We should be able to have the ability to allow only a group of users be able to disable the unified agent. Have it as an all or nothing feature is kinda of odd and can be a security issue. Admins should be able to have this ability but obviously not every user. I know multiple customers have requested this feature and it is becoming more critical that something like this exists.
↧
Feature Request
↧
Setup Email Server for Email Notifications
I need a solution
Hello everyone. I am struggling to find information on how to setup an email server able to handle what SEPM needs. I have found a wealth of information regarding setting up the actual email notifications, but nothing on the actual email server settings/requirements.
All our computers are Win10 and the Server is running Server 2016.
Do you have to use whatever email server the admin email is using? Or can you use a different email server?
We use a gmail account already for other SMTP email alerts with no issue, but those credentials do not seem to work. All our work emails are through MS Exchange (as is the admin's email) - which also do not work.
How can you tell if your email server is setup to recieve SMTP relays? How can I enable that if it's not set already?
For the sender address, does that need to be an actual existing email or can you makeup one? (Ex: SEPM@email.com)
I have logs of past failures. Reading through them helps me none. I doubt they would be helpful as I'm sure I'm not setting up our email server right.
Thanks for your time and help!
0
↧
↧
Email released from quarantine is not going through The Impersonation Filter or Data Protection rules.
The Impersonation Filter should take precedent over the spam filter or at the least if an email is released from quarantine, it should go through the impersonation filter and data protection filters before going to the user.
Tainted emails are getting through to the end user via quarantine because Email Impersonation and Data protection are being bypassed.
I would like to request a feature change to allow a change in the order of the filter steps or to require that emails released from quarantine have to go through Email Impersonation and Data Protection filters.
Currently email traffic entering the Symantec.cloud infrastructure is checked and scanned in the following order:
Traffic shaping
SMTP heuristics
Address Validation
AntiSpam Client approved list
AntiSpam Client blocked list
DMARC/SPF
AntiSpam Public DNS block lists (PBL)
AntiSpam Signaturing System
AntiVirus
ATP Cynic - Only available for domains enabled with Advanced Threat Protection
Antispam Skeptic Heuristics (including Newsletter Detection if enabled)
Image Control
Email Impersonation Control
Data Protection
Here is the order I propose so that tainted or ruled out emails never get into quarantine.
Traffic shaping
SMTP heuristics
Address Validation
Email Impersonation Control
Data Protection
AntiSpam Client approved list
AntiSpam Client blocked list
DMARC/SPF
AntiSpam Public DNS block lists (PBL)
AntiSpam Signaturing System
AntiVirus
ATP Cynic - Only available for domains enabled with Advanced Threat Protection
Antispam Skeptic Heuristics (including Newsletter Detection if enabled)
Image Control
↧
epicunitscan.info chrome corrupted
I need a solution
Hi,
Anyone has solution for this threat.
https://support.google.com/chrome/thread/5794198?hl=en
0
↧
failed to push the symantec management agent errors on Altiris log viewer
I need a solution
Hi
In Altiris log viewer we are seeing lots of " failed to push the symantec management agent to :<host name><no domain>"
Please let us know the best practises.
Thanks
0
↧
↧
AD Sync
I need a solution
Hello,
Im facing some issue with the sync between my SEPM and AD...
I have some computers that have SEP installed on them but on the manager they appear as not installed, it also happen for definition (client up to date, in SEPM appear out dated)
The sync heratbeat is 4 hours
I tried to look for errors in the log file but found nothing
Do you have any idea about this
Thank you
0
↧
Capture Image fail
I need a solution
Hi All
I create job capture image windows 10 . The client boot to WinPE success But create image fail
Do you have suggestions for solving problems?
0
↧
[Upcoming Webinar] Automated Hunting for Malicious Insiders and Advanced threats using Symantec ICA
Location:
Brighttalk
Time:
Tue, 25 June, 2019 - 8:00 - 9:00 PDT
Upcoming Webinar : Automated Hunting for Malicious Insiders and Advanced threats using Symantec ICA
Preventing Malicious Insiders from wreaking havoc and stealing sensitive data is extremely challenging as today’s security teams and SOC operators must analyze huge volumes of data to isolate threats. Further, even when risks are uncovered, in-depth investigation must encompass numerous security systems and data streams to determine how these activities can be stopped.
In this webinar, you’ll learn how Symantec Information Centric Analytics automates threat hunting and speeds remediation, pinpointing problematic behaviours and informing response.
Register Today
↧
IP to User Name Lookup Script for Web Prevent DLP
I need a solution
Hi !
I need the IP to User Name lookup for script for the Web Prevent DLP.
Thanks in Advance...
0
↧
↧
EICAR Excel is not getting while unzip
I need a solution
HI,
We have created a EICAR excel and EICAR pdf file and zipped both file in one. Now when we unzip this file on computer, SEP Client is getting only EICAR PDF file and EICAR excel file is not getting detected. But we are double clicking on excel EICAR file, then it is getting detected.
Why SEP client is not detecting EICAR excel during unzip like PDF file?
Regards
KK
0
↧
integrate SSLva with PaloAlto-VM and having cisco SW in between
I need a solution
Hi All,
we are trying to deploy the below scenario:
Client Subnet --> SSLv "fail to appliance" --> SW --> PaloAlto-VirtualAppliance --> SW --> SSLv --> Gateway --> Internet
is the above scenario applicable?
if yes, what is the recommended setting for switch interface and cabling
If no, why.... what is the ristrictions for SSLv deployment
0
↧
click-time URL Protection - URL rewrite
I do not need a solution (just sharing information)
Can anyone confirm whether all URLs in email body will be rewritten if no exemption is configured?
Even the URLs are not malicious, URLs will be rewritten.
My concern is that users may get confused if it is the case.
Thanks whoever answers this.
0
↧
Missing partition resize options
I need a solution
Hi guys,
We're trying to update our win10 master and captured our customized installation. We don't have any problem with the capture, no errors or warning. When I try to create a deployment task (using a copy of the one we use for our 1803 master), I can add the *.gho I've just created. But when I go to the advanced options for resizing partitions, none are listed (I should have 3 listed). The 3 partitions are created if I use the *.gho but I really need to resize them.
Does someone here ever encountered this problem ? What am I missing ? Thanks for your help !
0
↧
↧
Vmotion & Snapshot for MC-VA / Reporter-VA
I do not need a solution (just sharing information)
Hi,
I have some questions as below :
- Is it possible to do VM snapshot with MC-VA [Management Center] ?
- Is it possible to do VM snapshot & Vmotion with Reporter-VA ?
Thank you.
0
↧
A FEW SEP 15 Cloud Portal CHANGES
There are several changes needed to make the portal device management more efficient. It is currently VERY CUMBERSOME and TIME WASTING in the following respects.
Almost every function for the registered clients is on a ONE-BY-ONE basis. If you have multiple devices on which you need to perform ANY function, (live update, delete, move, policy update.... ) they need to be done ONE DEVICE AT A TIME.
it would be VERY HELPFUL AND EFFICIENT to allow a multi-select mode where you can choose MULTIPLE DEVICES at ONE TIME and select a single action on MULTIPLE DEVICES. Having this option available across-the-board, would be a BIG HELP!
Currently the SORTING function when working in the DEVICE GROUPS section, is NOT reliable. When I sort by STATUS I will see random statuses interspersed within the sorted list. For example, I will see maybe 30 "SECURE" statuses then an "AT RISK" status, then another group of "SECURE" statuses, then another "AT RISK", etc......
↧
Offline upgrade ITMS 8.1 RU1 to ITMS RU7
I need a solution
Hello,
I am looking to upgrade the ITMS solution from 8.1 RU1 to 8.5 RU2. As per the supported procedure, I am first trying to get my solution upgraded to 8.1 RU7. The server does not have internet connectivity enabled. Please help me with details of how do I create an offline upgrade package to RU7 using SIM installed in a computer which has internet connectivity.
0
↧
URL is not working
I need a solution
One of the URL is not working , i done Packet capture i seen Client sending hello after server sending RST packet.
The same website working open internet.
Even i try to disable detect protocol no luck.
tcp.stream eq 76 -- Client to Proxy
tcp.stream eq 77 -- Proxy to ocs server
In Browser message:-
Can't connect securely to this page
This might be because the site uses outdated or unsafe TLS security settings
0
↧
↧
WS.Reputation.1 dispute
I need a solution
Hello,
We're software developers. We've just released a new version .exe and provided it to the customer.
However it got flagged as WS.Reputation.1
Please see file details here:
We've submitted the dispute, but can you please remove the flag ASAP?
0
↧
Console crashes when I highlight a gpt image
I need a solution
We recently changed to Dell computers and the only option is UEFI. After converting our images to gpt, everytime I hover over the file it crashes the ghost console.
0
↧
Which topic would you like discussed or presented at the next NY DLP User Group Meeting?
Customer Panel Discussion: A Roundup of Best Practices from Fellow DLP Users
0% (0 votes)
Customer Story: How to Build & Maintain a DLP Program at … [Company Name]
0% (0 votes)
Customer Story: How I Learned to Stop Worrying and Love the Cloud
0% (0 votes)
How to Navigate/Sail Through the DLP Upgrade Process
0% (0 votes)
What’s New in the Latest Release of DLP 15.5
0% (0 votes)
How Symantec is Planning for the Future: DLP & Cloud Roadmap and Strategy Update
0% (0 votes)
Total votes: 0
↧