Blog Feature Image: 

ThinkstockPhotos-477381460.jpg

Symantec was recently named a leader in three critical 2016 Gartner Magic Quadrant reports: Data Loss Prevention, Managed Security Services, and Endpoint Protection Platforms.

It’s an honor that Symantec’s efforts have been acknowledged by such a prestigious organization as Gartner, and by our customers who trust us with their security needs. As SVP of Product Development, the Gartner recognition also signifies three big wins for Symantec customers.

Win #1: Symantec Endpoint Protection (SEP)

With the 2016 Gartner recognition, Symantec hit another milestone by being a Gartner Magic Quadrant Leader for Endpoint Protection Platforms in every Gartner Magic Quadrant for Endpoint Protection Platforms Gartner ever published. Our consistency of leadership in this space proves that we’re always developing and improving Symantec products and solutions.

Symantec Endpoint Protection utilizes a wide range of proprietary technologies, including IPS, reputation-based detection (Insight™), and real-time file behavioral monitoring (SONAR™), that applies machine-learning heuristics. Last year’s release of Symantec Advanced Threat Protection brought a new level of performance to the industry. As we continuously build on ATP’s success, I’m excited about how our technology will continue evolving to stay ahead of the threat landscape.

Win #2: Data Loss Prevention

Gartner says that data loss prevention (DLP) and the enterprise DLP market are currently experiencing a renaissance through “a second wave of adoption.” As many enterprises are turning to the cloud, more focus is placed on DLP. Furthermore, it’s this second wave of adoption that positions us not just to gain more customers, but to further innovate data loss prevention for the entire industry.

How does all this benefit our customers?

The Gartner recognition of Symantec as a DLP Leader assures that customers are:

• Partnering with an industry leader in data loss prevention.
• Getting the most comprehensive solution that protects data wherever it resides—whether it’s on-premise, on mobile, in the cloud, or in transit.
• Using the next generation of data loss prevention technology. In the past year alone, Symantec has introduced more than 30 new data loss prevention capabilities to the market, including the DLP Cloud Service for email and DLP Cloud Storage.

Our strengths benefit both our partners and the security industry at large as we continue to advance DLP technology.

Win #3: Managed Security Services (MSS)

For the 12th consecutive year, Symantec is positioned as a Leader in the Gartner Magic Quadrant for Managed Security Services, Worldwide. While another great milestone, it validates our strength in understanding the threat landscape and providing customers' increased visibility, including:

• The ability to accelerate early detection and response to targeted attacks—a great feature for customers worried about the changing threat landscape.
• Dedicated industry-specific analysts who are familiar with the unique needs and issues of customers.
• DeepSight™ Intelligence that employs industry-leading threat insights from Symantec’s Global Intelligence Network, with rigorous analysis by our DeepSight™ Intelligence team, to provide the context customers need for better detection.

For more information, please visit our Performance Center.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Blog Feature Image: 

Ethisphere2016.png

Today we hear from Symantec’s Chief Compliance Officer, VP, Legal and Public Affairs, Carolyn Herzog.

We are very proud to be recognized for the ninth consecutive year as one of the World’s Most Ethical Companies by the Ethisphere Institute, a global leader in defining and advancing the standards of ethical business practices.

Andria Jones, Senior Corporate Counsel, and I accepted the award on behalf of Symantec during the Ethisphere Global Ethics Summit held 9-10 March in New York City. I also had the opportunity to participate on a panel during the summit, addressing the topic of Shifting the Focus on Global Anti-corruption: The Case for More Compliance Investment.

This recognition is an honor, and one that our employees across the globe should be proud of. It is a testament that we are committed to comply with the highest standards of ethical behavior.

Ethisphere and the World’s Most Ethical Companies designation recognizes companies that align principle with action, work tirelessly to make trust part of their corporate DNA, and in doing so, shape future industry standards. Tim Erblich, CEO, Ethisphere, shares why being a World’s Most Ethical Company Matters.

At this year’s Ethisphere conference, there was a highly dynamic plenary session called: Cyber Attacks, Company Image and Compliance, further validating that protecting our employee and customer information is not only a security, compliance and legal concern, it is also an ethical concern.

"As business leaders, we're faced with a challenge around protecting our most valuable asset: information,” wrote Mike Brown, Symantec’s President and CEO in the Ethisphere Magazine article, ‘Big Data, Big Responsibility.’“In our increasingly connected world, we are generating, storing, and managing more data than ever before, and being attacked is inevitable. Companies that are thinking ethically and acting with integrity need to secure their data — cybersecurity, privacy, and sound data management practices are part of our ethical responsibility.”

We are delighted that Symantec’s efforts have once again been recognized by the Ethisphere Institute and that we stand with peer companies in maintaining high ethical standards.

This year, Ethisphere recognized 131 companies spanning 21 countries, using a robust scoring methodology. Symantec was recognized along with other well-known companies, such as Adobe, Cisco, Dell, Google and Intel. For a complete list of the 2016 World's Most Ethical Companies, see Ethisphere's full honoree list.

To learn more about our approach to corporate responsibility and ethics, please visit our Corporate Responsibility site.

Blog Feature Image: 

SJordan_RSA_600.jpg

The annual RSA conference always provides a great opportunity to connect directly with our customers and hear what’s top of mind when it comes to the cyber security issues they’re facing. This year, I had the privilege of hosting a customer panel with CISOs across diverse industries. They provided excellent insights into how they are approaching cyber security in their organizations. I’d like to share their views on three key topics: advanced threats, security in the cloud, and security as a cloud service.

Our panel participants included:

• Myrna Soto
  Corporate Senior Vice President & Global CISO
  Comcast Corporation
   
• Tim Callahan
  Senior Vice President, Global Security & Chief Security Officer
  Aflac
   
• Christopher Kemble
  Global Information Security Manager, Information Services
  The Hershey Company
   
• Tim Hillyard
  IT Security Director
  Voya Financial
   

Advanced Threats

As you know, an advanced threat is a network attack in which unauthorized persons gain access to a network and stay there undetected with the intention of stealing data. Symantec sees a million new threats a day and we know that our adversaries are well-funded, incredibly talented and extremely bright.

So, it’s no surprise that our customers think about advanced threats “night and day.” Some take the realistic view that attackers will get through. Said one panelist: “That is our approach, and based on that, we have to change the way we work.” CISOs are looking for quicker detection and automating response capability to respond faster.

One of our customers has been expanding globally at a rate where its current cyber defense couldn’t keep up with demand, so they partnered with Symantec on our ATP product and commented: “ATP has been very powerful for us—we were able to quickly integrate it and have seen many positive results. Being able to work across endpoint, email and network—it correlates everything to give a prioritized view.” The panelist noted “…issues with some global locations where they were seeing threats. With ATP installed, we were very quick to react.”

Security in the Cloud

Our panelists all agree: cloud is here and it’s given each of them the opportunity (and challenge) of how to protect their data. Some are using only private cloud, which considering their industry sector and regulatory requirements, offers them more control. In one case, one of our panelists noted that “private cloud is a benefit—it gives us a chance to simplify. As we stood up our private cloud, we looked at how to streamline and set up rigid standards. Security is embedded into the stack.”

Yet another panelist is currently adopting many cloud–based capabilities and uses Symantec’s DLP for cloud. “Three years ago we didn’t know how to address it. Now we have options with proxy and access brokerage.” Another panelist remarked that going to the cloud makes planning for identity more complex. “We tie it back to our active directory. In one case we had a provider in the cloud but built out an extension of our network. That helps with protection.”

Security as a Cloud Service

Are customers interested in security as a cloud service? “It’s definitely an option,” noted one customer. Said another: “Security as a service will evolve—it’s certainly something we see. With all of the growth happening, it’s impossible not to consider these types of services. The velocity of getting these capabilities quicker is important.”

“Often times a provider does it so much better,” said a third panelist. “We’ve got a firewall application in the cloud now, use Symantec for email, had to get over the initial hurdle (which came from legal, not security) about letting data out.” Symantec is moving towards a SaaS mode that is subscription-based.

Third Party Apps

Across the board, our panelists noted that third party vendors are what keep them up at night. They had varying degrees of comfort with third parties, but all agree that security issues exist. They’d like to see a security industry scorecard on third party vendors—in fact, some already have them. Said one panelist: “We’ve built 3rd party apps into our risk assessment program, categorized by what they do—and spend lots of time examining sensitive data. That’s how we manage them.”

Closing Thoughts

Finally, regarding the topic of Cyber Insurance, our panelists loved the idea of a cyber security risk score from Symantec. One response: “Great idea. You are the endpoint for millions of customers. Your view of data is different from ours and can give us more intelligence.” That said, they advised us to approach scores with caution on their execution—legal liability has to be thought through. Symantec will definitely work closely with our customers to determine that approach.

And, I couldn’t end the session without asking our panelists their opinions on a hot topic in the media: Apple vs. the U.S. Government. Thanks to our two panelists who were brave enough to answer! Views were mixed as to who is right—Apple or the government, but all agreed that back doors to maliciously secure data should not be made available.

Partnering with our customers on our security products will continue to enable Symantec to stay ahead of tomorrow’s threats and protect critical data wherever it lives. Special thanks to our four panelists—we appreciate and value your insights! 

ITMS 8.0 was release just a week ago, so it is time for the Patch Automation toolkit to receive it's new addition to the familly: Version 11, built for 8.0 :D.

This release doesn't have much else - but keeping up to date is good enough as the tool is now quite mature.

Finally, all the existing documentation related (and updated) to both tool still apply (both document contain the 7.1 builds as well):

• {CWoC} ZeroDayPatch: Patch Automation Tool for PMS 7.1 SP2
• {CWoC} PatchAutomation - Automated patching with Full Test Life-cycle

7.5 builds are also available as downloads:

• {CWoC} Patch Automation and Zero Day Patch builds for 7.5 SP1
• {CWoC} PatchAutomation and ZeroDayPatch with Patch Management 7.5 Native Support

Whilst the 7.6 release are available on a blog entry:

• {CWoC} PatchAutomation and ZeroDayPatch builds for 7.6

Blog Feature Image: 

ThinkstockPhotos-200197884-001.jpg

どんな企業でも、イノベーションと創造性はその企業文化に深く根ざしたものでなければなりません。シマンテックでも、社内のいたるところから素晴らしいテクノロジとビジネス上のアイデアが生まれており、筆者は毎日のようにそれを目撃しています。そうした革新的なアイデアから最先端の製品やサービスを作り出すには、アイデアを持ったチームメンバーが弊社のエンジニアリングセンターや研究室、グローバルサービスチームと連携できるようにすることが必要です。

最近シマンテックは、そのイノベーションを複数の独立系業界団体から高く評価されました。

• Thomson Reuters は、シマンテックを「Top 100 グローバルイノベーター」に 5 年連続で選定しました。また、同社の新しいランキング「Top 25 ベイエリアイノベーター」にもシマンテックは選定されています。
• Gartner は、2016 年の Magic Quadrant レポート「Data Loss Prevention, Managed Security Service Providers, and Endpoint Protection Platforms（データ漏えい防止、マネージドセキュリティサービスプロバイダー、およびエンドポイント保護プラットフォーム）」の主要 3 部門でシマンテックをリーダーに選出しました。
• AV-TEST.org は、企業エンドポイントセキュリティの部門で Symantec Endpoint Protection が「Best Protection 2015」賞を獲得したと発表しました。

イノベーションの原理

組織で真のイノベーションを推し進めるもの、そしてイノベーションの文化を育むために必要な要素とはいったい何なのでしょうか。筆者の経験から言うと、イノベーションの成功を企業に約束する原理がいくつかあります。それをご紹介しましょう。

• 強力なイノベーションの文化 - イノベーションは「トップダウン」だけでなく「ボトムアップ」からも生まれるものであり、組織のどこから出てきてもおかしくありません。経営陣に必要なのは、正しい方針や枠組み、適切な環境、相応の報奨を用意することで、イノベーションが長続きする文化を醸成することです。トップダウンの号令だけでは、そうした文化は生まれません。
• 今ある問題を解決する - イノベーションの難しいところは、遅すぎても早すぎてもだめだという点です。業界や社会全般が今まさに直面している問題や課題を、革新的なアイデアによって解決できる、ちょうどいいタイミングで到来する必要があります。
• 有機的・組織的なイノベーションと無機的・非組織的なイノベーション - 企業の成功と失敗は、有機的・組織的なイノベーションを実現できるかどうかにかかっています。非組織的なイノベーションは、組織的なイノベーションに代わるものではなく、補完するものでなければなりません。
• 現在の製品とテクノロジにおけるイノベーション - この点は、完全に新しいソリューションを開発することに劣らず重要です。
• 成功だけでなく失敗も大切にする - 何がうまくいって、何がうまくいかなかったのか。そこから、今後の努力に役立つどんな教訓を得られたのか―成功だけでなく失敗も記録に残すことが不可欠です。

現在と未来のためのイノベーション

サイバーセキュリティ世界のグローバルリーダーとして、シマンテックは次々と新しい脅威を検出し、新次元の攻撃からお客様を保護しています。お客様、パートナー各社、そして業界全体のためにセキュリティのレベルを引き上げることに日々尽力しています。

脅威をめぐる環境は変化が絶えないため、セキュリティに関するイノベーションの需要もまた尽きることがありません。クラウド、モバイル、「モノのインターネット」の登場によって、私たちは今、脱工業化とデジタル革命のまっただ中に置かれています。そして、その脱工業化とデジタル革命が成功するかどうかは、新しく登場したシステムを企業と消費者が信頼できるかにかかっています。セキュリティ業界は、その信頼を守る最前線に立ち続けなければなりません。今後の何世代にもわたって繁栄した社会が続くという期待を守る必要があるのです。

シマンテックは現在、意欲的で有機的な製品イノベーションサイクルのただ中にあります。それ以上に取り組んでいるのが、この世界の発展に向けて大きく貢献することです。イノベーションと創造性が、その目標達成を推し進め、現在と未来の繁栄を約束してくれるはずです。

【参考訳】

Customers ranging from SMBs to Large Enterprises showed renewed focus to keep malware at bay in 2015. Threat protection roadmaps are also proving that organizations need to be able to detect malware quickly across multiple control points, combined with a layered approach to sniff out malware that’s either hard to detect or coming into the organization in ways that are different than before.
Although ransomware already had our attention, it recently it got “very real” for a California hospital who’s network was held hostage and kept offline for over a week! Stakes are going up and it seems like all company sizes and verticals are at-risk.

While we attempt to educate user’s awareness about today’s threats and their role in helping keep themselves and the company safer, the need for better technical controls to address the gap is very real and ever increasing.

Learn how ransomware has evolved, but more importantly, better understand what it takes to minimize it’s likelihood in your environment leveraging your existing Symantec investments from the experts at ITS Partners.

Watch the video from the Security Experts at ITS Partners here. 

On March 19th 2016 from 8:30 pm – 9:30 pm all lights all across the world will go out. It’s not a scene from an apocalypse movie – this global blackout is in honor of Earth Hour, the annual World Wildlife Fund (WWF) event that brings attention to the health of our planet, and specifically climate change. Earth Hour started as a grassroots movement uniting people to protect the planet on a broad range of environmental issues. It started in 2007 as a lights-off event in Sydney, Australia and has since expanded to more than 7000 cities and towns worldwide across 170 countries. This event goes beyond turning off the lights in solidarity; it’s about encouraging individuals and communities to think, talk, and act on the environmental challenges and opportunities we face. Climate change is one of the biggest environmental threats our planet faces today and Earth Hour is about shining a light on climate change.

Prior to the landmark COP21 climate negotiations that took place in early December 2015, Symantec joined the Obama Administration and 140 other companies in the American Business Act on Climate Pledge  in support of a climate agreement that would take a strong step forward toward a low-carbon, sustainable future. As part of our commitment, we pledged to play our part and set a science-based goal early in 2016 to guide our energy use and greenhouse gas (GHG) emissions reduction efforts. We are excited to announce that Symantec’s new 10 year goal is to reduce GHG emissions by 30% by FY25 (compared with FY15).

This is an intentionally ambitious goal, as we believe that it is necessary to take aggressive steps for substantive change. The scope of our new goal includes energy consumed at our data centers and offices as well as smaller emission sources such as refrigerant gases used in air conditioning equipment and company owned and leased vehicles. Electricity used in data centers and offices is responsible for 90% of the emissions captured by our goal and is the primary focus of our reduction efforts.

We intend to pursue a 3-pronged strategy to achieve our goal. We will optimize the use of our spaces, implement energy efficiency projects and engage our employees in energy conservation, and we will investigate opportunities to use clean & renewable energy sources. Setting this goal has aligned us well among our peers and will address a gap in our environmental performance. It will also promote increased visibility of our impacts and foster accountability for reducing our impacts.  

At Symantec, we believe that the transition to a low-carbon economy is important for sustainable economic growth. We believe that company action, in partnership with stakeholder collaboration, is key to both mitigating risk and finding opportunity during this transition. Since 2009, Symantec has reported publicly on our GHG emissions since 2009, including through the CDP, an investor and corporate customer-led initiative to rate companies for their emissions transparency and reductions. Tracking our GHG emissions has allowed us to identify areas for improvement and now that we have set a target, we can work diligently towards reaching that 30% reduction. 

In addition to making strides within our own operations, we continue to work externally in support of climate action. In 2009 we have joined forces with the Business for Innovative Climate and Energy Policy (BICEP) project, a coalition that calls for strong US climate and energy policies to spur clean energy production and usage and reduce carbon pollution. We are also collaborating with other ICT companies by participating in the BSR Future of Internet Power initiative to promote the increased use of renewable energy by the data center industry and in particular by colocation vendors.  

As Michael A. Brown, Symantec President and CEO has said, “Climate change is one of the great challenges of our time, and the time for meaningful action on a global scale is now. At Symantec we believe moving to a low carbon economy requires innovation and cooperation. We hope others will join us in this important mission.”  

For more information about Earth Hour and how you can participate, check out some common Earth Hour questions:

When does Earth Hour take place?

Earth Hour 2016 will be held on Saturday 19 March between 8.30PM and 9.30PM in your local time zone. The event is held worldwide towards the end of March annually, encouraging individuals, communities, households, and businesses to turn off their non-essential lights for one hour as a symbol for their commitment to the planet.

What does Earth Hour ask people to do?

The first thing anyone can do to get involved is to turn off their lights on Saturday. But there is much, much more. Our full ambition is for people to take action beyond the hour. Whether it’s supporting a crowdfunding or crowdsourcing campaign or getting involved in Earth Hour campaigns in their own country, or starting the movement in their own community. The vision is always to do more, so make the light switch the beginning of your journey.

Shine a light on climate action and help change climate change!

Questions? Email Symantec Environmental Responsibility. 

If you have already migrated to Symantec Endpoint Protection 12.1 (SEP 12.1), great! That means you have the full protection stack with the intelligent security technologies to protect you from today’s sophisticated threats. If you’re still on Symantec Endpoint Protection version 11.0.x (SEP 11), it’s still not too late for you to migrate to SEP 12.1 and become secure from targeted attacks and advanced threats.

We would like to bring to your attention that Symantec will be releasing a new version of SEP in the second half of the year 2016. The next major release will include new features and drop support for other features, meaning we will no longer support SEP 11 once we deliver the next major release. Since SEP 11 reached end-of-support-life on January 5th, 2015, virus definitions and security updates have already ceased to be publishing to LiveUpdate, and general support for the product is no longer provided.

As a final reminder, all current customers should ensure they have fully migrated to SEP 12.1, the Best Protection Award Winner in 2015 from AV-TEST independent test institute.

Please see the quick overview of what’s happening and plan ahead for the changes. For a understanding of all the advanced protection features in SEP 12.1, watch this four-minute Demo Video. It’s easy to upgrade from SEP 11 to SEP 12.1 using three simple steps and the best practices. Check out the migration page HERE and upgrade now.

Overview

For the Next Major Release:

• Symantec Endpoint Protection Manager will not install on 32-bit operating systems.
• Symantec Endpoint Protection Manager will not install on Windows Server 2003 or Windows XP.
• The Symantec Endpoint Protection Manager database will not support Microsoft SQL Server 2005.
• Symantec Endpoint Protection Manager will not migrate from version 11.x or Small Business Edition (SBE) 12.0.
• Symantec Endpoint Protection Manager will not import or create 11.x client packages.
• Symantec Endpoint Protection Manager will not download 11.x content.
• Symantec Endpoint Protection Manager migration will remove 11.x content from the management server database.
• Symantec Endpoint Protection Managers that manage 11.x clients will send notifications to Symantec Endpoint Protection Manager Administrators to advise of the unsupported clients.
• Symantec Endpoint Protection Manager no longer supports vShield-enabled Shared Insight Cache (VSIC) and Security Virtual Appliance (SVA).

For more details, please refer to this article.

Passwords have been the primary means of verifying user identity since the need to protect data emerged. A growing user population requires access from an array of mobile devices, and the amount of information stored on servers and in the cloud continues to grow, providing more opportunity to conduct business on-the-move.

With this increased opportunity comes heightened vulnerability as more hackers try to tap into that information. Because users are in a rush, there are more temptations to use easy, familiar passwords to access their corporate network or cloud storage.

Let’s examine how developing and implementing a strong two-factor authentication system is vital to help protect your organization from a security breach.

What is two-factor authentication?

Two-factor authentication, also known as 2FA, is an extra layer of authentication and verification that goes beyond the basic username and password security model. Without two-factor authentication, you enter your username and password, and then you're done. The password is your single factor of authentication. However, using the same username and password for multiple accounts increases the risk of identity theft.

Two-factor authentication is a recommended best-practice for protecting sensitive data, and is sometimes required by law when handling certain types of information.

Why is two-factor authentication necessary?

The key to gaining unauthorized access to data is the theft of user credentials—such as passwords—using them to access accounts, and then hack into servers or databases, or deploy malware to steal sensitive information. When people have strong and unique passwords for each and every service, the need for two-factor authentication is lessened.

Determining and remembering strong and unique passwords for multiple accounts can be difficult, so many users abandon safety for convenience. The Verizon 2014 Data Breach Investigations Report found that two-thirds of breaches are the result of weak or stolen passwords.

You use 2FA so that the failure of one factor does not grant access to attackers. Therefore, if a password is one factor, then the second factor can protect you if the password turns out to be weak.

How does two-factor authentication work?

Using two-factor authentication adds an extra step to the basic log-in procedure, giving would-be hackers two levels of protection to crack. Overall, this greatly decreases the chance for a successful attack. Reducing the dependency on passwords improves the user experience and ultimately decreases vulnerability throughout the network.

Different ways to authenticate

There are many methods to achieve "two-factor" authentication, but most involve augmenting a username/password with an additional, independent factor.

There are three typical ways to authenticate: 

• Something you know (password, PIN, pattern, passcode, or any other verification based on information only the user should know)

• Something you have (smart card, token, key, phone, virtual smart card, or other electronic device)—a physical item carried by the user that is unique to them

• Something you are (fingerprint, voice print, or retinal scan)

Some examples of commonly-used two-factor authentication are:

• Using a bank card (something you have) and a PIN (something you know) to withdraw money from your bank account at an ATM.

• Using a hardware token issued by your corporate IT department (something you have) which generates a specific number for you to include with your username and password (something you know) to log onto your corporate network

• Using an app on a smartphone or tablet that you’ve previously authorized (something you have) with a username and password (something you know) to access private banking

• Designating an email account (something you have access to) to receive confirmation when you provide your username and password (something you know) to access various secure web sites

• Receiving a numeric code in an SMS message on your designated smart phone (something you have), and using it in conjunction with your username and password (something you know) to log in to a secure site

If you use Keystone Domains in your cloud, chances are people have asked why Domain Admins can't manage projects under their domains via Horizon. Domain and project management in Horizon for Domain Admins will be available in the Mitaka release, and this post explains how to use it with a simple DevStack setup. This post assumes you already have working knowledge of Horizon and Keystone.

The main change needed in Horizon for this to work is https://review.openstack.org/#/c/148082/. There was significant support for Domain Scoped Tokens added to the Django OpenStack Auth (DOA) project as well, and those changes are in the latest DOA release.

Configure Keystone for v3

To begin with, you'll need Keystone set up for v3, meaning that you should be using a Keystone policy file based on the v3 sample policy file.

By default, DevStack sets up the Default domain as the Admin Domain, so you'll set domain_id:default here.

Configure Horizon for v3

In the local_settings.py file, set these values if they're not already set:

OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True

OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'default'


CACHES = {
'default': {'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache','LOCATION': '127.0.0.1:11211',
    },
}
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'

And make sure OPENSTACK_KEYSTONE_URL is set to the v3 endpoint (it should have /v3 on the end).

Install memcached on the Horizon server. On Ubuntu systems, the command will be:

$ sudo apt-get install memcached

Install python-memcached if it's not already installed:

$ sudo pip install python-memcached

You'll need to also use a version of the v3 sample policy file from Keystone for the keystone_policy.json file Horizon uses. We've found that the stable/liberty policy file from Keystone works best in Horizon, as the current one on the master branch uses features that aren't entirely supported by the latest oslo.policy release. See bug 1547684 for details. Again, set domain_id:default here.

Restart Horizon and Keystone to pick up all the config changes.

Create a new domain and assign a Domain Admin

DevStack gives the admin user the admin role on the Default domain, so the admin user can now be used to create a new domain and Domain Admin user in that domain.

• Log into Horizon with the admin user

• Create a new Domain

• Click the Set Domain Context button to work with the new domain

• Create a new user in the domain. Note that the user will have no roles on any projects or domains to start with

• Navigate back to Domains and give the new user the admin role on the new domain

• Log out of Horizon and log back in as your Domain Admin

• Your Domain Admin can now create projects and users under the new domain

This functionality allows you, as a cloud administrator, to delegate project management to domain administrators via Horizon. Domain Admins from different domains will not be able to see or modify Keystone resources within other domains unless specifically given access to do so.

Current limitations

• Horizon doesn't currently support role assignments across domains, such as giving a user in domain1 access to domain2.
• Doesn't support Project Admins managing Keystone projects. In Horizon, project management works best when done by Domain Admins.
• Doesn't support hierarchical project management.
• If using PKI tokens, you'll see errors in the logs which don't affect functionality. See bug 1551977 for details.

Please let us know in the comments if any of these limitations are important to you! We prioritize development based on what makes the biggest impact for users.

Hello,

Latest Symantec Endpoint Protection 12.1 RU6 MP4 has been released & now available to download from Symantec Fileconnect.

This version of Symantec Endpoint Protection includes new features, changes, or improvements in the following areas:

1. You can now define the maximum bandwidth that a Group Update Provider allows for client downloads.
2. Symantec Endpoint Protection automatically excludes the program components and archives for the Veritas-branded backup products Backup Exec, NetBackup,and System Recovery.
3. Symantec Endpoint Protection Manager displays file hash information in reports.
4. Symantec Endpoint Protection for Linux displays a notification area icon in the Ubuntu 14.04 operating system.

For more details go through the following article:

Fixed Notes: https://support.symantec.com/en_US/article.info3517.html

Release Notes: https://support.symantec.com/en_US/article.doc9223.html

System requirements: http://www.symantec.com/docs/TECH231877

Symantec’s Volunteer of the Quarter initiative highlights and rewards those employees who dedicate their time and talents to those in need. We have a long and proud history of encouraging our employees to volunteer. While the driving force of our efforts is largely altruistic, there is even more to volunteering than giving back to our communities. Volunteering makes our company a better place to work, so employees are helping both Symantec and the organizations they volunteer for.

This quarter, we recognize Jimena De Uria, APJ Channel Marketing Manager at the Sydney, Australia office for her volunteer efforts with Life Changing Experiences Foundation (LCE) an organization that supports the SISTER2sister program, which is a mentoring program for disadvantaged teenage girls. Uria also leads the Symantec Community Relations and volunteering activities in Australia. The $1,000 USD Symantec VoQ grant will be donated to LCE to help them expand across other cities in Australia.

I have been volunteering since I was a child. When I was younger, my parents and I would volunteer within our community in Venezuela and so giving back became natural for me. I have always found it very rewarding and after working with several nonprofits, I decided to cofound one with a group of friends from my University. Ten years ago we started a charity that was conceived to provide emotional support to kids suffering with cancer and then expanded its activities to support kids, teenagers and elderly in need. It is called Fundación Regalando Sonrisas, which in Spanish means Giving Smiles Foundation.

More recently in Australia, I have been work closely with an organization called Life Changing Experiences (LCE). Symantec has supported the LCE organization for over 5 years now and I first found out about them when their founder was invited to share her story and the organization’s purpose with us. When I heard about how the SISTER2sister program truly changes the lives of dozens of teenage girls every year, I wanted to contribute to their mission.

SISTER2sister is a yearlong mentorship program designed to empower at-risk teenage girls. As part of the SISTER2sister program, I became a “Big Sister” to one of the girls. This mentorship program requires weekly catch-ups with my “Little Sister” as well as monthly outings with her and with the other members in the program. Throughout the year, there are events such as trainings and bootcamps that teach everything from goal setting to self-defense. As a volunteer, I like to be part of on-going projects. When I commit to something, I like to follow through, see the results and celebrate the wins.  In addition to LCE’s SISTER2sister program, I also supported a national initiative of LCE, called Step Up for Sisterhood, to bring awareness about abused and neglected teenage girls in Australia, and to raise much needed funds to support the LCE programs.

I’m thrilled that LCE is receiving the $1000 USD VoQ grant! LCE is now running the SISTER2sister program in Melbourne in parallel with the Sydney program. The additional funds will make it possible to extend this program to other cities in Australia. Symantec’s Dollars for Doers program has also been amazing in providing additional support to the organization. They will receive the maximum amount of $1000 USD this year from Dollars for Doers for my volunteering, and recently another colleague has applied to become a Big Sister, so that means more Dollars for Doers for her volunteering hours!

Volunteering is so rewarding and energizing. I’ve had so many memorable experiences: I remember how heartwarming it felt when we took a child with cancer to the ocean for the very first time; and the time when we bought burgers for the kids, and one of them decided to keep half of his to bring it back home for his brother (he obviously got another burger for being such a caring brother!); and I was so thrilled when a student that I had been mentoring was accepted into University. Earlier this year the charity I cofound in Venezuela celebrated its 10 year anniversary. While I no longer am leading the charity, I’m so happy that the people leading it now continue to make it better every day.

Through my volunteering and I’ve met some of the most amazing human beings! These experiences have made me grateful for what I have. They have also helped me develop new skills and leadership opportunities. In Venezuela, leading a charity for 4 years taught me more than my 5-year studies in Electronic Engineering. I learned leadership skills to keep volunteers motivated, to sell the mission of the organization to potential sponsors and collaborators and to maximize our resources. I led a group of 50 people at the charity and it was my responsibility to keep them in tune with the importance of our mission.

If more people realized just how much you gain, I really think more people would spend more time giving back for their own benefit. I plan to show my future children the importance of giving back to their community as I would like volunteering to be natural to them as it was natural to me.

Thank you for this kind recognition and for the opportunity to assign additional funds to the charity.

Why there is only this IPv4 Address of managed client is shown on "Resource Manager" page, although client has more than 1 Network Adapter?

Answer:

• "Symantec Managemet Agent" sends basic inventory, according to Network Adapters order on managed client PC, therefore we see IPv4 address of first NIC in "Resource Manager" page of managed client PC (as it is shown above).

How to check NIC order on managed client PC?

• Go to managed client PC ⇒ Open  Control Panel\Network and Internet\Network Connections and click "Alt" button ⇒ now you will see "Advanced Settings..." menu

• And there you will see order of your Network Adapters on managed client PC

If you will change NIC order and send basic inventory, then you will see IPv4 address of 1st NIC of managed client PC in "Resource Manager" page of this managed client PC

Note! Pay attention that unexpected changing of NIC order on managed client PC, may lead to network problems on client computer (Depends on your network infrastructure settings, etc), therefore don't change NIC order just to see a favourite IPv4 address instead of previous IPv4 Address of your managed client in "Resource Manager"

Blog Feature Image: 

ThinkstockPhotos-467606343.jpg

A recent Symantec research report revealed that a China-based Advanced Threat group, dubbed Suckfly, has been targeting the private keys associated with code signing certificates to propagate malware over a period of two years.  This discovery added yet another validation point to a rising trend among cyber attackers to distribute malware disguised as legitimate files and applications.

Why are cyber attackers targeting the private keys of code signing certificates? The problem lies in the dichotomy of the objective, and the governance in traditional code signing practices.

Key objectives of code signing are to a) verify the integrity of the content and ensure it has not been tampered, and b) providing attribution and non-repudiation of the creator of the file or application. Code signing elevates the trust level for files and applications in providing assurances that content has not been altered, along with associating the content with an identity has been verified by a third party. Many software companies and industry groups mandate the use of code signing for these reasons.  

From a practical application perspective, some browsers will protect their users by displaying warnings if the user attempts to download any unsigned applications. In other areas, some security applications mitigate risks by preventing users from downloading and/or executing files and applications that are unsigned, minimizing the executing of code from unknown or unauthorized publishers.  As such, we’ve observed that organizations with an elevated security stance and a high volume of in-house software or application development typically have embraced code signing from both a publishing perspective as well as risk reduction.

With traditional code signing, the accountability and responsibility of safekeeping the private keys used in the signing is left with the publishing organization. Within these organizations, the security and management of the private keys are typically entrusted to the Development group as files and applications are mostly published by Applications or Software Developers. If the group is not trained on security best practices nor held accountable on the consequences of lost, stolen or misused keys, the larger organization face the risks of having malware signed with their private keys.

There are some industry best practices that can help organizations prevent stolen or misused keys. These include:

• Securing the private keys
  • HSMs or in a purpose-built secure environment
• Tracking of private keys and signing events
  • Provide visibility on who signed what, and when
• Managing the assignment and revocation of publishers
  • Ensure only authorized users have access to the private keys
• Capability to audit
  • Drive accountability and forensic insights on code signing activities

In addition to best practices, some organizations may value the increased security that derives from not having private keys dispersed on-site, but rather in a centralized, secure location with robust key management governance. As a provider of 65% of code signing certificates worldwide*, Symantec provides a next generation alternative to help address the gap on the lack of governance and other challenges in traditional code signing practices and addresses the risk of stolen private keys. Symantec Secure App Service, a comprehensive cloud-based code signing management solution, centralizes key management and tracking of code signing events, as well as user management. 

Cybercriminals will continue to find ways to breach the security of organizations and steal important data. Strict adherence to industry best practices or leveraging solutions such as Symantec Secure App Service will help deter these efforts and allow code signing to deliver the trust that it was created for.

*Source: International survey by rsEdge, 2014

lick here to attend:

https://www.brighttalk.com/webcast/13361/193871?utm_campaign=add-to-calendar&utm_medium=calendar&utm_source=brighttalk-transact

The release of Symantec IT Management Suite 8.0 is rapidly approaching! Please join us for a special webcast on Wednesday, March 23 to learn how version 8.0 will make managing and protecting your IT environment even easier.

This event will feature a panel of customers who participated in our early adopter program. They will share their experience testing and using version 8.0. 

IT Management Suite 8.0 includes several new exciting features and enhancements including:

• Integration with Symantec Unified Endpoint Protection Cloud Service

• Expanded software license management capabilities and views

• FIPS 140-2 compliant 

• Increased scalability by nearly double capacity

• UI improvements with search, filters, agent health, and more

Don't miss this great opportunity to get the latest news and information on IT Management Suite 8.0.

今天，赛门铁克宣布对所有SSL/TLS证书和客户渠道加强证书透明支持，力求为全球客户提供出色的证书管理解决方案。

证书透明（CT）是一种开放源码框架，旨在帮助企业全面了解自己所拥有的域名是否启用了有效证书。企业必须对这些证书有一个清晰、全面的了解，以便执行相关政策，迅速应对中间人攻击等威胁。

正如之前所宣布的，我们决定对2014年12月赛门铁克和Thawte所颁发的证书以及GeoTrust拓展验证（EV）证书加强证书透明支持。我们现在已经对这些品牌旗下的组织验证（OV）产品加大证书透明支持力度，同时将对2016年二月下旬的所有域名验证（DV）产品加强证书透明支持。到三月中旬，我们将全面推进证书透明支持，并拓展至日本地区平台。

为有效落实证书透明度政策，所有证书颁发机构必须导入所有可信证书。赛门铁克已与SSL/TLS证书生态系统中的其他主要机构展开对话，力求将证书透明支持纳入证书颁发机构/浏览器论坛的基本要求。此外，赛门铁克现在允许第三方证书颁发机构将其SSL/TLS证书导入赛门铁克的证书透明服务器，以便进一步落实证书透明度政策，同时便于其他证书颁发机构支持证书透明。

赛门铁克正致力于在SSL/TLS证书生态系统中不断加强证书管理与控制，以满足客户需求。进一步了解证书透明度政策最新进展。

賽門鐵克 (Symantec) 今日宣布要將對憑證透明度的支援擴大到所有 SSL/TLS 憑證類型及客戶管道，這關鍵性的一點可為全球客戶提供強大的憑證管理功能。

憑證透明度 (CT) 為開放式框架，旨在讓組織可全面檢視所擁有的網域目前存在哪些使用中的憑證。對於組織而言，是否能清楚完整地檢視憑證相當重要，如此才能直接實施政策，並對中間人攻擊等威脅迅速做出反應。

如同先前宣布的資訊，賽門鐵克最早是在 2014 年 12 月在所有賽門鐵克、Thawte 以及 GeoTrust 延伸驗證 (EV) 憑證產品加入了對憑證透明度的支援。現在賽門鐵克對 CT 的下一步即是將支援擴大至各品牌下的組織驗證 (OV) 產品上，且最晚將於 2016 年 2 月將支援加至所有網域驗證 (DV) 產品上。CT 支援將於三月中旬完整推出，與此同時賽門鐵克的日本專屬平台也會加入。

為了讓憑證透明度真正發揮功效，所有公開信任之憑證的認證機構 (CA) 皆需進行憑證登錄。賽門鐵克已開始和 SSL/TLS 生態系統內的其他大廠展開溝通，使 CT 可支援 CA/Browser Forum Baseline Requirements 的要求。此外，為了提高憑證透明度的採用率，並讓其他 CA 更易於支援 CT，賽門鐵克現開放第三方 CA 將其 SSL/TLS 憑證登錄至賽門鐵克的 CT 伺服器。

賽門鐵克會持續致力為客戶在 SSL/TLS 憑證的生態系統中強化對憑證的管理和控制。深入瞭解憑證透明度的最新相關進展。

本日シマンテックは、Certificate Transparency（透かし入り証明書）のサポートを SSL/TLS サーバ証明書のすべてのブランドと顧客チャネルに拡大すると発表しました。Certificate Transparency は、全世界のお客様に強力な証明書管理機能を提供するための重要な要素です。

Certificate Transparency（以下、CT）は、組織が所有しているドメインにおいてどのような SSL サーバ証明書が有効かを包括的に把握するためのオープンフレームワークです。簡潔なポリシーを実施し、中間者攻撃のような脅威にも迅速に対応するには、証明書について明確かつ完全に把握しておくことが欠かせません。

すでに発表されているように、シマンテックはまず 2014 年 12 月に、Symantec、Thawte、GeoTrust の Extended Validation SSL/TLS サーバ証明書（以下、EV SSL 証明書）のすべてについて CT サポートを追加しました。次のステップが、これまでに各ブランドの 企業認証製品にサポートを拡大しており、2016 年 2 月にはすべてのドメイン認証製品のサポートを追加する予定です。CT サポートの完了を発表できるのは 3 月中旬の見込みで、このときには日本独自のプラットフォームに対してもサポートが行われます。

CT が真に効果を発揮するには、公的に信頼されている証明書すべてについて、すべての認証局（CA）が証明書のログを記録する必要があります。シマンテックは、CT のサポートを CA/Browser Forum の Baseline Requirement として定めるべく、SSL/TLS のエコシステムにおける主要な人物との対話を始めています。さらに、CT の採用を促し、他の CA が CT をサポートしやすくなるように、シマンテックの CT サーバは、サードパーティの CA も SSL/TLS サーバ証明書のログを記録できるようにしています。

シマンテックは、お客様に向けて、また SSL/TLS サーバ証明書エコシステムの中で、証明書の管理と統制の強化を引き続き推進していきます。CT の拡大については、こちらをご覧ください。

【参考訳】