Enterprise Vault partition rollover is something that many people setup, but with small lab environments it isn't something that is always that easy to test. So, the question I sometimes hear is:

"What events are logged for partition rollover"?

Well the answer is as follows:

Firstly if there are no ready partitions, Storage File Watch will log:

Log Name: Symantec Enterprise Vault
Source: Enterprise Vault
Date: 5/6/2013 13:46:17 PM
Event ID: 7027
Task Category: Storage File Watch
Level: Warning
Keywords: Classic
User: N/A
Computer: EV1A.EV.LOCAL
Description:
Partition rollover could not find any ready partitions for VaultStore Email of Storage service 1CFE6FC145153B74B8DEF36D35524084E1e10230evsite.

Note
All Partitions in of vaultStore Email will be closed. Use VAC to create a new open partition or open an existing partition.

The nicer one though is the one which is logged when rollover happens, it's the one you want to see!

Log Name: Symantec Enterprise Vault
Source: Enterprise Vault
Date: 11/06/2013 11:48:43
Event ID: 7028
Task Category: Storage File Watch
Level: Information
Keywords: Classic
User: N/A
Computer: ev1a.EV.Local
Description:
Partition rollover has occurred.
Details:
Storage Service ID:154E5EC232981384488AFE922985AC25C1e10000evserver
Vault Store: vs1
Closed Partition: vs1 Ptn1
Opened Partition: vs1 Ptn5
Triggering Mechanism: Forced

There is also the one below which shows you the current ready partitions:

Log Name: Symantec Enterprise Vault
Source: Enterprise Vault
Date: 11/06/2013 11:48:43
Event ID: 7029
Task Category: Storage File Watch
Level: Information
Keywords: Classic
User: N/A
Computer: ev1a.EV.Local
Description:
The ready partitions for VaultStore vs1 of Storage service 154E5EC232981384488AFE922985AC25C1e10000evserver are vs1 Ptn5,vs1 Ptn6,vs1 Ptn7,vs1 Ptn8,.

Over the last few years as IT Staffing has been trimmed to minimal levels and as the adoption of cloud based services has risen in a dramatic fashion, the erosion of the basic skills, tools, and awareness of running a secure environment has steadily accelerated its pace.  The lack of “IT Fundamentals” becomes eerily apparent as you open a web browser where the results of this oversight are apparent with the number of successful hacking related activities by folks with less than good intentions continue to grab the headlines. Simple things such as basic troubleshooting skills and asset management have been all but ignored, abandoned or left in such a state that their usefulness is questioned by all in the environment.  Doubt creates mistrust, and mistrust creates unjustified blame.
 
I cannot recall the number of conversations related to “Am I protected against this latest threat by your endpoint solution?”  that have the conversation abruptly end as I simply responded with “Does every endpoint in your environment that is vulnerable to this specific threat have our solution installed, configured properly and are they patched with all currently available patches?” The frequent answer is, well, I can check the WSUS Logs, then look against my SCCM reports, and then my Endpoint Solution reports, but I am not sure about the servers, I don’t have access to those." So I will respond with, “Well the answer is no” which elicits a response where the Customer becomes upset, typically confrontational and sometimes storms off with a few choice words. Core IT Fundamentals – if you can’t tell me what’s there how can I protect it?
 
My other favorite common scenario that best demonstrates this I call the ‘Google’ syndrome, not a knock on the vendor but the notion that every ‘software problem’ on a system is resolved by applying 3-4 problem resolution activities found by typing in the problem symptoms in a search window. This typically leads to both the application and system being left in a state where any real application resolution may not truly address the problem and may open the system(s) to other forms of compromise. We seem to be missing another core  IT fundamentals - Do not do anything until you have done the following troubleshooting steps:
 

• Reboot (sounds simple but rarely done, especially in the server world), if problem still exists call vendor immediately but be prepared to be asked for and follow the steps below:
  • Any other system exhibit this behavior?
  • What were the last changes made to the system? (Inventory, asset management, change control – all IT Basics) – this one is ignored 99.9% of the time. Always the apps fault even though it was fine until that last patch when out or a configuration change in another tool was made.
  • Have you backed out the last changes to the system? Did it resolve the problem?
  • What do the systems have in common?
  • Does a uninstall/re-install of the suspected applications resolve the problem?

The problem I see here is that the ‘quick’ fix that someone posted online, while it may resolve the problem it is typically used because we lack the fundamental skills, time and resources  to make sure that the problem never occurs again with the vendors help or otherwise. Today’s typical IT worker simply has too many tasks that they are responsible for in any given day, stuck in countless redundant or unnecessary meetings and have not been properly trained to truly leverage a product to its full or optimum capacity. This gets compounded by the lack of time needed to truly validate that the tools that appear to be functioning properly get the proper care, maintenance and monitoring they need to be effective in the environment…yes this is more than making sure you can log in to the console and pull the latest status report. Tools left ignored and not monitored typically do not function effectively and leave serious gaps in the ability to monitor the environment for activities once again leaving huge holes for the bad actors to hide or obscure their activities in.
 
Don’t have the staff, budget or training dollars to implement the next upgrade? Moving infrastructure to Cloud based services typically compounds both the items above by creating a clear void of talent, visibility and understanding  to address the technical issues and the need to now properly troubleshoot problems or properly secure data that now extends well  beyond the accessible environment.  How can you validate the controls leveraged by the cloud services provider if you don’t have the talent in house to do so? Most hire a third party, but this becomes a ‘one time’ action and to properly secure an environment you need to validate configurations and infrastructure components on a regular, if not real time basis. It’s bad enough that a cloud services provider typically will not, or cannot give you the patch level of every system your data resides on; in fact they claim this is part of securing your data. We spread the load across a number of internally/externally un-identifiable boxes so that no individual on our side can look or exploit it. So if you don’t know where the box is, then how can you validate that on every server where my data sits that the latest patches are applied?

寄稿: 篠塚大志

マルウェアの作成者は、より巧妙な手口を求めて常に新しい方法を模索しています。サイバー犯罪者の前にはシマンテック保護技術がいくつも立ちふさがり、ユーザーのセキュリティ意識も高くなっているため、彼らの攻撃が成功することはますます難しくなってきました。

最近の調査で、シマンテックは Word13.exe という変わった名前のサンプルを発見しました。外見だけからすると、デジタル署名された Adobe 社製のファイルのように見えます。
 

図 1. Adobe 社の署名の付いた Word13.exe ファイル
 

図 2.偽のデジタル署名のプロパティ
 

しかし、よく調べてみると、実に興味深い点に気づきます。
 

図 3.偽の署名と証明書
 

これが偽物であることは、［発行者］フィールドに「Adobe Systems Incorporated」と書かれていることでわかります。Adobe 社は VeriSign 製品の顧客だからです。また、証明書の情報を見ると、CA ルート証明書を信頼できないこともわかり、これも決定的な証拠になります。
 

図 4. Adobe 社の正規の署名と証明書
 

シマンテックは、このファイルに対する保護対策を提供しており、Backdoor.Trojanとして検出します。

Backdoor.Trojan は、自身を実行して iexplore.exe または notepad.exe にインジェクトし、バックドア機能を開始します。

作成される可能性があるファイルは、以下のとおりです。

• %UserProfile%\Application Data\ aobecaps \cap.dll
• %UserProfile%\Application Data\ aobecaps \mps.dll
• %UserProfile%\Application Data\ aobecaps \db.dat

また、ポート 3337 で以下のコマンド & コントロール（C&C）サーバーに接続します。

• Icet****ach.com 

そのうえで、このトロイの木馬は以下の処理を実行する可能性があります。

• ユーザーとコンピュータの情報を盗み出す
• フォルダを作成する
• ファイルを作成、ダウンロード、削除、移動、検索、実行する
• スクリーンショットを取得する
• マウス機能をエミュレートする
• Skype 情報を盗み出す

このマルウェアの被害を受けないように、ウイルス対策定義を常に最新の状態に保ち、ソフトウェアも定期的に更新するようにしてください。ダウンロードの URL が提示された場合には、必ずその URL を再確認し、必要に応じて念のために証明書と署名を確認してください。

* 日本語版セキュリティレスポンスブログの RSS フィードを購読するには、http://www.symantec.com/connect/ja/item-feeds/blog/2261/feed/all/jaにアクセスしてください。

A question that is often asked relates to the requirements for the Enterprise Vault Outlook Add-in. I spotted the following technote which is well worth a read:

http://www.symantec.com/docs/HOWTO58359

It's a useful article if you're thinking of changing your desktop Operating System and/or Office version.

Should security-conscious businesses be running applications in the cloud? In addition to frequently cited concerns (data sovereignty, management console points of failure and so on), the nature of cloud models has a number of architectural, and therefore security implications.
 
Cloud-based applications are by their nature distributed, benefiting from elastic infrastructure (processing, memory and storage) which can be scaled according to demand. Applications built for the cloud are increasingly architected based on the principle that hardware failure may (and sometimes does (http://www.policymic.com/articles/10526/amazon-crash-causes-instagram-and-netflix-to-blackout-is-cloud-computing-ready-for-prime-time)) happen.
 
From a security perspective, such distributed processing models have benefits – for example they can reduce the risk of distributed denial of service (DDoS) attacks. However they also increase the potential attack surface of an application and inevitably result in more complexity – which is the enemy of good security.
 
Different cloud providers have taken different paths to dealing with the security challenges of distributed applications. For example Microsoft Azure and Amazon AWS favour a more proprietary stack model which concentrates on incorporating security features into the platform, leaving developers to secure the upper layers of the application.
 
Meanwhile, vendors of open source stacks such as CloudStack or OpenStack try to bake a comprehensive set security features into the both platform and application layers of the stack (note that this remains a work in progress for both CloudStack (LINK: http://www.internetnews.com/blog/skerner/apache-cloudstack-open-source-cloud-updated-for-security-and-bug-fixes.html) and OpenStack (LINK: http://www.esecurityplanet.com/network-security/openstack-hardening-security-for-open-source-cloud-platform.html)).
 
In none of the approaches can architects assume that security is already taken care of – lower level security features can be ignored, circumvented or indeed rendered useless by poorly written application code, for example. In other words, application creators still need to take responsibility for the security of the application, whatever features the platform might provide.
 
As we know from previous technology roll-outs however, the risk is that application security is treated as something to be dealt somewhere towards the end of the development process. In cloud terms, this means finding out whether or not the security features provided by the selected platform are suitable, at some point after them being necessary. By which point, of course, it may be too late.

Earlier this month, I had the pleasure of attending The Conference Board’s Summit on Sustainability in New York. The Summit on Sustainability is a two-day conference bringing together sustainability experts, practitioners, and institutional investors to share the latest perspectives on how corporations are transforming their global operations by integrating sustainability into a long term return-on-investment strategy.

It felt great to be in the room with people at the forefront of corporate responsibility and sustainability, and thought leaders in diverse areas ranging from climate change to water stewardship to product sustainability to corporate citizenship. Surrounded by the contagious energy and passion of fellow sustainability and business thought leaders, I felt passionate about our sustainability efforts at Symantec, and hopeful about the impacts we make within our own value chain, as well as those of our customers and the industry as a whole.  

As part of the conference I spoke on a panel, "Communicating Sustainability to Stakeholders: The Changing Landscape of Reputation and Engagement." The panel brought together experts in the area of CR and communications including:

• Michelle Crozier Yates, Director of CR, Adobe
• Shannon Hebert, VP of Strategic Alliances, National Geographic
• John Friedman, Corporate Citizenship Communications Director, Sodexo
• Henk Campher, Senior Vice President, CR and Sustainability, Edelman

Specifically, I discussed the challenges we face at Symantec to communicate our sustainability message and progress to different stakeholder groups.  How do we find that unique, transparent and honest voice that will resonate with investors? Employees? Our customers?

Our annual Corporate Responsibility Report  has been an invaluable tool for our CR communications and strategy. Through our materiality process each year, we collaborate with stakeholders to define the issue areas that drive our efforts, strategy and communications. This is a crucial tool that ensures we communicate the issues most important to Symantec AND our varying groups of stakeholders.  

However, this is just the start. We see our CR report as a launching pad – a starting point – each year to our ongoing, inclusive conversation with stakeholders. We look at all communications channels and how we can embed CR into these, how we can reach different stakeholders through this blog, surveys, our website, intranet, social media, and more.

The ROI of CR? Customer Demand

So what about the engagement landscape is changing the most? While historically investors and employees have been highly engaged in CR, more and more, we see interest from our customers. This has been common in other industries, but for the software industry this is quite new.

RFPs now come with questions including everything from our environmental management system (EMS), to details about packaging, human rights policies and practices, diversity, worker health and safety, and more. Additionally, customers are concerned about how we are pushing our values down through our supply chain. To respond efficiently to these requests, we’ve equipped our sales team with some tools, developed internally, that enable them to quickly reference our latest sustainability data and progress.

As our engaged stakeholder base continues to grow, it only validates more strongly the business case for sustainability and CR….and the need for diverse, honest, credible and transparent communication.

Cecily Joseph is Symantec's Senior Director, Corporate Responsibility.

You know just what a boon SSL can be to your business when it comes to keeping your transactions safe, ensuring that your sensitive information – such as credit card numbers, social security numbers and login credentials – is transmitted securely. Not only is it required by the Payment Card Industry, but it’s good business practice to make sure your customers’ information is safe and secure in transactions with your site. Encryption has an impact on the load time, and a wise site owner will work to find the best possible implementation to minimize the effect.

The impact of SSL in terms of speed and authentication is different from one environment to another. Factors include type and source of content, hardware and software tailored solutions such as outsourced transactions and through-put to traffic, whether and how the admin has preloaded pages. Additionally, with the industry switching SSL requirements to a larger minimum key size by 31 December 2013, site owners want to avoid a negative impact on page load time. Large businesses often just ‘throw money’ at the problem, setting up server clusters or additional virtual machines. This may or may not be the right answer for your environment, so now might be the time to start considering what other changes can help keep your website speedy.

There’s money on the table – the value of online sales in Australia is expected to reach more than $31bn this year (Experian, Nov 2012). E-commerce sites may well lose business if the page load is too slow – because quite often, when customers encounter slow response and long waits, they will go elsewhere.

So, what’s the solution? SSL Acceleration could well be it. One of the first methods used to address performance challenges is through the use of a hardware accelerator. This is a card that plugs into a PCI slot or SCSI port of the server and contains a co-processor that performs part of the SSL processing, relieving the load on the web server’s main processor. (This would be a good place to link to an example, or recommended brand?)

How good is it? The level of performance improvement you get with a hardware accelerator will vary from one vendor to another, but, if you really want to be in the fast lane, SSL acceleration is worth a look. Some vendors claim an increase in SSL processing capacity of 500% or above. You can add additional cards to the same server to step up capacity even more, and install dual cards for high availability and failover. Some cards also include additional functions, such as key management.

Finally, another way of accelerating SSL is to use a different algorithm, such as Elliptic Curve Cryptography (ECC). A Symantec ECC-256 certificate will offer equivalent security of a 3072-bit RSA certificate. Line these up against a 2048 RSA key (the industry norm) and ECC-256 keys come out some distance ahead – they are around 10,000 times harder to crack. Additionally, ECC can handle more users and more connections simultaneously, with lower latency increases than the RSA alternative at the same mid-range CPU volumes – all of which adds up to a more secure and swifter experience for your site visitors. To this impatient shopper, that sounds like good news.

Read more about ECC and DSA.

This week marks the release of the 3rd annual Gartner Magic Quadrant for e-Discovery Software report.  In the early days of eDiscovery, most companies outsourced almost every sizeable project to vendors and law firms so eDiscovery software was barely a blip on the radar screen for technology analysts. Fast forward a few years to an era of explosive information growth and rising eDiscovery costs and the landscape has changed significantly. Today, much of the outsourced eDiscovery “services” business has been replaced by eDiscovery software solutions that organizations bring in house to reduce risk and cost. As a result, the enterprise eDiscovery software market is forecast to grow from $1.4 billion in total software revenue worldwide in 2012 to $2.9 billion by 2017. (See Forecast:  Enterprise E-Discovery Software, Worldwide, 2012 – 2017, Tom Eid, December, 2012).

Not surprisingly, today’s rapidly growing eDiscovery software market has become significant enough to catch the attention of mainstream analysts like Gartner. This is good news for company lawyers who are used to delegating enterprise software decisions to IT departments and outside law firms. Because today those same company lawyers are involved in eDiscovery and other information management software purchasing decisions for their organizations. While these lawyers understand the company’s legal requirements, they do not necessarily understand how to choose the best technology to address those requirements. Conversely, IT representatives understand enterprise software, but they do not necessarily understand the law. Gartner bridges this information gap by providing in depth and independent analysis of the top eDiscovery software solutions in the form of the Gartner Magic Quadrant for e-Discovery Software.

Gartner’s methodology for preparing the annual Magic Quadrant report is rigorous. Providers must meet quantitative requirements such as revenue and significant market penetration to be included in the report. If these threshold requirements are met then Gartner probes deeper by meeting with company representatives, interviewing customers, and soliciting feedback to written questions. Providers that make the cut are evaluated across four Magic Quadrant categories as either “leaders, challengers, niche players, or visionaries.” Where each provider ends up on the quadrant is guided by an independent evaluation of each provider’s “ability to execute” and “completeness of vision.” Landing in the “leaders” quadrant is considered a top recognition.

The nine Leaders in this year’s Magic Quadrant have four primary characteristics (See figure 1 above).

The first is whether the provider has functionality that spans both sides of the electronic discovery reference model (EDRM) (left side – identification, preservation, litigation hold, collection, early case assessment (ECA) and processing and right-side – processing, review, analysis and production). “While Gartner recognizes that not all enterprises — or even the majority — will want to perform legal-review work in-house, more and more are dictating what review tools will be used by their outside counsel or legal-service providers. As practitioners become more sophisticated, they are demanding that data change hands as little as possible, to reduce cost and risk. This is a continuation of a trend we saw developing last year, and it has grown again in importance, as evidenced both by inquiries from Gartner clients and reports from vendors about the priorities of current and prospective customers.”

We see this as consistent with the theme that providers with archiving solutions designed to automate data retention and destruction policies generally fared better than those without archiving technology. The rationale is that part of a good end-to-end eDiscovery strategy includes proactively deleting data organizations do not have a legal or business need to keep. This approach decreases the amount of downstream electronically stored information (ESI) organizations must review on a case-by-case basis so the cost savings can be significant.

Not surprisingly, whether or not a provider offers technology assisted review or predictive coding capabilities was another factor in evaluating each provider’s end-to-end functionality. The industry has witnessed a surge in predictive coding case law since 2012 and judicial interest has helped drive this momentum. However, a key driver for implementing predictive coding technology is the ability to reduce the amount of ESI attorneys need to review on a case-by-case basis. Given the fact that attorney review is the most expensive phase of the eDiscovery process, many organizations are complementing their proactive information reduction (archiving) strategy with a case-by-case information reduction plan that also includes predictive coding.

The second characteristic Gartner considered was that Leaders’ business models clearly demonstrate that their focus is software development and sales, as opposed to the provision of services. Gartner acknowledged that the eDiscovery services market is strong, but explains that the purpose of the Magic Quadrant is to evaluate software, not services. The justification is that “[c]orporate buyers and even law firms are trending towards taking as much e-Discovery process in house as they can, for risk management and cost control reasons. In addition, the vendor landscape for services in this area is consolidating. A strong software offering, which can be exploited for growth and especially profitability, is what Gartner looked for and evaluated.”

Third, Gartner believes the solution provider market is shrinking and that corporations are becoming more involved in buying decisions instead of deferring technology decisions to their outside law firms. Therefore, those in the Leaders category were expected to illustrate a good mix of corporate and law firm buying centers. The rationale behind this category is that law firms often help influence corporate buying decisions so both are important players in the buying cycle. However, Gartner also highlighted that vendors who get the majority of their revenues from the “legal solution provider channel” or directly from “law firms” may soon face problems.

The final characteristic Gartner considered for the Leaders quadrant is related to financial performance and growth. In measuring this component, Gartner explained that a number of factors were considered. Primary among them is whether the Leaders are keeping pace with or even exceeding overall market growth. (See “Forecast:  Enterprise E-Discovery Software, Worldwide, 2012 – 2017,” Tom Eid, December, 2012).

Companies landing in Gartner’s Magic Quadrant for eDiscovery Software have reason to celebrate their position in an increasingly competitive market. To review Gartner’s full report yourself, click here. In the meantime, please feel free to share your own comments below as the industry anxiously awaits next year’s Magic Quadrant Report.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

When it comes to IT, SMBs have widely varying opinions. Some view it as a necessary evil, much like paying utility bills. Others, however, feel that business computing can set them apart, giving them a strategic advantage over the competition. Symantec recently conducted a global survey of SMBs with a view of assessing their attitudes toward information technology and its place in their business.

Through a portion of the survey responses we established an IT Confidence Index, rating each business on its overall comfort level in using IT to achieve business goals. This numerical value allowed us to clearly identify three tiers of businesses, contrasting the top-tier with the bottom-tier companies to see what significant differences stood out between the two groups.

IT Confidence

As it turns out, IT confidence trickles down from company leadership, beginning with the founder’s previous experience. About three-quarters (74 percent) of top-tier SMBs reported that their view on IT has been influenced by the founder’s previous business experience. Among bottom-tier SMBs, it was significantly less (61 percent). As a result, the top-tier businesses are far more likely to use IT as a strategic business enabler, by almost a 2 to 1 ratio of 83 percent to 44 percent. Due to their enlightened perspective, “tech confident SMBs” more frequently invest in high-quality elements in their computing infrastructure while also investing in advanced initiatives like mobility and the cloud. In the end, top tiers see these trends as being worth the risk far more often than the bottom-tier companies.

Top-Tier SMBs See Better Results

Most top-tier SMBs – 81 percent, in fact – believe they can increase their market share through strategic use of IT, compared to only 35 percent of lower-tier companies. And while computing complexity is a common issue, top-ranking SMBs feel its effects less – especially in areas including storage, backup and disaster preparedness.

They are also more confident in their level of security, with more than 75 percent considering themselves somewhat or extremely secure. By contrast, only 39 percent of bottom-tier companies felt the same way. And this is not just empty confidence: the top-tier SMBs are seeing fewer cyberattacks and 52 percent lower annual losses than their bottom-tier counterparts.

Becoming a Top-Tier Company

Duplicating this success involves adopting the attitude of the top-tier founders. We suggest the following recommendations:

• First, consider the IT solutions you are using in your company. SMBs should consider long-term cost and value, and what technologies will differentiate them from the competition and support future growth.
• More aggressive deployment of advanced initiatives pays off in achieving business goals. Trends such as cloud and mobility enable SMBs to focus on improving their efficiency. Goals such as reducing costs and increasing agility, for example, can be facilitated through the adoption of tools like online collaboration and video conferencing.
• Underlying this emphasis on IT is the constant need to keep information safe. With attacks on SMBs tripling over the last year, we’re seeing cybercriminals focus more on companies that typically have less security. Thinking like a top-tier company means making security a priority, with 81 percent of them taking an aggressive approach to protection. This means deploying the right solutions and keeping them up to date – not only protecting against attacks, but also maintaining effective backup and disaster preparedness.

For more information on the SMB Survey, see the full report.

Hey Guys,

Remember, status 2 popping up while taking SharePoint backups. I bet you must be .. as these are the really frustrating ones.

Some days back i posted about how to set the spswrapper timeout 

https://www-secure.symantec.com/connect/blogs/configuring-spswrapper-timout-registry

Now we can set this value via the tool - sharepoint_check.exe by a single command.

Sharepoint_check.exe -timeout [Value in Seconds]

You shall get the below message.

SPSWrapper Timeout set to X seconds.

You can download the latest version from the below link. This also contains other small fixes.

http://mandovi.vxindia.veritas.com/twiki/bin/view/NetBackupCFT/ToolsForSharePointAgent

Regards,

Gaurav Kaushal

Hospitality is the friendly bonding between the guest and host, especially efforts to make the guest feel comfortable. Spammers exploit hospitality events, and the bond between guest and host, with fake promotional offers. We are currently observing an increase in spam messages which exploit hospitality offered by major events, festivals, and concerts. The spam messages invite users to watch the events at entertaining venues happening in different places. Hospitality spam tries to entice users with bogus offers such as the following:

• Luxury items
• Fine dining
• Champagne
• VIP parking
• VIP hostess service
• Gambling
• Q&A with sports celebrities
• Large plasma screens
   

Figure 1. British Grand Prix hospitality spam
 

Figure 2. Ashes Series hospitality spam
 

A variety of subject lines have been observed in the hospitality spam attacks, such as the following:

• Subject: VIP HOY Show hospitality
• Subject: Unique opportunity to present a trophy at top event
• Subject: Ringside dining action at HOY 2013
• Subject: Exclusive Equine ringside action
• Subject: Champagne journey to bitter grudge match
• Subject: Looking for an evening of champion sport?
• Subject: A unique moment to talk with the legendary Murray
• Subject: 2013 Festival of Speed
• Subject: Exclusive Race Day Hospitality with Murray Walker
• Subject: A unique moment to talk with the legendary Murray

The "From" address associated with these hospitality spam emails include the following:

• From: F1 Deals <mail@[REMOVED]>
• From: Grand Prix <mail@[REMOVED]>
• From: The Festival of Motoring <mail@[REMOVED]>
• From: German battle <mail@[REMOVED]>
• From: Horse Show <mail@[REMOVED]>
• From: Top Horse Events <mail@[REMOVED]>
• From: How's that? <mail@[REMOVED]>
• From: 2013 Race F1 <mail@[REMOVED]>

The main motive of these spam campaigns is to lure recipients by providing fake promotional offers and asking users to reply with questions about the event to the spam domain which is only registered for a year and hosted in the United Kingdom.

Symantec advises our readers to use caution when receiving unsolicited or unexpected emails. We are closely monitoring these spam attacks to ensure that users are kept up to date with information on the latest threats.

As of right now, MS Windows 2012 server is not supported with Netbackup, HOWEVER please review the following information on where you can obtain an alert when it is released and links to the beta.

NBU version 7.1.0.4

Please use the following link to obtain the 7.1.0.4 version that supports , MS Windows 2012 server .

https://symbeta.symantec.com/callout/?callid=0A794...

You should receive an email from symbeta@symantec.com with a link for download.  For any questions, please click on the "contact us now" button.

This 7.1.0.4 install has numerous limitations and this client package DOES NOT support the following functionality/capabilities of the NetBackup Windows client:

· System State Backup. Only file system backup will work properly. So data backup is a “yes”, but DR is a “no”.
·Granular backup of Active Directory is not supported with this package, however non-Granular Active Directory and full backup are supported.
· Restoring files backed up from an NTFS file system, to an ReFS file system, and vice versa is not supported.
· Agent support is not available with this package. For example, no SQL Server agent support.
· There is no BMR support with this package.
· There is no NBAC (VxAT/VxAZ) support with this package.
·  No new Windows 8/2012 features are supported with this package. For example, no support for NTFS deduplication file system.

This package provides basic backup and restore functionality for file systems (NTFS and ReFS) only and can be used in NetBackup domains running NetBackup 7.1.0.4 and above

NBU version 7.5.0.6

The ETA for this maintenance pack is sometime between June and July of 2013, however there has been no official release date from Symantec. This patchset will support , MS Windows 2012 server.

You can subscribe to the following tech notes to be alerted when it is released.

Netbackup downloads for 7.x -  http://www.symantec.com/docs/TECH65429

7.5 Late Breaking News - http://www.symantec.com/docs/TECH178334

Once the late breaking news has been updated, look for a link with the release notes as it will contain all new features in 7.5.0.6

NBU version 7.6

Please use the following link to obtain the 7.6 beta. 

https://symbeta.symantec.com/callout/default.html?callid=391BEDB13D5B457C8666336CEC261CA7

You should receive an email from symbeta@symantec.com with a link for download.  For any questions, please click on the "contact us now" button.

Currently there is no release date for 7.6 however you can subscribe to these tech notes to be alerted when 7.6 is released :

http://www.symantec.com/docs/TECH76648 - NetBackup 7.x Operating System Compatibility List

http://www.symantec.com/docs/TECH74584 -  NetBackup 7.x Upgrade Portal

For sports fans, the most exciting time of the year is the post season. It is when the underdogs have a chance to topple the better teams in the league, or last year's champions are trying to win it again. Depending on the sport, these events can draw a lot of viewers, whether it is a single event or a seven game series. So, its no surprise there are sites that claim to offer fans the ability to watch these events online.

Right now, we are in the midst of the NBA finals pitting some of the finest players in the league against each other in their quest to win it all. The series was just tied 2-2 before Game 5 on Sunday. On that day, some Facebook users may have seen pages offering a free live stream of the game.
 

Figure 1. Free live NBA Finals stream posted on Facebook
 

Facebook users may also see posts about NBA Finals live streams linking to a page hosted on Tumblr.
 

Figure 2. Free live NBA Finals stream page on Tumblr
 

When a user selects “YES I AGREE” on the Tumblr page they are redirected back to Facebook and asked to install an NBAFinals Facebook application.
 

Figure 3. Scam NBAFinals Facebook app, permissions request
 

This Facebook application requests access to your profile, friends list, and email address. If a user grants permission, the application will request more permissions.
 

Figure 4. Scam NBAFinals Facebook app requests additional permissions
 

In addition to posting to your friends on your behalf, the scam Facebook application requests more permissions that do not make any sense for an application to have in order to enjoy free live streaming, such as access to manage your Facebook pages.

Even worse, after the application installs, users are redirected to another Tumblr site and asked to spread the scam on Facebook before proceeding.
 

Figure 5. Scam NBA Finals site asks users to share on Facebook
 

Figure 6. NBA Finals scam spreads on Facebook
 

For the user, after all this, there is no live stream presented. Instead, users will see a video player that doesn’t work. Clicks on the video player redirects users to a plugin install page that earns the scammers money through affiliate links.
 

Figure 7. NBA Finals scam page contains no live stream
 

There are some references in the final page to other sites that claim to offer live streams of the game. These pages are not official however, and these types of streaming sites are prohibited.

For the scammers, getting the user to install their Facebook application keeps the scam going because the application posts messages to your timeline on your behalf.
 

Figure 8. Scam NBAFinals app timeline post on Facebook
 

In cooperation with Symantec, Tumblr has removed the sites associated with this scam and we have reported the application to Facebook.

Users should be aware which applications they install on Facebook, especially when looking for special features or access to websites that offer live sport streams. If it seems suspicious, most likely it is.

This week marks the release of the 3rd annual Gartner Magic Quadrant for e-Discovery Software report.  In the early days of eDiscovery, most companies outsourced almost every sizeable project to vendors and law firms so eDiscovery software was barely a blip on the radar screen for technology analysts. Fast forward a few years to an era of explosive information growth and rising eDiscovery costs and the landscape has changed significantly. Today, much of the outsourced eDiscovery “services” business has been replaced by eDiscovery software solutions that organizations bring in house to reduce risk and cost. As a result, the enterprise eDiscovery software market is forecast to grow from $1.4 billion in total software revenue worldwide in 2012 to $2.9 billion by 2017. (See Forecast:  Enterprise E-Discovery Software, Worldwide, 2012 – 2017, Tom Eid, December, 2012).

Not surprisingly, today’s rapidly growing eDiscovery software market has become significant enough to catch the attention of mainstream analysts like Gartner. This is good news for company lawyers who are used to delegating enterprise software decisions to IT departments and outside law firms. Because today those same company lawyers are involved in eDiscovery and other information management software purchasing decisions for their organizations. While these lawyers understand the company’s legal requirements, they do not necessarily understand how to choose the best technology to address those requirements. Conversely, IT representatives understand enterprise software, but they do not necessarily understand the law. Gartner bridges this information gap by providing in depth and independent analysis of the top eDiscovery software solutions in the form of the Gartner Magic Quadrant for e-Discovery Software.

Gartner’s methodology for preparing the annual Magic Quadrant report is rigorous. Providers must meet quantitative requirements such as revenue and significant market penetration to be included in the report. If these threshold requirements are met then Gartner probes deeper by meeting with company representatives, interviewing customers, and soliciting feedback to written questions. Providers that make the cut are evaluated across four Magic Quadrant categories as either “leaders, challengers, niche players, or visionaries.” Where each provider ends up on the quadrant is guided by an independent evaluation of each provider’s “ability to execute” and “completeness of vision.” Landing in the “leaders” quadrant is considered a top recognition.

The nine Leaders in this year’s Magic Quadrant have four primary characteristics (See figure 1 above).

The first is whether the provider has functionality that spans both sides of the electronic discovery reference model (EDRM) (left side – identification, preservation, litigation hold, collection, early case assessment (ECA) and processing and right-side – processing, review, analysis and production). “While Gartner recognizes that not all enterprises — or even the majority — will want to perform legal-review work in-house, more and more are dictating what review tools will be used by their outside counsel or legal-service providers. As practitioners become more sophisticated, they are demanding that data change hands as little as possible, to reduce cost and risk. This is a continuation of a trend we saw developing last year, and it has grown again in importance, as evidenced both by inquiries from Gartner clients and reports from vendors about the priorities of current and prospective customers.”

We see this as consistent with the theme that providers with archiving solutions designed to automate data retention and destruction policies generally fared better than those without archiving technology. The rationale is that part of a good end-to-end eDiscovery strategy includes proactively deleting data organizations do not have a legal or business need to keep. This approach decreases the amount of downstream electronically stored information (ESI) organizations must review on a case-by-case basis so the cost savings can be significant.

Not surprisingly, whether or not a provider offers technology assisted review or predictive coding capabilities was another factor in evaluating each provider’s end-to-end functionality. The industry has witnessed a surge in predictive coding case law since 2012 and judicial interest has helped drive this momentum. However, a key driver for implementing predictive coding technology is the ability to reduce the amount of ESI attorneys need to review on a case-by-case basis. Given the fact that attorney review is the most expensive phase of the eDiscovery process, many organizations are complementing their proactive information reduction (archiving) strategy with a case-by-case information reduction plan that also includes predictive coding.

The second characteristic Gartner considered was that Leaders’ business models clearly demonstrate that their focus is software development and sales, as opposed to the provision of services. Gartner acknowledged that the eDiscovery services market is strong, but explains that the purpose of the Magic Quadrant is to evaluate software, not services. The justification is that “[c]orporate buyers and even law firms are trending towards taking as much e-Discovery process in house as they can, for risk management and cost control reasons. In addition, the vendor landscape for services in this area is consolidating. A strong software offering, which can be exploited for growth and especially profitability, is what Gartner looked for and evaluated.”

Third, Gartner believes the solution provider market is shrinking and that corporations are becoming more involved in buying decisions instead of deferring technology decisions to their outside law firms. Therefore, those in the Leaders category were expected to illustrate a good mix of corporate and law firm buying centers. The rationale behind this category is that law firms often help influence corporate buying decisions so both are important players in the buying cycle. However, Gartner also highlighted that vendors who get the majority of their revenues from the “legal solution provider channel” or directly from “law firms” may soon face problems.

The final characteristic Gartner considered for the Leaders quadrant is related to financial performance and growth. In measuring this component, Gartner explained that a number of factors were considered. Primary among them is whether the Leaders are keeping pace with or even exceeding overall market growth. (See “Forecast:  Enterprise E-Discovery Software, Worldwide, 2012 – 2017,” Tom Eid, December, 2012).

Companies landing in Gartner’s Magic Quadrant for eDiscovery Software have reason to celebrate their position in an increasingly competitive market. To review Gartner’s full report yourself, click here. In the meantime, please feel free to share your own comments below as the industry anxiously awaits next year’s Magic Quadrant Report.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Symantec Enterprise Vault™ (EV), the leading platform in Archiving and eDiscovery, continues to evolve rapidly.  I am reaching out to ensure you are aware of the many benefits of Enterprise Vault version 10. We continue to make significant improvements in all areas of the product that greatly benefit end users, administrators and legal users.  With Enterprise Vault 10, you can:

• Archive up to 30% faster. We achieved this performance gain by optimizing the archiving process. In addition, you will find reduced CPU overhead on Exchange.
• Virtualize Enterprise Vault with no performance penalty. If you are planning to virtualize Enterprise Vault, this is the time to do it.
• Search up to 50% faster. The new index architecture offers improved scalability and federated search across 32-bit and 64-bit indexes.

Enterprise Vault 10 delivers the best end user experience to date, provides support for the latest Microsoft Exchange, SharePoint, File Server, and Outlook versions, and includes many enhancements in the areas of administration that are sure to delight.

Upgrades may seem like a daunting task, so we’re very pleased to report that customers who have upgraded to Enterprise Vault 10 have found it to be a painless experience. If you have active maintenance, a Software Version Upgrade is free.  I invite you to follow the link below which will bring you to an Enterprise Vault upgrade webpage. Resources have been assembled to make it easy for you to research the benefits of Enterprise Vault 10 and also introduce you to Enterprise Vault.cloud if moving to the cloud is a new mandate.

LinkedIn is the place to find business professionals online. It has more than  225 million registered users around the globe, and about one third of those are in the US. If you are looking to find sales leads in social media, LinkedIn is one of the best places to do it ,because many members are decision makers.

I talked before about how you should establish a presence for your company on LinkedIn and the opportunities LinkedIn Groups can offer for building relationships and finding sales leads. But LinkedIn is also an excellent place to put some of your marketing budget to work. How? With advertising.

What are LinkedIn ads?

LinkedIn ads are small boxes that appear on various pages on LinkedIn. They can include text, images, video and a link. They are typically tied to a business profile and will also show how many users follow that profile.

Here is a fictional example of a LinkedIn ad:

Where do LinkedIn ads show up?

LinkedIn ads can appear in any number of locations, including the homepage, user profile pages, search result pages and group pages.

Who can you target with LinkedIn ads?

Targeting is one of the most powerful things that LinkedIn’s advertising offers. As a professional social network, LinkedIn has a valuable amount of information about where its members work, what title they have, where they went to school and who they are connected to.

By advertising on LinkedIn, you can use this information to specifically  target your audience—using targeting filters. This can be great for Symantec partners that want to get their services and solutions in front of the IT decision makers who choose how to allocate budgets.

LinkedIn’s targeting filters include geography, company, industry, job title and seniority. This means that you can target your advertisements to employees of a specific company based in your region, or vice presidents and above in a particular industry. You can imagine, this is a powerful way to reach the right people with your product or service offering.

How do you buy LinkedIn ads?

Like Facebook ads and Twitter ads, LinkedIn’s self-service ads are sold in a second-price auction. You enter a maximum bid for your campaign and your bid is compared to others bidding for the same target demographic. If your bid wins, you pay just one penny more than the second-place bidder. You can buy LinkedIn ads based on cost-per-click (CPC) or cost-per-1,000 impressions (CPM).

How can you use LinkedIn ads?

LinkedIn ads are great for generating interest in your products or services from qualified professionals. If you have a new product coming out, consider targeting potential customers with a CPM LinkedIn ad campaign to drive awareness of the product and its features.

If you are trying to generate sales leads, try a LinkedIn ad that links through to a white paper or webinar where potential customers can learn more about your capabilities. This allows you to collect email addresses or phone numbers and follow up with that prospect in the future.

LinkedIn offers some useful materials to help you get started with its ad products, including a series of case studies and a playbook that outlines a number of policies and recommendations about LinkedIn ads.

Don’t forget to join the Symantec Partners LinkedIn Group and follow our Symantec Partners LinkedIn Page when you’re on LinkedIn.

Find our complete Symantec Partner social media series.

Have you ever visited the Common Topics page for NetBackup Enterprise Server?  (I hope you have - its URL is in the signature of every reply I've left on the NetBackup forum!)  If you HAVEN'T, go ahead and click on this link right now...don't worry; I'll still be here when you get back:

 http://go.symantec.com/nbu

The reason I'm asking you about this right now is that in the near future, Symantec is looking to make this page even better when it comes to getting you from Point A (having a problem) to Point B (problem solved!) - and to that effort, we're trying to gather some meaningful input from our user community to determine both the existing value of this resource as well as the potential opportunities to make it an even better resource.

With that in mind, could you please consider the following questions and chime in with your responses?

Do you find this page useful right now?  If so, what do you find useful?  If not, what could make it more useful?

Do you find the links we provide on this page useful, or do you find yourself almost immediately going straight to the SymWISE search box?  Would you prefer to see any particular links which you frequently visit but which are not currently on the page?  Do you care how many links are (or aren't) on the page?  Would you prefer some links be more prominent than others? Are links taking you to where you expect to go?

How would you feel about more pictures or videos and/or less text?

You may leave your response here or join the discussion over on the copy of this post I have posted to NetBackup forum - OR, if you would prefer to make a private comment, feel free to send me a private message by clicking on my username (or right here) and using one of the Contact links.

Thank you!

--

By Adam P. Garza, Owner of A.G. Technical Network Systems in San Antonio, TX

Many SMBs are attempting to meet certain business and core objectives without a lot of guidelines to follow. The Symantec Global SMB IT Confidence Index, along with a knowledgeable consultant, can really help companies, business owners and managers understand the importance of investing in IT. The survey demonstrates that SMBs who more confidently integrate technology in their businesses have better outcomes.  They’re more secure, more able to meet business challenges, and have lower IT costs.

A company must be able to adapt, and failure to see ahead can have a tremendous impact on their survival and growth.  The Symantec SMB survey highlights the importance of having the right security solutions, since attacks on SMBs have tripled in the last year, according to the Symantec Internet Security Threat Report. The top-tier SMBs identified by the survey report fewer attacks overall, which can make a big difference when we’re talking about the cost of these issues on employee and overall company productivity. In this economy, any business cannot afford to have a serious security issue to deal with or constant attacks enabled by poor management; even worse is not ever seeing the security breaches. Leveraging this report, I can show my customers a high-level review of the manageability of a security strategy, and explain how tools from Symantec can help us to move forward towards our business goals.

I believe the SMB IT Confidence Index will have a huge impact on helping my customers understand that as a business owner or as an overall company, less security puts you in a category that you don’t want to be in – that of a high risk target. The survey provides me with insights into how I can help my customers become top-tier companies and enable them to effectively manage the rapidly changing IT and cyber security aspects of the business world that are constantly evolving.

Being a Managed Service Provider (MSP) isn’t always easy, as you all know, and having the proper insight can make a world of difference when talking to our customers with confidence – particularly when we are seen as their go-to resource. Incorporating the survey results into customer discussions will allow us to emphasize the value of protecting data and help our customers to manage and grow their business without fear – especially considering they help to grow our business as well by adding value and solidifying our reputation. Sharing data with them on how IT contributes to business success further enforces our customers’ trust in our knowledge and technical acumen. By providing customers with the tools they need to understand the importance of making the right IT investments, we will continue to see a greater reliance on MSPs, equating to ongoing business growth and success for both the MSP and their customer base.