The second cumulative hotfix following from Enterprise Vault 10.0.3 has been released. More details are available from the following technote:
http://www.symantec.com/docs/TECH205731
The readme file which is linked to the technote shows you the differences between Cumulative Hotfix 1, and Cumulative Hotfix 2 (which is quite nice). So if you're afflicted by any Enterprise Vault 10.0.3 issues, take a look through the release notes and see if there is something which addresses your issue.
As a passionate biker, I always look forward to this time of year when Symantec Headquarters employees join thousands across the nation to participate in The League of American Bicyclists National Bike Month.
Bike to Work Day and Month has become a hugely popular nationwide event to celebrate the many benefits of bike transportation. As featured in this great Bike to Work Day PSA, ‘Why do you Ride’, biking to work has numerous benefits for your health, your wallet and the environment. For example, for every one mile pedaled rather than driven, approximately one pound of CO² is saved, and on a round-trip commute of 10 miles, bicyclists save around $10 daily.
Last year as part of our Summer Bike to Work Contest, Symantec employees rode 12,500 miles equating to a savings of nearly $2,000 in gas.
Thanks to local and national events like Bike to Work Day, the number of bike commuters is on the rise; cities including Washington, DC, Philadelphia, and Denver have more than doubled their bike commuter share since 2000. This year, Silicon Valley Bike Coalition saw a 23 percent increase in participants compared to last year.
The Green Team invites you to dust off your bike and leave your car parked at home this summer by taking part in Symantec’s Bike to Work initiatives:
Bike to Work Day
On Friday, May 9th – the San Francisco Bay Area’s Bike to Work Day – Symantec, in partnership with the Silicon Valley Bike Coalition, held an Engerizer station for Bike to Work Day riders in Mountain View. The station featured various goodies donated by the Symantec Cafe and special give-aways from the marketing team. The favorite was the Santa Clara Bikeways Map, showing Santa Clara County bike paths and roads which are bicycle friendly. 375 riders passed our station, 140 stopped in, and 45 of those Symantec employees!
Silicon Valley Bike Competition
Sign up as a Symantec team member for the Silicon Valley Bike Coalition’s Company Bike Challenge. This competition is a friendly cycling competition among companies in the Bay Area, and it runs throughout the month of May.
The top companies and top riders will be chosen and awarded prizes at the end of May – help us be one of these!! We’ll also be awarding prizes to our own top riders!
Sign up at: http://teambikechallenge.com/welcome and choose “Symantec Corporation” from the pull-down menu.
Summer Bike to Work Contest
Additionally, employees should keep pedaling throughout the summer and participate in Symantec’s internal Bike to Work Contest. Ride your bike to work between June 1 and August 31, and record your miles at http://sweden.mvw.spt.symantec.com/btwd/ website.
The top riders will receive great prizes like a Symantec biking jersey!
A huge thank you to all our volunteers and executive sponsors for supporting our Bike to Work Day efforts!
Anand Raj Vengadassalam is a Symantec technical support engineer, and member of the Symantec Mountain View Green Team.
Reference: http://www.symantec.com/business/support/index?page=content&id=TECH205767
Symantec will post update to the AV Engine in Multiple Daily Virus Definitions on Tuesday May 21st 2013.
Beginning with the Virus Definitions that include the update AV Engine version 20131.1, additional files will be added. That update is expected to post in MDD1 on Wednesday May 21st.
Symantec Endpoint Protection 12.1+ and Norton AntiVirus/Norton Internet Security 2011+ customers will see 4 new index files. Symantec Endpoint Protection 11+ and Norton AntiVirus/Norton Internet Security 2007+ products will see 8 additional index files.
As a result of the additional files, the size of each dated definition folder will increase. Note the size increase noted below will be the size that is added to the dated definition folders as they exist on the disk. When definitions are distributed the files are compressed.
Symantec Web Gateway is state of the art proxy and web filtering solution for corporate local area networks. It has the capability to authenticate end users and provide them secure web browsing experience as per organization’s policies and requirements.
SWG can use one of the 2 authentication mechanisms available in it named
- Domain Controller Interface (DCI)
- NTML Authentication
SWG can only use one of these methods at a time.
NTLM and DC Interface provide different kinds of authentication mechanisms and have difference in functionality as well.
DCI works by integrating with domain controllers in an organization. In order to do so we need to install a small piece of software on domain controller. This software actually integrates SWG with corporate domain.
The SWG connects routinely to the DC to obtain all known users LDAP group information.
1- User logs on to computer.
2- DC Interface agent on Domain Controller detects logon event and sends user details and IP address to SWG.
3- User connects to Internet.
4- SWG matches connecting IP address to user with information received from DC Interface.
5- SWG obtains LDAP group membership information from DC.
6- SWG applies appropriate policy based on LDAP information.
7- In the event that no matching logged on Domain User is identified, the SWG will apply the next IP based policy or the default policy.
NTLM Authentication configuration accomplishes by providing corporate domain controller’s IP and credentials to SWG’s configuration tab for NTLM authentication. It does not require installation of any additional software on domain controller.
1- SWG Administrator creates an Authentication policy set to Ignore, Authenticate no Enforce or Enforce.
2- The SWG connects routinely to the DC to obtain all known users LDAP group information.
3- User connects to the Internet site via the proxy.
4- Users browser receives an NTLM challenge from the Web Gateway.
5- Users browser responds transparently with a hash of the users credentials.
6- The Web Gateway connects to Domain Controller (noted in LDAP settings) to verify credentials.
8- If verification succeeds, policies are applied according to LDAP information.
9- In the event that the NTLM process is not working correctly, or the users LDAP information is not yet known, the SWG will apply the next IP based policy or the default policy.
NTLM has some Advantages over DC Interface
DCI | NTLM |
Provides only user identification service. | Provides both Identification and Authentication services |
Integration with domain controller requires installation of agent software on at least one of the domain controllers in the environment | Integration with domain controller does not require any additional software |
Policy is mapped on the basis of initially assigned IP to a machine. This results is policy mismatch if user switches the machine | Policy is based on username and only works for designated user |
Dear All,
Symantec have launched the NBU 5230 appliances for Middle East . The 5230 comes with more cores and memory and storage size updates.
Please find attached data sheet and comparison.
Please note the 5xxx series are not available for our region and only for selected customers.
It’s been a busy year so far with several exciting changes with Symantec 4.0. The transition to becoming an even stronger company takes time but so far I have been very impressed with the progress we have made. I look forward to Symantec strengthening our products and making an even greater investment in our partners. If you didn’t have the chance to visit us last month at Symantec Vision 2013 it was a great event. Many keynotes were delivered that gave insight into our company plans for the coming year. You can refer to John Eldh’s Blog on the event in which he gives an excellent recap of all that was covered and the “revolution” that Symantec is undergoing this year.
In the channel, we have continued the momentum with many opportunities to increase your knowledge of Symantec products with our road shows and boot camps. In April, Symantec Endpoint Protection 6-City Partner Roadshow had 112 partner attendees, the content focused on how to grow margins and maximize deal sizes. We continued in May with a boot camp on Symantec Endpoint Protection and Symantec Endpoint Protection SBE. This 4 day boot camp had 294 partners in attendance where they were given the opportunity to take the Symantec Endpoint Protection Sales Expert (SSE) and Symantec Endpoint Protection Sales Expert Plus (SSE+) accreditation exams. Upon passing, they became SMB Specialized in the Security Track and can now start using the Margin Builder tool. I definitely encourage you to take advantage of the additional events we have still going on this quarter. Sign up today for the 10 City Partner Roadshow Symantec Solutions as a Managed Service, Virtualization Partner 10-City Partner Roadshow in June, and Symantec Partner Backup Exec Virtual Boot Camp on June 18-20
One of the things I am more excited to share is the launch of our new and improved PartnerNet. To help you get started, I recommend that you watch these short videos which gives you quick tutorials on the new site. There is also an FAQ that addresses common questions and concerns. In addition, the recorded partner Webcast The New PartnerNet: Redesigned to Make Your Life Easier is now available.
As always, I want to encourage you to join our Facebook Partner page, LinkedIn Partner page, and follow us on Twitter. These outlets always deliver the most up-to-date information.
Thank you for your continued partnership. I hope to see you at a future Symantec road show.
Nobody can deny that the data center today is undergoing a dramatic transformation, bringing in all sorts of new technology, and constantly in a state of change. Between new devices, operating systems and service delivery platforms, change is really the only thing IT can depend on.
We set out to see how businesses are doing when it comes to navigating their way through these changes. Our recent Windows Server 2012 Migration/Virtualization Survey was created to take a closer look at organizations attitudes towards migration, what their adoption plans are and get a closer look at virtualization trends in the market.
Change is the New Constant
The first finding that really jumped out at us is the fact that IT is in a constant state of change. We found specifically that organizations anticipant significant change when it comes to virtualization. If fact, while just 18 percent of the businesses we surveyed have virtualized at least three-quarters of their IT environments today, just over half of them (52 percent) will take the plunge into full virtualization within the next two years.
Windows Server 2012 Adoption Is Happening Gradually
Next, we found that while many are planning to upgrade to Windows Server 2012, 93 percent haven’t actually made the move yet. For those that are planning to migrate:
One significant factor that is keeping people from making the transition is the cost of the upgrade, and some businesses are slow to make the change because their current version is getting the job done. And with IT complexity increasing, there are also concerns about compatibility issues with current hardware or software.
On the flip side our survey revealed that the most important reasons companies are making the switch to Windows Server 2012 include improvements in the virtual desktop infrastructure, Hyper-V server virtualization and a more resilient file system called ReFS that improves scalability and resource management.
Data Protection is Top of Mind
With all the change, the one thing that needs to remain constant is an organization’s ability to ensure their data is protected no matter where it resides. We found that although nearly two-thirds (62 percent) of companies use multiple solutions to protect their physical and virtual systems, nine in ten are interested in single solution and what it can offer. This is especially important for SMBs, who have fewer resources to dedicate to data and system protection.
Making the Transition Successfully
While many businesses are eager to begin enjoying the benefits of Windows Server 2012, planning for an effective transition is important to get the most out of the investment. We recommend following these guidelines before making the switch:
For more information on Symantec’s Windows Server 2012 Migration/Virtualization Survey, we invite you to read these additional resources:
Have you ever had a strange build up of temporary files on your Enterprise Vault Server? Strange in that they're all the same size, and appear in a long row of sorts? Well the explanation might be that Enterprise Vault is trying to process a problem message. The situation is described in this technote:
http://www.symantec.com/docs/TECH206368
I know that issues like this are super tricky to find, and to fix, but really this could lead to quite a bad situation on your Enterprise Vault server. Have you ever had any issues with stuck/problematic messages, let me know in the comments below:
5 月 20 日、Norman 社と Shadowserver Foundation は「Operation Hangover」と題する詳細なレポートを共同で公開しました。このレポートは、インドから発信されていると思われる標的型のサイバースパイ攻撃に関する先日の ESET 社のブログに関連しています。シマンテックも先週この事案について短いブログを公開しましたが、以下の Q&A では、このグループについて特にシマンテックに関連のある追加情報をお届けします。
Q: シマンテック製品やノートン製品は、このグループによって利用されている脅威に対する保護を提供していますか?
はい。シマンテックは、ウイルス対策と IPS シグネチャ、さらには評価ベースや振る舞いベースの技術などの STAR マルウェア対策技術によって、Operation Hangover が関与する攻撃から保護しています。また、Symantec.cloudも、このグループによる標的型電子メールを検出します。
Q: シマンテックは Operation Hangover の活動に気づいていましたか?
はい。前回のブログでも指摘したように、複数のセキュリティベンダーがその活動を追跡していますが、シマンテックは、長年にわたってこのグループに関する情報を捕捉しており、その活動を追跡しています。また、Operation Hangover によって利用されているさまざまな脅威に対して常に最善の保護対策を提供しています。
Q: Operation Hangover という名前の由来は何ですか?
Norman 社と Shadowserver Foundation が Operation Hangover という名前を使ったのは、このグループによって特に頻繁に利用されているマルウェアに、この名前を含むプロジェクトデバッグパスが使われていたからです。
Q: この攻撃の被害者はどのように感染するのですか?
最初の感染は、標的に送りつけられたスピア型フィッシングメールから始まります。この電子メールには、その標的に関連するテーマに沿ったファイルが添付されています。図 1 に、Operation Hangover による攻撃の各段階を示します。
図 1. Operation Hangover による攻撃
この電子メールには悪質なファイルが添付されており、開くと標的のシステムに感染するか、標的のシステムの脆弱性を悪用しようとします。成功すると、第 1 段階のマルウェアが侵入先のシステムにロードされます。このマルウェアは大部分が、Smackdown として知られる Visual Basic ダウンローダからのものです。
侵入先のシステムの調査を済ませると、攻撃者は第 2 段階のマルウェアをダウンロードするかどうかを決定できるようになります。これは、大部分が C++ で記述された情報窃盗マルウェアで、HangOve というマルウェアグループに属します。HangOve グループでダウンロードされるモジュールはいくつかあり、以下の処理を実行します。
Q: シマンテックは、このグループがどのような組織を標的としているか把握していますか?
はい。シマンテックの遠隔測定によれば、この攻撃は主としてパキスタンを標的にしていることが確認されています。一連の攻撃では防衛関連の文書が餌として使われていることから、特に狙われているのは政府のセキュリティ機関と考えられますが、同じグループがパキスタン以外では産業スパイ活動に関与していることも確認されています。
Q: この脅威はどのように拡散するのですか?
図 2 と 3 に示すように、シマンテックの遠隔測定によると、このグループの被害が最も大きいのはパキスタンです。これは、同グループに関する他の調査結果とも一致しています。すでに述べたように、このグループの活動は 1 つの標的または地域に限定されてはいません。
図 2.シマンテックの遠隔測定で検出された Operation Hangover 関連の分布図
図 3.シマンテックの遠隔測定で Operation Hangover の攻撃が検出された上位 10 カ国
Q: このグループによって利用されている脅威に対するシマンテックの検出定義にはどのようなものがありますか?
シマンテックは、このグループによって利用される脅威に対して以下の名前で検出定義を用意しています。
シマンテック製品をお使いのお客様がこのグループを特定できるように、この攻撃活動の主なコンポーネントは、以下のように再定義されています。
以下の IPS(侵入防止シグネチャ)も用意されています。
Q: シマンテック製品やノートン製品は、このグループによって利用されている悪用から保護されていますか?
はい。このグループが悪用している既知の脆弱性と、それに対するシマンテックの保護定義を以下に示します。現時点で、このグループがゼロデイ脆弱性を攻撃に利用している、またはこれまでに利用した形跡はありません。
Q: 今回のレポートは、Operation Hangover を実行しているグループの活動にどう影響するでしょうか?
これまでの例と同様、ここまで情報が明らかになりながらも、Operation Hangover のグループは今後も活動を継続するものとシマンテックは考えています。シマンテックでは、Operation Hangover の活動について監視を続け、各種の攻撃に対する万全の保護を引き続き提供します。いつものことですが、このようなグループの攻撃から保護するために、シマンテックの最新技術をお使いいただき、多層防御を導入することをお勧めします。
* 日本語版セキュリティレスポンスブログの RSS フィードを購読するには、http://www.symantec.com/connect/ja/item-feeds/blog/2261/feed/all/jaにアクセスしてください。
戦没者追悼記念日は、男女を問わず兵役中に亡くなった米国民を追悼する日で、今年は 5 月 27 日がその日に当たります。サイバー犯罪者が行事や祝祭日を利用するのは、もうすっかりお馴染みになりました。今年は、戦没者追悼記念日に関連したスパムメッセージが、Symantec Probe Network で検出され始めています。確認されたスパムサンプルの大多数は、自動車やトラックの在庫一掃セールを宣伝するものです。URL をクリックすると、ユーザーは偽の広告が掲載された Web サイトに自動的にリダイレクトされます。
図 1: お買い得を謳う戦没者追悼記念日スパム
戦没者追悼記念日を狙った在庫一掃セールスパムに関連して、以下のような件名が確認されています。
別のサンプルとして、ダイエットや医薬品の偽広告でユーザーを誘うスパムも確認されています。URL をクリックすると、偽の商品が販売されている Web ページにリダイレクトされます。このような広告で誘うスパムには、十分に注意してください。
図 2: 戦没者追悼記念日を利用したダイエットスパム
図 3: 戦没者追悼記念日を利用した偽の医薬品の Web ページ
迷惑メールや心当たりのない電子メールの扱いにはご注意ください。シマンテックでは、最新の脅威に関する最新の情報をお届けできるよう、常時スパムの監視を続けています。
* 日本語版セキュリティレスポンスブログの RSS フィードを購読するには、http://www.symantec.com/connect/ja/item-feeds/blog/2261/feed/all/jaにアクセスしてください。
Having worked with Clustering for nearly fifteen years I believe this still qualifies me as a total novice. It’s a bit like saying I work with cars, if I drive formula one car I won’t have much knowledge about stock car racing. When we talk about cluster computing it normally refers to a number of computers working in some coordinated fashion. These will typically fall into two types, shared disk and shared nothing.
Shared disk is the most recognized architecture and as the name would suggest simply means that all storage is available to all nodes in the cluster. Examples of this could be Oracle RAC or Storage Foundation Cluster Filesystem. In both these instances a lock manager is required to manage to the coordinated access to the data. Shared disk architecture offers the highest levels of availability. Depending on the application it can often scale very badly in true parallel shared clusters. I often see this in Oracle RAC environments where due to the cache kept on each node the database is constantly chasing memory segments from other cluster nodes severely impacting database performance. Shared disk is normally the most costly and widely used of the architectures.
Shared nothing is another cluster mechanism which exists. Shared nothing does not involve concurrent access to disks, so no lock manager is required. Some would suggest that VERITAS Cluster Server could be considered a shared nothing technology since only one node in the cluster can access the data at a time. This is true unless you are using Veritas ClusterFilesystem. Ultimately though you are using shared storage which is presented to all hosts in the cluster. True shared nothing eliminates the need for expensive SAN shared storage and acts as an enabler for leveraging non shared storage. For example if I bought an X86 server with two internal drives, I could have my Operating system on one and an application on the other. This however offers no resiliency in the face of hardware failures of either server or storage. Using a shared nothing approach we could mirror our application data to one or many servers in our cluster. Those servers do not need to see the application data disk (not shared) the data will simply be replicated over the cluster interconnects and a synchronous copy will appear on the passive servers. Thus removing the need for expensive shared SAN storage. If you then consider a solution like VERITAS Cluster Server now you are able to monitor the application and if there was a failure of disk/server or application then control could be passed to one of the passive servers to restart the application with a consistent up to date copy of the data.
Storage Foundation High Availability 6.1 is due out in October 2013 will make shared nothing clustering as described here a reality. There is already the building blocks in place which enable “data shipping” across the cluster interconnects. So for example in the event of loss of storage connectivity of a node, that node could continue to process requests and write the data over the interconnects on another server. This is the underlying technology that the shared nothing implementation uses. VERITAS Cluster Server today offers a standardized approach to application availability with the traditional active passive approach. Storage Foundation HA will offer enterprises a very cost effective simple design to making their application highly available without any of the associated storage costs. As with all forms Business Continuity it is important to understand the service levels you need to maintain and map the solution accordingly. I would anticipate that the shared nothing approach may not fit the 99999 applications but will certainly be a good fit for less critical applications. The shared nothing implementation is branded Shared Storage Sharing and will available in October this year.
Indian e-commerce is growing at an incredibly frantic pace. There are tons of new e-commerce sites mushrooming in variety of verticals spanning electronics, books, gift items, vitamin supplements, foreign importers etc.
Unfortunately the awareness among Indian customers and e-commerce site owners regarding the risks of online scam, phishing and what not remains concerningly low.
SSL Security is one basic step that every e-commerce site must take at the very minimum. Doing so will at least ensure that transactions between an e-commerce site and its customers remain private. This is critically important in India, especially because there exceptionally large portion of the population using shared internet (i.e. cyber cafes).
It has come to our attention that a very famous site known as SnapDeal.com which is essentially India’s Amazon, has not been using SSL properly at all. Just imagine one of the largest shopping sites in the entire country with over 1.2 billion customers transferring confidential details such as address, email, phone number, credit card, and online banking details in just plain text! To say we were shocked would be a vast understatement. Just take a look at the screenshots to follow as proof :
How SnapDeal.com becomes non-trusted with their security?
1. They don’t have “HTTPS” or a “SSL Certificate” installed on their website.
2. They use a text to gain trust of security, “100% secure shopping guarantee”. A website simply cannot be secured without any “HTTPS” or “SSL certificate” security installed, anything else is an indication of an online scam or fraud.
3. Even visitors know they should only enter credit card information on secure page, something that can easily be identified by the LOCK Symbol located with the frame, status or address bar of a trusted browser. Just by gathering user credit card information on their unsecure payment processing pages SnapDeal.com is putting their users’ private information at extreme risk. How could they say they are secure and don’t store credit card details without using ““HTTPS” or “SSL Certificate” security?
Finally, we confirm without a single doubt that Snapdeal.com, one of India’s largest e-commerce platforms, simply doesn't care about user safety on the web. They have been displaying a logo of Trust Pay everywhere on their website, however, Trust Pay is not a Security Authority. It’s actually what is known as a Financial Conduct Authority which only deals with payment processing and has no responsibiity for web page security.
As you can see this is one giant disaster waiting to happen. Just imagine what could happen if a fraudulent site called “SnopDeal.com” pops up. Perfectly imitating the website design and all their products in order to lure customers into a huge phishing SCAM!
How they can secure their business and users information with SSL Certificate security?
Conclusion:
In today’s world where sensitive information so routinely traverses what is known as the internet superhighway, SSL Certificates have become an increasingly crucial part of e-commerce. It is for that very reason that one should never hesitate to make the online business experience a much safer and secure one for users on the web with an SSL certificate.
HOW TO AVOID THE DARK CLOUDS
It isn’t hard to see why Cloud-Based IT Services are becoming such a big draw for businesses – not when cloud is attracting more and more focus, as organisations seek out the best, and most efficient and cost-effective means of storing their essential (and often highly sensitive) data.
One question I’m asked time and again, though, is how fast is the move into the Cloud? You hear all sorts of stats and claims, so it’s time to put a bit of reality around this. If you look at our own latest in-depth survey on this here at Symantec – ‘Avoiding The Hidden Costs of the Cloud’ – it’s clear that customers really are rushing to leverage cloud services, as they extend the reach of their IT deep into the stratosphere. In fact, more than 90% of all organisations are at least discussing Cloud – a sharp step up from 75% a year ago. What’s driving that? Well, particularly the irresistible promise of reduced capex, more predictable opex, easier management, enhanced scalability and better disaster preparedness. Not a bad payback, if you get it right, I would suggest.
Other key survey findings in our survey showed enterprises and SMBs are experiencing escalating costs tied to ‘rogue Cloud’ use – in other words, business groups implementing public cloud applications that are not managed by, or integrated into, the company’s IT infrastructure – complex backup and recovery; and inefficient cloud storage.
All good stuff. But, like all things, I see that as only half the story. Inevitably, there are downsides to the Cloud ‘Utopia’, too. Security issues and outages spring to mind, most of all, both of which will continue to affect organisations that have stepped into the Cloudscape. So, business continuity is, not surprisingly, one of the big issues our survey homes in on, with the increase in cloud outages (Amazon and SalesForce spring to mind!) posing even greater risks than security breaches.
One of the challenges is that organisations often hold their information on physical, virtual and cloud storage, creating a very complicated environment when it comes to backup and recovery. In fact, more than two-thirds of enterprises today are using three or more solutions to back up their data. As a result, more than 40% have lost data in the cloud and had to restore their information from backups. And I note that a worrying two-thirds of those organisations saw recovery operations fail. That apart, even when it works, recovering data from the Cloud is slow. I’ve seen it up close and sometimes, by comparison, watching paint dry suddenly becomes an exciting prospect! To put it in context, more than one-fifth of those surveyed estimated that recovering from the Cloud would take three days – or even longer. Not for those who want their businesses to run like sleek, well oiled machines, I would venture.
Then there are the concerns expressed around issues with: inefficient Cloud storage; Cloud compliance; Cloud eDiscovery; and Cloud data in motion. Cloud often requires SSL certificates – for websites, applications etc – and the final hidden cost revealed by the survey relates to management of these certificates. Most find this area complex, with just 27% stating that managing Cloud-based SSL certificates was easy. In a related finding, fewer than half felt confident that their Cloud partner’s certificates comply with their own organisation’s internal standards. Now that is worrying!
So what’s the answer? First, I would suggest that, where Cloud-based services for security and management are in force, that experience can be dramatically improved. Let’s take remote working as a case in point. Organisations don’t have to restrict how, where and when their employees take advantage of this. They just need the right systems and processes in place.
This, I would humbly suggest, is where a solution like Symantec MessageLabs Web Security.cloud service can come into play, putting roaming and remote worker support options at the user’s fingertips, helping businesses address these challenges. Crucially, the service scans all Web content, promoting enhanced accuracy above services that rely solely on URL filtering for threat detection, with threat intelligence shared across email, Web and IM for converged threat detection.
Whatever the challenge and solution, though, if…
Then I believe all of the following must come into play:
Get it right and the Cloud can be a great place to move to; get it wrong and there may soon be a sizeable tear in its fabric that your most precious data falls through.
Let me know what you think. As part of the new ‘evangelist’ team reporting in to the CTO in EMEA, I would welcome all opinions.
Symantec is pleased to announce that beginning June 24, 2013 technical exams (SCS/STS/ASC) will be offered exclusively through Pearson VUE, the recognized leader in computer-based test delivery. The partnership will result in a more efficient and engaging testing service with more locations for Symantec partners. Pearson VUE’s advanced registration and delivery technologies simplify the registration process, allowing for faster registration, greater access to localized exams and enhanced exam security to protect your investment in Symantec training and certification.
The registration process is new so please be sure to read the FAQ’s for important details.
Having control over an email account can be a lot of power, even though most people would probably say they do not care if someone else is reading their private emails. But it’s not always about reading those private emails. Of course there have been quite a few attacks where secrets were revealed by snooping through emails of hacked accounts. The reasons vary from jealous spouses searching for proof of an assumed affair or as serious as corporate espionage in which certain parties are seeking essential information about a critical deal. Other attackers may use the compromised account to send social engineering messages to all contacts stored in the email account posing as the person whose account has been hacked.
Nowadays an email account is much more than just sending and receiving emails. Many free service providers like Microsoft or Google have various additional services attached to email accounts. Having access to these accounts means having access to such things as private photos that were uploaded to the account. There have been a few cases where attackers broke into email accounts and found sensitive pictures, like naked photos, and then blackmailed the owner of the account. While most people are smart enough not to upload such pictures, with the integrated cloud storage that is available with many services now there may be all kinds of files stored in those accounts, such as password files, license files, tax records, passport scans, company documents, and more.
The power of an email can be even larger than this, as its scope is much greater. Many online services use the email address as a user name. Therefore, knowing the email address and the email account password can give the attacker access to many different accounts besides the email provider as many services offer to reset a forgotten password through email, even if the user does not use the same password on different services. Controlling the email account means controlling the password reset emails of other services and therefore giving access to many different services regardless of what password it uses.
Every time there is a data breach and email and passwords are publicly posted, other attackers will take this information and start new attacks with it. The first thing they usually try is to check whether the same password also accesses the email account.
Of course, not all services are of interest to attackers. Losing control of your social media account may not be enjoyable—especially if you are a news agency—but it will not really hurt most people. For companies this might be a different story, as it could lead to brand damage if something happens to their accounts. Last year there was the widely publicized situation of Mat Honan, a Wired reporter whose Apple devices were wiped when hackers gained access to his iCloud account. This can be troublesome, but as a user you can help to avoid it by registering for the additional security measures provided.
Some services are of interest to attackers. Companies can allow goods and services to be ordered for instance, charging the on-file credit card or sending an invoice to the account owner. Financial services, auctions, and payment services are definitely high on the list of services that hackers would check. There are many services that you probably do not want to lose control over. With companies adding more and more features it is even more important to protect your email account. For example, Google announced recently the integration of Google Wallet into Gmail. This allows you to send money from your email account in the same way you attach a picture to an email. You can attach money to an email as well. Or an attacker might do it for you.
To ensure that such attacks will not happen, Google was one of the first service providers to introduce two-factor authentication to the masses. Other services, including Apple have followed and have started to integrate two-factor authentication or out-of-band authentication in the form of a code being sent to a previously registered mobile phone or one time password (OTP) generator applications. This is a good solution to secure your account beyond passwords. It is definitely better than just forcing the user to fill out security questions that can easily be guessed with public information.
Not proactively enrolling in additional authentication measures, if they are available, also might leave you vulnerable to rare attacks for which a password is not even required as there is always a chance of a glitch, like the one in Apple’s password reset function in 2013. While Apple acted quickly and fixed the issue, users who had enrolled in two-step verification were protected the entire time. There have also been some cases where an attacker could use a cross-site request forgery (CSRF) attack to hijack an active session and reconfigure your email account. For example, a long time ago there was a simple attack where a website could add a forwarding filter to your Gmail account, resulting in all emails being forwarded to an additional address. Of course Google fixed this issue quickly and increased account security even further. For example, now the user is warned with a UI message if any new filters have been added. Those attacks are harder to prevent for the user, as logging out of the account whenever it is not used is often not really practical advice.
You should use a strong password for your main email account that is unique and also different than the passwords you use for other services. Also keep yourself aware of new security features introduced by your email account.
It’s time to stop and take a moment to consider cyber security, says the Australian Government. Once a year, the government gets together in partnerships with industry, the community, and consumer organisations to help make people aware of basic steps they can and should do to protect their personal and financial information.
This year’s theme on their Website is “Our Shared Responsibility”. I encourage you all to go out and look at their website, where they help distill a lot of activities down to the basic 10.(With commentary by me.)
The site didn’t list it, but I believe strongly in power-on password protection in case your computer or phone is stolen. I use the ‘find my phone’ app for tracking it to the bad guy who might steal it. And back up your files securely – encrypted online or on a back-up hard drive.
Be vigilant about your own protection, because the cyber criminals are certainly vigilant about finding easy targets.
Les économies incontestables, l’efficacité de la virtualisation et l’explosion du cloud transforment les services informatiques de l’entreprise.
Les serveurs virtuels et les environnements de cloud computing représentent des défis pour la sécurité et la conformité au-delà de celles trouvées dans des environnements physiques. Premièrement, les environnements virtuels ajoutent de nouveaux éléments. Il s’agit notamment des hyperviseurs, des serveurs de gestion et des utilitaires qui doivent être patchés et protégés pour éviter d'exposer l'ensemble de l'infrastructure virtuelle aux risques.
Conçues pour aider les organisations à maintenir les plus hauts niveaux de sécurité et conformité lors de l’expansion des environnements virtuels et cloud. Ces solutions combinent :
Maximiser les performances des VM sans sacrifier la sécurité
Protéger complètement l’environnement VMware sans impact sur les performances.
Plus d’informations sur nos solutions pour les environnements virtualisés : http://www.symantec.com/fr/fr/products-solutions/solutions/detail.jsp?parent=virtualization&child=secure_virtualization
Une solution leader de l'industrie d’audit de configuration conçue pour évaluer si les systèmes sont sécurisés, configurés et patchés selon les normes.
Control Compliance Suite vous permet de communiquer les risques informatiques dans des termes pertinents pour l'entreprise, de hiérarchiser les mesures correctives grâce à une vue composite des risques et d'automatiser les processus d'évaluation afin d'améliorer la sécurité globale et de renforcer la mise en conformité.
Avantage : Des politiques intégrées venant des bonnes pratiques VMware
Effectue l’évaluation de la vulnérabilité de bout en bout, des applications Web, bases de données, les serveurs et les périphériques réseau, offrant une vue unique des menaces de sécurité sur votre infrastructure IT. Identification des machines virtuelles vulnérables
Vous permet de tirer profit des avantages de la virtualisation en toute confiance.
Plus d’information sur Control Compliance Suite Virtualization Security Manager : Lien vers CCS VSM
SSR 2013 supports Windows Server 2012 and Windows 8 including new features introduced in this release of Windows.
Following are the new features of Windows Server 2012 and Windows 8 supported by SSR 2013
Whether it’s a private cloud, public cloud or somewhere in between, Forsythe Solutions Group, a Symantec Platinum Partner, helps its customers benefit from cloud technologies—and Symantec storage and high availability management products play an important role in the solutions. In order to meet its customer’s ever-increasing storage challenges head on, Forsythe leverages Symantec Veritas Storage Foundation 6.0 with its powerful deduplication capabilities, monitoring tools, and ease of integration with virtual environments.
In addition, Forsythe’s customers’ cloud deployments aren’t limited to Symantec storage management technologies and tools to manage complicated application environments; it extends to Symantec data backup and data protection technologies, which is increasingly being delivered via the cloud. So if you’re looking to mix and match different technologies—from different operating systems, different servers to interdependent services, and more—and need a comprehensive management console for the whole environment that provides more resiliency for your business and gets you to market more quickly, read more about this partner success story http://bit.ly/13AipEb
