Pop Quiz:  Which of the following statements is true about NetBackup?

1. NetBackup is the only backup product to win Best of VMworld four times in the Data Protection and Business Continuity category, more than any other product in its category.
2. NetBackup was the only leading backup product in the industry to support VMware vSphere 6 on the same day that it was released.
3. NetBackup won in a head-to-head performance benchmark against three other popular VMware backup products in a simulated VMware environment of 1000 virtual machines.
4. All of the above.

Of course the answer is (4). Ever since NetBackup introduced its V-Ray technology in 2007, allowing VMware disk images to be backed up without agents while still allowing file- and object-level restores from within the VM, NetBackup has continually raised the bar for excellence in VMware data protection. Built for the enterprise where thousands of virtual machines are the norm, we focus on the kinds of problems that are unique to these environments.

If you’re at VMworld 2015 this week, please stop by and say hello. This is the first conference where you will see the Veritas name in lights, side-by-side with Symantec. We can share with you some of the latest improvements we have made to NetBackup that further reinforce our capabilities for large-scale vSphere deployments, such as:

• Comprehensive integration with VMware, including the VMware API for Data Protection (VADP), vCloud Suite, and now VMware Virtual Volumes in NetBackup 7.7

• Unmatched scalability for the world’s largest VMware environments, now proven in a 3rd party benchmark

• Self-service access for VMware administrators with a vSphere console plug-in, now available from within the vSphere web client in NetBackup 7.7

• Instantly recover up to 10 virtual machines simultaneously, now actionable from the vSphere console in NetBackup 7.7

At the booth we will be giving away the first-ever Veritas swag and hosting mini-theater presentations showcasing the latest innovations from Veritas and Symantec. In addition, we will be presenting three breakout sessions, all relating to VMware backup and recovery. Don’t miss them:

STO5475
Harnessing the Power of vStorage APIs for Data Protection: Lessons Learned and Best Practices Developed from Benchmarking Backup Solutions
Monday, August 31 – 5:00 pm – 6:00 pm

STO5844
Benchmark Testing: Making Backups Better Than Ever Using Virtual Volumes
Wednesday, September 3 – 10:30 am – 11:30 am

STO6263-SPO
How to use vSphere 6 and Virtual Volumes (VVOLs) the right way
Wednesday, September 2 – 1:00 pm – 2:00 pm

For more information on these and other activities, please visit our VMworld 2015 site. Hope to see you all there!

As you are no doubt aware, Enterprise Vault.cloud natively supports archiving of Exchange, O365 email, Domino, Box, Lync, Skype for Business and SharePoint however we also recognize that our customers are constantly expanding the tools they use for communication and collaboration and may require the archival of these content sources as well.

With the goal of providing broad support for our customers, Veritas is pleased to announce that we can now accept additional content sources captured by Globanet Merge1 into Enterprise Vault.cloud.  Globanet has been a certified Symantec/Veritas partner for many years and Merge1 is already fully supported by Enterprise Vault on premise.  Globanet has recently self-certified their solution with EV.cloud allowing Merge1 content to be captured into EV.cloud as well.

Merge1 will enable the ingestion of several data types not natively supported in EV.cloud today including:  

• Skype for Business (Online)
• Salesforce Chatter
• Twitter
• Yammer
• Financial messaging (Symphony, FactSet, Thomson Reuters, Bloomberg)
• BlackBerry messaging
• Yammer
• O365 Lync
• Twitter
• YouTube

To purchase Globanet Merge1 contact Globanet Sales at (888) 427-5505.

As everybody know the top 10 dangerous web app security risks:

1. Injection flaws
2. Cross - site scripting
3. broken authentication and session management
4. insecure direct object reference
5. cross site request forgery
6. security misconfiguration
7. insecure cryptographic storage
8. failure to restrict URL access
9. insufficient transport layer protection
10. Invalidated redirects and forwards

Being an new techie to Symantec and Symantec products, may I know what are Symantec's contributions, updates for these security risks?

May I also ask everyone to kindly share an example of an incident which you may came across in the past, where one of these security risks wasn't detected which ended up in major chaos.

Many thanks

Best regards

Sathya Balakrishnan

Information Security Response Analyst

Hi Everyone,

This week we dropped the latest cumulative hotfix release on the Enterprise Vault 11.0.1 version! 

11.0.1 CHF3 is now available - head this way for more details and the download:

http://www.symantec.com/docs/TECH232083

Alongside the fixes, this CHF release also contains proliferation updates relating to new Microsoft releases (see http://www.symantec.com/docs/DOC8975), as well as support for  NetApp clustered Data ONTAP 8.3. filer archiving.

Cheers,

Chris

Resiliency Platform’s heterogeneity stance lends to easy management

September 5th is International Day of Charity, designated on the anniversary of Mother Teresa’s death, as a day that celebrates the role of charity in society. Secretary-General Ban Ki-Moon of the United Nations characterized charity as “generosity and kindness, with no expectation of financial gain [that] can make profound differences in human well-being.”

At TechSoup Global, we believe that technology is a powerful enabler for social change.  With the support of corporate donors like Symantec, we’ve been able to build and scale technology donation programs that benefit charitable organizations worldwide – organizations who, due to lack of resources, are often last in line to benefit from state-of-the-art technology.  These organizations play a pivotal role globally in making differences in human well-being, particularly in the areas of health treatment, advocacy, and research. Health charities routinely handle highly sensitive personal information, making them an attractive target to cybercriminals.  

One such organization is Colchester Mind, an affiliate of the United Kingdom-based national voluntary organization Mind that works to support and advocate for individuals living with mental illness in the North Essex community.  When we asked Colchester Mind to describe the benefit of the donated Symantec Protection Suite seats they were able to obtain through TechSoup Global’s partner Technology Trust, Alex Fairclough (Secretary) said:

"As a local mental health charity it is imperative that we keep our records safe, secure and virus-free. However, as a charity, money is always tight. Thank goodness for the donations from Symantec! Without these we would be struggling to provide enough protected workstations for staff to work effectively. Either that or we would need to spend money that could be used to help continue our much needed local services. This way we don’t need have to make that decision, so thank you very much!"

Symantec’s support makes it possible for Colchester Mind to trust that its data is well-protected, allowing it to do what’s most important: working toward making profound differences in human well-being. On behalf of TechSoup Global and the thousands of organizations worldwide that rely on our partnership to keep their systems safe and secure, we tip our hat this September 5th in recognition of Symantec’s generosity.

Symantec’s Partnership with TechSoup Global:

• Symantec donations have kept 87,003 nonprofits and public libraries’ systems secure since our partnership launched in 2002.
• $279,666 in Symantec grants and in-kind donations to TechSoup Global have enabled us to secure our own IT infrastructure, as well as build and scale a rich array of learning materials for the sector. 
• 2,014,993 donated product licenses have been distributed worldwide as of March 31, 2015.
• Symantec’s generosity has saved nonprofits and public libraries $173,422,041 on technology investments.

Allyson Bliss is a Senior Relationship Manager at TechSoup Global

Copy Data Management (CDM) is a very hot topic in both the backup and recovery and storage management markets today.  Technology startups are coming out of stealth mode, investors are funding new ventures, and established hardware and software vendors are entering the market.

There are two key messages being promoted by many of the CDM vendors and even some analysts as they seek to disrupt the market and gain rack space in the datacenter:

1. Copies of data are inherently bad
2. Backup is a useless copy and therefore is inherently bad and you should stop doing backups

The idea that copies are inherently bad is a strong statement, and any technology that virtualizes or diminishes the resource tax associated with creating copies of data is going to immediately look positively disruptive, since anything that reduces storage workloads has to be a good thing, right?  Maybe, but let’s not get too excited. You need copies of data to run your business – so not all copies are inherently bad.  Having the right number of copies to keep your organization up and running is the better perspective.

This isn’t the first time we’ve heard this kind of bravado, remember.  Snapshots, business continuance volumes, storage virtualization devices and other technologies have all made similar claims, with extremely limited success.  So before we replace backup technology – a critical component of every infrastructure – with CDM, let’s look at things a little more closely.

At the heart of this market movement is the idea that creating copies of data has business value.  Users need to do things, sometimes many different things, with the data created by business processes.  Users have been asking for copies to work with and conduct analysis against since the ENIAC.  One of the reasons computing is so powerful is it allows us to create new information paradigms and reach new levels of understanding from the information we create.  The need to copy data is a business requirement, plain and simple, and should be one IT is ready, willing and heartily able to accommodate.  Unfortunately, it’s an expensive requirement to fulfill, and the tab for that expense rarely seems to be picked up by the people asking for 5 new copies of a 60TB database.

The promise of these emerging CDM technologies is that they give the perception to the user that they have a full copy of the data, without actually charging the tax of storing the copy.  This is extremely powerful and has tremendous value.  Many CDM companies would then have us believe that these copies are appropriate to be used as our backups.

The promise sounds almost too good to be true.  Think about it for a second.  You can create copies of a data set, all with no actual storage being spent on the copies, and you can recover instantly from the virtual copy by just pointing your production server at the copy.  Suddenly the whole world of backup and recovery has changed.  Anything too good to be true generally is, and CDM = free backup is no exception.  Let’s be crystal clear on this point – in its current form, copy data management is not backup.  To be a true backup replacement, CDM needs to encompass the entire datacenter in its scope, not just databases; it needs cataloging, search and version capabilities built into the system, and it needs to be able to take incremental updates from all data sources inherently.  No CDM product is today doing that across the datacenter.  Most aren’t doing it even for databases.

Could CDM eventually morph with “traditional” backup and become one product?  Absolutely, and that is actually entirely likely.  Can CDM technology as it exists today be used to replace certain recovery processes?  Absolutely.  There is a time and a place that a CDM virtual copy could absolutely be used as a method to recover a mission critical database or virtual machine, for instance, and allow for an absolutely incredible RTO.  There is no question that, like business continuance volumes or NAS based snapshots, with the right preparation and in the right scenario, CDM technologies will prove that they are a recovery technology of choice.

That doesn’t make them a backup replacement, however.

The fundamental premise upon which the “CDM equals backup” argument is made is that all copies of data are bad.  This is just inaccurate.  Not all copies of data are bad.  The problem with copies is when you have too many copies of data.  You have to find somewhere to store them, maintain secure access to them, keep data compliant within them and make sure they don’t leak data out of the organization.  Managing all that is tough.  How many is too many, though?  That gets the proverbial “it depends” answer.

“How many” probably isn’t even the right question to ask in this context, though.  The question to ask is whether any given copy is more expensive to maintain than the business value it provides?  If the answer is yes, then that copy should not be made.  This doesn’t necessarily require detailed financial analysis.  A simple smell test works – can the requestor of that copy get their job done without it?  No?  Then make the copy already or provide a way for the requestor to make it themselves.  Put this another way – will the business stop without a given copy?  If you can realistically say yes, then make the copy, otherwise move on.  CDM allows us to more readily say 'yes' because we can virtualize those copies that make sense to make, reducing the burden and cost associated with them.

Backup simply doesn’t fall into this category of conversation though.   There is obvious and inherent value in having an actual, complete backup copy of data that is physical, separate from production, and can be recovered from or to anywhere.  Anywhere is a key element of the value a backup copy can provide.  If you can’t take a physical copy of the data to any service provider, a datacenter on wheels, or any alternate location and recover without significant infrastructure building, the backup is of exceedingly limited utility, and perhaps your backup process is in need of a re-architecture.  This need to get truly mission critical systems back online anywhere anytime is one of the reasons why so many highly sophisticated organizations still have an underpinning of tape in the recovery strategies.  Does this mean there is inherent value in every backup copy you have?  Absolutely not, and if CDM does nothing else in the market, it should have us looking at why in the world do we have 20 year old tapes we’re paying to store when we know, in our heart of hearts that they have absolutely zero value. 

CDM simply doesn’t meet the inherent value proposition of backup, however.  To be useful as a recovery platform, you must have like infrastructures in already prepared locations replicating the virtual copies.  That isn’t cost effective or feasible for every environment, and perpetuates a philosophy that actually can lead to data loss.  What happens when – most certainly not if– that CDM platform fails and your virtual copies disappear?  Where is that reliable, known good copy that isn’t you can turn to and get your production data back?  And look, this isn’t fear-mongering by an incumbent data protection provider.  This is about looking at things honestly and using the right technology for the right use case.  CDM has great use cases.  Backup just isn’t generally one of them.

Treat your information like your money and protect it accordingly.  Just because the hype cycle is high and climbing around CDM, don’t abandon that tried and true philosophy.  CDM has its place in many (if not all) environments, but not at the cost of truly and completely protecting your data. Like any technology, look at this emerging trend and put it where it belongs in your infrastructure as an element of your recovery and information management strategy, not the end all be all of it.

A few days ago I was reminded of an old post I wrote (here) that talked about the supported Outlook versions on the Enterprise Vault server.

For a very, very, very long time the latest version supported was Outlook 2007 SP 3, with a bunch of hotfixes on top. Around May 2015, Outlook 2013 can be supported on the Enterprise Vault Server. I wrote a new post (here) on that very topic.

As with any aspect of Enterprise Vault it is super important to stay up to date with the Compatibility List. I know it's a bit of a big document these days, but some of the fundamental stuff which is in there like Operating Systems, Outlook versions and so on is pretty critical to most people that use Enterprise Vault.

Correction: Outlook 2013 is supported on the EV Server.

We are building a new version of Symantec Embedded Security Critical System Protection with significant enhancements centered around usability. It's designed to run on embedded/single-use systems such as industrial control systems, automotive systems, point of sale, ATM's, medical devices and beyond.

We’d love you to take part in beta program beginning September 14, 2015. By participating you will be able to experience the benefits first hand.

Key features in Symantec Embedded Security: Critical System Protection

Auto-Sandboxing custom applications: Allows you to initiate application profiling for specific applications residing on the agent and then create sandboxes for those applications in an automated manner. Existing applications on the agent or applications with specific program paths/directories can be selected for profiling and subsequent auto-sandboxing. The application is expected to run to its fullest extent while it is being profiled. Application profile logs are interpreted and application’s legitimate access to resources is automatically transformed into set of rules, which defines application’s normal/expected behaviour, in other words, application’s sandbox. You can view the generated rules for the newly created sandbox and proceed with the custom sandbox creation. The application’s sandbox is then associated to the application automatically, in the policy. 

Create custom baseline policies and view changes from custom baselines: Allows you to mark any workspace policy as “Custom Baseline” policy. New workspace policies can be added based on the newly created custom baseline policies. You can view any changes made in the workspace policies as compared to the custom baseline policies. You can create multiple custom baseline policies on top of same Symantec supplied baseline policies.

Deployment of multiple packages through FTPS: Allows you deploy multiple (Prevention policies, Detection policies, Configuration parameters) packages on the standalone agents, in one go from the FTPS server.

To participate in the Symantec Embedded Security: Critical System Protection beta program, you must meet the following requirement.

• Be prepared to submit feature requests and defect information via SymBeta forums prior to the key deadlines.
• Test some key use cases for the product as documented in the Beta test guide.
• Located in countries not under international embargo / restricted access legislation (Cuba, Iran, North Korea, Sudan and Syria, Belarus, Cuba, and Russia)

To sign up, please apply for the Symantec Embedded Security: Critical System Protection beta program via SymBeta and select New User to begin your application.

We look forward to and really appreciate your feedback.

Symantec Embedded Security: Critical System Protection Team

Interviews can be very intimating, and with only seven seconds to make a good first impression, it is no wonder that time and again people reiterate the importance of wearing professional attire for interviews.  Unfortunately, professional clothing is often times expensive and this can pose a challenge for some. Dress for Success looks to address that difficulty for disadvantaged women by providing professional attire to help them secure employment. The nonprofit promotes economic independence for disadvantaged women by also creating a support network and offering career development tools for entering the workforce. The Symantec Women’s Action Network (SWAN) Mountain View Chapter has supported the San Jose Dress for Success affiliate for the past few years.

Creating community is integral for personal and professional growth.   Within SWAN we understand the importance of creating networks for women to support professional development. SWAN is a collaboration forum for women and men to skyrocket women into leading, learning and thought provoking opportunities. It is a wonderful group that gets together to support and launch initiatives that aim to address growth, learning and networking for women within Symantec. We also encourage volunteer initiatives to give back to our community.

The week of August 3-7, Symantec’s SWAN group hosted a business attire clothing drive for Dress for Success. We were looking for interview appropriate suits, blouses, handbags, portfolios, briefcases, closed-toe shoes, jewelry and scarves – items to complete an interview outfit! In addition to clothing, we created a donation page on the Giving Station to collect financial donations to help support the nonprofit’s work.

We are very excited about the success of the event!  The support (and clothing volume) surpassed all expectations and was a great show of Symantec’s community spirit and generosity!  We received enough suitable business attire to outfit hundreds of women in the workplace, estimated at over $10,000 in value.  In addition, more than $2,900 in cash donations was received through the Giving Station, which Symantec will match through our employee matching gift program.

All of the clothing was delivered to Dress for Success, and they were absolutely blown away – Symantec delivered the largest single donation ever received by their office. This drive could not have been what it was without the support of the great SWAN women involved! Cora Schumann, Elise Shelley, Liz Cherene, and Melody Baltazar were key leaders for the event. They actively promoted the event across the Mountain View campus by posting up flyers and writing campus-wide emails to spread the word.  We also had lots of volunteers that help with the collection and sorting of clothing. Thank you to all who participated in the clothing drive. We helped dress over 100 women for their next interview!

Sheri Rhodes is Symantec's VP, Information Technology

Staggering complexity. Relentless growth. Sound like your customer’s data center?

Register for this Veritas Tech Talk with Partnersand get straight answers on simplifying enterprise data protection, scaling for growth, and increasing agility. You’ll learn how Veritas NetBackup 7.7.1 will help reduces complexity through comprehensive integration, a converged platform, and efficiencies through automation and self-service operation.

Attend the webcast for an overview of the changes in the forthcoming release of NetBackup 7.7.1 (incl. the changes to the licensing model).

Register here.

Welcome to the August edition of the Symantec Intelligence report. Symantec Intelligence aims to provide the latest analysis of cyber security threats, trends, and insights concerning malware, spam, and other potentially harmful business risks.

August was a big month for zero-day vulnerabilities, in which a total of 11 were reported. This is by far the largest number disclosed in a given month to-date.

Six of these zero-day vulnerabilities impact industrial control systems, devices used in industrial sectors and critical infrastructures, across five vendors. The vulnerabilities cover a wide range of possible attacks, including remote code execution and denial of service attacks.

Two further zero-day vulnerabilities were discovered in the Apple OS X operating system. When used in tandem, these two vulnerabilities can cause memory corruption in the OS X kernel and gain the attacker escalated privileges on the compromised computer.

These vulnerabilities come on the heels of a new OS X threat called OSX.Sudoprint. This threat exploits a local privilege escalation vulnerability in the OS X operating system, which was patched by Apple at the beginning of August. This threat comprised over 77 percent of the OS X threats we saw on OS X endpoints this month.

Ransomware attacks were down in August, where over 155 thousand attacks were detected. While ransomware attacks appear to be down to their lowest levels in the last 12 months, we have reason to believe that attackers have shifted tactics and are currently pushing fake security software, such as FakeAV threats, instead. However, crypto-ransomware continues to grow, setting another monthly high for the year.

In other news, the Transportation, Communications, Electric, Gas, & Sanitary Services sector was by far the most targeted sector during August, comprising 52 percent of all targeted attacks. Small businesses with less than 250 employees also made up the majority of organization sizes, where 78.4 percent of spear-phishing attacks were reported.

We hope you enjoy the August Symantec Intelligence Report. You can download your copy here.

The TCP/IP Mananger is a nice software designed to help computer users keep track of their network configuration in different locations.

TCP/IP Manager is an open source application designed to help computer users keep track of their network configuration in different locations, and switch from one network to another easily.

Features:

• Open-source (free to use and redistribute)
• Save your network settings in an unlimited number of profiles
• Support for switching TCP/IP settings (including multiple IP/Gateway/DNS servers)
• Support for switching proxy settings, computer and workgroup names
• Support for MAC spoofing
• Easy switching between profiles (with tray icon and hotkeys)
• Generate batch files from network profiles
• Import current system settings
• Very fast and easy to use interface

License : GNU General Public License - version 3

Link : TCP/IP Manager