that encourages employees to volunteer 5 hours in FY16. Volunteers also increase their impacts through logging time and donating funds through our Dollars for Doers program.

Our CTO saw this as an opportunity to contribute to a non-profit that is directly addressing the skills gap by exciting students about computer science. Recently launched, the CTO Challenge has a goal to involve at least 80% of department employees to volunteer with Code.org in FY16.

Code.org, founded in 2013, is dedicated to increasing participation in computer science by making it available in more schools. The nonprofit also focuses on growing participation from underrepresented groups, such as women and students of color. You may remember Code.org’s Hour of Code event that Symantec sponsored last year during Computer Science Education Week in December. This global initiative reaches millions of students in over 180 countries.

Code.org and Skype in the Classroom have partnered to create a new program that allows Symantec employees to guest lecture in classrooms across the world from their home or office! The 20-30 minute speaking engagements allow tech professionals to teach children about their job, career path and education all via Skype. As part of the CTO Challenge, the volunteers commit to visiting four (or more) classrooms over the course of the next school year. 

All Symantec employees are eligible to participate in this program. To apply, go to https://www.skypeintheclassroom.org/apply.

Symantec employees, Lily de los Rios and Darren Shou, pledge to volunteer in the CTO Challenge!

Community Relations partnered with the Mountain View and Culver City Cutting Edge events to get the word out about this great opportunity. We were thrilled that 64 people signed up in Mountain View and 69 people signed up in Culver City. Symantec is committed to building bright prospects for our students and future talented workforce!

Check out this video to learn more about this new Code.org program:

Lily De Los Rios is Symantec's VP, Engineering

According to Symantec’s 2015 Internet Security Threat Report, Vol 20., attackers are exploiting vulnerabilities more rapidly than companies can defend against them, indicating a higher level of sophistication from cybercriminals. Enterprises now face adversaries who are adapting tactically, not just technically to circumvent defenses.

“It’s the natural reaction of a determined and intelligent adversary,” says Jon DiMaggio, Chief Analyst, DeepSight Managed Adversary and Threat Intelligence (MATI) team. “Tactical innovation is about going around the problems of a victim’s defenses, rather than trying to go through it.”

The result of this attack trend is known as an asymmetric cybercrime threat.

Asymmetric Cybercrime Threat

Simply defined, asymmetric cybercrime is the employment of conventional malware in unconventional ways against a stronger target. It’s like guerilla warfare where cybercriminals use commodity malware (malware that is readily available and widely used) to try to blend in with all the threat “noise” as they attack usually larger organizations.

And traditional cyber threat intelligence is losing the battle against these nimble, innovative, and determined adversaries.

“Technical indicators from sensors are necessary, but not sufficient to address the threat posed by these attackers,” says DiMaggio. “Without combining technical knowledge of malware and command-and-control infrastructure with intelligence on the plans and intentions of adversaries, it's impossible to proactively defend against the unconventional tactics that they will employ.”

It’s only the Zeus malware; no need to drop everything, right?

Wrong.

Zeus, or Zbot, is one of the largest botnets and malware packages on the Internet—and it’s a common favorite of these asymmetric threat adversaries. Organizations can see thousands of Zbot detections a day. Because there’s so much “noise” with commodity malware, there’s a good chance the victim will not look into the threat sufficiently to notice when it’s targeted against them. These attackers, then, can steal what they need without being discovered—or until it’s too late.

Leveling the Playing Field - DeepSight Managed Adversary Threat Intelligence (MATI)

“Enterprises should weigh the importance of attack actors associated with threats as heavily as they do network and file-based technical indicators,” advises DiMaggio. “Satisfying requirements for that attack actor information should be a key component of how enterprises assess the value of their intelligence sources whether internal, open source, or commercial.”

However, many organizations lack the staff and resources to obtain that threat intelligence.

DeepSight’s Managed Adversary Threat Intelligence (MATI) reporting provides enterprises with a deep level of actionable intelligence and insights on asymmetric cybercrime threats.

“Symantec combines the unique attack surface visibility that we have through the world's largest private sensor network with a proactive actor intelligence capability that we've built with a team experienced in intelligence operations and cybersecurity,” says DiMaggio.

Key benefits include:

• Ability to predict the lifecycle of threats (early warnings) based on monitoring

• Focus on the identity and motivation of attackers

• Strategic and tactical intelligence to support executives, threat analysts, and network defenders

• Leading (vice lagging) indicators

• A highly experienced Symantec team of intelligence analysts

“We don't just deliver actor intelligence that is interesting; we combine it with technical attack data to make it relevant to our customers who need to know if they are a potential target based on their industry, geography, IT dependencies on other organizations, or association with newsworthy events,” explains DiMaggio. “We deliver this intelligence across a range of threats: cyber espionage, crime, and hacktivism.”

DeepSight’s MATI reporting combines attack actor information with technical data to give enterprises a proactive stance before and after the threat occurs.

Symantec’s Managed Adversary and Threat Intelligence (MATI) team of intelligence analysts are dedicated to understanding the adversary ecosystem, proving insightful reports on adversary plans, tactics, tools and attack campaigns. Overall, the MATI team empowers organizations with actionable insights to better prepare for, indentify and combat their adversaries.

In the upcoming months, DeepSight’s MATI team will be publishing a series of blog articles offering further insights on the changing threat landscape.

Stay tuned!

For additional insights, read: Forrester Report for Security & Risk Professionals: Use Actionable Threat Intelligence To Protect Your Digital Business

Learn more at Symantec DeepSight Intelligence: https://www.symantec.com/deepsight-products/

Please find below the most frequently asked GSS 3.0 Education/Documentation questions:

Q: I know the beta release had the BetaGuide doc released with it, but for those of us that are not familiar with the GUI of DS6.9, what is the timeline on updated docs? Would it be beneficial to follow the DS 6.9 user guides or wait for gss3 updated docs? 
A: GSS 3.0 will have a full user guide included. The DS 6.9 guide will get you most of the way there though so this will be a good starting point. Make sure you check out the how-to videos on ghost.com.
 
Q: Does the GSS 3.0 downloads include the manuals on PDF?
A: Yes, although we update our docs all the time and getting them our KB is the best option: http://www.symantec.com/docs/DOC8558   
 
Q: when will 3.0 or 3.1 be covered in Symantec eLearning?    
A: That’s currently being worked on. We will update everyone as soon as it is available. As we have incorporated much of the Deployment Solution 6.9 product the e-learning for this will still be 90% valid and will add a lot of value. http://go.symantec.com/educationelibrary

Please find below the most frequently asked GSS 3.0 Automation/PXE questions:

Q: Is there any intent to bring over the 'Automation Folder' concept from 7.6 for those that don't want to use PXE?
A: We have automation partition functionllaity already built into the product. It's not identical but we plan to converge these technologies over time.
 
Q: Virtual partition is very important to us ....PXE is not setup in our 2500 computer environment
A: We are working on the one click virtual partition functionality and plan to have this available soon.
 
Q: Can GSS 3.0 utilize PXE from Altiris DS 7.5 PXE site servers?
A: No, the PXE services will need to be managed separately. 
 
Q: Self service imaging ....will there be a way to setup specific people with the ability to image specific groups of computer?
A: Security in the console is available to be able to restrict what administrators can do. There is however another step we need to take to make this a self serve model which we’re looking into. The best solution in the short term might be this (http://www.symantec.com/connect/downloads/imageinv...) from one of our trusted partners. It is currently being reviewed to make sure it’s compatible with GSS 3.0 but is a very neat solution.
 
Q: I see incremental imaging as a possible future option. Will we be able to image an online client like in GSS 2.5 or will it require a reboot to a different environment?
A: To support hot imaging we need to expose this in the UI which we’re working as fast as possible to do. The underlying functionality is still there as the Ghost tools are the same, this is simply one option that we didn’t have time to add.
 
Q: Will GSS 3.0 support BootCamp on Mac hardware?
A: Currently we haven't looked at bootcamp, but it's something we can consider for the future.  
 
Q: Will you be improving the TFTP process so it can be tuned for faster transfers?  I use a separate TFTP server and can download a wim file in under 10 seconds.  The MTFTP with GSS3.0 is very slow.
A: We have this in our backlog to be addressed, we know it's slow and are looking to improve things.  
 
Q: There are several instances in our environment where we leverage Automation Partitions within the DS 6.9 product.  If you plan on continuing to offer this feature, are there plans to make it fully compatible with native UEFI ?
A: Yes we still support this functionality and are working on improvements to make sure it's 100% compatible.  
 
Q: Will an individual have the opportunity to use legacy versions of WinPE?  That is, if there is a need for WinPE 3.X instead of WinPE 4.X/5.X will you have the opportunity to use that in place of newer versions of WinPE ?
A: In the next version we plan to support multiple versions of WinPE (most likely from 3.1 to 5.x)  
 
Q: Do I download the Win 8.1 ADK even if I do not have any 8.1 machines?
A: Yes  
 
Q: Does UEFI PXE boot work well? Or is CSM/Legacy BIOS still required?    
A: UEFI PXE boot is supported.
 
Q: Can we add our own Linux PXE images to the PXE boot menu?    
A: Yes, there is a user supplied option.
 
Q: I have started to install the trial - is PXE required?
A: We have a couple of different automation partition options available so PXE is definitely not required.
 
Q: ­We can not use PXE, because it is used by another service in our SUBnets. Can you create one like the Legacy Disk Creator.­
A: ­We already have some local automation boot options out of the box and we're also currently working on restoring the one click virtual partition type functionality that was in GSS 2.5. ­
 
Q: ­Is it possible to convert a boot disk to an executable that can be used to boot into the Ghost environment from a remote system's desktop?  I seem to remember this being an option in the days of PowerQuest.­
A: ­We are working on this as part of our effort to restore the one click virtual partition functionality.
 
Q: ­Can we use any linux kernel we want, or is this restricted?­
A: ­Some customers have created their own boot disk images with a custom kernal but we don't support that by default. We look at the kernal version we use with every release we put out to keep it as up-to-date as possible.­‑

Please find below the most frequently asked GSS 3.0 Software/Inventory questions:

Q: Is there any plan for a self service software feature? 
A: This is something we’re thinking about. It is possible to build this via workflow as the API we have available is very straightforward to integrate with.

Q: Is there any plan for a self service software feature? 
A: This is something we’re thinking about. It is possible to build this via workflow as the API we have available is very straightforward to integrate with.

Q: Will it allow the creation for inventory reports ?
A: GSS 3.0 has a high level inventory function but currently does not run any reports.

Please find below the most frequently asked GSS 3.0 OS/Platform Support questions:

Q: When is Mac OS going to be supported?
A: We support this today as a management only option. We are currently discussing whether to add native mac imaging to GSS 3.0.
 
Q: Windows 10 support? At release (Summer 2015) or Release plus ~9 months (Spring 2016).
A: We are already working on Windows 10 support. Our plan is to add this as soon as possible after GA. This will be dependent on what changes are required but we already know that Ghost seems to work with Windows 10 which is a good start.
 
Q: Will GSS 3.0 work with SQL 2008\2012
A: Yes.
 
Q: Is Windows 2003 Server still supported?
A: We did not test Windows Server 2003 as it's about to go out of support.
 
Q: In the Boot Disk Creator and the PXE config there were greyed-out checkboxes for DOS.  Are you still going to support DOS boot disks for faster PXE transfer vs. WinPE?
A: Unfortunately we no longer support DOS and this will be removed at GA.
 
Q: ­Can this product be installed on Windows 7 64 bit? Or does it need to be on Server 2012 r2?
 
A: ­Right now we have only certified on server operating systems but we're looking to spend the cycles to certify on desktop operating systems. We know from a resource perspective there wont be any problems but we anticipate there will be some technical issues. The Ghost Standard Tools can be installed on a desktop.
 
Q: ­We currently use GSS 2.5 installed on laptops to image on local Lans without the need to have traffic across WAN on different subnets and enables onsite management.  We use windows 7.  So this new solution only runs on server operating system?
A: ­Right now we have only certified it on server OSs but we do have customers using our technology on desktops. We're working on it.
 
Q: Does GSS 3.0 support GPT partitions for EFI images?    
A: We still have a couple of gaps we’re working on as quickly as we can.

Please find below the most frequently asked GSS 3.0 Console questions:

Q: Can multiple consoles be accessed from different computers simultaneously?...unlike GSS 2.5
A: Yes, you can install remote consoles.
 
Q: Will the console incorporate an Active Directory import for Computer records?
A: Currently this is not an option but with the added dynamic machine group functionality we can take another look at it.
 
Q: Is there an option in the console to Secure wipe a lab of computers? or 1? a DOD erase?    
A: We don’t have this built-in, but you can certainly create and execute a job with an external tool.    
 
Q: Will there be an option to have the Label Match the PC name that was pushed out? Like a check box or something to have the label automatically change to the PC name?    
A: If you mean within the console, this can be done as follows:
Tools ---> Options
Global Tab
Check "Synchronize display names with computer names"
 
Q: ­Will the Web Console be available as well as the 32-bit console?
A: ­We have this as one of our next items to look at. We have a couple of options on the table, either restoring the web console we have in DS 6.9 or hosting something in our new unified cloud platform. We'll announce updates as we have them.
 
Q: ­What are the recommended max concurrent GSS Consoles that are open connecting to one GSS server?
A: This is dependent on several factors including network speed and hardware specification. We do not set a logical limit and have customers using many consoles. We are working on some scalable web console options to help with deployments.
 

Summertime usually means barbeques and vacation time. But for some students in the UK, it’s been a summer of science, technology, engineering, and math (STEM) related youth competitions and Symantec employees have been busy participating as mentors and judges to these young people. The TeenTech Awards and Go4SET competitions challenge students to develop innovative, technological solutions to modern-day problems and present their ideas to a panel of judges. Inspiring the future leaders in STEM is a philanthropic priority for Symantec and supporting youth through mentorship and other volunteering opportunities opens up their future to all the potential of STEM careers.

Today we hear from Siân John, EMEA Chief Strategist at Symantec, and Peter Grimmond, EMEA VP Technology Sales and Services for Veritas, regarding their experiences mentoring students in STEM.

Symantec Judges the Safety and Security Category at the TeenTech Awards by Siân John, EMEA Chief Strategist

Imagine cyclists wearing jackets lit up by LEDs, solar powered emergency streetlights, and sunglasses that monitor epilepsy – sounds like a futuristic movie. The reality is that each one of those seemingly farfetched ideas are actually developed concepts that were recently awarded as clever technological innovations. What’s more impressive is that these ideas came from students aged 11 to 16 years old. The TeenTech Awards asks UK students to not only dream up, but also develop concepts that “could make life easier, simpler, or better.” Almost four hundred teams, of up to three pupils each, submitted their ideas within ten categories.  On June 22nd ten winners, one in each category, were announced at the Royal Society in London. 

Representing Symantec, I was able to participate as a judge for the Safety and Security category. The students at the TeenTech Awards were inspiring. The room was full of inventive and innovative ideas from many children. The winners of the Safety and Security category were to Rosie, Isabel and Ella from Sandbach High School for creating solar powered emergency street lighting. It was evident these students spent a lot of time researching how their product would work, materials, use cases and how solar power switches operate most efficiently.

Congratulations to Rosie, Isabel, and Ella from Sandbach High School– winners of the Safety and Security category of the TeenTech Awards 2015, judged by Symantec.

Presenting to the Duke of York at the Royal Society in London.

The finalists of the Safety and Security category were all extremely impressive. The runners up developed a cardio rhythm enabled bracelet to be used as an access card. “During the last few days I’ve been reviewing the Oxford and Royal Holloway Centres for Doctoral Training in CyberSecurity. One of the Doctoral trainees at Oxford came up with a very similar idea – this shows just how advanced these ideas are from the 14 and 15 year olds in this competition,” John mentioned.

Top, the highly commended second place team from Loughborough Grammar School and their idea, AssuRFID. Bottom,, the third place team from Birkdale School and their Citizen Alert

The Little Einsteins WIN at Go4SET! By Peter Grimmond, EMEA VP Technology Sales and Services for Veritas

The culmination of a ten-week STEM project came to a close on July 3rd when students from across the UK came to the University of Westminster in London to present their projects to a panel of judges. The Engineering Development Trust (EDT), a non-profit that delivers over 30,000 STEM activities for UK youth each year, organizes this national STEM competition for students aged 14 – 15 years old to encourage school children to pursue a path in STEM. The student teams partner with mentors from universities and STEM related employers to develop and present a project that applies to a real world setting.

I had the opportunity with Helen Gallick, Veritas Northern EMEA Enablement Lead, to mentor a group of six girls from the Reading Girls High School to guide them with the project. “We chose Reading Girls High School because we want to encourage more women to enter into the tech space,” Helen Gallick said. The competition, sponsored by Mastercard, challenged the pupils to come up with an idea that would look at the future of money and how people would be paying in the future.  

The Little Einsteins, as the girls decided to call their team, went straight for it! For ten weeks Helen and I spent a couple of hours each Friday to help steer them. We first looked at the history of money to start brainstorming about the idea. We helped them get structured and guided them on their individual roles. It was a great opportunity for the girls to learn about teamwork and leadership. As mentors, we were involved with the development of the idea and worked with them to produce a model and the five-minute presentation. The girls even had the opportunity to visit Symantec and presented their pitch to the Senior VP for EMEA Sales, Matthew Ellard.

The Little Einsteins visit the Symantec UK office Green Park Reading.

On presentation day, the Little Einsteins pitched to a panel of judges, business people, teachers, guests and mentors, answering questions and showcasing their design. The pupils did an outstanding job and won the category of “The Pupils’ Vote” for the whole competition, securing first place, the winners! An exciting addition is that as a result of the high standard of their entry and idea, the Little Einsteins have been invited back to MasterCard in September to pitch their idea in a Dragon’s Den fashion, and they were the ONLY team to be invited from the whole competition! Their idea, the E-Wallet, solved the problem of carrying around a wallet by replacing it with a wearable token (which can be a bracelet, cufflink, key-fob or necklace). The user touches their token on the in-store point-of-sale terminal which then further authenticates the individual through a retina scan before giving the person a choice of credit cards and also suggesting loyalty cards to use for the purchase. I was refreshingly surprised by their innovation and drive!

The Little Einsteins present their E-Wallet project to a panel of judges at the Go4SET competition hosted at the University of Wesminister in London. They won first place for the ‘Pupil’s Vote’ award! 

Helen and I continue to mentor the girls in preparation of their upcoming pitch in September. During this next phase they will develop their idea further and improve the wider business plan, explore the whole business process, research the target market, how to price their product, and understand the competition. “It was so inspiring watching these girls grow and it’s satisfying to know that projects like this help safeguard their future. They are getting access to employers, demonstrating self-discipline, and I was really impressed by the complete and utter motivation the girls had to win. I’m passionate about helping young people and this was a brilliant experience for these girls, to see how something starts, gets created and presented, especially with the strong technology focus,” said Helen.

“I think Symantec, through its corporate responsibility efforts, provides a vehicle to give back to our communities, and to do it well. If you have the passion, you don’t have to seek the opportunities; they are there. I use to run my own company prior to joining Symantec, and I always wanted to mentor or to participate in other volunteering initiatives, but I never had the vehicle. With Symantec, it’s there. It’s really very rewarding and we’re lucky because we have a means to accessing all these opportunities through Symantec’s corporate responsibility,” Helen said.

To learn more about Symantec’s Corporate Responsibility, visit us here.

The IT Resilience landscape has been rapidly changing over the past several years - as Gautham notes in his “Time Machine” blog article,  IT Business Continuity strategies now are all about proactive detection, instant recovery and total predictability – and rightly so. Last week, we announced General Availability of Veritas Resiliency Platform– a solution that’s architected to future-proof your IT Resiliency Strategy with three key principles:  Predictability, Automation and Simplicity.

Predictability in meeting stringent SLAs

Can you confidently and consistently forecast your ability to recover IT Services within your slated business Service Level Agreements (SLAs)? Your answer will reveal the effectiveness of your IT Service Continuity strategy to effectively handle any event that impacts availability – a sudden spike in the workload demand or recovering from a natural disaster.

Resiliency Platform builds complete predictability into your IT Resiliency strategy. In real time, you can stay informed on how your applications are tracking to Service Levels of Availability across your many data centers through the centralized dashboard. You can even simulate a downtime event and rehearse your recovery end-to-end. Further, Resiliency Platform keeps an eye out on your behalf and proactively flags any recoverability risks that could impact you at a later time, if not identified and corrected.

Workload Automation for Recovery Procedures

When you have to recover an entire data center within a scheduled maintenance window, or in response to a natural disaster, working through a complicated sequence of manual steps can be daunting. With Resiliency Platform, you no longer have to work through rambling runbooks – recovery is fully automated and available with a single click through the user interface. Start the recovery and watch Resiliency Platform automatically drive through the complexities of storage, compute and application recovery!

Resiliency Platform also simplifies how you manage your multi-tier IT Services. You can now confidently choose the right virtualization solution and the right operating system for each component of your multi-tier IT service – Resiliency Platform seamlessly manages and orchestrates your IT Service across all these heterogeneous physical/virtual tiers, abstracting away the layers of complexity from your daily operational experience.

Simplicity of a single resiliency solution

Service Level Agreements are defined for your applications – not for your virtual machines! At Veritas we understand this completely - Resiliency Platform provides an Application-first attitude to recovery and visibility. Regardless of whether your applications are running in physical or virtual environments, or whether your applications are consolidated into single tiers or distributed across multiple tiers, you can protect all your applications with a few quick clicks through Resiliency Platform.

We also understand that one size does not fit all when it comes to architecting your Business Continuity strategy – scheduled maintenance on a single compute rack should not require you to fail over an entire site! Resiliency Platform allows you to protect a single application, a group of Virtual Machines, a multi-tier IT Service or an entire site, placing resiliency control back in your hands.

As your enterprise continuously innovates to meet changing business needs by adding new applications, new virtualization technologies and new compute choices, Veritas Resiliency Platform empowers you to stay ahead of the game and ensure 24x7 Business Continuity.  Veritas Resiliency Platform is now available for download – enjoy a 60 day free trial to explore its many powerful features!

Hello,

If you are planning to Install OR Manage Symantec DCS/CSP here are the few Quick Articles which may assist you with an Easy Process.

1) Logging into the DCS Management Console
https://www-secure.symantec.com/connect/articles/logging-dcs-management-console

2) Database Population FAILED... / MDAC errors when install DCS.

SCSP - Error "Database population FAILED" and "MDAC"]
http://www.symantec.com/docs/TECH182922

[Error installing SCSP 5.2 - Unable to connect to the specified Database. Please verify the Database settings and MDAC installation. Proper installation of MDAC 2.7 SP1 or higher is required.]
http://www.symantec.com/docs/TECH114784

3) DCS Agent does not successfully connect to the DCS Manager
https://www-secure.symantec.com/connect/articles/what-do-symbols-sdcs-console-mean

4) Is there a “best practices” guide for DCS 6.x?
https://symantec.gosavo.com/Document/Document.aspx?id=35165876&view=&srlid=33773358&srisprm=False&sritidx=5&srpgidx=0&srpgsz=7

5) Can I specify a proxy server for the reputation lookups in DCS?
https://www-secure.symantec.com/connect/blogs/specify-proxy-server-reputation-lookups-dcs

6) How to migrate/upgrade a SCSP/DCS database/server to a new instance.
https://www-secure.symantec.com/connect/blogs/how-migrateupgrade-scspdcs-databaseserver-new-instance

7) What do the Symbols in the SDCS console mean?
https://www-secure.symantec.com/connect/articles/what-do-symbols-sdcs-console-mean

8) Resetting your password in Data Center Security
https://www-secure.symantec.com/connect/articles/resetting-your-password-data-center-security

9) Are there any “best practices” / “tuning” guides for the SCSPDB database for best performance?
https://support.symantec.com/en_US/article.TECH112966.html

10) How can I whitelist an application / custom application in the IPS policy?
https://www-secure.symantec.com/connect/blogs/how-can-i-ignore-ips-events-i-do-not-want-see

11) How can I ignore IPS events that I do not want to see?
https://www-secure.symantec.com/connect/blogs/how-can-i-ignore-ips-events-i-do-not-want-see

On July 29th, Microsoft will be releasing their next major operating system, Windows 10. Unlike previous OS upgrades, this version does not require users to purchase the new OS. The existing Windows 7 and 8 end users might initiate an upgrade directly on their computers, making it more difficult for IT admins to enforce version control. 

At Symantec, we are committed to ensuring our customers: Symantec Endpoint Protection 12.1, Symantec Endpoint Protection Small Business Edition (hosted version) and Symantec Endpoint Protection Small Business Edition (on-prem), remain fully protected across all operating systems. 

For Symantec Endpoint Protection 12.1, a maintenance patch release will be available on July 29, 2015. Customers will need to be current on maintenance to receive the maintenance patch update. For more information, visit our SEP 12.1 Windows 10 Knowledge Base.

Customers using Symantec Endpoint Protection Small Business Edition (hosted version) will experience an automatic system update on computers via Live Update targeted for July 29th. From July 29th onwards, any new endpoint installs of the hosted version of Symantec Endpoint Protection Small Business Edition will automatically have their machines protected should they wish to upgrade to Windows 10. Similarly, from July 29th onwards, any existing Symantec Endpoint Protection Small Business Edition customers will receive targeted patch updates to protect their machines on the new Windows 10 platform. These patch updates will automatically be rolled out later via Live Update to all endpoints, whether they are moving to Windows 10 now or at some point in the future.  This effectively allows IT  Administrators to proactively protect endpoints that move to Windows 10 at a later date. Existing customers must be on a current subscription to take advantage of these patch updates. Symantec Endpoint Protection Small Business Edition will automatically notify IT Administrators if any users decide to upgrade to Windows 10 without informing IT. In these instances, a new patch for Windows 10 will be pushed out to protect these user’s machines within a 1-2 hour window.  Symantec will also provide guidance for IT Administrators who wish to avoid this 1-2 hour window and push out the patch update immediately – this guidance can be found on Symantec Knowledge Base.

For customers currently running Symantec Endpoint Protection Small Business Edition 12.1 (on-prem), which has now reached End-of-Life and will not support Windows 10, you will need to migrate to the hosted edition in order to receive protection for Windows 10 systems.  Endpoint Protection Small Business Edition (on-prem) customers can migrate to the hosted edition.  For information on our automated migration process, visit: go.symantec.com/sbemigration

Symantec would like to introduce the new CryptoExec API exclusively for Symantec Website Security business partners.  CryptoExec, a free-to-use API, links cPanel and WHMCS to automate the SSL issuance process to mitigate errors and remove the manual steps in ordering and administration of SSL certificates for customers.  The intuitive and easy to use GUI helps customers buy and install SSL certificates.  Here is how:

WHMCS Benefits

The solution enables partners in the Symantec Website Security Partner Program to utilize the popular WHMCS for billing/procurement of Symantec, GeoTrust, RapidSSL, and Thawte SSL and code-signing certificates and provide a shopping cart experience.  The partner can offer the certificates and Trust Seals through WHMCS. 

One other advantage of the solution is the flexibility offered through the support for either a voucher-based path or a classic SSL-based path. The voucher-based path is recommended for partners who have both cPanel and WHMCS so a customer can buy vouchers in WHMCS and redeem them in cPanel. The classic SSL path is recommended for partners who use WHMCS but not cPanel. 

cPanel Benefits

CryptoExec can also be used within cPanel, the popular control panel solution for hosting providers. Partners can utilize this solution to redeem vouchers purchased through WHMCS and automatically install all SSL certificate types without any manual intervention.

Through cPanel, the Certificate Signing Request (CSR) generation is completely automated for partners who support both WHMCS and cPanel.  Additionally, the end customer will see live status messages on the progress of the certificate’s validation and installation.  cPanel will also provide a list of existing Symantec SSL certificates and the details related to each certificate. Through CryptoExec the complete lifecycle of an SSL certificate is covered; users can reissue, revoke and renew all SSL certificates through this solution. 

For WHMCS

1. Download Symantec™ CryptoExec for WHMCS directly from Symantec’s Knowledge Base

2. Add the module to your WHMCS installation

3. In WHMCS, setup few initial product configurations and your customers are ready to start purchasing Symantec Products!

For WHMCS and cPanel

1. Download Symantec™ CryptoExec for WHMCS and Symantec™ CryptoExec for cPanel directly from Symantec’s Knowledge Base

2. Add the module to your WHMCS and cPanel installations

3. Within each system, setup your initial configurations and your customers are ready to start purchasing Symantec Products!

To learn more about CryptoExec or the Symantec Website Security Partner program email us at website_security@symantec.com. 

For CISOs operating in today’s cyber environment, the world they face is a difficult and challenged one. Against the imperative to defend their enterprises from increasingly sophisticated and relentless advanced cyber attacks, they must also face the possibility – even the likelihood – that their systems have already been compromised. And that compromise may have been enabled by the failings of their own employees.

The more widely accepted reality that a breach is inevitable, or indeed active, should serve as a huge ‘red alert’ for all CISOs to act now. The big question is how to respond. A critical defence must be a highly aware and enabled workforce that can spot potential cyber incidents and keep the enterprise safe.

First and foremost for any security awareness effort must be effective organisational change that leads to long lasting positive behavioural change.

This calls for an effective, carefully planned programme, with realistic expectations. No organisation should underestimate the time it takes to get this right. While it may run a six- to nine-month security awareness campaign, in reality it takes two years plus to change the culture. Failing to recognise this may compromise how effective its cyber security awareness campaign is, with the full benefits failing to filter through.

The brutal reality is that many such awareness programmes fall woefully short of the mark by being incomplete or poorly managed. Interestingly, the Information Security Forum (ISF) recently released a report where it asked its members about their own approach to security awareness. “Only 41% of Members providing data for this Report rated their awareness programmes as ‘good’ or ‘very good’; the remaining 59% rated their efforts as ‘needing improvement’. Most importantly, none considered their efforts to be ‘excellent’ indicating there is room for improvement for nearly all organisations,” the ISF states.

It is paramount therefore that the business determines from the outset what the right security outcomes are to be. For example:

• What would be different if employees put security first?
• What behaviours would or would not exist?
• How would those behaviours be tested?
• How does the business articulate its security expectations of employees?
• How does the business use positive reinforcement for secure behaviours?

Equally crucial is that the metrics used to measure secure behaviours are properly assessed, in order to understand to what extent they really do indicate secure behaviours – rather than simply awareness of policy. Also, unless all stakeholders actually buy into the metrics being used, and are able to deal with the changes expected as improvements are made, behavioural change on the scale envisaged will not be achieved.

TRAINING: A VITAL FACTOR

What about training? What role should it have in explaining the impact of information risk decisions to the organisation as a whole? A vital one, is the answer. And not just in the classroom. Organisations need to align security awareness training to the principal business risks they face at every turn. If the business is an on-line provider, say, or using that medium, training must reinforce everything from ‘Don’t Click It!’ warnings to awareness of the URLs on certificates when making a payment. The majority of organisations don’t do so – and that must change.

Simulating real-world attacks is another key component, delivering as it does an immersive and interactive experience that elevates security awareness to a pitch that traditional security education cannot reach. Symantec’s Security Simulation platform, for example, provides multi-staged attack scenarios, allowing participants to take on the identity of their adversaries to learn their motives, tactics and tools. This enables participants to assess their game performance and provides structured guidance for future skills development. It also allows security leaders to strengthen their team by providing insight into individual and collective performance, visibility of functional gaps within the team and the option of performing pre-hire skill assessments.

Live-fire simulation helps to create an organisation that is constantly advancing its skills in forensics, ethical hacking and other mechanisms to combat and ward off advanced targeted attacks. To the well-known dictum, ‘Know thy enemy’, cyber security awareness advocates might add: ‘…without them getting too close to you’.

Your people are your greatest strength but also, potentially, your greatest weakness. Effective cultural change to enable cyber awareness as part of the organisations DNA not only is good practice, it is one of the most effective things organisations can do to lower the enterprises risk from cyber threats.

We've been testing out GSS3HF1 and we're seeing here an apparently random peculiarity with DAgent crashes. Machines when booting into WinPE5 will just sometimes have an agent crash as shown below,

We've opened a case with support, but it's puzzling.

I can deploy a machine a dozen times, and not see this. Then we'll get period where it happens with a high probability... then just as frustration peaks it vanishes again. This suggests an environmental factor creeping in that eludes me. 

We've initiated thousands of deployments with the Altiris DS6.9 engine in this environment and have never seen this issue (we still have Altiris DS6.9 running in parallel to GSS and still no issues).

I know we aren't alone as I have another collegue in the UK report this for his new GSS installation too. One thing in common that we have is that GSS3 also seems to be automatically, though not consistently, resheduling jobs to 2071 on completion.

What I'm doing at the moment to track this is turn on agent logging in automation as per HOWTO:3066 and using WinCrashReport to collect crash data. 

Environment Details,

1. Fresh GSS3 install on a 2012 VM
2. GSS install is a simple install
3. No drivers added to automation, and no other tools added
4. Clients are physical clients on the same subnet as the server.
5. Have seen issue on various Dell models (9010, 760, 990), a Fujisu 420, and a Viglen Genie (whitebox hardware that's 100% intel inside).
6. Clients are PXE booting
7. No other software installed on Server (not even AV)

I've tried artificially loading the network and server to force this -all to no effect. I've also tried randomly disconnecting Agent comms -but all these outages are handled smoothly by the agent (which is a credit to it).

Anyone else seen this?

Nelson Mandela once said, “We can change the world and make it a better place. It is in your hands to make a difference.” In commemoration of the great Nelson Mandela, the global community celebrates International Mandela Day on his birthday each year. It is a day to honor the many ways Nelson Mandela gave back to his community and the world. On July 18th, International Mandela Day asks that everyone give 67 minutes of their time in service to others, signifying the 67-plus years that the former South African President spent dedicated to promoting a culture of peace and freedom, and helping our world.

With offices all around the world, Symantec strives to make a positive impact in the local communities where we operate. We reach communities in multiple ways such as financially supporting our non-profit partners, organizing employee volunteer events, and supporting our employees in their own personal volunteer work. Our Matching Gifts and Dollar for Doers programs allow employees to make double the impact by matching employees’ contributions to non-profit organizations.

The “Take 5” Volunteer Challenge

This quarter we are asking each employee to “Take 5” hours of their time and give back by volunteering. This can be as easy as virtual volunteering in thirty minute increments from their desk or homes with Code.org’sSkype in the Classroom program.  Since the volunteer challenge launched in mid June we’ve already had 133 Symantec employees sign up for Skype in the Classroom – that alone is 665 hours of giving back!

As many of our employees have experienced, volunteering is very rewarding. We recently highlighted some touching personal mentoring stories that show just how much we can each make an impact. Brian Varner, Senior Manager of Product Management at Symantec, spent two years mentoring twin high school girls in cybersecurity, and both have been accepted to MIT this year for computer engineering degrees! We also heard from Eileen Brewer, Senior Manager of the Security Appliances Team at Symantec, abouther story as a mentor for woman in Africa and the Middle East.

These are two stories of the thousands of active volunteers across our company and global operations. In FY15 alone, Symantec employees across the globe collectively logged over 29,983 volunteer hours and we are excited to see that number grow even more!

The recent expansion of two international programs will widen our global reach. In a new partnership with NASSCOM, the industry association for the IT sector in India, Symantec plans to expand the SC3 program to India and will focus on developing five job roles in cybersecurity, as well as provide scholarships for 1000 women taking NASSCOM cyber security certifications. On the either side of the globe, in partnership with the World Association of Girls Scouts and Girl Guides (WAGGS), the Surf Smart program will expand to reach an additional 60,000 girls and young women in Latin America, the Caribbean, and India. These programs will create more volunteer opportunities for Symantec employees in these regions.

Mandela Day – Giving Back in Remembrance

In Celebration of Mandela Day, thirty employees from the Cape Town, South Africa office spent July 17th volunteering at two events at Joe Slovo Park organized by Clean C, their nonprofit partner.

Joe Slovo Park is an informal settlement and Symantec South Africa has been involved in various initiatives over the past 12 months with Clean C to give back to this underprivileged community. The group of volunteers split into two groups to make a meal of fresh baked bread and soup at the Joe Slovo Recreational Center and Masibamnane Creche.

The day did not pass without a few hurdles – the oven at the Recreation Centre was not working and so the team was unable to bake the fresh bread. Darren Lotter and Victor Thornton stepped up and headed to a shop to buy loaves of bread, butter, cups for the soup and even a few bags of cookies for the children.

At the Joe Slovo Recreational Centre, the volunteers fed 116 children a meal and played games with the children.

At Masibambane, the volunteers made multiple batches of fresh bread dough and prepared enough to supply the crèche with fresh bread for the week. They also supplied the center with bread making ingredients such a flour, sugar, salt, yeast and oil.

Greg Player, founder of Clean C, was appreciative of the Symantec employees’ time:

“Thanks so much for your support at our Mandela Day Projects as well as your sponsorship over the past few months! Your sponsorship and participation really made this project a much bigger success than what I ever imagined or dreamed of! Really most appreciated! “

At Symantec, employees are key players in the success and expansion of our corporate responsibility (CR) program. A big thank you to everyone who gave of their time to help others.

We wish everyone a Happy International Mandela Day and hope today we can all be inspired to think about how we can give at least 67 minutes of our time to help others. Be it volunteering at work, volunteering with friends, volunteering from the comfort of your home, or participating in an event that raises funds and awareness for a cause, there are numerous opportunities to make a direct impact on someone’s life.  

If you are interested in learning more about opportunities at Symantec, please contact community_relations@symantec.com.

Symantec has released Mobility Suite 5.3 featuring integration with our mobile application management (MAM) capabilities and the company’s market-leading DLP product.  The latest release also replaces our former Content solution with Work File, an application included in Symantec Mobility: Workforce Apps.  Other features included enhanced wrap capabilities, increased usability, and improvements to mobile device management (MDM).

The DLP integration featured in Mobility Suite 5.3 gives you and your security team a centralized approach to easily manage DLP across all of your endpoints, including mobile devices.  The DLP integration for app proxy allows you to extend DLP to your mobile devices without requiring MDM or full device VPN.  It leverages the apps that are secured via Symantec’s unique app wrapping technology and a secure app proxy that acts like a per-app VPN.  When the DLP integration is enabled, the app proxy communicates with your DLP servers to inspect the traffic and appropriately apply policy.  It leverages your existing DLP to shut down mobile data leakage vectors with its ability to monitor or completely block sensitive data from ever being downloaded to your mobile devices. 

Learn more about extending your DLP policies to mobile.

Mobility Suite 5.3 brings Work File, a secure file editor and content management app, into the Workforce Apps module.  Open, edit, save, and collaborate on corporate documents, while protecting sensitive data outside the firewall.  Work File enables you to provide a repository with secure storage for viewing, editing, and sharing corporate content, and set policies to prevent opening or copying into unmanaged apps.  Symantec Mobility: Workforce Apps also includes Work Mail and Work Web.

Other release features:

Enhanced Wrap Capabilities with increased OS coverage

• New support for Android L (5.2x for 32-bit)
• KNOX compatability

Increased Usability

• Workspace authorization improvements with iOS TouchID
• Work Hub usability additions including enrollment and ownership
• Console improvements for markets including I18N, Multi-tenant, and bulk action

MDM Improvements to support the latest heterogeneous mobile environments

• iOS 8
• Android
• Samsung

To learn more about Symantec Mobility Suite, please visit our website.

There is a long-standing rumor that Sir Richard Branson, founder of the Virgin Group, never leaves his home without a notebook to capture feedback from passengers and customers whom he interacts with on a regular basis.  This doesn’t come as a surprise considering the many diverse ventures that Branson has immersed himself into throughout the years.

Branson believes that you can learn from everyone you interact with and understanding the challenges that they face is the only way that you’ll truly be able to add value to their lives.

At Veritas we share the same mentality.  Although I can’t promise that our thousands of employees carry notebooks with them to movie theaters and dance clubs like Sir Richard Branson, I can say that we have made capturing customer feedback a top priority across the entire company and one that impacts every step we take towards any new product.

In my own department, Information Availability, we are working to make it extremely easy for customers to interact with our product managers and our engineers in order to shape the solutions that they themselves will be using.  We believe that customers need to have an innovative partnership with our team and we want to provide them with the opportunity to turn their suggestions into actionable development.

In the last two years we have conducted dozens of interviews to understand our customers’ primary goals and objectives, to make sense of the biggest issues holding them back from achieving those goals, and in their own words, to let them explain to us how they measure and define success.  We then surveyed over 500 participants, both customers and non-customers, to see how the views of a wider audience across three different geos compared to the views of those customers with which we held the initial discussions.  The feedback from these studies proved to be invaluable and was directly implemented into our newest releases such as the Veritas Resiliency Platform and the InfoScale line.

Our roadmap itself takes its shape from discussions held at our Customer Advisory Board which we host each year.  At the advisory board we invite customers to meet with our Product Management leadership in order to talk about industry trends and discuss the direction we see the market headed.  We aim to align our roadmap with our customers’ goals and, for that reason, it’s vital to receive validation on all the new ventures that we’ll be undertaking.  Our Customer Technical Forum and the regular webcasts which we host to present our latest initiatives are other events where customers are invited to speak directly with our products team, explain to them how certain products can (or can’t) be integrated into their environments, and openly brainstorm ideas that will allow us to bring to them the right solutions, at the right price, and at the right time.

In addition to the above mentioned feedback outlets, we’ve moved towards an Agile model and, as a result, our development is now entirely dependent on the feedback we capture from customers.

The Agile process is the most comprehensive engagement platform for our customers as it allows them to meet with our engineers every two weeks for a three month development cycle.

Our adoption of agile builds a win-win scenario for all involved stakeholders.  From our side, establishing a regular cadence to hear from customers allows us to make incremental changes to our products without losing precious time or having to go back and reengineer entire features so close to a release date.  From a customer’s perspective, providing consistent input ensures that their most critical requirements are being addressed by the people actually building the solutions.  This drives the concept of the Minimum Viable Product in which customers would only pay for the products that they actually need and use, instead of throwing money into something that has all the bells and whistles but sits in a drawer collecting dust.

If you want to learn more about how you can build a closer partnership with the Information Availability group please visit our Customer Advocacy Website.